none
WIP 관련 3rd party application 호환성 문의 RRS feed

  • 질문

  • 안녕하세요,

    WIP(Windows Information Protection)의 3rd party application 호환성 관련하여 참고할 수 있는 자료가 있는지 확인 요청 드립니다.

    감사합니다.

    2019년 2월 27일 수요일 오전 8:07

모든 응답

  • 안녕하세요?

    하기 내용 참고하시기 바랍니다.

    [참고 절]
    Enlightened apps are expected to prevent enterprise data from going to unprotected network locations and to avoid encrypting personal data. On the other hand, WIP-unaware apps might not respect the corporate network boundary, and WIP-unaware apps will encrypt all files they create or modify. This means that they could encrypt personal data and cause data loss during the revocation process.
    Care must be taken to get a support statement from the software provider that their app is safe with WIP before adding it to your Protected apps list. If you don’t get this statement, it’s possible that you could experience app compatibility issues due to an app losing the ability to access a necessary file after revocation.

    Add exempt apps to your policy
    If you're running into compatibility issues where your app is incompatible with WIP, but still needs to be used with enterprise data, you can exempt the app from the WIP restrictions. This means that your apps won't include auto-encryption or tagging and won't honor your network restrictions. It also means that your exempted apps might leak.
    To exempt a Store app, a Desktop app, or an AppLocker policy file from the Protected apps list
    1. From the App policy blade, click the name of your policy, and then click Exempt apps from the menu that appears.
    The Exempt apps blade appears, showing you any apps that are already included in the list for this policy.
    2. From the Exempt apps blade, click Add apps.
    Be aware that when you exempt apps, they’re allowed to bypass the WIP restrictions and access your corporate data. To allow apps, see the Add app rules to your policy section of this topic.
    3. Fill out the rest of the app info, based on the type of app you’re adding:
    o Recommended app. Follow the instructions in the Add a Recommended app to your Protected apps list section of this topic.
    o Store app. Follow the instructions in the Add a Store app to your Protected apps list section of this topic.
    o Desktop app. Follow the instructions in the Add a Desktop app to your Protected apps list section of this topic.
    o AppLocker policy file. Follow the instructions to create your app list in the Import a list of apps to your Protected apps list section of this topic, using a list of exempted apps.
    4. Click OK.

    [참고자료]
    Create a Windows Information Protection (WIP) policy with MAM using the Azure portal for Microsoft Intune
    https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure

    감사합니다.


    2019년 2월 27일 수요일 오전 8:10
    중재자