Android Kiosk Enrollment and Microsoft Intune

Last month I wrote about the different Android enrollment scenarios Microsoft Intune supports. For this month’s post, I’m focusing on the Android enterprise enrollment process, specifically single purpose device enrollment (e.g. kiosk) using a factory reset device. Note: the device must be factory reset to enroll using Android enterprise. Let’s get started Create an Azure…

0

Android + Intune = Android management

When I speak with organizations who are considering Android devices there’s usually the question of, “which management option should we choose?”. The answer to the question requires a clear understanding of the scenarios the organization would like to bring under management such as personal devices or corporate devices or even purpose-built devices (e.g. inventory scanners,…

0

Windows Autopilot – check those logs…

Windows Autopilot is a Windows 10 feature that enables organizations to pre-register devices either through an OEM or manually.  When users receive a Windows 10 device that is registered with Autopilot and turn it on, they’ll walk through a streamlined and customized out of box experience (OOBE).  In summary, Autopilot helps to reduce the costs…

0

Microsoft Cloud App Security log collector + OMS = Docker container monitoring

Need a quick method to monitor Docker containers? How about monitoring the Docker container that is utilized for automatic log upload for Microsoft Cloud App Security? If so, try out Microsoft OMS Container Monitoring Solution to monitor your docker containers including continuous log collectors using Docker in Microsoft Cloud App Security!  Did you know that…

0

Add Windows Defender Browser Protection to Chrome with Intune

I recently read a really great post by Martin Bengtsson about utilizing Configuration Manager (SCCM) to force installation of the Windows Defender Browser Protection extension for Chrome. So I decided to take a different approach and deploy the extension utilizing a PowerShell script deployed through Microsoft Intune. To learn more about the Windows Defender Browser…

0

Windows 10 Group Policy vs. Intune MDM Policy who wins?

  When I speak with organizations about managing Windows 10 devices with Microsoft Intune there is a concern about disruption of current projects to deploy new OSs, patches, etc.  When moving to Intune for managing Windows devices, Intune will leverage the built-in MDM agent vs. having to install another agent to manage Windows 10 devices….

0

Windows Information Protection – adding the Intune Company Portal for Windows as an exempt app

  Organizations using Windows Information Protection (WIP) may experience issues accessing the Intune Company Portal app.  Fortunately, exempting Intune Company Portal app and any other application from a WIP policy is straight forward.   To learn more about creating Windows Information Protection policies please visit: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure     Let’s get started   By exempting an…

0

Scan file servers, network shares, and SharePoint with Azure Information Protection Scanner

  With GDPR just around the corner (May 2018), organizations are heads down identifying data, creating compliance processes, and hiring additional resources to lead the compliance and reporting required by GDPR. In a previous post I reviewed GDPR as well as the technologies and services Microsoft offers to assist with discovery, managing, protecting, and reporting…

0

Windows update compliance – Querying Azure Log Analytics data using PowerShell

  With the abundance of data across services it’s important to have a method (API) to access the data for export.  Most organizations I speak with have some sort of SIEM to aggregate data and analyze it for informational and alerting purposes.  Microsoft also offers a service called Microsoft Operations Management suite and within that…

0

Intune app protection diagnostics and managed browser bookmarks

  Many of the organizations I work with have deployed or are deploying Microsoft Intune to manage devices as well as applications. Microsoft Intune offers application protection (aka Mobile Application Management (MAM)) where policies manage applications. Application protection may be used with or without MDM enrollment. If you already have an MDM solution, Intune application…

0