The below will appear on the Refined page at https://iasme.atlassian.net/wiki/spaces/CEKH/pages/2576842966/Security+Update+Management+FAQ#
QUESTION | ANSWER |
|---|---|
Is M365 InTune MAM-WE enough for BYOD device management? We can ensure devices are up to date, not jailbroken and have a pin BUT we do not have control over the apps installed on the device. However, as MAM-WE sandboxes the business data and has controls to stop personal/business being copy/pasted/mixed, is that enough to comply with the control? | It is. It is an element of the control but you would need to definitely back that up with having approved apps to access your organisational data. You can't just rely on it being in a container. You do need to know which apps are in that container and accessing your organisational data. Often if you're using Intune, you're trying to connect to 365 apps anyway, and by definition, MAM is a version of application management so there should be some form in there. |
|
|