make it an Intune managed app so you can require a PIN to use it
Currently we are unable to apply a MAM policy to the Office 365 Admin app... as per: https://www.microsoft.com/en-us/cloud-platform/microsoft-intune-partners
There is a major security risk - as the O365 admin app does not prompt for authentication, nor does it allow you to apply a application PIN - which is usually applied via MAM policy settings.
If i put down my phone & someone manages to get access before the 5min time out on my device - they can open O365 Admin app & have admin access to all users \ groups in your tenant. We have 30,000+ users in our AD - so potentially could impact any or ALL of these 30,000 users.
We could simply put a app PIN on the O365 Admin app to force user to provide another authentication method to obtain
(Idea by Ben Hallawell transferred from Intune UserVoice: https://microsoftintune.uservoice.com/suggestions/15104505)