Defender Attack Surface Reduction is a good choice for USB restrictions, because it will report back to Defender and give a good audit if users are attempting to repeatedly write data out…
NDES SCEP For Intune – The safer way
Step by step guide for getting Certificates on Intune machines from your Internal PKI. I’ve tried to add only minimal rights as I see many blogs adding things like the machine accounts…
Intune Baseline 23h2 as Settings Catalog
With the release of the Microsoft Version of the 23h2 Baseline, I’ve put all the configurations from each section into the Device Configuration Settings Catalog format and exported them as JSON so…
Quick summary on example of Microsoft AI for use as a chat assistant for your internal docs
Overview I’ll start by saying this is heavily influenced by Jannik Reinhard who is an incredible Intune and Modern Device Consultant you can check his posts here with all sorts of useful…
Microsoft Entra Private Access – A quick look at accessing internal resources without VPN
This post is a quick look at Microsoft Entra Private Access with which you can implement to access company resources such as apps file shares etc without a VPN. Microsoft describe the…
Microsoft Entra Internet Access – quick look at Web Filtering for Internet traffic
This post will focus on Entra Intenet access (currently in public preview) with the aspect of providing a Content filtering Secure Web Gateway similar to perhaps Zscaler. Microsoft describes this in the…
Defender for Endpoint, Windows Servers Migration from Configmgr to MDE Management
In this post we will look at moving your Windows servers into being managed directly by Defender security policies rather than Configmgr. Overview Many enterprises have been using Microsoft Configuration Manager to…
Windows MAM and Edge Enterprise Browser
This post gives an overview of Edge Enterprise with Windows MAM, with the goal of protecting corporate data from being stored on personal unmanaged windows devices, and also the features that I…