John Yassa's Blog

Home » Microsoft Office 365 » Capabilities of Mobile Device Management (MDM) for Office 365

Capabilities of Mobile Device Management (MDM) for Office 365

You can use MDM for Office 365 to secure and manage the following types of devices.

  • Windows Phone 8.1
  • iOS 6 or later versions
  • Android 4 or later versions
  • Windows 8.1
  • Windows 8.1 RT

* MDM don’t support any version of Blackberry device

Access Control for Office 365 mail and documents:

The supported apps for the different types of mobile devices in the following table will prompt users to enroll in MDM for Office 365 where there is a new mobile device management policy that applies to a user’s device and the user hasn’t previously enrolled the device. If a user’s device doesn’t comply with a policy, depending on how you set the policy up, a user might be blocked from accessing Office 365 resources in these apps, or they might have access but Office 365 will report a policy violation

Apps on devices Windows Phone 8.1 iOS 6+ Android 4+
Exchange ActiveSync
OneDrive for Business
Office Mobile ✔ On phones

The following diagram shows what happens when a user with a new device signs in to an app that supports access control with MDM for Office 365. The user is blocked from accessing Office 365 resources in the app until they enroll their device.

1

 

Policy Setting for Mobile Devices:

the following diagram shows what happens when a user with an enrolled device isn’t compliant with a security setting in a mobile device management policy that applies to their device. The user signs in to an app that supports access control with MDM for Office 365. They are blocked from accessing Office 365 resources in the app until their device complies with the security setting.

2

The following sections list the policy settings you can use to help secure and manage mobile devices that connect to your organization’s Office 365 resources

1- Security Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require a password
Prevent simple password
Require an alphanumeric password
Minimum password length
Number of sign-in failures before device is wiped
Minutes of inactivity before device is locked
Password expiration (days)
Remember password history and prevent reuse

 

2- Encryption Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require data encryption on devices Windows Phone 8.1 is already encrypted and cannot be unencrypted

 

 

3- Jail Broken settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Device cannot be jail broken or rooted

 

4- Manage email profile :

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Email profile is managed

 

5- Cloud Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require encrypted backup
Block cloud backup
Block document synchronization
Block photo synchronization

 

6- System Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block screen capture
Block sending diagnostic data from device

 

7- Application Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block video conferences on device
Block access to application store
Require password when accessing application store

 

8- Device Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block connection with removable storage
Block Bluetooth connection

 

9- Additional Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
CameraEnabled
RegionRatings
MoviesRatings
TVShowsRating
AppsRatings
AllowVoiceDialing
AllowVoiceAssistant
AllowAssistantWhileLocked
AllowPassbookWhileLocked
MaxPasswordGracePeriod
PasswordQuality
SystemSecurityTLS
WLANEnabled

 

10- Settings supported by windows 8.1 and windows 8.1 RT:

The following settings are supported for Windows 8.1 devices that are enrolled as mobile devices. These setting won’t block users from accessing Office 365 resources.

Security settings

  • Require an alphanumeric password
  • Minimum password length
  • Number of sign-in failures before device is wiped
  • Minutes of inactivity before device is locked
  • Password expiration (days)
  • Remember password history and prevent reuse

System settings

Block sending diagnostic data from device

Additional settings

You can set the following additional policy settings by using PowerShell cmdlets:

  • AllowConvenienceLogon
  • UserAccountControlStatus
  • FirewallStatus
  • AutoUpdateStatus
  • AntiVirusStatus
  • AntiVirusSignatureStatus
  • SmartScreenEnabled
  • WorkFoldersSyncUrl

 

Source and copied from : Office 365 Technet

 


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: