Microsoft has added new capabilities to Edge for iOS and Android that allow enterprises to deploy the mobile web browser to employees while putting safety measures in place to protect organizational data. The software giant announced today the addition of support for conditional access and single sign-on to Edge's mobile apps.
With conditional access, organizations can limit access to Azure Active Directory-connected web apps for employees only through the Edge browser, which is protected by the Microsoft Intune enterprise mobility management tool. That means third-party browsers like Chrome, Firefox, and Safari can't be used to access those apps as part of Microsoft's efforts to prevent enterprise data leakage.
This also applies to Office 365 solutions including Exchange Online and SharePoint Online, the Office portal, and access to on-premises sites. To use the feature for the first time, users must install the Microsoft Authenticator on their iOS device or the Intune Company Portal on Android phones.
Conditional access and app protection policies vary depending on individual applications. The screenshot below shows a policy targeting browser access:
From there, enterprises can choose to grant access only to cloud resources from vetted apps and set up an Intune application protection policy targeting Edge.
Meanwhile, the single sign-on allows employees to log in to all Azure AD-connected web apps without entering their credentials each time. The only requirement is the Microsoft Authenticator app on iOS or the Intune Company Portal app on Android. These capabilities are now available in public preview to the users of Edge on iOS and Android.