Call4Cloud - Page 2 of 14 -

MDAC or (the Unexpected Virtue of Ignorance)

June 17, 2021 rudyooms Comments 0 Comment

This blog is the fourth part of the Endpoint Security Series and it will show you how to configure Windows/Microsoft Defender Application Control(WDAC/MDAC). It could be a great addition to securing your environment. I will divide this blog into multiple parts. MDAC/WDAC/Device Guard Explained Choosing between MDAC and Applocker How to configure MDAC Automatically with an Endpoint Protection Policy Manually with a CSP Monitoring / Testing/ Troubleshooting it Creating a golden Image Adding and merging policies The Microsoft Store/Blocking Apps…

Read More Read More

Married with Controlled Folder Access(CFA)

June 15, 2021 rudyooms Comments 0 Comment

This blog is the second part of the Endpoint Security series. This part will be about enabling and configuring Microsoft/Windows Defender controlled folder access (CFA) in Intune. I guess when you haven’t implemented Applocker, this feature can be of good use to you. I decided to create this blog after a question on the Discord WinAdmin/Intune channel on how to exclude the Onedrive Process. I am going to divide this blog into several parts. Introduction Event Logging Enabling Controlled Folders…

Read More Read More

Those Magnificent Drivers in Their Flying Microsoft Store, Or How I Flew From The Enrolment Status Page To Paris in 25 hours 11 minutes

June 10, 2021 rudyooms Comments 0 Comment

After you have read this enormous blog title, I guess you will know this blog will be about some weird behaviour during the ESP. I couldn’t find any documentation about the ESP, this could happen? I will divide this blog into 4 parts. Background Information about the ESP. The problem. Troubleshooting. Fixing it 1. Background information I thought I already created a blog about this at some point, but I guess not. So here we go! The Enrolment Status Page…

Read More Read More

External sender tagging: “Dumb & Dumber”

June 8, 2021 Mark Uijtdewilligen Comments 0 Comment

So, my first very own blog post. In this post I’ll try and highlight the new built-in external sender tagging feature for Exchange online. I’ll show you how to implement it, an alternative, and why I think neither are perfect. Without further ado… Let’s dig in. Some companies use exchange transport rules to put the prepend [EXTERNAL] (or something alike) in their subject line when receiving e-mails from the outside. This can help users recognize potential phishing attempts. My company for…

Read More Read More

Let the Right Chromebook in

June 7, 2021 rudyooms Comments 0 Comment

This blog will be about Chromebooks and MAM. I will also introduce a colleague of mine. He will co-author my blogs from now on, this will be our first joint effort. His name is Mark Uijtdewilligen. Please follow him on LinkedIn: Mark Uijtdewilligen | LinkedIn Today we received a call from a customer who wanted to buy Chromebooks. Our first reaction was “Huh? Why?” (his company is currently undergoing a transformation from a remote desktop environment to a modern MS365…

Read More Read More

Cloudy: With a chance of Winget

May 31, 2021 rudyooms Comments 0 Comment

This blog will be about my experience I had with Winget. Until now we only made use of Chocolatey but I was intrigued if Winget could be a good replacement. After reading some other blogs and information I decided to test it out myself. Just like always I am going to divide this blog in. There are 8 parts. Background information Installing the App installer Installing/removing applications Upgrading applications Winget ADMX Troubleshooting Winget Upload your own Apps Deploy all the…

Read More Read More

Microsoft Edge: And the Fantabulous Security of One Browser

May 27, 2021 rudyooms Comments 2 comments

This time a simple blog about creating an Edge baseline with the settings catalog (and administrative tools) and deploy it with PowerShell. While writing this blog, I decided to also add some information on how you could retrieve and push settings with PowerShell. In the blog, I am also pointing out my updated blog about Fiddler I have created a lot of blogs about securing your endpoints, securing your data, securing your Microsoft 365 but I have not talked about making…

Read More Read More

The Windows Driver Games

May 26, 2021 rudyooms Comments 0 Comment

This blog will about what options you have when you need to deploy drivers while using Intune. I received a private message on the Technet community asking me to help out with some driver installation problems. There were 100 devices that needed a WLAN driver update. The devices had the build-in Microsoft Driver installed and for some reason, they need the have the Intel driver from 2020 installed. I guess I forgot to ask why? So what options do…

Read More Read More

The Texas Chain Saw Bitlocker Remediations

May 22, 2021 rudyooms Comments 0 Comment

This blog will be about some pro-active remediations and Intune Role Assignments to make sure your service desk can help your users when they need to enter the Bitlocker recovery key and nothing more. I was inspired to check if I can come up with an idea to solve this problem (until Microsoft comes up with a solution) What admin role grans permission to view devices’ bitlocker recovery keys? – Microsoft Tech Community So why not using proactive remediations to…

Read More Read More

The LAPS: Reloaded / Revolutions

May 19, 2021 rudyooms Comments 2 comments

First, A shout out to Peter Rising | LinkedIn for delivering the blog title. We had a nice movie discussion, which movie is better: Terminator 1 and 2…. We also talked about the Matrix… Guess where the blog name came from. This blog will be about an Idea I had to use proactive remediations to create a sort of LAPS (Local administrator password solution). I have mentioned it a lot, you will need to make sure your end-users do not…

Read More Read More