In my previous post, I discussed protecting your corporate data from mobile devices not managed by IT. I then decided to write about protecting your data (particularly access to Exchange email) from devices managed by IT using Microsoft mobile device management (MDM) technologies. The result was a 30+ page document that I consider too long for a blog post.
This led to the publication of my first Kindle eBook. This is the link to the US store: https://www.amazon.com/dp/B01N2S9EKV.
![]()
Table of Contents
Introduction
This led to the publication of my first Kindle eBook. This is the link to the US store: https://www.amazon.com/dp/B01N2S9EKV.
Introduction
Exchange ActiveSync
Office 365 MDM
Microsoft Intune Standalone
Intune compliance policy
Intune conditional access policy for Exchange Online
Intune Standalone with Exchange Connector
On-Premises SCCM
On-Premises SCCM with Exchange Server Connector
SCCM Integrated with Intune
Azure AD Premium
Allow users to join and register devices in Azure AD
Configure conditional access rules for Exchange Online
Compliance Rules
User Experience
iPad not enrolled in Intune
Android phone not enrolled in Intune
Using Office 365 Outlook App
Using Android phone's native email app
Android phone enrolled in Intune but not compliant
iPhone enrolled in Intune and compliant
Which Microsoft MDM Solution to Use
Office 365 MDM vs Intune
Intune standalone vs integrated with SCCM
SCCM by itself vs with Intune vs with Exchange
Azure AD by itself vs integrated with Intune
Architecture matters
More Information