Microsoft Business Premium
Microsoft 365 Business Premium
With remote and hybrid work, employees are increasingly using personal mobile devices to access word data, and you may be concerned if your work data is secure.
With Microsoft 365 Business Premium, we have multi-layered protection which allows us to protect the data at the app level, without the need for traditional containerization or sandboxing. And because we leverage the user identity in our approach, we can enable multi- identity usage of apps - -where app policies are intelligent enough to only apply to data applicable to corporate accounts on employee owned devices.
Our capabilities here include:
- App encryption at rest
- App access control – PIN or credentials
- Save as/copy/paste restrictions
- App-level selective wipe
- Managed web browsing
- Secure viewing of PDFs, images, videos
Intune is the only mobility management solution that can control Office with this much granular control, without compromising on the end user experience.
With MAM, we have built an invisible wall between the personal data and the corporate data while not impacting the user experience. Employees are able to use the apps like Word and Outlook that they know and love while at the same time IT is able to protect the data contained within the apps and devices.
Let’s now take a closer look at how app-level policies can help keep company data and information secure. Our user receives a work email through her managed Outlook account with an attached Excel spreadsheet containing information she needs for a report. Our user opens the attachment in her Excel mobile application to find the information she needs. She then wants to copy the info to add to her report.
But when she tries to paste it into her personal notepad, it doesn’t work—the personal notepad is not a managed app and because we have applied policies that restrict copy, paste, and cut functions to only apps that are part of the managed app ecosystem (for Intune enrolled devices). So our user opens her Microsoft Word mobile app which is managed by Intune and she is successfully able to paste her information. Now our user wants to save the working copy of her report to her personal OneDrive account so that she can access it from her home computer.
Because her personal OneDrive account is not one of the managed applications, she’s unable to save it here because we have applied policies restricting the ability to save to only apps that are part of the managed app ecosystem.
So our user must save her working copy to her managed OneDrive for Business account, which means when she does want to work on this report from another device, this device will have to be an enrolled for management . By using the mobile application management capabilities of Intune, you can help prevent leakage of important company data and make sure that this information doesn’t get into the wrong hands.