Hey everyone, I could really use some help understanding how to use InTune for managing BYOD devices. We already have a mix of corporate-owned devices with various Device Restrictions, App Protection policies, and App Config policies set up. We're looking to add BYOD devices so we can control data for a specific app. The catch is that this app isn't included in the InTune catalog, meaning it has no InTune wrapper. CoPilot suggested that the way to manage this would be to keep the devices 'non-enrolled' and use App Protection policies instead. However, I'm confused about how App Protection and configuration policies work, even though I've created some for the 365 Suite before.
I noticed that I can add the app's bundle ID as a custom app since it doesn't show up in my searches, but I'm doubtful about this method since CoPilot claims it doesn't need to be in the catalog. They also mentioned that it's user-targeted which sounds off to me. Plus, I'm struggling with the idea of using InTune without enrolling the devices at all. If there are any updated articles or resources that could help clear this up, please share! I discovered too late that the iOS Updates utility is deprecated, so I'm trying to avoid any more surprises like that.
1 Answer
Check out the Microsoft documentation about managing BYOD devices. This link has a solid overview that might give you the clarity you need on the software updates and policies: https://learn.microsoft.com/en-us/intune/intune-service/protect/software-updates-guide-personal-byod. Hope it helps!
Thanks for the link, but sadly it doesn't quite cover what I'm looking for.