Posts

Posted on

Securing Azure 2 – Identity and Access – Passwords

Before you start shouting at me, "passwords are dead", they aren't quite, and yes we will be configuring multifactor authentication, but mistakes happen such as misconfigurations where multifactor may not be applied, so we should still be ensuring that strong passwords are being used across our organisation, and it's important to have knowledge of how …

Continue reading "Securing Azure 2 – Identity and Access – Passwords"

Posted on

Microsoft Intune 9 – AAD Join and Intune Onboarding (User-Driven Autopilot).

In the previous eight guides we have setup Intune and Autopilot from scratch, and this guide is where we test the onboarding process by joining a device to AAD and then logging in with a user account which is a member of our Remote Users Group. (You should use a user account based on your …

Continue reading "Microsoft Intune 9 – AAD Join and Intune Onboarding (User-Driven Autopilot)."

Posted on

Microsoft Intune From Scratch 8 – Deployment Configuration (Autopilot).

We have completed the device configuration profiles, and our compliance policy, which means we now need to move onto deployment. Before we get into the configuration there are a few things to understand. During enrollment, Microsoft Intune installs a mobile device management (MDM) certificate on the device, which enables the two-way communication and is what …

Continue reading "Microsoft Intune From Scratch 8 – Deployment Configuration (Autopilot)."

Posted on

Microsoft Intune From Scratch 6 – Endpoint Protection

In the previous guide we configured Antivirus which controls settings like malware scan schedules, network protection, PUA protection, and remediation actions based on alert types. Endpoint protection covers things like Application Guard, Windows Firewall, Credential Guard, and SmartScreen. IMPORTANT NOTE. Don't deploy anything without testing first as you cannot easily roll back restrictive policies applied …

Continue reading "Microsoft Intune From Scratch 6 – Endpoint Protection"

Posted on

Microsoft Intune From Scratch 5 – Antivirus Policy

Configuring antivirus and endpoint protection can get very complicated as there are a LOT of settings which can be enabled, these are split across different configuration areas, and they can be set it different ways. Microsoft provides a Microsoft Security Baseline which can be enabled and applied straight out of the box. The list of …

Continue reading "Microsoft Intune From Scratch 5 – Antivirus Policy"

Posted on

Microsoft Intune From Scratch 4 – Compliance Policies

The Device Compliance Policy is the minimum baseline we require all assets to meet on a daily basis for business as usual (BAU) operations. Be careful not to confuse configuration and compliance policies, Microsoft explains the difference as below. "Compliance policies are 'rules' that govern whether a device is allowed/blocked. They are settings that devices …

Continue reading "Microsoft Intune From Scratch 4 – Compliance Policies"

Posted on

Microsoft Intune From Scratch 3 – Configure and Control Apps

Before we start, as a reminder you can find Intune documentation here, intune. The main part you need for reference through this part is here, and the recommended Microsoft minimum baseline is here. This blog will focus on how to manually set this policy however Microsoft does provide an Intune Security Baseline Policy Template which …

Continue reading "Microsoft Intune From Scratch 3 – Configure and Control Apps"