You will need to implement APP. Apps that you intend to protect need to support Intune SDK. You can read all about it in the link below.
intune-app-protection-policies-for.html
Intune - App configuration and App protection polecies are not working on our custome business apps. iOS devices
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 49%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
MatYC
91
Reputation points
Our company is looking alternative MDM solution to draw a clear line between work and non- work related activities on BYOD mobile devices by separating the business and personal apps from each other.
We want to prevent any data share activities between business and personal apps:
• Open with,
• Share through
• Copy data
• Save as
We are using Intune MDM solution at the minute which is not compatible with some of our business apps because we are still able to open, copy, share, save data with user personal apps on unmanaged devices. (Is there any way we can containerise these apps using Azure AD or Intune ?)
Examples of business apps we are using:
• iPecs One
• Resco Mobile Crm
• DocuSign
• Adobe Acrobat Reader
• Outlook
• Microsoft office package (e.g. Microsoft Word, Microsoft Excel, Microsoft Share Point)
We need more granule settings to:
• Unable Personal apps – unmanaged apps to share any data with Business apps – managed apps.
• Make an Outlook to allow only one account
• Configure Conditional Access in the way which will allow only MDM enrolled devices to access our CRM system, SharePoint, etc. improve control of the devices and apps that can connect to company resources.
Kind regards,
Matt
Microsoft Security | Intune | Configuration
Microsoft Security | Intune | Application management
Microsoft Security | Intune | Other
3 answers
Sort by: Most helpful
-
Rahul Jindal 11,416 Reputation points2022-01-19T21:51:46.22+00:00 -
Lu Dai-MSFT 28,511 Reputation points2022-01-20T02:34:01.047+00:00 @MatYC Thanks for posting in our Q&A.
App protection policy can prevent any data share activities between business and personal app. The protected apps are listed in the following article:
https://free.blessedness.top/en-us/mem/intune/apps/apps-supported-intune-apps
If your business apps are not included, as RahulJindal-2267 said, it is needed to use Microsoft Intune App SDK to enable your app to support Intune app protection policies.Based on my experience, there is no method to make Outlook app only add one account via intune. We can both add work account and personal account in Outlook app.
For configuring Conditional Access to allow only MDM enrolled devices to access sharepoint, it is suggested to set "Require device to be marked as compliant" in Grant setting in the conditional access policy. But for CRM system, I'm not sure if it is using AAD auth. It is suggested to discuss with the CRM system's vendor to make sure if it is able to take advantage of CA.
Hope it will help.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.-
Lu Dai-MSFT 28,511 Reputation points
2022-01-24T04:31:40.64+00:00 @MatYC I am currently standing by for further update from you and would like to know how things are going. If you have any questions or concerns on the recent information I've provided you, please don't hesitate to let me know.
Sign in to comment -
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 10%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
henry smith 0 Reputation points2025-10-05T14:24:11.86+00:00 It sounds like a tricky issue with Intune app configuration and protection policies — especially when dealing with custom business apps on iOS. Sometimes the problem comes from missing app bundle IDs or configuration mismatches in the Intune console. I share similar troubleshooting tips and optimization guides for apps and gaming tools on my site <a href="https://ryumoto-gfx.com/">Ryumoto GFX</a>, which focuses on helping users get smoother, safer performance.