- “As enterprise organizations adopt Microsoft Azure Active Directory to safeguard user access to mobile apps – including Microsoft 365 apps – a frequent requirement is to additionally allow or deny access to mobile applications based on the compliance status of the device as determined by SOTI MobiControl. SOTI customers can now benefit from this additional layer of security for any mobile device, whether it’s new, out-of-the-box or a legacy model.” – Oscar Rambaldini, VP of Product Management at SOTI.
Why is this important? Consider:
The average cost of a data breach has increased to $4.24 million USD.
With the rise of hybrid work (96% of employees prefer to work on a hybrid basis now) along with employee preference for using personal devices for work purposes (70% are comfortable if there’s a clear separation between the two), security is more important than ever.
One of the best ways to ensure security is to ensure devices are compliant with your organizational policies. And providing Conditional Access to Microsoft 365 from SOTI MobiControl’s Enterprise Mobility Management (EMM), organizations in all industries can add an extra layer of protection.
What Is It? How Does It Work?
Enterprise organizations adopt Azure Active Directory (Azure AD) for safeguarding user access to mobile apps – including Microsoft 365 mobile apps such as Office, Word, Excel, etc.
Conditional Access to Microsoft 365 allows or denies access to those apps based on the compliance policy status of the mobile device as determined by SOTI MobiControl.
Device compliance can be determined by a variety of criteria, including:
- Device check-in
- Available memory or storage
- Battery percentage
- Model and manufacturer
- Operating System (OS) version
- Passcode enabled
- Installed apps on the device
- Device manufacturer and model
The following graphic illustrates how SOTI MobiControl provides Conditional Access to Microsoft 365 apps on a mobile device:
It’s like an if/then statement:
If the device is compliant, then the end user will get access to the Microsoft 365 mobile apps installed on it. If it is not compliant, then an error message will appear along with further instructions.
Conditional Access for Microsoft 365 works for both unmanaged and managed devices:
- Unmanaged devices: Administrators can block and prompt users to enroll the device into SOTI MobiControl to access all applicable Microsoft 365 mobile apps.
- Managed devices: Administrators can revoke user access to Azure AD authenticated enterprise mobile apps on all iOS devices or Android devices if the device is rooted, stolen or if SOTI MobiControl detects suspicious activity.
Think of it as a restaurant. If the device has the right reservation (compliance policy), the maître d’(Azure AD) lets it in so it can order from the menu (Microsoft 365 apps).
FOR FURTHER READINGLearn more about device compliance policies within SOTI MobiControl
SOTI: Proud to Be a Microsoft Partner
SOTI has collaborated with Microsoft for many years and on many initiatives. It’s no surprise then that incorporating Conditional Access for Microsoft 365 from SOTI MobiControl turned out to be another successful project.
- “It’s one thing for us to test out new features internally, but it’s critical to hear what customers have to say about it. Allowing customers to try Azure Active Directory Conditional Access from Microsoft in SOTI MobiControl in a test environment ensures the feature will work in the scenarios customers need it to. And it gives us valuable insights into adjustments and tweaks we can include to make it even more impactful. Since this is a cloud SaaS integrated solution, Microsoft was able to monitor our integration work in real-time and provide instant feedback to improve performance and scalability.” – Oscar Rambaldini, VP of Product Management at SOTI.
- “In today’s world where devices and data are always on the go, protection is more important than ever. This feature is about connecting two world-class solutions that businesses rely on in a secure manner. Microsoft 365 enables people and teams to connect, collaborate and get work done while SOTI MobiControl protects and secures mobile devices. Using SOTI MobiControl to provide Conditional Access to Microsoft 365 ensures the right people and devices have access to the apps, documents and tools they need.” – Steve Dispensa, VP of Product, Microsoft Endpoint Manager and Windows.
Ensure Total Compliance with Azure AD Conditional Access in SOTI MobiControl
Just think about the critical data stored on a mobile device:
- Sensitive retail customer information or patient healthcare data in Microsoft Excel
- Delivery schedules and product documentation for a transportation and logistics (T&L) company in a Microsoft PowerPoint presentation
- An email thread in Microsoft Outlook discussing pricing and service strategies for a field services organization
It’s essential to protect this type of data and information. Conditional Access for Microsoft 365 mobile apps from SOTI MobiControl ensures the devices themselves – on which the apps and data are stored – are compliant with device policies.
It’s another layer of security and protection in a world where security threats are always lurking, and where devices, data and workers are always on the move.