Integrate Sophos Mobile with Intune

Complete the following steps to integrate the Sophos Mobile Threat Defense solution with Intune.

Note

This Mobile Threat Defense vendor is not supported for unenrolled devices.

Before you begin

Before starting the process of integrating Sophos Mobile with Intune, make sure you have the following:

Microsoft Intune Plan 1 subscription
Microsoft Entra admin credentials to grant the following permissions:
- Sign in and read user profile
- Access the directory as the signed-in user
- Read directory data
- Send device information to Intune
Admin credentials to access the Sophos Mobile admin console

The Sophos Mobile app authorization process follows:

Allow the Sophos Mobile service to communicate information related to device health state back to Intune.
Sophos Mobile syncs with Microsoft Entra Enrollment Group membership to populate its device's database.
Allow the Sophos Mobile admin console to use Microsoft Entra single sign-on (SSO).
Allow the Sophos Mobile app to sign in using Microsoft Entra SSO

Sign in to the Microsoft Intune admin center, go to Tenant administration > Connectors and tokens > Mobile Threat Defense > and select Add.
On the Add Connector page, use the dropdown and select Sophos. And then select Create.
Select the link Open the Sophos admin console.
Sign in to the Sophos admin console with your Sophos credentials.
Go to Mobile > Settings > Setup > Sophos setup.
On the Sophos setup page, select the Intune MTD tab.
Select Bind, and then select Yes. Sophos connects to Intune and requires you to sign in to your Intune subscription.
In the Microsoft Intune authentication window, enter your Intune credentials and Accept the permissions request for Sophos Mobile Threat Defense.
On the Sophos setup page, select Save to complete the configuration for Intune:
When the message Successful Integration appears, integration is complete.
In the Intune admin center, Sophos is now available.