Question

All staff must use Microsoft Outlook to access corporate email. When users access Outlook on mobile devices, they must use a PIN to open the application. You need to implement a Microsoft Intune policy to enforce the security requirements. Which policy should you use?

A) Email encryption policy
B) Mobile application management policy
C) PIN enforcement policy
D) Conditional access policy

Answer 1

To meet the corporate email security requirements, the appropriate Microsoft Intune policy to implement is a Mobile Application Management (MAM) policy. This policy will enforce the use of a PIN on mobile devices for accessing Microsoft Outlook, ensuring security without the need for device enrollment in MDM.

Step-by-step explanation:

To ensure the security requirements outlined, you should implement a Mobile Application Management (MAM) policy in Microsoft Intune. This type of policy is specifically designed to manage and secure corporate data within mobile applications on users' personal devices, which in this case would be Microsoft Outlook. By setting up a MAM policy, you can enforce the use of a PIN to access the application, even when users are not enrolled in your organization's Mobile Device Management (MDM) solution.

To do this, you would need to navigate to the Microsoft Endpoint Manager admin center, and create a new app protection policy. Within the policy settings, define the required PIN strength and set the data protection controls to ensure email data remains secure. Assign the policy to the relevant group of users who require mobile access to Outlook. Once the policy is applied to the user's mobile devices, it will require a PIN when they attempt to open the Outlook application.