Devices compliance policies shall be configured for every supported device platform
Description
Device compliance policies allow us to define the necessary settings on a particular platform that meets corporate requirements. Device compliance policies paired with conditional access policies allow us to prevent access to corporate resources on noncompliant devices. Devices should be constantly monitored to ensure compliance with corporate policies.
Policy
A device compliance policy is configured for each device platform that is supported by the corporation.
Devices that do not meet the compliance standards shall be marked as noncompliant immediately
Licensing Considerations
Any tenant with Intune licensing can access this setting.
Set-Up Instructions
Device compliance policies in Microsoft Intune | Microsoft Learn
To configure device compliance policies by platform:
End-User Impact
Level: Medium
Device compliance policies will have no impact to end-users unless they are paired with conditional access policies to block access on noncompliant devices. Devices not in compliance will show up in the Intune admin center from a reporting standpoint. There are certain device compliance policy settings that will prompt the end-user for certain action. For instance, configuring Encryption of data storage on the device will prompt the user to configure Bitlocker encryption if it is not already enabled. It is recommended to push out a configuration profile to automatically configure encryption in this use case to avoid help desk calls.
Tips
•Device compliance policy settings might vary depending on the organization but should be standardized where possible.
PowerShell Scripts
Videos
Last updated