Prevent access to corporate data from unmanaged and unregistered devices RRS feed

  • Question

  • Hi,

    I've been tasked with tightnening up the security in the company, and as we already have a Azure solution, I was going to use this for the project.

    What we basically want to achieve is to prevent users from accessing their corporate e-mail accounts (Outlook web, and Exchange Active Sync) from devices that we have not set up, and haven't been enrolled into Azure.

    So if John Doe decides to add his corporate e-mail account to his newly acquired iPhone, or wants to access Outlook Web from his private PC he is simply denied access.

    But I can't seem to find a clear cut guide in any of the Azure documentation for this.

    I've created a Conditional Access policy for all OS platforms with the condition that devices are either marked as compliant or hybrid joined, and is trying to test it on my own private phone, but it does not seem to work. I can still add my corporate e-mail account to the mail app.

    If someone have a solution to this it would be great.

    Kind regards


    Wednesday, October 9, 2019 9:01 AM


All replies