News

Microsoft Test Drives Conditional Access for macOS

• By Kurt Mackie
• August 24, 2017

Microsoft this week launched a preview of "conditional access" restrictions for devices based on Apple's macOS operating system.

According to an announcement Wednesday by Alex Simons, director of program management for the Microsoft Identity Division, the preview was recently added to Azure Active Directory (AD) and the Microsoft Intune mobile management service.

Conditional access restrictions are imposed through policy settings. For instance, network access by a device might get blocked if it lacks the latest software patches. IT pros can set up such policies using the Intune blade of the Azure management portal. They can then specify the specific requirements for devices to meet to ensure compliance.

The preview will only work if "the Intune Company Portal app" is installed, Microsoft's announcement clarified. Devices need to be running macOS 10.11 or greater to use the feature. The conditional access policies will work with Office 2016 for macOS applications (namely, Excel, OneNote, Outlook, PowerPoint and Word) that are at version 15.34 or greater. The policies are only supported with the Apple Safari browser.

Microsoft has had its conditional access scheme in place for Intune and Azure AD for various operating system platforms for a while. However, for some reason, macOS support had lagged. It was "one of the most frequently requested" items mentioned by customers, Simons indicated.