CA-05: Require App Protection for Mobile Access
Frequently asked questions about implementing and managing the CA-05 security control in Microsoft 365 and Entra ID.
QWhat is CA-05 (Require App Protection for Mobile Access)?▼
CA-05 is a security control that mobile devices accessing corporate data should use apps with protection policies. this prevents data leakage through unmanaged apps and ensures corporate data remains protected on personal devices. It requires that a conditional access policy requires approved or compliant applications for mobile and policy targets ios and android platforms, office 365 or all cloud apps are protected.
QWhy is Require App Protection for Mobile Access important for Microsoft 365 security?▼
Mobile devices accessing corporate data should use apps with protection policies. This prevents data leakage through unmanaged apps and ensures corporate data remains protected on personal devices.
QHow do I implement CA-05 in my tenant?▼
TrueConfig provides one-click remediation for CA-05. Creates a CA policy requiring app protection for mobile devices. PREREQUISITE: Intune App Protection Policies must be configured.
QWhat license do I need for CA-05?▼
This control requires Azure AD Premium P1 (included in Microsoft 365 E3) or higher.
QWhich security baseline includes CA-05?▼
CA-05 is included in the Enhanced Security baseline (Level 2). This level adds stricter controls for security-conscious organizations.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial