Step 3 -MAM- Add Conditional Access Policy

The next step in this quick guide is to create a Conditional Access Policy in Microsoft Intune. It is possible to add SCA to your existing Conditional Access Policies for Office 365.

For more information about Conditional Access, you can check Microsoft Docs What is Conditional Access in Azure Active Directory? | Microsoft Docs

The following steps are required to implement Conditional Access for our App:

3.1 - Include your SCA-Testgroup to Users and Groups

3.2 - Include the apps Office 365 and Provectus - Secure Contacts as Cloud Apps

3.3 - Set Require app protection policy as Grant in the Access controls pane

3.4 - Turn your Conditional Access Policy ON

Office 365 as Cloud App will affect other Apps on your Mobile device, like Outlook, OneDrive & Teams etc.

According to Microsoft, it is mandatory to target Office 365 and Secure Contacts as Cloud App in your Conditional Access Policy in order to correctly implement SCA. It is required to add Office 365 as Cloud App, because our Enterprise Application (Provectus - Secure Contacts) is using its data source.

Be aware: You cannot exclude these Cloud Apps or separate them in different Conditional Access policies!

Once Conditional Access enforces App Protection Policies, the next step is to create an App Configuration Policy in Endpoint Manager in order to add a license for SCA.

If you have any questions regarding Conditional Access and how this will affect your Azure environment, do not hesitate to contact us for support.

Last updated 4 months ago