10 Oct Skype for Business Online Intune Conditional Access Integration
Skype for Business Online Intune Conditional Access Integration
Intune provides the following integration for SfB Online (O365):-
• MDM
• MAM using app policies and conditional access
• ADAL authentication
Enable CA in SfB Online Policy in Intune. CA is not supported for Windows Phone. App policy support is only available for the iOS & Android client at present.
ADAL (FBA) integration can be enabled by enabling “Require corporate credentials for access”. The recommended setting is “no” (disabled). When disabled NTLM authentication is used instead.
On application launch the above disclaimer is displayed prior to launching the SfB splash window.
PIN access is enabled in the MAM policy. Timeout for testing purposes is set to 1 minute. So when the device is not used for 1 minute the PIN is required to unlock the application.
Summary
Significant security enhancements:-
• PIN access
• PIN timeout/lockout
• Supports ADAL using corporate credentials (No NTLM)
• Application encryption set via MAM policy
• MAM app policy management
• MDM (Only company enrolled devices can access SfB Online)
• Copy and paste to other apps can be restricted
• Screen capture can be prevented
• Jail broken or rooted devices can be blocked