Condition based on What version of Windows is installed (Home/Pro)
I've been looking at deploying Windows Information Protection (WIP) to BYO Win10 devices. Got the policy working and thought we were good to go. The issue now is Windows 10 Home doesn't support WIP. So these users have access to the corporate data by default.
I think it would be nice to be able to base a condition on the version (edition) of Windows. This would allow us to block windows 10 Home from using OneDrive sync/office apps natively and only allow access via the session based policy. We can then allow a better experience on Window 10 Pro users with the help of WIP.
Matthew Taylor commented
I require the information to be displayed in Intune so I can be certain that all devices are enrolled into AAD and receiving their Windows 10 E5 Enterprise license.
I agree. Please do something about this! It's absurd that WIP/MAM policies don't get applied to Windows 10 Home Edition especially since one of the features for Intune managed device is to allow BYOD. On top of that, there are no workarounds for how we can check/block anyone with Windows 10 Home edition from being able to access work data since WIP/MAM can't be applied to these devices. This raises a huge concern and questionable about why Intune BYOD devices was even allowed in the first place. It just leaves work data wide open without any restrictions.
Either have conditions in place to check for Windows 10 Home Edition and block access to work if a device is Home edition OR allow WIP/MAM policies to be applied to Home edition. It's pretty straightforward. It's like this simple piece was completely overlooked.
Please have a fix for this ASAP.