Automatically Protect Your App with Visual Studio App Center and Intune

Villars Gimm

With App Center and Intune, you can already publish line of business (LOB) to a company store. While this is a great first step for enterprises to publish to a safe, company-authorized store so that employees can download LOB apps, many companies require additional security to safeguard company data in apps and on user’s multiple devices.

Today, we are announcing the integration of Intune application protection policies into App Center. Admins and security persons can now turn on data protection with organization-wide policies, which also benefits LOB app developers as they can release MAM-ware apps to the Intune store. After publishing the application to Intune, the admin can apply company required policies via the Intune blade in the Azure portal.

What are Intune App Protection Policies?

Intune is a cloud-based service in the enterprise mobility management (EMM) space that keeps corporate data protected with both mobile device management (MDM) and mobile application management (MAM) solutions. MAM is the great option for companies with bring-your-own-device (BYOD) policies because it is less intrusive and it only deletes app data instead of wiping an entire device. Additionally, Intune also has an enterprise store for securely distributing internal LOB apps. If your organization is not using Intune, sign up here for a free trial.

Getting Started

With today’s preview of the Intune App Protection, you can try out the feature by requesting access from the team. We look forward to your feedback and will incorporate your comments into future iterations of Intune App Protection for enterprises’ mobile needs.

Once you have the feature enabled, you can follow the steps below to set it up:

  1. Select your organization from the left-hand sidebar in App Center.
  2. In the left menu under your organization choose the Manage option.
  3. In the new menu select Compliance & Security.
  4. Click the blue Configure button.
  5. On the configuration screen, you must select the same certificate used to sign production builds.

    1. If the certificate used selected here does isn’t the same as used for building your app, there is a certificate mismatch, applying Intune app protection will most likely fail.
  6. After you have selected a certificate and clicked “Done” all iOS apps in your organization will be made MAM aware when released to an Intune store connection.

A MAM aware app is managed through the Intune blade in the Azure portal, for data protection it is necessary to apply policies after the first release.

Integrating with Intune app protection policies is just the beginning for App Center to support enterprises in shipping their apps securely. We would love to have you try out our new Intune integration and give us your thoughts on what to see next. Sign up at to get started for free today.


Discussion is closed.

Feedback usabilla icon