Setup conditional access

Requirements

Create a device compliance policy

Open a browser and sign in to your Microsoft Intune.

Click Device compliance > Policies

Click Create Policy

Set Platform to iOS/iPadOS or Android Enterprise depending on your use case.

ClickSettings > Device Health

Set Require the device to be at or under the Device Threat Level to Secured.

This setting will determine the tolerable device threat level as dictated by BETTER MTD's threat evaluation. You may set the value to other thanSecuredat your own discretion.

Click OK > OK > OK> Create. Now assign the policy to the relevant users/groups and you're done.

Create a conditional access policy

Open a browser and sign in to your Microsoft Intune.

Click Conditional access > New Policy

Click Conditions > Sign-in risk

Set Configure to Yes

Set the Sign-in risk to No risk

Click Select > Done

Click Grant

Select Grant access & Require device to be marked as compliant

Click Select

Set Enable policy to On to put the policy into effect upon creation.

Click Create . Now assign the policy to the relevant users/groups and you're done.

‚Äč