Since Microsoft Intune’s debut in 2011, it has become a market leader within the UEM category. A simple user interface and its ever-changing and feature-rich capabilities has made managing devices plain sailing – for the most part. Two of those helpful features are:

  1. The management of device compliance
  2. Conditional Access

Though these are two different features inside of Microsoft Intune, they are often used cooperatively to manage endpoints and improve endpoint security. This blog serves as an introduction into these capabilities.

What is Device Compliance and Conditional Access?

So, what is Device Compliance and Conditional Access? Let’s look at them in terms of health.

  • Compliance: Tells you if your device is healthy or not.
  • Conditional Access: Determines what to do with these devices depending on their health status.

The purpose of these two features is to limit access of devices that do not meet your baseline of configuration and keep them from creating vulnerabilities in your infrastructure.

Finding Pre-Configuration Settings in Intune

If you navigate within Intune to Devices | Policy | Compliance Polices you will see some pre-configurations for these settings.

MDM, Modern management, Intune

These settings help you manage:

  • The status of devices with no compliance assigned
  • Compliance status validity period
  • Noncompliant devices
  • Notification to those devices

Learn How Unified Endpoint Management Improves Security And Reduces Costs

In our century of cybercrime, learn more about how you can increase your security, efficiency, and reduce your costs through our UEM video series.

Model says no to spam. Privacy Policy

Creating New Policies in Intune

To create a new policy, navigate to Devices | Policy | Compliance Polices and click “+ Create Policy”.

MDM, Modern management, Intune

There you will select the platform and the compliancy type.

What you want to do is to paint the ideal picture of health for your device. You should also be able to monitor your device’s compliance status by navigating to Devices | Overview and selecting the “Compliance Status” tab.

MDM, Modern management, Intune

Setting Conditional Access Settings in Intune

You can reach your conditional access settings by navigating to Devices | Policy | Conditional Access. Here you will then be able to set your conditional access policies. You will be able to create new policies, modify the properties of existing policies for tasks such as choosing what users or groups to include/exclude from policies and set those conditions for your devices that are/are not compliant.

There are many facets to the conditions for conditional access, we’ll cover those in a later blog more. But as a basic example, targeting a group of users (in our case for this example “all users”), accessing a specific application (in our example an on-premise web-based document management system) as seen below:

MDM, Modern management, Intune
MDM, Modern management, Intune
MDM, Modern management, Intune

Stay tuned for more conditional access and compliance blogs!

Three Minutes For A More Secure & Efficient Infrastructure

Short and to the point, Steve’s Email Blasts give you endpoint management tips, tricks, and resources in three minutes or less email read-time, guaranteed.

Model says no to spam. Privacy Policy