Forum Discussion
Intune configs
Dears,
is there any way to block downloading/uploading in Intune for android devices ?
we guess that it can be via application protection policies, but there is not any options for blocking these operations.
Hi, yes, it’s possible to limit downloads and uploads on Android devices managed with Intune, but there’s no specific setting to block these actions directly via Application Protection Policies (APP). However, depending on how your devices are managed, you have a few options:
-Application Protection Policies (APP)-
You can restrict data sharing to managed apps only, preventing users from saving files to personal locations (like Google Drive or the device’s local storage). While this won’t block downloads entirely, it can stop file transfers, copying, and backups.Example Configuration:
File save: Block
Cloud backup: Block
Data sharing: Only between managed apps
Device Restrictions (Android Enterprise)
If your devices are fully managed or use a work profile, you can block access to external storage (USB, SD cards) and disable data transfer via USB or Bluetooth.-Quick steps-
Create a Device Restriction profile in Intune.
Configure it to block USB, data sharing between profiles, etc.
Conditional Access with SharePoint/OneDrive
If the goal is to prevent file downloads from corporate cloud services (e.g., SharePoint, OneDrive), you can create a Conditional Access policy with read-only sessions using Microsoft Defender for Cloud Apps.
