Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kronos
Explorer

Harmony Mobile BYOD exchange enforcement

Looking at integrating Harmony Mobile product to a Azure AD and using the risk profiles created by the HM product to prevent access to exchange servers from mobile devices that are above a certain risk threshold.

Main intent is to provide BYOD users access to exchange and block if their device is displaying any security risk flags. I know the easy answer is to integrate with an MDM solution but this cant be done on BYOD devices.

Has anyone had any experience of this or the joys of cyber essentials plus assessments.

Many thanks for your help.

0 Kudos
9 Replies
Chris_Atkinson
Employee
Employee

Have you experimented with Conditional Access settings for "High" risk devices?

Go to Policy > select Policy Profile > On-device Network Protection > Content Inspection > Conditional Access

0 Kudos
Kronos
Explorer

Thank you

I am now getting the following alert on the mobile.

Kronos_2-1650904123215.png

Screen shot from my admin portal attached below but i can still access my corporate outlook from my device.

0 Kudos
Chris_Atkinson
Employee
Employee

Unfortunately the screenshot doesn't show in what way On-device Network Protection (ONP) is currently enabled?

It's located just above the portion of the screen captured...

Also depending upon if HTTPs inspection is used you may need to specify the corresponding IP addresses.

0 Kudos
the_rock
Champion
Champion

I believe admin guide indicates that conditional access is only for blocking access to domains if you connect to rogue wifi.

0 Kudos
Chris_Atkinson
Employee
Employee

Don't believe so, can you please share the reference to this ?

(Rogue WiFi is certainly a trigger for a change in device risk however.)

0 Kudos
the_rock
Champion
Champion

0 Kudos
Chris_Atkinson
Employee
Employee

Thanks Im aware of the documentation location, but I cannot see the linkage between rogue wifi and conditional access therein 

0 Kudos
the_rock
Champion
Champion

O, sorry, thats what we were told via TAC case when asking about rogue wi-fi / conditional access.

0 Kudos
the_rock
Champion
Champion

Unless I misunderstood something about it...reading the guide again, it would seem its more related to blocking access regardless of rogue wi-fi...

0 Kudos