How-To block iOS model(s) to access your managed apps
Updated: Jul 22, 2018
This month began well ... Really interesting and security capabilities have been added to Intune App Protection.
You can now block access to your managed application to non desired iOS model(s).
Access Intune App Protection > App Protection Policies and select/create a policy.
At the bottom of the different security controls, within the table, from the drop down list select "Device model(s)".
A new Device model(s) line is appearing.
Now, the logic behind this security feature is that you have to specifically enter the device model(s) you want to authorize accessing your managed app(s).
Furthermore, you have to select 2 actions; if the non-specified device model(s) will be:
Simply block to access the app.
Business data only will be wiped out from the managed apps.
As an example, if you want to only authorize latest and most secure iOS models to access your company data, enter them as following - they will be simply blocked on managed app(s):
iPhone 10,3 and iPhone 10,6 stand for iPhone X models - each value has to be separated by a semi-colon
Now you can save the policy and you are done!
The complete list of SDK value for device models (iPhone & iPad) can be found here.
I really enjoy this new security feature who give more amplitude and granularity to manage and protect access to your company data within managed applications.