Secure Access from Unmanaged Devices

Microsoft Defender for Cloud Apps (MDA) is an industry-leading, cloud-powered cloud access security broker that enables the discovery and protection of cloud-based application and identities. Within MDA, session control polices can be implemented to secure and manage access to integrated browser-based cloud applications ensuring flexible access but controlled session to secure and protect corporate resources.

Mobile Application Management (MAM) helps secure mobile applications by deploying app protection policies to work profiles in supported applications (such as Microsoft 365). Managing the work profile enables enforcement restrictions to keep corporate data in managed locations by blocking saving, printing or copying actions. During this engagement, ITC will provide guidance on configuring and scoping MDA and MAM policies to ensure all scoped users can be managed when accessing resources from unmanaged devices.

Key activities with timeline:

• Week 1 - Discovery Workshops
• Week 2 - Low-level design documentation
• Week 3 - Configuration
• Week 4 - Testing
• Week 5 - Staged Roll out - up to 100 users

Key deliverables:

1. Workshop to gather configuration and additional customer information
2. Low-level design documentation

Customer pre-requisites:

• Access to relevant the Customer’s team members.
• All users in scope for Microsoft Entra, Intune and MDA have the correct licences assigned.
• Remote access to Microsoft Entra, Intune and Defender XDR (Security Center) portals (via B2B with PIM is used or, a dedicated account within the Microsoft 365 tenant or secure remote access tooling such as CyberArk).
• Security administrator Microsoft Entra role required to manage MDA, Conditional Access and Microsoft Entra groups.