- #Email client apps that support outlook contact groups how to#
- #Email client apps that support outlook contact groups update#
- #Email client apps that support outlook contact groups android#
- #Email client apps that support outlook contact groups download#
#Email client apps that support outlook contact groups android#
To ensure that users of iOS and Android devices can only access work or school content using Outlook for iOS and Android, you need a Conditional Access policy that targets those potential users. Require that iOS and Android devices must use Outlook In the Azure portal, create a new Conditional Access policy with these settings:Īssignments > Users and groups: Select appropriate users and groups to include and exclude.Īssignments > Cloud apps or actions > Cloud apps > Include > Select apps: Select Office 365 Exchange OnlineĪccess controls > Session: Select Use app enforced restrictions If you want to block attachments, use this command: Set-OwaMailboxPolicy -Identity Default -ConditionalAccessPolicy ReadOnlyPlusAttachmentsBlocked If you want to allow viewing of attachments but no downloading, use this command: Set-OwaMailboxPolicy -Identity Default -ConditionalAccessPolicy ReadOnly If you don't already have an OWA mailbox policy, create one with the New-OwaMailboxPolicy cmdlet. You can also block users from seeing attachments on an unmanaged device.Ĭonnect to an Exchange Online Remote PowerShell session. Users on these devices can view and edit these files using Office Online without leaking and storing the files on the device.
#Email client apps that support outlook contact groups download#
You can restrict the ability for users to download attachments from Outlook on the web on unmanaged devices. Limit access to Exchange Online from Outlook on the web You can also use authentication policies to disable Basic authentication, which forces all client access requests to use modern authentication. To block Exchange ActiveSync using basic authentication on other devices, follow the steps in Block Exchange ActiveSync on all devices, which prevents Exchange ActiveSync clients using basic authentication on non-mobile devices from connecting to Exchange Online. Require MFA when sign-in risk is low, medium or highĮxchange ActiveSync can be used to synchronize messaging and calendaring data on desktop and mobile devices.įor mobile devices, modern authentication-capable Exchange ActiveSync clients that do not support Intune app protection policies (or supported clients that are not defined in the app protection policy) and Exchange ActiveSync clients that use basic authentication are blocked based on the Conditional Access policy created in Require approved apps and APP protection. Include Exchange Online in the list of cloud apps
#Email client apps that support outlook contact groups update#
Be sure to update the policy for each platform (iOS, Android, Windows) Include Exchange Online in the assignment of cloud appsīlock clients that don't support modern authenticationīe sure Outlook is included in the list of apps. Require MFA when sign-in risk is medium or high Each policy links to the associated configuration instructions in Common identity and device access policies. Review the policies listed in the following table and either make the recommended additions, or confirm that these are already included. If you included Exchange Online and Outlook in the scope of the policies when you set them up, you only need to create the new policy to block ActiveSync clients. Note the addition of a new policy for Exchange Online to block ActiveSync clients. To protect email, the following diagram illustrates which policies to update from the common identity and device access policies. For more information, see Outlook for iOS and Android FAQ. These mobile Outlook apps are also architected with security capabilities that support mobile use and work together with other Microsoft cloud security capabilities. Outlook for iOS and Android provide support for the best features of Office 365. These recommendations require your users to use modern email clients, including Outlook for iOS and Android on mobile devices. You can learn more about these security tiers, and the recommended client operating systems, referenced by these recommendations in the recommended security policies and configurations introduction. These recommendations are based on three different tiers of security and protection that can be applied based on the granularity of your needs: starting point, enterprise, and specialized security. This guidance builds on the Common identity and device access policies and also includes a few additional recommendations.
#Email client apps that support outlook contact groups how to#
This article describes how to implement the recommended Zero Trust identity and device access policies to protect organizational email and email clients that support modern authentication and conditional access.