MDM
Tuesday, July 14, 2020
I’m going to continue my recent look at securing your Office 365/Azure AD directory with a quick dive into using Conditional Access rules to protect your directory’s most prized asset - accounts with admin roles.
These are roles that can be used to accomplish admin tasks within your organisation’s Office 365/Azure AD and Azure estate and they are important because they are essentially the keys to the kingdom. While you should be looking to secure all your accounts because all your users probably have access to sensitive information, systems or services; admin accounts are the accounts that give their user access to your entire estate in one or two leaps.
Continue reading →
Friday, July 3, 2020
I suspect most of you reading this article will already know this, but part of Microsoft’s Azure AD (AAD) / Office 365 Cloud directory service that you get when you pay for premium AAD is Conditional Access (CA), which can be used to allow quite sophisticated access controls for accessing Office 365 resources.
Of course, you get basic Office 365 MFA with the basic Office 365 enterprise product, and you should absolutely look into enrolling your users and turning this on straight away if that is what you have.
Continue reading →
Saturday, May 11, 2019
Introduction When talking about how Intune works with a colleague, I likened assembling a working Intune configuration to protect corporate devices and data to working with small pieces of Lego to build a house. The reason for this comparison is that a managed Intune environment is built up of lots of different components that can all be slotted together - or left out - to build the environment you want.
Continue reading →
Saturday, March 30, 2019
Introduction to Microsoft Mobile Device Management I'm currently settling in to a new job where I'm spending a fair amount of time working with Microsoft's Mobile security management tools, mostly Microsoft Intune. This is largely what I was doing towards the end of my old job too, and while there's some great people writing great material out there, I think there's a lack of articles that try to start at the beginning with current (as of April 2019) tools and pull all the strands together, so that's what we're going to talk about here.
Continue reading →
Thursday, August 23, 2018
IntroductionOne of the new features in Windows 10 1803 is the ability for "local Active Directory" Domain joined workstations to allow users to reset their password from the login screen. This was introduced for Azure Active Directory joined systems in Windows 10 1709. In this post I’m quickly going to run through what you need to do in order to configure this for your domain. I’m making the following assumptions:
Continue reading →
Friday, May 3, 2013
I see lots of people talking about and asking about hardware being “prepared for BYOD” and/or “BYOD ready”. Most of the time they’re talking about Wireless Access Points(WAPs) or other similar items of infrastructure.
In a lot of ways, as long as you stick to a reputable vendor, what make of WAP you buy is the least difficult and least interesting part of the project - you wouldn’t focus too heavily on what brand of switch your desktops were wired into as part of a project to give everyone access to a new corporate intranet site from the desktop - you’d spend more time checking that the site’s CMS system worked with your standard browser and thinking about what content users should be able to get to, and how they’d get to it.
Continue reading →
Tuesday, April 30, 2013
Let me just start this post by saying that professionally at least, I’m a happy Dell customer. I’ve built up a good relationship with them over the years, met senior Dell staff and we almost exclusively use their server & storage infrastructure where I work, we’ve used them for consultancy in the past, and I’ve been delighted with the results. This is not me hating on Dell.
But I am going to have to take them to the woodshed over a recent post by Andre Meier on their corporate blog, “Tablet matters - taking the right decision”.
Continue reading →