VMware AirWatch and Office 365 Application Data Loss Prevention Policies

Similar documents
Microsoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811

VMware AirWatch Workspace ONE Send Admin Guide Configuring and deploying Workspace ONE Send

VMware Boxer Comparison Matrix for IBM Notes Traveler Compare the features supported by VMware Boxer and AirWatch Inbox

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware AirWatch File Storage Setup Guide Setting up file storage for AirWatch functionality

INSTALLATION AND SETUP VMware Workspace ONE

VMware AirWatch Integration with Microsoft ADCS via DCOM

VMware AirWatch Integration with F5 Guide Enabling secure connections between mobile applications and your backend resources

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

VMware AirWatch Integration with Palo Alto Networks WildFire Integrate your application reputation service with AirWatch

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

VMware AirWatch Memcached Integration Guide Integrating Memcached functionality into your AirWatch deployment

VMware AirWatch Self-Service Portal End User Guide

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

VMware AirWatch Database Migration Guide A sample procedure for migrating your AirWatch database

VMware AirWatch Tizen Guide

VMware AirWatch Integration with RSA PKI Guide

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

VMware AirWatch Certificate Authentication for EAS with ADCS

VMware Avery Dennison Printer Integration Guide Integration with Workspace ONE UEM

VMware AirWatch Epson Printer Integration Guide Using Epson printers with Workspace ONE UEM

VMware AirWatch tvos Platform Guide Deploying and managing tvos devices

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

VMware AirWatch Integration with SecureAuth PKI Guide

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

VMware PIV-D Manager Deployment Guide

VMware AirWatch Content Gateway Guide for Windows

VMware Browser Admin Guide Configuring and deploying the VMware Browser

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENSv2 for cloud and on-premises deployments

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

VMware AirWatch Mobile Application Management Guide Enable access to public and enterprise apps

VMware AirWatch Integration with Apple Configurator 2 Guide Using Apple Configurator 2 and AirWatch to simplify mass deployments

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

VMware AirWatch Integration with OpenTrust CMS Mobile 2.0

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

VMware Browser Admin Guide Configuring and deploying the VMware Browser

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

VMware Enterprise Systems Connector Guide for SaaS Customers ACC Installation and Integration for SaaS

VMware AirWatch Content Gateway Guide for Linux For Linux

VMware AirWatch Android Platform Guide

AirWatch Container. VMware Workspace ONE UEM

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

VMware AirWatch Content Gateway Guide for Windows

Workspace ONE UEM Upgrade Guide

VMware AirWatch On-Premises Certificate Authority Guide

VMware AirWatch Datamax-O Neil Integration Guide

VMware AirWatch Epson Printer Integration Guide Using Epson printers with Workspace ONE UEM

VMware AirWatch Product Provisioning and Staging for Windows Rugged Guide Using Product Provisioning for managing Windows Rugged devices.

Workspace ONE Chrome OS Platform Guide. VMware Workspace ONE UEM 1811

VMware AirWatch Books Deployment Guide Distribute and deploy books

VMware AirWatch Content Gateway Guide for Windows

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

VMware AirWatch Content Gateway Guide for Windows

Integrating VMware Workspace ONE with Okta. VMware Workspace ONE

Service Description VMware Workspace ONE

VMware AirWatch PowerShell Integration Guide Securing your infrastructure

VMware AirWatch Product Provisioning and Staging for QNX Guide Using Product Provisioning for managing QNX devices.

VMware Workspace One Web. VMware Workspace ONE UEM

Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

VMware AirWatch PowerShell Integration Guide Securing your infrastructure

VMware AirWatch Product Provisioning and Staging for Android Guide Using Product Provisioning for managing Android devices.

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: VMWARE IDENTITY MANAGER ARCHITECTURE

VMware AirWatch Datamax-O Neil Integration Guide

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

VMware Content Gateway to Unified Access Gateway Migration Guide

VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

VMware AirWatch Express Guide Managing your organization's mobile devices

VMware Tunnel Guide for Windows

VMware AirWatch Reports Guide

VMware AirWatch Content Gateway Guide For Linux

Samsung Knox Mobile Enrollment. VMware Workspace ONE UEM 1902

VMware AirWatch System Settings Reference Manual for SaaS Customers A comprehensive listing of AirWatch system settings

VMware AirWatch SDK Plugin for Xamarin Instructions Add AirWatch Functionality to Enterprise Applicataions with SDK Plugins

INTEGRATING WITH DELL CLIENT COMMAND SUITE: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

Google Sync Integration Guide. VMware Workspace ONE UEM 1902

VMware Workspace ONE UEM Integration with Apple School Manager

INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

VMware AirWatch Express Guide Managing your organization's mobile devices

VMware Workspace ONE UEM Apple tvos Device Management. VMware Workspace ONE UEM 1811 VMware AirWatch

VMware AirWatch SDK Plugin for Xamarin Instructions Add AirWatch Functionality to Enterprise Applicataions with SDK Plugins

VMware AirWatch Windows Autodiscovery Service Installation Guide Installing and configuring Windows Autodiscovery with AirWatch

VMware Tunnel Guide for Windows

VMware AirWatch Reports Guide

VMware AirWatch Directory Services Guide Integrating your Directory Services

VMware AirWatch Product Provisioning for Windows Desktop Guide Using Product Provisioning for managing Windows Desktop devices.

VMware AirWatch Product Provisioning for macos Guide Using Product Provisioning for managing macos devices.

ForeScout Extended Module for VMware AirWatch MDM

Compliance Manager ZENworks Mobile Management 2.7.x August 2013

VMware AirWatch Mobile Management Troubleshooting Guide

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

Transcription:

VMware AirWatch and Office 365 Application Data Loss Prevention Policies Workspace ONE UEM v9.5 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com. This product is protected by copyright and intellectual property laws in the United States and other countries as well as by international treaties. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. 1

Add AirWatch by VMware as an Azure Enterprise MDM Application To enable Workspace ONE UEM and Azure to communicate, add AirWatch by VMwareapplication to your Azure environment. This action allows Workspace ONE UEM to manage the DLP policies for Microsoft Intune App Protection Policies applications. For the most current procedure, see Microsoft Azure Active Directory Documentation at https://docs.microsoft.com/enus/azure/active-directory/. 1. In Microsoft Azure, navigate to your Azure Active Directory and Mobility Apps, Mobility (MDM and MAM). 2. Select Add Application. 3. Select AirWatch by VMware application. 4. Review the application details and select Add. 5. In the Mobility (MDM and MAM) area, confirm that AirWatch by VMware displays in the list of applications. Microsoft Intune App Protection Policies Settings Configure and apply data loss prevention (DLP) application policies to the Microsoft Intune App Protection applications and data in the Workspace ONE UEM console. Workspace ONE UEM does not directly enforce policies on applications. The Microsoft SDK controls and enforces the policies. To configure and apply data loss prevention (DLP) application policies to the Microsoft Intune App Protection applications the user must be an admin with the privileges to configure app policies in intune. Complete the following steps to add DLP application policy information to the UEM console: 1. Navigate to Groups & Settings > All Settings > Apps > Microsoft Intune App Protection Policies. 2. Navigate to the Authentication tab. Office 365 data loss prevention application policies allow administrators to configure policies to protect Office 365 apps and data using Microsoft Graph APIs. To configure Office 365 DLP policies, you need admin credentials to connect your tenant to Workspace ONE UEM. Enter the user name and password for the Azure admin. Workspace ONE UEM uses these credentials to search and assign the DLP application policies to the Microsoft Security Groups. 2

User name Password Enter the user name to configure your tenant to Workspace ONE UEM. Enter the password that is used to configure your tenant to Workspace ONE UEM. 3. Configure the preferred Microsoft Intune App Protection Policies DLP application policies. Configure DLP app policies for your managed Microsoft Intune App Protection Policies applications and data. Find these configurations in the UEM console at Groups & Settings > All Settings > Apps > Microsoft Intune App Protection Policies. Setting Data Relocation Prevent Backup Allow Apps to Transfer Data to Other Apps Prevents users from backing up data from their managed applications. All Apps - Enables users to send data from managed applications to any application. Restricted Apps - Allows users to send data from their managed applications to other managed applications. No Apps - Prevents users from sending data from managed applications to any application. Allow Apps to Receive Data from Other Apps All Apps - Enables users to receive data from applications to their managed applications. Restricted Apps - Allows users to receive data from other managed applications to their managed applications. No Apps - Prevents users from receiving data from all applications to their managed applications. Prevent Save As Restrict Cut Copy Paste with Other Apps Prevents users from saving managed Microsoft Intune App Protection Policies application data to another storage system or area. Any App - Allows users to cut, copy, and paste data between their managed applications and any application. Blocked - Prevents users from cutting, copying, and pasting data between managed applications and all applications. Policy Managed Apps - Allows users to cut, copy, and paste data between managed Microsoft Intune App Protection Policies applications. Policy Managed Apps with Paste In - Allows users to cut and copy data from their managed applications and to paste the data into other managed applications. It also allows users to cut and copy data from any application into their managed applications. 3

Restrict Web Content to Display in Managed Browser Encrypt App Data Disable Contents Sync Disable Printing Allowed Data Storage Locations Access Require PIN for Access Number of Attempts before PIN Reset Allow Simple PIN PIN Length Allowed PIN Characters Allow Fingerprint Instead of PIN Require Corporate Credentials For Access Block Managed Apps from Running on Jailbroken or Rooted Devices Recheck The Access Requirements After (minutes) Forces links in managed applications to open in a managed browser. Encrypts data pertaining to managed applications when the device is in the selected state. The system encrypts data stored anywhere, including external storage drives and SIM cards. Prevents managed applications fromsaving contacts to the native address book. Prevents users from printing data associated with managed applications. Enables admins to control where users can store managed application data. Requires users to enter a PIN to access managed applications. Users create the PIN upon initial access. Sets the number of entries users attempt before the system resets the PIN. Allows users to create four digit PINs with repeating characters. Sets the number of characters users must set for their PINs. Sets the characters that users must configure for their PINs. Enables users to access managed applications with their fingerprints rather than PINs. Requires user to access managed applications with their enterprise credentials. Prevents users from accessing managed applications on compromised devices. Sets the system to check the access PIN, fingerprint, or credential information when the access session reaches one of the time interval options. Timeout - The number of minutes the access sessions for managed applications are idle. Offline Grace Period - The number of minutes devices with managed applications are offline. Offline Interval (days) before App Data is Wiped Block Screen Capture and Android Assistant ios Sets the system to remove managed application data from devices when devices are offline for a set number of days. Prevents users from taking screen shots on their devices when they access managed applications. 4

version required version required (Warning alert only) required required (Warning alert only) Minimum App protection policy SDK version required Android Block Screen Capture and Android Assistant version required version required (Warning alert only) required required (Warning alert only) Minimum Android patch version required Minimum Android patch version required (Warning alert only) Enter the required minimum ios version number that a user must have to gain secure access to the application. Enter the recommended minimum ios version number that a user must have to gain secure access to the application. Enter the required minimum App version number that a user must have to gain secure access to the application. Enter the recommended minimum App version number that a user must have to gain secure access to the application. Enter the minimum Intune Application Protection Policy SDK version that a user must have to gain secure access to the application. If Yes is selected, screen captures and Android Assistant app scanning will be unavailable when using an Office app. Enter the required minimum Android OS version number that a user must have to gain secure access to the app. Enter the recommended minimum Android OS version number that a user must have to gain secure access to the app. Enter the required minimum App version number that a user must have to gain secure access to the app. Enter the recommended minimum App version number that a user must have to gain secure access to the app. Enter the oldest required Android security patch level a user can have to gain secure access to the app. Enter the oldest recommended Android security patch level a user can have to gain secure access to the app. 4. Assign the DLP application policies to the Microsoft Security Groups. The security groups are previously configured in Azure. Setting All Security Groups Enter the name of the security group to assign it to the DLP app policies. Select from the list the system displays after an entry. Select Add Group to assign the DLP app policies to the security group. 5

Security Groups Assigned to Microsoft Intune App Protection Policies Policies Lists the security groups assigned to the DPL app policies. Select Remove Group to remove the assignment from the security group. Note: The warning alters for the Operating System version, App version, and the Android Patch version only notifies the user with a warning message. However, the warning alters do not stop the end users from using the app. 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback