Conditional access policies
Purpose of Conditional access policies
Section titled “Purpose of Conditional access policies”CA’s provide a strong method of proving access control, only granting or blocking access to company data when specific conditionals are met. These policies greatly improve an org’s security posture.
Design
Section titled “Design”When building a policy, you should first look at configuring and ensuring your other O365 tools have been configured and in a good state, such as device compliance within intune.
For that, we can use compliance policies. These allow us to configure a set of requirements that devices must meet to be classed as compliant within the environment. Then, we can add a conditional access policy on top to restrict access to corporate data from any devices that do not meet the criteria.