Question

All staff must use Microsoft Outlook to access corporate email. When users access Outlook on mobile devices, they must use a PIN to open the application. You need to implement a Microsoft Intune policy to enforce the security requirements. Which policy should you use?

a) App protection policy.
b) Conditional Access policy.
c) Device compliance policy.
d) Data loss prevention policy.

Answer 1

To fulfill the security requirements for Microsoft Outlook access on mobile devices, an App protection policy should be implemented with Microsoft Intune, as it allows for application-specific configurations including PIN requirements.

Step-by-step explanation:

To ensure that all staff use Microsoft Outlook to access corporate email and require a PIN when accessing Outlook on mobile devices, you should implement an App protection policy using Microsoft Intune. An App protection policy is specifically designed to secure an application's data without affecting the user's personal data. It allows you to define requirements such as PIN for access, prevent data from being saved locally, and even manage clipboard access to protect corporate data.

A Conditional Access policy, while related to securing apps and data, is more to do with the conditions under which an app can be accessed and often is used in conjunction with other policies like multi-factor authentication. A Device compliance policy ensures that devices meet certain criteria before they can access corporate resources but does not control access within the app itself. Data loss prevention policies focus on protecting data at rest, in use, and in motion, and are broader than the requirements mentioned in the question.