Browsed by
Category: Privileged Access Workstation

This is the highest security configuration designed for extremely sensitive roles that would have a signficant or material impact on the organization if their account was compromised

MDAC or (the Unexpected Virtue of Ignorance)

MDAC or (the Unexpected Virtue of Ignorance)

This blog is the fourth part of the Endpoint Security Series and it will show you how to configure Windows/Microsoft Defender Application Control(WDAC/MDAC).  It could be a great addition to securing your environment. I will divide this blog into multiple parts. MDAC/WDAC/Device Guard Explained Choosing between MDAC and Applocker How to configure MDAC Automatically with an Endpoint Protection Policy Manually with a CSP Monitoring / Testing/ Troubleshooting it Creating a golden Image Adding and merging policies The Microsoft Store/Blocking Apps…

Read More Read More

App Protection: Attack of the OS-Sharing

App Protection: Attack of the OS-Sharing

In one of my last blogs, I showed how you can set up multiple App protection profiles to make sure your managed and unmanaged IOS devices could receive the correct app protection policy. In my opinion, you need to make sure you lower the security bar for the Managed/MDM Enrolled devices by changing the App Protection policies. You really don’t want well-behaved employees who enrolled their own devices, become angry about the security barriers, and finding another way to share…

Read More Read More

Applocker on the Company portal Express

Applocker on the Company portal Express

This short blog will be about why baselines are very important and why you need to keep them up to date. I am not talking about security baselines this time. What I will be talking about, is the app baseline you need to deploy to your users Windows 10 devices to make sure users can install apps on their own. It’s best practice to implement adminless. *Source: Microsoft Vulnerabilities Report 2021 | BeyondTrust (great report!!) Of course, nowadays users are…

Read More Read More

Public Desktop icons and Adminless: The far side of Intune

Public Desktop icons and Adminless: The far side of Intune

This short blog will be about, why users don’t need admin permissions to delete the public desktop icons. There are not a lot of reasons why your Azure Ad users need to be local admins on their devices. You can do a lot even without admin permissions. To summon a few: -Restarting services can be done without local admin permissions The non admin user: The battle of restarting services – Call4Cloud -Installing applications The PowerShell Win32 App Express – Call4Cloud -Installing…

Read More Read More