Export (0) Print
Expand All

Configure security policy for mobile devices in Microsoft Intune

Updated: May 18, 2015

Applies To: Microsoft Intune

Microsoft Intune uses policies that help you to configure many security and functional settings for enrolled mobile devices, including:

  • Hardware settings, like allowing use of the devices camera, or Bluetooth capability

  • Password settings including password length and quality

  • Allowed and blocked apps let you configure apps that are compliant, or noncompliant in your organization, and then report on devices that are not compliant (for Windows Phone devices, you can block apps from being installed, or used.

  • Kiosk mode settings that allow you to ‘lock down’ certain features of the device like allowing only one app to run, or disabling the power button and volume controls.

Use the information in this topic to help you decide which policy you need to use to manage your devices.

Use this table to help you decide which policy to use to manage your devices.

 

You want to Use this policy

Manage mobile device security settings

Use iOS configuration policies to manage device settings in Microsoft Intune

Use Android configuration policies to manage device settings in Microsoft Intune

Use Windows configuration Policies to manage device settings in Microsoft Intune

Use Windows Phone configuration policies to manage device settings in Microsoft Intune

Manage other mobile device settings that are not available from a configuration policy

Use iOS custom policies to manage device settings with Microsoft Intune

Use Android custom policies to manage device settings with Microsoft Intune

Use Windows Phone custom policies to manage device settings with Microsoft Intune

Use Windows 10 custom policies to manage device settings with Microsoft Intune

Manage mobile device security settings on devices that are managed by Exchange ActiveSync

Use Exchange ActiveSync policies to manage device settings in Microsoft Intune

Manage mobile device security settings using the mobile device security policy

ImportantImportant
Microsoft Intune now features separate configuration policies for each device platform, and these policies contain the most up-to-date settings you can use. You can continue to use the mobile device security policy and any existing deployments will still work. However, you should plan to migrate to the new configuration policies as soon as possible as the mobile device security policy will be removed in the future.

Use mobile device security policies to manage device settings for Microsoft Intune

When conflicts occur due to multiple Intune settings being applied to a device, the following rules apply:

  • If the conflicting settings are from an Intune configuration policy and a compliance policy, the settings in the compliance policy take precedence over the settings in the configuration policy, even if the settings in the configuration policy are more secure.

  • If you have deployed multiple compliance policies, the most secure of these policies will be used.

See Also


To navigate Intune documentation on TechNet, see the Intune Site Map. Want to try Intune? Sign up for a 30-day trial.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2015 Microsoft