Learn 5 Microsoft Intune security features for mobile admins

If you want to see all the available Firewall settings, or all the available BitLocker settings, then use this option. Also, use this option if you’re looking for specific settings. It’s the presentation I gave, and I hope that it’s also interesting enough for you, and that you can appreciate this somewhat different post. Most of the pictures in this post, are the actual PowerPoint slides I used. Let me know what you think below in the comments section. This month, we had a company event at Rapid Circle and I did a presentation about Security Baselines vs Endpoint Protection templates vs Settings Catalog vs device configuration policies.

What is very annoying for us is that you can’t put the missing rules only through an OMA-URI because then they will overrule each other. You must set the rule via a PowerShell Command, but the disadvantage of PowerShell command is that when it is set it will never go back to the default when you unassign the PowerShell script. The Attack Surface Reduction rules profile can be used to configure the Attack Surface Reduction rules and contains nearly all currently available ASR rules. There are several options available to configure the Attack Surface Reduction rules. Within Microsoft Intune, you have five options to configure ASR rules. This type of baseline is dedicated only to cloud-based systems, therefore where authentication is based exclusively on Azure Active Directory.

Microsoft Intune license holders can enroll up to five devices. It’s usually preferable for IT to put some restrictions on those woosender devices. This is a common best practice because organizations often don’t support specific device platforms or manufacturers.

Because they will have to deal with everyone calling the support desk. Configuration profiles can be applied to iOS/iPadOS devices, Android devices, Windows devices and macOS devices. I let it sink in for a couple of days and then started to think about the actual content. More importantly I was wondering if Zombies could actually teach us something about Security Baselines. When using co-managed devices, you must switch the Device configuration workload to Intune.

This is used to secure your organizational data at the application level. By managing your applications through Intune, you can keep them up to date and configure settings to be enabled when an app starts. You can also add or remove your apps to the devices of specific users or groups.