Sales: 0114 303 0249
Email: [email protected]
Menu
Close
Contact us
28.01.26 Leon Barker
Modern Workplace
Resources
Security
Software

How to Implement Intune Mobile Application Management (MAM)

For those who would like the technical configurations and specifics for implementing Intune Mobile Application Management (MAM), here’s a step-by-step guide.

A close up photo of a phone screen showing Microsoft applications

Recently, I’ve written about both the differences between Mobile Application Management (MAM) and Mobile Device Management (MDM) without compromising employee privacy, and a much more comprehensive, overarching guide to Bring Your Own Device (BYOD) in 2026.

In the first article, MAM was my strong recommendation if you’re looking at implementing a BYOD policy. So here for those who want the specifics, here’s how to configure App Protection Policies in Intune:

Step 1: Go to Microsoft Intune Admin Portal > Apps > Protection > Create policy

Step 2: Choose Platform: iOS/iPadOS, Android or Windows

Step 3: Configure settings as below:

Protected Apps:

  • All Microsoft Apps

Data Protection Settings:

x Block backup org data to iTunes or iCloud

✓ Send org data to other apps: Policy managed apps only

✓ Receive data from other apps: Policy managed apps only

✓ Restrict cut, copy, paste: Policy managed apps with paste in

✓ Encrypt org data: Require

✓ Screen capture: Block

✓ Printing org data: Block (or restrict to managed printers)

Access Requirements:

✓ PIN for access: Require (separate from device PIN)

✓ Work or school account credentials: Require

✓ Recheck access requirements after: 30 minutes

Conditional Launch:

✓ Max PIN attempts: 5 (Action: Wipe corporate data)

✓ Offline grace period: 720 minutes (Action: Block access)

✓ Jailbroken/rooted devices: Block access

✓ Min OS version: iOS 16 / Android 13 (Action: Block access)

 

The beauty of this approach is that it requires zero IT involvement after initial setup. Users install Microsoft Authenticator and their work apps from the App Store or Play Store, sign in with corporate credentials, complete multi-factor authentication (MFA), and the protection policies automatically apply. It’s self-service BYOD that actually works.

As your trusted MSP partner, we’re here to help you navigate both the decision on Bring Your Own Device, and any technical configurations. We’ll assess your current setup, understand your business goals, and design a BYOD strategy (or recommend alternatives) that balance security, usability, and cost.

Because at the end of the day, technology should enable your business to grow, not hold it back. And when it’s done right, BYOD can be a powerful enabler of productivity and flexibility – without keeping you awake at night worrying about data breaches.

Free Support on BYOD Strategy

If you're looking for a free consultation to get started with your Bring Your Own Device strategy, contact the AAG team today.
Contact us today
Leon Barker
Technical Consultant

How can AAG your business help with BYOD?

This field is for validation purposes and should be left unchanged.
Name(Required)
Privacy Consent(Required)

Related insights

Browse more articles from our experts and discover how to make better use of IT in your business.

Business
Modern Workplace
Resources
Security
A person leaning casually against a white Volkswagen car branded with the AAG IT Services logo, parked on a cobblestone street in York city centre. The background features old brick buildings, a pub named 'The Micklegate,' and a medieval stone gateway with battlements under a partly cloudy blue sky. Several bicycles are parked nearby, and festive string lights hang across the street.

MAM vs MDM: Securing BYOD Without Invading Employee Privacy

22.01.26

MAM vs MDM sounds a very technical question for Bring Your Own Device policies, but let's put this in plain-English business language. Read More

Business
Modern Workplace
A presenter in an AAG-branded shirt stands at the front of a meeting room, pointing to a large wall-mounted screen displaying an IT strategy diagram titled ‘Taking IT from Functional to Transformational.’ Three colleagues sit around a wooden conference table, watching the presentation. The room features a purple accent wall, a large indoor plant near the window, and various meeting equipment on the table.

Being an Avocado Farmer feels tempting sometimes

19.01.26

An open, honest, and transparent reflection on what it's like being a Technical Consultant. From Leon Barker, the man himself. Read more today. Read More

Business
Modern Workplace
Resources
Security
Exterior view of a modern office building with large glass windows and a prominent “AAG” logo displayed across the upper section. The entrance features double glass doors with a curved glass canopy above. A person is standing outside the entrance holding a laptop, wearing a white shirt and dark trousers with a black jacket that has the “AAG IT Services” logo. The building is surrounded by a paved walkway, metal bollards, and parked cars in the background under a partly cloudy sky.

A Comprehensive Guide for Bring Your Own Device (updated for 2026)

12.01.26

The BYOD approach upends traditional office practices by allowing staff to work on their own devices. While this method can bring many a positive impact and support workflows, it also opens the door to considerable risks if not managed with care. Read More