In this blog, learn to configure Office 365 DLP policies on Scalefusion to protect data within Office 365 apps on Android & iOS devices using Microsoft Intune Data Loss Prevention.
Enterprise mobility has touched base across every industry possible. If it hadn’t previously, 2020 and the remote working phenomenon along with heavy dependency on technology to facilitate ‘everything remote and contactless’ did it. As businesses, large and small move towards embracing technology for their operations, employee productivity as well as customer satisfaction, there arises a need for ensuring that the data on these devices stays secure.
With the pandemic moving things online, the number of cyberattacks has increased, amounting to almost 445 million attacks till August 2020¹, which is double the number of the attacks observed in the year 2019. Clearly, if security is not on your mind, it should be.
In this article, we will have a look at the security policies made available by Microsoft Intune® via Scalefusion to protect Microsoft Office 365 Apps and achieve data loss prevention across Intune SDK, on Android & iOS devices.
Scalefusion has integrated the Microsoft Graph API. This enables the IT admins to manage the Intune policies directly from the Scalefusion dashboard. Previously without this integration, the IT admins had to juggle between two consoles when using Scalefusion for managing Office 365 apps.
These policies can help protect the data pertaining to these apps- Microsoft Outlook, Microsoft OneNote, Microsoft Excel, Microsoft Powerpoint, and Microsoft Word.
To manage these policies, you need a Scalefusion license along with any one of these licenses- Microsoft 365 E5, Microsoft 365 E3, Enterprise Mobility + Security E5, Enterprise Mobility + Security E3, Microsoft 365 Business Premium, Microsoft 365 F1, Microsoft 365 F3, Microsoft 365 Government G5 or Microsoft 365 Government G3.
After authorizing Scalefusion to manage policies on behalf of your organization, you can navigate to the Device Management section of the Scalefusion dashboard and access Microsoft Intune Policies from this section.
On the Android devices for which these policies need to be set up, install the Intune Company Portal application using Scalefusions Play for Work integration and sign in to the Intune Company Portal app.
On iOS devices, the setup is automated when the user authenticates the Office 365 apps and no additional steps are required.
You can now start creating the DLP policies via the Scalefusion dashboard. The step-by-step process for the same can be obtained in our exclusive help document.
Here’s a list of data loss prevention policies and settings that you can leverage with Intune + Scalefusion for Microsoft Office 365 apps on managed Android and iOS devices:
Enabling this setting prevents users from backing up data from the managed applications to OS-specific services including iCloud for iOS or other Android-specific services.
You can configure the data transfer policy for managed applications. The options include:
This setting disables the save as option and blocks the end-user from making copies of corporate data files. However, this setting works on the condition that the data sharing app setting is selected as ‘restricted’.
If the ‘prevent saving copies of data’ setting is selected, an override can be configured to chosen locations such as- OneDrive for Business, SharePoint, and Local Storage.
You can configure if managed applications can receive data from other apps using the share menu or share button options in other apps. The settings that can be configured are as follows:
This setting can help restrict the cut, copy, paste to clipboard options from other apps to managed apps. These settings can be configured as follows:
This setting ensures that the links in managed applications are opened in a managed browser like Microsoft Edge only.
This setting encrypts data pertaining to managed applications and encrypts data stored anywhere including external storage drives and SIM cards.
This setting prevents the printing of documents and data from managed applications.
This setting prevents managed apps from saving contacts to the native address book. The Sync Contacts option is hidden.
Along with these settings, the settings for access control of these apps can also be configured:
These settings can be configured additionally for Android devices:
These settings can be configured additionally for iOS devices:
In conclusion, Scalefusion acts as a bridge for IT admins to push settings and configurations for Office 365 apps on Android and iOS devices via a range of DLP policies made available by Intune.
Resources