\nWhether a customer has adopted a Bring Your Own Device (BYOD) strategy or is providing employees with a corporate phone, they are looking for more control over the data that resides on a mobile device. Organizations may want to restrict how data moves on the device and ensure the data is removed, should the employee leave the organization.<\/p>\n
What is MAM?<\/strong> Does my device need to be enrolled?<\/strong> What version of the Microsoft Flow mobile app is required?<\/strong> How can I setup a MAM policy?<\/strong> \u2022 Ensure the appropriate application is selected based upon the platform that you are trying to target. If you do not find it in the list of apps, search for it by typing in the appropriate value into the Bundle ID <\/strong>field. Click the Add<\/strong> button to add this application as a required app and then click Select<\/strong> to complete this configuration.\u00a0<\/p>\n Note:<\/strong> This policy has been used as an example. Please modify to meet your organization\u2019s needs.\u00a0<\/p>\n \u2022 Next, we are going to focus on Access requirements<\/strong> and can establish a policy like the one below. Once we are done configuring our Access requirements<\/strong> we can click on the Ok<\/strong> button.<\/p>\n Note:<\/strong> When testing you can lower the Recheck the access requirements after (minutes) setting to reduce the amount of time you need to wait for a prompt.<\/p>\n To select an Azure AD group(s), click on Select groups to include<\/strong> and then select the appropriate group. For this purpose, I have created an Azure AD group and included members for whom I want these policies applied to.<\/p>\n<\/div>\n \u00a0<\/p>\n<\/div>\n \u00a0<\/p>\n \u00a0<\/p>\n \u00a0<\/p>\n \u00a0<\/p>\n \u00a0<\/p>\n","protected":false},"excerpt":{"rendered":" We have recently shipped a new version of the Flow Mobile application for Apple IOS and Android that supports Microsoft Application Management (MAM) support without device enrollment. Using MAM allows IT administrators to create an enforce mobile data policies to safeguard company data.<\/p>\n","protected":false},"author":349,"featured_media":0,"comment_status":"open","ping_status":"open","template":"","power-automate-category":[2752,2836],"power-automate-tag":[2439,2533,2680],"coauthors":[2910],"class_list":["post-110988","power-automate","type-power-automate","status-publish","hentry","power-automate-category-product-updates","power-automate-category-walkthroughs","power-automate-tag-admin","power-automate-tag-data-protection","power-automate-tag-mobile"],"yoast_head":"\n
\nMAM allows organizations to create policies that govern how an application is used within a tenant. This can include enforcing app data encryption, limiting the ability to copy\/extract data to only approved applications or enforcing a PIN on a device can be implemented.<\/p>\n
\nIntune MAM without enrollment does not require a user to enroll their device in Intune MDM. However, the Company Portal application needs to be installed on the device to enforce policies. A user does not need to sign-in to the company portal application for MAM to function. The Company Portal application can be downloaded from the Apple and Android app stores.<\/p>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/1-companyportal.png\")
<\/p>\n
\nVersion 2.31.0 of the app is required. Our deployments for iOS have reached 100% coverage to all regions. For Android, we are staging our rollout so there may be a delay in this version of the app being available.<\/p>\n
\nAn administrator can create polices from the Azure portal. For the purpose of this blog post, we will create an App protection policy that enforces a flow user to require a pin when using the Microsoft Flow mobile application.<\/p>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/2-MamPolicy.png\")
<\/div>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/3-SelectRequiredApps.png\")
<\/p>\n\n
<\/p>\n
![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/5-AccessRequirements.png\")
<\/p>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/6-Assignments.png\")
<\/div>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/7-MAMNotice.png\")
<\/div>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/8-MAMFingerPrint.png\")
<\/div>\n![\"\"](\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/9-MAMpin.png\")
<\/div>\n