Problem Statement We are about to new on Intune, We want to know if there is any Intune configuration policy that can disable USB drive if that drive does not use BitLocker encryption. All computers are using Windows 10 Professional. Can you please help me out in this case because we have been finding such […]
In this blogpost I want show you how to use the Endpoint Protection (Bitlocker) policy within Intune to configure Bitlocker on Windows 10. With Endpoint Protection policies you can configure and enforce Bitlocker on your Windows 10 devices. With the old policies we could already enforce Bitlocker but not enforce the settings of Bitlocker. With […]
Today a short blog about a new setting which will be introduced in the next major release of Windows 10, version 1809 or 1810, which is in preview at the moment of writing. This setting allows you to specify the preferred Azure AD Domain using a new Policy CSP setting under Authentication; PreferredAadTenantDomainName. For example […]
UPDATE: Enterprise Data Protection is available again from Windows 10 Version 1511 rs1 builds if you want to test Enterprise Data Protection! UPDATE: Stay on Windows 10 Version 1511 th2 build 10576 if you want to test Enterprise Data Protection! In this blog I’ll cover a brand new Windows 10 feature, Enterprise Data Protection (EDP). […]
Windows 10 includes a huge number of security settings that can be applied to protect your computers from ransomware, viruses, and other malware. Because Microsoft makes the deployment of these settings available through many different sources and because every business environment is different, these settings are not configured by default. There are many ways to […]
This week is all about a recently introduced profile in Microsoft Intune to configure shared PC mode on a Windows 10 device. That profile is named Shared multi-user device profile. Something similar has been available already for a while via Intune for Education. The main use case for this profile are school devices that are shared between multiple […]
Introduction In a previous post you reviewed what Windows Information Protection (WIP) is and how you can configure Intune to use it, you then deployed a WIP policy to a group of users and verified the end result on a Azure AD joined (with Auto-MDM enrollment) Windows 10 version 1703 device. If you are still […]
If you are using multiple conditional access policies in your Azure AD environment things can start to get complex when trying to work out which policies will be applied due to the many variables and granular control. This is where the “What if” feature is awesome. You can simulate the impact of a CA policy […]