Skip to content

Create Intune app protection policy

With an Intune app protection policy, you apply data restrictions based on the user identity. The restrictions are only applied when the app is used in a work context, i.e. when an assigned user opens an app using a corporate account.

You must create separate policies for Android and iOS apps.

  1. On the menu sidebar, click Policies > Intune app protection.
  2. You might be forwarded to a Microsoft page for authentication. On that page, enter your Microsoft Azure administrator credentials.
  3. On the Policies - Intune app protection page of Sophos Mobile, click Add and then click Android policy or iOS policy.
  4. On the Edit policy page, enter the required settings.

    See Intune app protection policy settings (Android) and Intune app protection policy settings (iOS, iPadOS).

  5. Click Save.

You can view the policy in the Microsoft Azure portal. You might need to sign in again to the portal to refresh the information displayed.

After you’ve created the Intune app protection policy, assign it to apps and to users. See Assign apps to an Intune app protection policy and Assign users to an Intune app protection policy.