Workspace ONE UEM integration with Microsoft Intune® App Protection Policies removes the need to manage DLP policies for your Microsoft Intune® App Protection policies in two consoles. You can configure the data loss prevention (DLP) application policies for your Microsoft Intune® App Protection in Workspace ONE UEM. After you integrate the two systems, manage the DLP application policies in the Workspace ONE UEM console so that the integration stays current.

Required Microsoft Components

To integrate Workspace ONE UEM and Microsoft Intune® App Protection Policies DLP, ensure that these components are set.

  • Admin access to Azure Active Directory with permissions to add enterprise applications and with the Group.Read.All and Group.ReadWrite.All permissions.
  • AirWatch by VMware added under Azure Active Directory > Mobility (MAM and MDM).
  • Licenses from Microsoft for Microsoft Intune App Protection policies and Enterprise.

Most Microsoft Intune® App Protection Policies are available for Android and iOS platforms.

Manage in the Workspace ONE UEM Console to Stay Synced

After you integrate the two systems, manage the DLP application policies in the UEM console so that the integration stays current. Workspace ONE UEM does not receive changes that are made in other parts of the integration. The DLP application policies or security group assignments can get out of sync. See Microsoft Intune® App Protection Policies Settings for descriptions of the settings in the UEM console.