Intune – You can allow/block personal devices to register

If your company policy requires to allow only corporate devices to register to Intune, you can now block personally owned devices to join. To do so, from your Intune configuration blade reach out the Device enrolment blade and create/edit an Enrolment Restrictions policy The option to allow/block personally owned devices is available for each supported OS in the Configure platforms configuration blade

Read More

Intune – Third party antivirus solutions are now supported for Device Compliance Policy

Until the last Intune update (week of July 2, 2018), when you were setting up a Windows 10 Device Compliance Policy you were obliged to use Windows Defender as local antivirus solution if you wanted to set an antivirus solution is required to be marked as compliant. After this update, you can now set this requirement even if you are using a third party antivirus solution (such as Symantec) as…

Read More

Intune – Automatic device cleanup

With the latest Intune update (week of July 2, 2018), a new feature has been added to automatically cleanup Intune from devices which did not contact the service. As you may be aware, devices which do not contact Intune service for a certain period of time are marked as not compliant and there maybe some work for the Intune administrators to cleanup these devices. With this update you can now…

Read More

Azure – Define a security baseline for Azure AD Administrators

A new security feature has been delivered in preview for Azure AD; a security baseline for any Azure AD Administrator. This baseline will be enabled by default (during the preview you HAVE to enable it) and is going to request multi-factor authentication (MFA) for any privileged account like: Global Administrator Service Administrator SharePoint Administrator Exchange Administrator Conditional Access Administrator Security Administrator To enable/disable (while not recommended) the security baseline go…

Read More