Create Intune app protection policy

With an Intune app protection policy, you apply data restrictions based on the user identity. The restrictions are only applied when the app is used in a work context, i.e. when an assigned user opens an app using a corporate account.

You must create separate policies for Android and iOS apps.

  1. On the menu sidebar, under CONFIGURE, click Profiles, policies > Intune app protection.
  2. Confirm the dialog to be forwarded to a Microsoft page, and then log in with your Microsoft Azure administrator account.
    This step is omitted if you’ve already logged in to Microsoft Azure during the current Sophos Mobile Admin session.
  3. On the Policies page of Sophos Mobile Admin, click Add and then click Android policy or iOS policy.
  4. On the Edit policy page, enter the required settings.
  5. Click Save.
After you’ve created the Intune app protection policy, assign it to apps and to users. See Assign apps to an Intune app protection policy and Assign users to an Intune app protection policy.