Security

Microsoft Intune and the Curious Case of the Converting Firewall Rule Policy

22 July 2024· loading

Microsoft Intune Windows 10 and later Settings Catalog Security Firewall Endpoint Security PowerShell

When did Microsoft go all covert ops (maybe don’t answer that question) and start making changes to your very own Firewall Rule policies in Microsoft Intune without letting anyone know? Or did they?

Patching Gaps in the CIS Windows 11 Benchmark - Level 1 Windows 11

15 July 2024· loading

Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Endpoint Security Remediation Scripts PowerShell Settings Catalog Custom Profiles

The impact of the CIS settings on BitLocker and Windows Autopilot now done and dusted, we should broaden our horizons and start to look at what other problems the CIS level 1 benchmark brings to Windows 11 as a whole. Are there any? Will it be smooth sailing? Yeah, no.

Patching Gaps in the CIS Windows 11 Benchmark - Level 1 Windows Autopilot

23 June 2024· loading

Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Windows Autopilot Windows Hello Settings Catalog PowerShell

With the CIS BitLocker and associated DMA settings reviewed and updated, now is time to delve into the Windows 11 specific settings that exist in the CIS Level 1 benchmark. What issues do they bring to Windows Autopilot, what solutions can we find? Honestly, who knows.

Patching Gaps in the CIS Windows 11 Benchmark - BitLocker

15 June 2024· loading

Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Custom Profiles BitLocker Direct Memory Access Settings Catalog

Everyone loves a security benchmark, and with the imminent move to Windows 11 for everyone, the Center for Internet Security released version 3.0.1 of theirs, including a build kit for Microsoft Intune, but what does this build kit break for BitLocker encryption?

Configuring Google Chrome on macOS for Platform Single Sign-On

8 May 2024· loading

Microsoft Intune macOS Configuration Custom Profiles Security Conditional Access Platform SSO

With all the hype about Platform SSO on macOS devices, now is the time to try out not just the standard functionality, but the integration into web browsers such as Google Chrome. We take a look at how to configure this using Microsoft Intune.

Software Update Deployment Rings for Managed macOS Devices

6 April 2024· loading

Microsoft Intune macOS Software Updates Dynamic Groups Security National Cyber Security Centre (NCSC)

So you’ve pulled the trigger on managing macOS devices in Microsoft Intune, and with this year being the year of macOS for Microsoft (this seems like an oxymoron), you should probably look at how to handle software updates.

Remediating BitLocker DMA Exception Errors with Microsoft Intune

16 March 2024· loading

Microsoft Intune Windows 10 and later BitLocker PowerShell Security Direct Memory Access

So you’ve configured BitLocker encryption in Microsoft Intune, but some of your devices are failing to encrypt complaining about a DMA exception issue as part of Automatic Encryption. How can we fix that without creating a gaping security hole?

Creating Reusable Groups of Firewall Settings for Microsoft Online Services

9 March 2024· loading

Microsoft Intune Windows 10 and later Security PowerShell Graph API Settings Catalog Firewall Automation Endpoint Security

It’s time to remove another manual process, this time the creation of Microsoft 365 network endpoints for Windows Firewall Rules in Microsoft Intune, because nobody should be creating these manually.

A Flexible Approach to Microsoft Update Deployments

19 February 2024· loading

Microsoft Intune Windows 10 and later Software Updates Dynamic Groups Security National Cyber Security Centre (NCSC)

It’s been a while since we’ve looked at deploying Microsoft and Windows Updates using Microsoft Intune, this time we look at different ways to phase our deployments across a device estate.