22Aug2023
28Apr2023
Why aren’t you protecting your mobile devices with Microsoft Defender?
Recently I was on a call with Microsoft, and I was surprised to hear that adoption for Microsoft Defender on mobile devices is still extremely low. But according to other industry partners, this is true of Mobile Threat Defense (MTD) solutions in general. I think this unfortunate trend could be...
16Apr2021
Choosing (and implementing) your strategy for personal devices
In a recent Microsoft blog announcing some cool new discovery features in Microsoft Defender for Endpoint, there is an interesting (but hardly surprising) statistic shared: your users are 71% more likely to be infected on an unmanaged device. Now the thrust of the article is around discovering assets in your environment...
24Sep2019
Azure AD Device States, revisited
I have an older article on Azure AD Device States already, but I wanted to quickly return to this topic. I have a few in the audience who are still confused about this. Notice the "Join type" column corresponding to the device state Azure AD Registered - A machine that shows...
19Sep2019
Devices still matter, Part 2: How attackers can use YOUR device
So based on our last post, we now know that MFA and Conditional Access can help prevent a lot of different scenarios involving "any old" devices. That leaves one other avenue for attackers then... Why bother trying to gain new access through any device when there are perfectly...
14Sep2019
iPadOS breaks MAM-enforced Conditional Access?!
In case anyone missed it, this bombshell dropped last week: https://support.microsoft.com/en-us/help/4521038/action-required-update-conditional-access-policies-for-ipados In summary: when iPad gets updated to iOS 13+ at the end of this month, the OS will change from iOS to iPadOS. And when that happens, Azure AD will see these devices as macOS devices, not iOS...
10Sep2019
Revisiting Baseline Policies in Microsoft 365
Microsoft has been doing more to make secure configurations easier to implement for admins. But, from my testing and experience, I still have reservations about some of them. Let's review. Conditional Access Baseline Policies There are presently four baseline policies available under Azure AD > Security > Conditional Access. Require MFA for admins...
15Jul2019
Microsoft 365 Device Management / Intune best practices checklist
Update: Downloadable, printable copies of the Microsoft 365 Best practices checklists and guides are now available. Thanks for your support! Similar to the checklist for Azure AD which I recently published, this resource is designed to get you up and running quickly with what I consider to be a good "baseline"...
28May2019
How-to setup Intune quickly (and strategically) in your environment
Update March 2023: Much of what is written here eventually became the basis for my SMB Guide to Threat Defense and Microsoft Defender. Which in turn is part of the Consultant's Bundle. I encourage you to check it out! UPDATE: I have updated the setup script to now be a single...
28Mar2019