Managing Compliance Policies & Conditional Access with Microsoft Intune
By Model Technology Solutions
Published June 23, 2021
Estimated Reading Time: 3 minutes

Since Microsoft Intune’s debut in 2011, it has become a market leader within the UEM category. A simple user interface and its ever-changing and feature-rich capabilities has made managing devices plain sailing – for the most part. Two of those helpful features are:

  1. The management of device compliance
  2. Conditional Access

Though these are two different features inside of Microsoft Intune, they are often used cooperatively to manage endpoints and improve endpoint security. This blog serves as an introduction into these capabilities.

What is Device Compliance and Conditional Access?

So, what is Device Compliance and Conditional Access? Let’s look at them in terms of health.

  • Compliance: Tells you if your device is healthy or not.
  • Conditional Access: Determines what to do with these devices depending on their health status.

The purpose of these two features is to limit access of devices that do not meet your baseline of configuration and keep them from creating vulnerabilities in your infrastructure.

Finding Pre-Configuration Settings in Intune

If you navigate within Intune to Devices | Policy | Compliance Polices you will see some pre-configurations for these settings.

MDM, Modern management, Intune

These settings help you manage:

  • The status of devices with no compliance assigned
  • Compliance status validity period
  • Noncompliant devices
  • Notification to those devices

Creating New Policies in Intune

To create a new policy, navigate to Devices | Policy | Compliance Polices and click “+ Create Policy”.

MDM, Modern management, Intune

There you will select the platform and the compliancy type.

What you want to do is to paint the ideal picture of health for your device. You should also be able to monitor your device’s compliance status by navigating to Devices | Overview and selecting the “Compliance Status” tab.

MDM, Modern management, Intune

Setting Conditional Access Settings in Intune

You can reach your conditional access settings by navigating to Devices | Policy | Conditional Access. Here you will then be able to set your conditional access policies. You will be able to create new policies, modify the properties of existing policies for tasks such as choosing what users or groups to include/exclude from policies and set those conditions for your devices that are/are not compliant.

There are many facets to the conditions for conditional access, we’ll cover those in a later blog more. But as a basic example, targeting a group of users (in our case for this example “all users”), accessing a specific application (in our example an on-premise web-based document management system) as seen below:

MDM, Modern management, Intune
MDM, Modern management, Intune
MDM, Modern management, Intune

Stay tuned for more conditional access and compliance blogs!

Article By Model Technology Solutions
Our reputation is one of doing great work, sticking to what we do best and being easy to work with. We are a small but mighty band of infrastructure experts dedicated to helping our clients get their infrastructures on “cruise control”. Implementing automation, configuration, best practices and lessons learned helps us make our clients look good and sleep better.

Related Posts

No more cyber insurance forms!

Tired of filling out endless cyber insurance forms?

  • Download accurate security reports about your environment with a single click.
  • Avoid costly reporting errors.
  • Use your time in better ways.
  • Prove your cyber readiness with confidence.

Download our vCISO platform brochure to learn more.