Create the Conditional Access Policies on the Azure Portal
The administrator must establish the Conditional Access policies within the Azure portal. These policies serve to restrict access to Office 365 resources for iOS and Android devices. Access will be restricted for devices that are either not managed or non-compliant with the defined conditions.
Conditional access policies offer several actions, including:
- Block Access: This prevents specified users from accessing apps or services based on the conditions set in the policy.
- Grant Access: This allows specified users to access resources, but additional requirements can be imposed, such as multi-factor authentication, specific authentication strength, device compliance checks, or ensuring that the device is a hybrid Microsoft Enterprise-joined device.
- Approvals and App Protection: You can also use these policies to approve specific client apps, apply app protection policies, and enforce password changes when necessary.
These policies are a powerful tool to manage and secure access to your organization's resources. They help enhance security by ensuring that only authorized and compliant devices can access Office 365 services.
Click here to learn more about creating a conditional access policy.
To create the Conditional Access policies on Azure Portal, follow these steps:
- Sign in to the Microsoft Intune admin center.
- Select Endpoint Security > Conditional Access > Policies > New Policy.
Click on the provided links, labeled Link A and Link B, to access more information on creating the conditional access policy.