MAM with Intune main menu
Ok, so lets launch the Intune console and create the policies to introduce the concept of containerisation. We can configure a MAM container so that data can only be shared between managed apps.
We are only interested in Android devices for the moment but we will see that we can also create policies for iOS devices.
Open Policy > Configuration Policies.
Click to Add a new configuration policy. Browse to the Software Section.
See our choices:
Managed Browser Policy for iOS or Android
Mobile Application Management Policy for iOS or Android.
We'll choose Mobile Application Management Policy for Android this time. Click to "Create a custom policy". Now see the available options. Note that I have chosen all default settings.
Give the policy a name. It makes sense to choose Yes for "Restrict web content to display in the Managed Browser" (when this setting is enabled, any links in the app will be opened in the Managed Browser).
See options for preventing data leakage.
Require a PIN for access to the containerised area.
I like to disable screenshots of the managed area (makes sense if you are securing data).
The Android Mobile Application Management Policy has been created. See that this policy can not be deployed directly. It must be associated with the software that it will manage.
OK, now let's create the Managed Browser Policy.
Name the policy and configure the URLs that you want to secure. I only have one.
Policy has been created. See again that this policy must be associated with the software which it will manage.