You can restrict Azure AD access to devices connecting via Jamf Connect's Zero Trust Network Access capabilitiy, blocking connectivity to all others.
This reduces the risk that attackers will be able to log in, while ensuring that trusted users are using approved devices to access data. If a user attempts to log in to an app protected by this Conditional Access rule without Zero Trust Network Access, an error is displayed.
Steps include:
Configuring Jamf Security Cloud
Configuring Azure AD
Configuring a Conditional Access Policy to Require Zero Trust Network Access
Testing the Configuration
While any cloud app that uses Azure AD for logging in can be configured to require Zero Trust Network Access, this rule is often configured to include the most data-sensitive Microsoft apps. These include:
Outlook
OneDrive
Teams
SharePoint
Yammer
Azure
PowerBI
Exchange (ActiveSync)