Add Windows Defender Browser Protection to Chrome with Intune

I recently read a really great post by Martin Bengtsson about utilizing Configuration Manager (SCCM) to force installation of the Windows Defender Browser Protection extension for Chrome. So I decided to take a different approach and deploy the extension utilizing a PowerShell script deployed through Microsoft Intune. To learn more about the Windows Defender Browser…

0

Windows 10 Group Policy vs. Intune MDM Policy who wins?

  When I speak with organizations about managing Windows 10 devices with Microsoft Intune there is a concern about disruption of current projects to deploy new OSs, patches, etc.  When moving to Intune for managing Windows devices, Intune will leverage the built-in MDM agent vs. having to install another agent to manage Windows 10 devices….

0

Windows Information Protection – adding the Intune Company Portal for Windows as an exempt app

  Organizations using Windows Information Protection (WIP) may experience issues accessing the Intune Company Portal app.  Fortunately, exempting Intune Company Portal app and any other application from a WIP policy is straight forward.   To learn more about creating Windows Information Protection policies please visit: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure     Let’s get started   By exempting an…

0

Scan file servers, network shares, and SharePoint with Azure Information Protection Scanner

  With GDPR just around the corner (May 2018), organizations are heads down identifying data, creating compliance processes, and hiring additional resources to lead the compliance and reporting required by GDPR. In a previous post I reviewed GDPR as well as the technologies and services Microsoft offers to assist with discovery, managing, protecting, and reporting…

0

Windows update compliance – Querying Azure Log Analytics data using PowerShell

  With the abundance of data across services it’s important to have a method (API) to access the data for export.  Most organizations I speak with have some sort of SIEM to aggregate data and analyze it for informational and alerting purposes.  Microsoft also offers a service called Microsoft Operations Management suite and within that…

0

Intune app protection diagnostics and managed browser bookmarks

  Many of the organizations I work with have deployed or are deploying Microsoft Intune to manage devices as well as applications. Microsoft Intune offers application protection (aka Mobile Application Management (MAM)) where policies manage applications. Application protection may be used with or without MDM enrollment. If you already have an MDM solution, Intune application…

0

Microsoft Flow and Azure AD – let’s automate!

  When I speak with organizations we often discuss scenarios such as having an onboarding process that is in need of a front-end utility and automation.  Many organizations have cloud services and on premises applications where the user onboarding process in some cases is still a manual procedure.  To assist with these processes and many…

0

Azure AD B2B…how to work with partners and subsidiaries

  Azure AD Business-to-Business or Azure B2B is a topic of interest among nearly every organization I speak with. Today many organizations either have a 3rd party IDPs (identity providers) or ADFS deployed and federate with their business partners. Federation establishes a trust whereby providing two-way or one-way access to company resources and applications. However,…

0

Regulations and data management in a hybrid world

  I speak with a lot of organizations and often they’re interested in locating, tagging, and controlling data for various reasons such as legal, regulatory, or protecting personal and proprietary information. However, there’s one regulation that keeps popping up and it’s the new EU General Data Protection Regulation or GDPR.  GDPR will be enforced on…

0

Azure AD + 3rd party MFA = Azure AD Custom Controls

  During Microsoft Ignite there were lots of announcements across a variety of Microsoft offerings including Azure Active Directory. An interesting feature was released in preview called Custom Controls. Custom Controls allow integration of 3rd party security solutions and in this case, 3rd party multi-factor authentication providers. I speak with many organizations throughout the year…

0