Learn about managing and protecting your organization's data
Using Intune, you can prevent data leaks and prevent unauthorized access.
Prevent data leaks
You can control how users share and save data without risking intentional or accidental data leaks. Microsoft Intune provides app-protection policies that you set to secure your company data on user-owned devices. The devices don't need to be enrolled in the Intune service.
App-protection policies set up with Intune also work on devices managed with a non-Microsoft device-management solution. The personal data on the devices isn't touched; only company data is managed by the IT department.
You can set app-protection policies for Office mobile apps on devices running Windows, iOS/iPadOS, or Android to protect company data. These policies enforce device requirements such as an app-based PIN or company data encryption. The app-protection policies also support more advanced settings to restrict how users can use cut, copy, paste, and save-as features between managed and unmanaged apps. You can also remotely wipe company data without requiring that users enroll devices.
Prevent unauthorized access
You can classify, label, and protect Office 365 documents and emails so only authorized users have access to the data. The settings are managed automatically after IT administrators or users set the rules and conditions. Alternatively, the IT team can provide recommended settings for users to follow. Administrators and users can also revoke access to data already shared with others without assistance from another authority. The goal of this work is to control who opens or updates protected data, even when the data leaves the company's network.