Hi Folks,

We create an Azure AD account for students that serves as their email address, and SSO which allows login on public terminals in the library, access to various applications such as MS Office, PeopleSoft (student information system) etc.

Students and Staff also bring their own devices to access all cloud-based SaaS products and applications on and off-campus.

On-campus Macs and PCs are managed using Azure Mobile Device Management (MDM).

My questions are:

- Within the premise, students can connect their personal devices using wireless which only has internet access. Do you apply on the boarding checklist or MDM before granting access? We use SAML authentication.

- Outside the premise, is registering thousands of devices into an MDM and implementing a compliance checklist feasible? Any tips and suggestions to apply to security measures to protect data and information