Tag - Intune

The Underwhelming MAM for Edge

The Underwhelming MAM for Edge and What Else We Can Do

A while back I had written about a solution that I have been anxiously awaiting since its announcement: MAM for Edge on Windows. Let me explain the background a bit. We used to have Windows Information Protection (WIP). Well, we still have it for enrolled...
Read more...
Hybrid Azure AD Join or not?

Should I use Hybrid Azure AD Join or not?

I consulted with an MSP recently about one of their larger customers, and whether or not to implement Hybrid Azure AD Join for existing Windows workstations (joined to traditional Active Directory). The classic consultant answer of course is, "It depends." In certain cases, perhaps. But in truth and in practice,...
Read more...
Why not Defender for Mobile?

Why aren’t you protecting your mobile devices with Microsoft Defender?

Recently I was on a call with Microsoft, and I was surprised to hear that adoption for Microsoft Defender on mobile devices is still extremely low. But according to other industry partners, this is true of Mobile Threat Defense (MTD) solutions in general. I think this unfortunate trend could be...
Read more...
Automating third-party software deployments and updates with Intune and Scappman

Automating third-party software deployments and updates with Intune and Scappman

Hey folks! For those of you in my audience who work at Managed Services Providers (MSP's), I wanted to introduce you to a product called Scappman that I am really excited about. Rarely do I come across something like this, which solves such an important problem in...
Read more...
Choosing (and implementing) your strategy for personal devices

Choosing (and implementing) your strategy for personal devices

In a recent Microsoft blog announcing some cool new discovery features in Microsoft Defender for Endpoint, there is an interesting (but hardly surprising) statistic shared: your users are 71% more likely to be infected on an unmanaged device. Now the thrust of the...
Read more...

The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager

These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
Read more...

Devices or Users: When to target which policy type in Microsoft Endpoint Manager (Intune)

A new reader question came across my desk the other day. In truth, it is not the first time I have answered this question, but I realized that I could probably repeat myself less if I simply write an article and publish it. The question is:

When working in Microsoft...

Read more...

Notes from the field: Windows 10 Device Compliance

One of the coolest features in Microsoft 365 is the ability to measure device compliance, and based on that reading, grant, deny or limit access to cloud resources. For mobile devices this works really well, and most compliance policies are fairly simple: make sure the device isn't jail-broken/rooted, require a...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.