Share via

Intune MAM Without Enrollment

  • Article

At Ignite Australia 2015, I was very proud to be one of the first publically demonstrating the Intune MAM without enrollment features, announced by Satya in November. The Intune MAM without enrollment features allow organizations to protect their Office apps on iOS and Android without the need to enroll their devices in Intune MDM. This means for customers who already have an MDM vendor, or don’t wish to manage their users devices via MDM, they can protect access to Office 365 and company data. This includes cut/copy/paste restrictions, preventing ‘save-as’, jailbreak detection, PIN requirements and the ability to remote wipe MAM protected data.

image

For more information, there’s some great Technet walkthroughs.

Configure data loss prevention app policies with Microsoft Intune

Get started with mobile app management policies in the Azure portal

Create and deploy mobile app management policies with Microsoft Intune

Monitor mobile app management policies with Microsoft Intune

Wipe managed company app data with Microsoft Intune

End-user experience for apps associated with Microsoft Intune mobile app management policies

At time of posting, the following Apps support MAM w/out enrollment.

iOS

OneDrive
Excel
PowerPoint
Word
Outlook

Android

OneDrive
Outlook

Stay tuned for more and more apps being MAM enabled!

You can access the new Intune MAM console via the https://portal.azure.com portal. You’ll need either Intune or EMS licenses available (and applied) to all of your users to enable these features.

Happy MAM-ing!

Matt Shadbolt

Comments

  • Anonymous
    January 19, 2017
    I presume that MAM is not coming to Windows Phone 8.1/10 devices? We don't want non-corporate Windows Phone devices to be enrolled/managed through Intune - what do you suggest to stop users from downloading Microsoft apps on non-compliant devices so that data cannot be taken out of these apps once logged in seeing as they will have no policies applied to them? Is Intune the only way to protect Windows Phone devices unlike iOS/Android which are compatible with MAM policies.Thanks.
  • Anonymous
    April 06, 2017
    The Intune MAM only support for MS apps or can be applied to Intune SDK integrated enterprise apps as well? If Yes how that can be achieved in both Android and iOS?
    • Anonymous
      April 10, 2017
      Hi Tarak. We have an SDK and wrapping tool to integrat MAM into your LOB apps. Please see here for the appropriate documentation & SDK samples:https://docs.microsoft.com/en-us/intune/develop/intune-app-sdk https://github.com/msintuneappsdk
      • Anonymous
        May 02, 2017
        Matt,I would like to extend Intune MAM policies to my Internal iOS app (I have the .ipa file) in a BYOD scenario so no device enrollment. The app does not have Intune SDK so we would wrap it with Intune wrapping engine. Is this possible with MAM only (no enrollment)?
        • Anonymous
          May 03, 2017
          The comment has been removed
  • Anonymous
    May 08, 2017
    Does MAM work for Sony XPeria and Samsung Galaxy Tab2 as it wont work on either of these two devices. The test user is a member of group assigned to the MAM policy yet when signing into the outlook app, no policy is being applied.
  • Anonymous
    October 20, 2017
    Is this also available for Intune Hybrid?
    • Anonymous
      October 20, 2017
      It is! You just need to go to the Intune console to configure the MAMWE policies. There is no MAMWE in ConfigMgr, but it will work in conjunction.