Achieving Cyber Essentials Plus accreditation isn’t the easiest across your whole organisation, but with Microsoft Intune you can enforce zero trust for your corporate managed Windows devices, for the key areas of the security framework using Custom Device Compliance.

So you’ve got a restrictive Windows Firewall, and you’re only allowing traffic to endpoints over either Domain or Private network locations, what happens if an end user doesn’t allow for network discovery and the device is left thinking it’s on a public network?

Can we improve upon the onboarding of Android Enterprise devices to Defender for Endpoint and make users lives a little easier, and Security Teams hearts a little less restless having to rely on end users to implement their own security controls?

Making your users lives easier with Android Enterprise enrolment into Intune, allowing them to use mobile data or a configured wireless network.

What are the actual settings you require to allow for BitLocker recovery key rotation from the Intune console? Which BitLocker profile support the key rotation settings? Are these settings actually documented anywhere? Well yes, they are now.

An unexpected update to the Windows 11 Feature Update deployment series, looking at how to tag users instead of devices, and an improved way to get the readiness report data, and other performance improvements. What a day.

We know that there is no native configuration for AppLocker in Intune, and we should be looking at App Control for Business already, but there is still a place for AppLocker, and I haven’t got time to manually do anything, so let’s use PowerShell to create out AppLocker policies from exported XML files.