Hi, Power BI apps for iOS support Microsoft Intune (MDM and MAM) Microsoft Intune enables organizations to easily manage devices and applications across all teams. Through configuration policies, you can control application access with a PIN, limit data sharing, and even encrypt application data.

Fully agree - Enforcing sign-in each time a user uses PowerBI Mobile Application is a must. This control shouldn't sit with MDM/Intune but fully under the mobile application security policies/rules/settings. I managed to remain 15 days logged in to the Power Mobile Mobile application. This is a major security concern. Any eBanking mobile application, financial application or application with sensitive data would either log you our as soon as you left the application or later 5 minutes after you left it. But surely not leaving a session active for 15 days. Please urgently assess this requirement. Thank you!

This can also be done by configuring the refresh token and access token expiry to the requested interval. For example require log in on a daily basis by configuring the tokens to 1 day duration.

I agree with Djamel. In our organization the CISO is blocking PowerBI usage because of insufficient security controls in place within the app itself.

Device protection (iOS)

Users can use device built-in protection to secure Power BI, by asking for Face ID, Touch ID or passcode for accessing Power BI. This can be control by the user using the app settings, but also by admins using Intune and any other MDM tool. Learn more.

 

Enhanced security using device protection (preview) (Android)

Use your device's built-in protection capabilities to secure your Power BI app and get the privacy you need. Requiring biometric authentication (Fingerprint ID) for accessing the Power BI app ensures your data is kept private and seen by your eyes only. Learn about native secure access