Better Mobile Threat Defense connector with Intune

You can control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Better Mobile, a Mobile Threat Defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Better Mobile app.

You can configure Conditional Access policies based on Better Mobile risk assessment enabled through Intune device compliance policies for enrolled devices, which you can use to allow or block noncompliant devices to access corporate resources based on detected threats. For unenrolled devices, you can use app protection policies to enforce a block or selective wipe based on detected threats.

How do Intune and Better Mobile help protect your company resources?

The Better Mobile app is installed and run on mobile devices. This app captures file system, network stack, device, and application telemetry where available, and then sends the data to the Better Mobile cloud service to assess the device's risk for mobile threats.

Supported platforms

  • Android 4.1 and later

  • iOS 8.0 and later

Prerequisites

  • Azure Active Directory Premium

  • Microsoft Intune subscription

  • Better Mobile Threat Defense subscription

Sample scenarios

Here are some common scenarios.

Control access based on threats from malicious apps

When malicious apps such as malware are detected on devices, you can block devices from the following actions until the threat is resolved:

  • Connecting to corporate e-mail

  • Syncing corporate files with the OneDrive for Work app

  • Accessing company apps

Block when malicious apps are detected:

Image that shows malicious apps detected

Access is granted on remediation:

Malicious apps detected access granted

Control access based on threat to network

Detect threats to your network like Man-in-the-middle attacks, and protect access to Wi-Fi networks based on the device risk.

Block network access through Wi-Fi:

Block network access through Wi-Fi

Access is granted on remediation:

Image that shows access granted on remediation

Control access to SharePoint Online based on threat to network

Detect threats to your network like Man-in-the-middle attacks, and prevent synchronization of corporate files based on the device risk.

Block SharePoint Online when network threats are detected:

Block SharePoint Online when network threats are detected

Access granted on remediation:

Access granted on remediation for Sharepoint example

Control access on unenrolled devices based on threats from malicious apps

When the BETTER Mobile Threat Defense solution considers a device to be infected: App protection policy blocks due to detected malware

Access is granted on remediation:

Access is granted on remediation for App protection policy

Next steps