Browsed by
Category: Powershell

Microsoft Edge: And the Fantabulous Security of One Browser

Microsoft Edge: And the Fantabulous Security of One Browser

This time a simple blog about creating an Edge baseline with the settings catalog (and administrative tools) and deploy it with PowerShell. While writing this blog, I decided to also add some information on how you could retrieve and push settings with PowerShell. In the blog, I am also pointing out my updated blog about Fiddler I have created a lot of blogs about securing your endpoints, securing your data, securing your Microsoft 365 but I have not talked about making…

Read More Read More

The Sysnative Witch Project

The Sysnative Witch Project

An old one, but still necessary when you are deploying a win32 app and you have to make sure some 64 bits registry keys are configured before you could install the application. I was inspired to write this blog after a question on the Technet community website about this topic. In this blog, I will first show you the differences where data is stored on a 64 bits device and secondly I will show you why deploying a 64 bits…

Read More Read More

Alice and the Device Certificate

Alice and the Device Certificate

This blog will show you how to start troubleshooting when some features of the company portal aren’t working anymore. Some features that stopped working were: App installations and syncing problems. While troubleshooting, it really took me down into the rabbit hole. In one of my last blogs, I showed you which steps you could take to implement Adminless and how to make sure the end-user experience is still great. Dude, Where’s my Admin? – Call4Cloud Almost at the same time,…

Read More Read More

PowerShell: the Killer Queen

PowerShell: the Killer Queen

This blog will show you which options you have in Intune when you want to deploy a PowerShell script with an HKCU registry change but of course, you blocked PowerShell.exe on your Windows 10 Endpoints. I am also going to explain why you need to block PowerShell or which defences you need to put in place when you are allowing it. When you are allowing your employees to run PowerShell you could be exposed to an Insider threat. The employee…

Read More Read More

The Chronicles of MAM

The Chronicles of MAM

This blog will be about the managed and unmanaged IOS App Protection Policies. We have got multiple options to choose from, how to protect the company data. Are you going to require compliant mobile IOS/Android devices, so each device needs to be enrolled (MDM)? Or do you have a lot of front line workers and you only want the apps to be secured (MAM)? Or maybe a combination? In this example, we did both. We wanted to make sure users…

Read More Read More

The Day Email Needed Recovery

The Day Email Needed Recovery

There are many articles written about why you need an additional backup when working with Microsoft 365. I guess most of these articles are written by the backup vendor themselves. But what if you don’t need or want an additional backup? A long time ago I wrote an article about why I love Onedrive and the recycle bin restore possibilities. How I Learned to Stop Worrying and Love Onedrive – Call4Cloud But what options do you have when an end-user…

Read More Read More

The Log Collector

The Log Collector

It’s very nice to see, Microsoft is working on some new features. One of the features which are in development is the possibility to collect remote logs. Source: In development – Microsoft Intune | Microsoft Docs Also look at the possibility to restart an app install!. That’s great. But as these features are in development, we don’t have the option to collect logs remotely. Luckily Solarwinds has a remote background feature, which allows you to gather some event logs remotely….

Read More Read More

B for Bitlocker

B for Bitlocker

This blog will be about the Bitlocker recovery key and how to make sure it will be escrowed to Azure. I will show you what options you have to make sure your recovery keys are safe. Bitlocker is one of the many security measures you will need to implement to make sure the data is safe when the device gets stolen. Bitlocker encrypts the data on the device so it can’t be read without authenticated decrypting using a recovery key….

Read More Read More

Intune: Battle of the MDM authority

Intune: Battle of the MDM authority

This blog will be about why it’s important to automate your Microsoft 365 deployments. Today I was called in to investigate a weird problem. A colleague was trying to set up Intune for a new Microsoft 365 customer.  In a normal situation we are doing this by launching our deployment scripts but this time a new colleague wanted to see which steps need to be taken to enroll a customer into Microsoft 365. Everything was going fine until the enrollment…

Read More Read More

Zero Trust Security Flow

Zero Trust Security Flow

Everything is about Zero trust security, you will need to implement it.  There are a lot of articles written about zero-trust security the last few months. Some examples: Zero Trust Security (microsoft.com) Take the Zero Trust Assessment (microsoft.com) How to best explain zero trust? It’s like the quote of Ronald Reagan but just with one additional word: Never trust, but verify Zero trust ensures, identities are verified and devices are safe before you can access your corporate apps and data….

Read More Read More