App protection policies target specific groups of apps

The way app protection policies are created has been changed by Microsoft. Apps are organized into three categories: All apps, All Microsoft apps, and Core Microsoft apps; these are dynamically updated. It will also automate the process of updating the app protection policies that are already created with the latest apps for the various categories and auto-targeting newly created policies with the latest apps for the various categories.



Creating app protection policies

The steps for manually creating an app protection policy are rather easy. It provides IT administrators with the ability to assign app protection policies to groups of apps during the creation of the policy


  • Open the Microsoft Endpoint Manager admin center portal navigate to Apps > App protection profiles

  • On the Apps | App protection policies blade, click Add > iOS/iPadOS or Android

  • On the Basics page, provide the basic policy information and click Next

  • On the Apps page, specify the required target of apps by at least configuring Target policy to to All apps, All Microsoft apps, or Core Microsoft apps and click Next




  • On the Data protection page, specify the required data protection settings and click Next

  • On the Access requirements page, specify the required access requirements and click Next

  • On the Conditional launch page, specify the required app conditions and device conditions and click Next

  • On the Scope tags page, specify the required scope tags and click Next

  • On the Assignments page, specify the required assignment and click Next

  • On the Review + create page, click Create



346 views