Browsed by
Month: August 2020

Sensitivity Labels DLP’s Excellent Adventure

Sensitivity Labels DLP’s Excellent Adventure

In this blog, I’ll be talking about using DLP in combination with sensitivity labels and device protection. A perfect addition to labeling your data with sensitivity labels. Labeling your data may already be the best option you have to protect your data but adding an additional barrier by making sure data can’t be moved is even more excellent! Yeah! Microsoft 365 E5/A5 compliance license or the information protection and governance add-on is the “only” big requirement you need to start…

Read More Read More

Blocking administrative Tools part 2

Blocking administrative Tools part 2

In one of my last blogs, I showed you how to block the administrative tools: It can easily be done within the Intune for Education portal. Of course, that’s is really nice. But I just noticed some admx updates https://blogs.windows.com/windowsexperience/2020/08/05/announcing-windows-10-insider-preview-build-20185/ I hope this amdx update within the Insider preview build 20185 will help us to prevent access to the command prompt/ powershell and registry without using applocker?

Interview with the ASR rules

Interview with the ASR rules

Protecting your devices with Windows Defender ASR rules is best practice but… make sure you’re aware of the caveats. The sun was probably shining when you configured your ASR rules! And after you decided you wanted to use Solarwinds for monitoring your devices, you pushed the agent to your endpoints. Then suddenly the weather changed… If like me, you configured a new Solarwinds Win32 with the packaging tool. After you start deploying it to some test devices. You’ll notice a…

Read More Read More

The men who stare at the AppLocker event log

The men who stare at the AppLocker event log

This short blog will be about the curious cage of AppLocker, MSI, Intune and the event log. As you probably already know you can deploy your AppLocker baseline with PowerShell within a few minutes. Let’s take a look at AppLocker… When deploying AppLocker you can check your configuration in the file system or registry (without Intune). File System: Take a look at c:\windows\system32\AppLocker. You’ll find all AppLocker policies in it. When using Intune all AppLocker policies will be placed inside…

Read More Read More

Reservoir update logs

Reservoir update logs

Making sure your devices are up to date with the latest Microsoft updates is one of the key pillars of hardening your endpoints.  Updating your devices through Intune is a piece of cake. Setting up your Windows 10 update rings can be done within a few seconds.   Setting up the Windows update rings can be done manually, or you can automate the whole process. I personally like to automate the whole tenant deployment process. But that’s not the main reason of this blog.    You need to ask yourself; how can I monitor my…

Read More Read More

What Happened to Monitoring External Access to Your Data?

What Happened to Monitoring External Access to Your Data?

Some time ago I wrote a blog about securing your data in which I described that this is only the first step in making sure your data is safe.   For example, whilst working with Teams, did you think about the “shadow users”? These users are not members of your Teams / Microsoft 365 groups but can still somehow access your data.  It’s very easy for an employee to share the whole Teams general folder within the Sharepoint site without you noticing. An employee just has to click on “share” to begin sharing it…

Read More Read More

The Fellowship Of Group Labeling

The Fellowship Of Group Labeling

Labelling your data with sensitivity labels is the way to go. Confidential data within your organization needs to be labelled with a proper sensitivity label. You can do this manually or automatically. But there is more, labelling your teams/Microsoft 365 groups itself is the next best thing. There are 3 options you can define, when setting up your Sensivity group labels. Setting your team privacy Allowing external users Non-compliant settings: You shall not pass(block access), full access and limited access)…

Read More Read More