Warning! An unexpected restart during autopilot ESP can happen if you assign a configuration component to a device group. Many
Continue reading
Code from the field
Employees are more productive if they can do their work from a Cloud management workplace they love and wherever they want to work. The capabilities within the Microsoft 365 and EM+S suite have enough capabilities to make this happen. The blog articles into the modern workplace area describing my personal questions as well as customers or specific scenarios.
The modern workplace topics are related but not limited to the Endpoint Manager + security (EM+S) product suite of Microsoft. It includes features like Microsoft Endpoint manager (former known as Intune).
Nowadays, the modern workplace managed by a Cloud service like Intune is essential to protect the organization’s data (intellectual properties). During any authentication attempt, the workplace compliance level is checked automatically. The Azure AD (IDP) calculates a risk score based on values like your location, type of application, and your digital footprint of a couple of weeks. The IT PRO or SecOps engineer needs to configure the requirements in Conditional Access (CA). Based on the configured CA policies, the authentication request is verified, and access is granted, blocked, or reported.
However, we are in a connected world, many enterprise organizations using on-premises IT components like Configuration Manager. It is essential to understand that the level of protection increases as soon as Cloud services are activated. Therefore, organizations are preparing workplace management workloads to the Cloud (co-managed/Cloud attached). For example, MBAM (disk encryption) to Intune.
In a lightweight or greenfield workplace management scenario, this approach is often different. Those organizations start managing their workplace fully from the Cloud (Intune). I experience that the employees become self-reliant as soon as the Cloud manages the workplace. They can do simple IT tasks themselves, like installing the workplace via Autopilot (+ Enrollment Status Page (ESP) + White Glove).
Businesses have requirements and demands for the technical configuration of a workplace. Often the configuration needs to meet (government) regulators or internationally recognized security frameworks like NIST. Endpoint Manager is capable of enforcing this via configuration-items. They also must distribute line-of-business applications or scripts. Intune as well Configuration Manager can distribute several types of applications to the managed device, independent of locations.
Warning! An unexpected restart during autopilot ESP can happen if you assign a configuration component to a device group. Many
Continue readingI was thrilled when I heard that Microsoft worked on proactive remediation (Windows Analytics) feature in Endpoint manager. Our customers
Continue readingP1 (QR-Code) I was always curious about the content of the QR code that I see during Autopilot WhiteGlove enrollments.
Continue readingDo you want to recover an Intune PowerShell script but cannot find it at your computer? Yes, this was me
Continue readingMost employees are working from home due to the COVID-19 situation. Therefore, organizations have the challenge if they permit using
Continue readingFinally, it’s GA the capability to use custom backgrounds during a Microsoft Teams meeting. I’ve found tens of blogs that
Continue readingAre you preparing yourself for the implementation of a Conditional Access Baseline? Continue reading. In this article, I describe the
Continue readingAzure workbooks can give you insights into the impact of your Conditional Access baseline. The Azure workbooks are easy to
Continue readingOnly 11% had a Multi-Factor-Authentication (MFA) solution enabled, as of January 2020, Microsoft said. My opinion is that any organization
Continue reading