Security change in Intune may render devices unable to connect to services

As recently announced, there is a security update coming to Intune, that if configured along with Conditional access in Azure AD, could mean users on devices won’t be able to connect to services.

If you have used compliance policies with Conditional Access (CA) in Intune, you may have noticed that devices without a compliance policy assigned to them are considered compliant and end users are allowed access to email. In March, we’ll introduce a new toggle so that admins will have the option to have devices with no compliance policy assigned to them treated as “not compliant”.These devices will be blocked by CA and end users associated with them will lose access to email. However, you’ll have control over turning this feature on or off for your tenant, as we mention later in this post.

View the update from Microsoft Intune Support Team Blog

In March, we’re introducing a toggle in Intune on Azure that Intune standalone customers can use to treat devices without any policy assigned as ‘Compliant’ (security feature off) or treat these devices as ‘Not compliant’ (security feature on). This toggle will be set to turn the feature on by default, but you can turn it off it in the console if you choose to. If you use Conditional Access, we recommend you do not turn this feature off and leave the toggle set to ‘Not compliant’.