Hey everyone! I'm trying to figure out the best way to implement Conditional Access (CA) policy to block file downloads on unmanaged devices, specifically smartphones. I often run into the Intune utility popup, or it seems like downloads just go through without restriction. I want to ensure users can access 365 services but prevent them from downloading files, and I want to do this without affecting anyone else's experience. A lot of the guidance I found is outdated, so I'm looking for any tips or updated methods. Thanks in advance!
1 Answer
You might want to try using app protection policies for this. They can help manage access effectively. Check out the official Microsoft page for guidance on implementing these policies. They're quite useful for controlling behavior on unmanaged devices.
Thanks! I’ll definitely check that out. I’m hoping to avoid needing any extra apps for downloads on unmanaged devices, though. I don't think many users will want to use the Intune app, even if it benefits them. I'm just trying to limit the risk of file exfiltration.