Hey everyone! I'm trying to configure Conditional Access (CA) policies to block downloads on unmanaged devices, specifically on phones. I've been running into issues where I either get the Intune utility popup or I can just bypass the restrictions entirely. My goal is to allow access to 365 services while preventing any file downloads, and I'd really like to achieve this without disrupting other users. Most guidance I've found is pretty outdated, so I'm looking for some current tips. Thanks in advance for your help!
1 Answer
You might want to consider using app protection policies. They can help you manage how app data is accessed and shared on unmanaged devices, which could solve your download issue. Check out this guide for more details: https://learn.microsoft.com/en-us/intune/intune-service/protect/app-based-conditional-access-intune
Thanks for the suggestion! I'm hoping to avoid needing additional apps on unmanaged devices, which seems like it might be a hurdle for most users. But I'll definitely read through it to see if there's a feasible solution!