Saturday, August 8, 2015

My view of compliance policy on Microsoft Intune

Compliance policy are some basic rules and settings for enrolled devices of users. A compliance policy can be applied to all devices of users like iOS, Andorid, Windows Phone and so on. In Microsoft Intune, the compliance policy will check the following on devices.
  • Password
  • Encryption
  • Jailbreak
  • Email Profile

Microsoft defined the settings of non-compliance devices. For example, a device doesn't meet the pin or password requirement. The compliance policy will force the device, iOS, to change the pin or password within 60 minutes. If the device isn't set pin or password within 60 minutes, the user is forced to configure it after 60 minutes. For other scenarios, Microsoft listed a table about what actions will be applied for non-compliance devices.

To compare with other Enterprise Mobility Management products, compliance policy settings of Microsoft Intune are lack of flexible. there is no option for administrators to control OS version of enrolled devices. For security reason, administrators would like to apply this setting on compliance policy to filter OS version for their companies.

Even though the device is non-compliance like not configure pin or password, user still can download applications through Company Portal. It seems that the compliance policies of Microsoft Intune isn't flexible and mature enough.

I hope Microsoft will add more flexible settings on compliance policy of Microsoft Intune like other EMM products.

This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment