Microsoft Intune is ranked 1st in Enterprise Mobility Management (EMM) with 18 reviews while Sophos Mobile is ranked 11th in Enterprise Mobility Management (EMM) with 2 reviews. Microsoft Intune is rated 7.6, while Sophos Mobile is rated 7.0. The Intune device compliance policy includes a rule for Sophos Mobile Threat Defense, which is based on the Sophos Mobile risk assessment. When this rule is enabled, Intune evaluates device compliance with the policy that you enabled. Sophos connects to Intune and requires you to sign in to your Intune subscription. In the Microsoft Intune authentication window, enter your Intune credentials and Accept the permissions request for Sophos Mobile Thread Defense. On the Sophos setup page, select Save to complete the configuration for Intune. If Sophos (we've got InterceptX) isn't installed, it's like InTune is picking up Windows Defender and thus marking the device as compliant. However, the moment InterceptX is installed (and thus I think not registering itself Windows Security Centre) InTune marks the device as non-compliant.

-->

You can control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Sophos Mobile, a Mobile Threat Defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Sophos Mobile app.You can configure Conditional Access policies based on Sophos Mobile risk assessment enabled through Intune device compliance policies, which you can use to allow or block noncompliant devices to access corporate resources based on detected threats.

Note

This Mobile Threat Defense vendor is not supported for unenrolled devices.

Supported platforms

• Android 6.0 and later
• iOS 11.0 and later

Prerequisites

• Azure Active Directory Premium
• Microsoft Intune subscription
• Sophos Mobile Threat Defense subscription

For more information, see the Sophos website.

How do Intune and Sophos Mobile help protect your company resources?

Sophos Mobile app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, and then sends the telemetry data to the Sophos Mobile cloud service to assess the device's risk for mobile threats.

The Intune device compliance policy includes a rule for Sophos Mobile Threat Defense, which is based on the Sophos Mobile risk assessment. When this rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources like Exchange Online and SharePoint Online. Users also receive guidance from the Sophos Mobile app installed in their devices to resolve the issue and regain access to corporate resources.

Sample scenarios

Here are some common scenarios.

Control access based on threats from malicious apps

When malicious apps such as malware are detected on devices, you can block devices from the following actions until the threat is resolved:

• Connecting to corporate e-mail
• Syncing corporate files with the OneDrive for Work app
• Accessing company apps

Block when malicious apps are detected:

Access granted on remediation:

Control access based on threat to network

Deploy Zoom With Intune

Detect threats to your network like Man-in-the-middle attacks, and protect access to Wi-Fi networks based on the device risk.

Block network access through Wi-Fi:

Access granted on remediation:

Sophos Antivirus Intune

Control access to SharePoint Online based on threat to network

Detect threats to your network like Man-in-the-middle attacks, and prevent synchronization of corporate files based on the device risk.

Sophos Intune

Block SharePoint Online when network threats are detected:

Access granted on remediation:

Next steps