Browsed by
Category: Microsoft 365 Business

O Removable Storage, Where Art Thou?

O Removable Storage, Where Art Thou?

I guess it’s time for the sixth part of the Endpoint Security Series. This time I will walk you through what Microsoft Defender Device Control is, how to configure it in Intune and how it works. I will divide this blog into 8 parts  Information about device control. Configuring Device Control in Intune Results of Blocking Specific Hardware Results of preventing Write Access Removable Storage Deploy printer protection on Windows Digger deeper Logging Removing/Changing the policy Conclusion 1.Information about device control  Microsoft Defender for…

Read More Read More

Captain App Protection and the Winter Browser

Captain App Protection and the Winter Browser

This blog will be about why  only securing your mobile apps and desktop clients on IOS and Android devices will leave some holes in your security In one of my last blogs, I showed you how to set up App protection policies on unmanaged and managed devices. The Chronicles of MAM – Call4Cloud Setting up IOS App protection policies After some feedback, I realized I did not show the conditions, which client apps should be selected. When you are configuring…

Read More Read More

The Device With The Dragon Tattoo

The Device With The Dragon Tattoo

This blog will be about some old fashioned tattooing problem. A new day a new problem and again a customer called us. On some of their devices, the keyboard layout was switching each time, from NL-VS to NL-NL. Of course, this is really irritating. In a normal situation, your users have the possibility to remove the second keyboard layout when opening the language settings menu but this time it was greyed out. No problem we thought, we could log in…

Read More Read More

App Protection: Attack of the third-party apps

App Protection: Attack of the third-party apps

In one of my last blogs, I showed how you can set up multiple App protection profiles to make sure your managed and unmanaged IOS devices could receive the correct app protection policy. In my opinion, you need to make sure you lower the security bar for the managed devices app protection policies. You really don’t want well-behaved employees who enrolled their own devices, become angry about the security barriers, and finding another way to share the data. Here is…

Read More Read More

App Protection: Resurgence

App Protection: Resurgence

This blog will be about some misunderstanding when conditional access is requiring app protection and/or approved apps? Every organization has BYOD users, these users want to have access to the company data from that same device. You want to make sure you are not only managing the devices, you also need to manage the apps. Some time ago I explained how you could allow managed and unmanaged devices and how to configure the app protection policies. The Chronicles of MAM…

Read More Read More

Applocker on the Company portal Express

Applocker on the Company portal Express

This short blog will be about why baselines are very important and why you need to keep them up to date. I am not talking about security baselines this time. What I will be talking about, is the app baseline you need to deploy to your users Windows 10 devices to make sure users can install apps on their own. It’s best practice to implement adminless. *Source: Microsoft Vulnerabilities Report 2021 | BeyondTrust (great report!!) Of course, nowadays users are…

Read More Read More

Deliver us from Hybrid

Deliver us from Hybrid

This blog will hopefully show you why sometimes configuring devices for Hybrid Azure Ad Join (HAADJ) is not always the best choice. I will show you all the information you need to make a good choice! Also, I will show you how you could map drive letters with Intune instead of PowerShell. Don’t forget to read the conclusion! I will divide this blog into 8 parts. *Part 1: Do you need HAADJ? *Part 2: How does the SSO work to…

Read More Read More

The Log Collector Part 2

The Log Collector Part 2

This blog will be about the new possiblity to collect device diagnostics remotely with Intune. Some weeks ago I blogged about what options you had when you need to remotely collect Logs from your Azure ad Joined devices. The Log Collector – Call4Cloud Remotely collect Azure Ad Logs Some time ago I noticed a new feature which was in development. I am very pleased to see this new functionality is ready for preview and it’s very easy to use! I…

Read More Read More

Office 365 Apps and the Deathly Bits

Office 365 Apps and the Deathly Bits

Imagine the next scenario: You have a customer with the need for Microsoft 365 Apps but some of the employees need the 32-bit apps instead of the 64 bits apps. How are you going to make sure all new and some existing devices will get the version of the Office 365 Apps they need. I couldn’t find much information about deploying 64 bits and 32 bits Office apps and how to make sure the proper device would get the right…

Read More Read More

Settings Catalog: A World Beyond

Settings Catalog: A World Beyond

In this blog will I will show you how to configure the new settings catalog (preview)/how to automate it and of course how to troubleshoot this new feature from the client’s perspective. The possibility to configure settings by simply selecting the settings with a GUI instead of manually creating your own custom-made settings (Configuration Service Provider) can be great. I will divide this blog into 3 parts Manually creating the setting in new the settings catalog How to automate the…

Read More Read More