Managing Compliance Policies & Conditional Access with Microsoft Intune
By Model Technology Solutions
Published June 23, 2021
Estimated Reading Time: 3 minutes

Since Microsoft Intune’s debut in 2011, it has become a market leader within the UEM category. A simple user interface and its ever-changing and feature-rich capabilities has made managing devices plain sailing – for the most part. Two of those helpful features are:

  1. The management of device compliance
  2. Conditional Access

Though these are two different features inside of Microsoft Intune, they are often used cooperatively to manage endpoints and improve endpoint security. This blog serves as an introduction into these capabilities.

What is Device Compliance and Conditional Access?

So, what is Device Compliance and Conditional Access? Let’s look at them in terms of health.

  • Compliance: Tells you if your device is healthy or not.
  • Conditional Access: Determines what to do with these devices depending on their health status.

The purpose of these two features is to limit access of devices that do not meet your baseline of configuration and keep them from creating vulnerabilities in your infrastructure.

Finding Pre-Configuration Settings in Intune

If you navigate within Intune to Devices | Policy | Compliance Polices you will see some pre-configurations for these settings.

MDM, Modern management, Intune

These settings help you manage:

  • The status of devices with no compliance assigned
  • Compliance status validity period
  • Noncompliant devices
  • Notification to those devices

Creating New Policies in Intune

To create a new policy, navigate to Devices | Policy | Compliance Polices and click “+ Create Policy”.

MDM, Modern management, Intune

There you will select the platform and the compliancy type.

What you want to do is to paint the ideal picture of health for your device. You should also be able to monitor your device’s compliance status by navigating to Devices | Overview and selecting the “Compliance Status” tab.

MDM, Modern management, Intune

Setting Conditional Access Settings in Intune

You can reach your conditional access settings by navigating to Devices | Policy | Conditional Access. Here you will then be able to set your conditional access policies. You will be able to create new policies, modify the properties of existing policies for tasks such as choosing what users or groups to include/exclude from policies and set those conditions for your devices that are/are not compliant.

There are many facets to the conditions for conditional access, we’ll cover those in a later blog more. But as a basic example, targeting a group of users (in our case for this example “all users”), accessing a specific application (in our example an on-premise web-based document management system) as seen below:

MDM, Modern management, Intune
MDM, Modern management, Intune
MDM, Modern management, Intune

Stay tuned for more conditional access and compliance blogs!

Article By Model Technology Solutions
We’re a Microsoft Partner with multiple Gold and Silver proficiencies. Our team has decades of combined experience helping companies like yours in diverse industries to drive their digital transformations using Microsoft’s powerful solution set.

Related Posts