Mobile devices can be a challenging asset to manage and keep secure with their many variations in ownership, management and operating systems. This blog post will give you some ideas on how you can enforce a minimum version of the operating system on the mobile phones accessing the company's data in Microsoft 365.
The cell phone is for many users the edge of privacy where they can accept the company's administration. At the same time, it is important for the company to have control over its data and applications.
An important prerequisite must be set from the orgranization - Yes, users can have access to data, under defined conditions. One important security measure is to ensure updated software regardless of management mode. Let us dive into the condition of having updated operative systems on the mobile device accessing company data.
MDM and MAM in Microsoft Intune
|Example of recommendation from vulnerability management addressing Apple iOS version|
Inside Microsoft 365 Defender Portal we find recommendations for upgrading the operating system versions for Apple and Android devices. This information will include details of which devices are exposed, which versions of the operating system are involved as well as how many weaknesses each version has.
Enforcement of OS through MAM
This will force the user to update the operating system on their device before they are allowed to access the corporate application and data. This can be a reasonable sanction for Apple devices that have the option to update. For security reasons, this kind of sanctions should be implemented also for Android devices - but be aware that this can potentially force recirculation of devices since the lifespan of available updates are poorer for Android devices.