Tag - Intune

Updated Intune Scripts and a Security Profile for the SMB

Updated Intune Scripts and a Security Profile for the SMB

Some years ago, Microsoft published a repo on GitHub describing how to use PowerShell to interact with the Microsoft Graph and create/manipulate objects within Intune. This was soon followed by another project, where they published three "Security profiles" as pictured below: Image credit: Microsoft Most of the configurations required...
Read more...
The Underwhelming MAM for Edge

The Underwhelming MAM for Edge and What Else We Can Do

A while back I had written about a solution that I have been anxiously awaiting since its announcement: MAM for Edge on Windows. Let me explain the background a bit. We used to have Windows Information Protection (WIP). Well, we still have it for enrolled...
Read more...
Hybrid Azure AD Join or not?

Should I use Hybrid Azure AD Join or not?

I consulted with an MSP recently about one of their larger customers, and whether or not to implement Hybrid Azure AD Join for existing Windows workstations (joined to traditional Active Directory). The classic consultant answer of course is, "It depends." In certain cases, perhaps. But in truth and in practice,...
Read more...
Why not Defender for Mobile?

Why aren’t you protecting your mobile devices with Microsoft Defender?

Recently I was on a call with Microsoft, and I was surprised to hear that adoption for Microsoft Defender on mobile devices is still extremely low. But according to other industry partners, this is true of Mobile Threat Defense (MTD) solutions in general. I think this unfortunate trend could be...
Read more...
Automating third-party software deployments and updates with Intune and Scappman

Automating third-party software deployments and updates with Intune and Scappman

Hey folks!For those of you in my audience who work at Managed Services Providers (MSP's), I wanted to introduce you to a product called Scappman that I am really excited about. Rarely do I come across something like this, which solves such an important problem in...
Read more...
Choosing (and implementing) your strategy for personal devices

Choosing (and implementing) your strategy for personal devices

In a recent Microsoft blog announcing some cool new discovery features in Microsoft Defender for Endpoint, there is an interesting (but hardly surprising) statistic shared: your users are 71% more likely to be infected on an unmanaged device.Now the thrust of the...
Read more...

The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager

These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
Read more...

Devices or Users: When to target which policy type in Microsoft Intune

Note: I updated this article in June 2024 A new reader question came across my desk the other day. In truth, it is not the first time I have answered this question, but I realized that I could probably repeat myself less if I simply write an article and publish it....
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.