Roamer X is managed in Intune mobile application management (MAM) and set to read your organisational Intune application protection policies.
Read more about Microsoft Intune here: Microsoft Intune documentation | Microsoft Learn
With Intune, mobile applications, Roamer X including, on corporate and personal devices are handled according to what your organisation has set in the Intune rules. Theses rule may affect the following:
- Ability to install Roamer X or configure app settings
- Being forced to use authenticator app for login
- Having Roamer X blocked on certain devices
- Ability to copy and paste corporate information from or to Roamer X
Roamer X will warn with the corresponding message from Intune, when a certain corporate MAM rule is attempted to be violated.
Setting up App Protection Policies
To make this work, admin of the organisation should set up 2 new App Protection Policies in Microsoft Intune admin center for Roamer X for iOS and Android devices.
⚠️ Make sure to set Roamer X bundle under Apps > Custom apps and Target policy to > Selected apps. This step is essential for the policy to work for your organisation. Your settings on other stages of creating the policy can be according to your needs.
In case you are setting up MFA or placing other conditions Microsoft Entra admin center > Conditional Access, the Policy that you've created for Roamer X should be set to use App Protection Policy To enforce the use of conditional access.
Here, do the following:
- Make sure to add extra configurations for iOS and Android app registration.
- Add the API permission and your admin consent:
- Click Add a permission.
- Go to APIs my organisation uses.
- Search for Microsoft Mobile Application Management and select it.
What is supported
Find what app protection policies are supported in Roamer X for managed and unmanaged iOS and Android devices.
Data Protection Policies
These settings control how data is handled within apps, including transfer, storage, and sharing capabilities.
| Policy setting | Description | Supported in Roamer X |
|---|---|---|
| Receive data from | Specifies the sources from which organisational data can be received (e.g., all sources, managed apps only, no sources). | no input/sharing |
| Send org data to | Defines destinations to which organisational data can be sent (e.g., all destinations, managed apps only, no destinations). | no input/sharing |
| Restrict cut, copy, and paste | Controls the cut, copy, and paste actions between apps (e.g., allow between managed apps, block all, allow all). | yes |
| Save copies of org data | Determines whether users can save copies of organisational data to local storage or only to managed locations. | yes |
| Encrypt org data | Ensures that organisational data is encrypted within the app. | yes |
| Block screen capture and recording | Prevents users from capturing screenshots or recording content within the app. | yes |
| Allow app to transfer data to other apps | Specifies which apps can receive data from the managed app. | Roamer X has no functionality to require this |
| Allow app to receive data from other apps | Specifies which apps can send data to the managed app. |
Access Requirements
These settings define the conditions under which users can access organisational data within apps.
| Policy setting | Description | Supported in Roamer X |
|---|---|---|
| Require PIN for access | Requires users to enter a PIN before accessing the app. | yes |
| Require fingerprint or Face ID | Allows biometric authentication as an alternative to PIN. | yes |
| Timeout (minutes) for PIN reset | Sets the duration before the PIN reset is required after inactivity. | yes |
| Number of attempts before PIN reset | Specifies the number of failed attempts allowed before the PIN is reset. | yes |
| Require corporate credentials for access | Mandates re-authentication with corporate credentials after a specified time. | yes |
Conditional Launch
These settings determine the app's behaviour under specific conditions to enhance security.
| Policy setting | Description | Supported in Roamer X |
|---|---|---|
| Max PIN attempts | Sets the maximum number of incorrect PIN entries before the app is wiped. | yes |
| Offline grace period | Defines how long the app can run offline before requiring re-authentication. | not applicable |
| Jailbroken or rooted device | Blocks access if the device is jailbroken or rooted. | |
| Min OS version | Requires a minimum operating system version to access the app. | |
| Min app version | Requires a minimum version of the app to access organisational data. | |
| Device threat level | Restricts access based on the device's threat level as determined by mobile threat defence solutions. |