Ru Campbell is a Microsoft MVP and Microsoft security solutions architect, helping customers with security, compliance, and modern device management. Specializing in Azure AD, Enterprise Mobility + Security, and Microsoft Defender, you can connect with Ru on Twitter @rucam365.
by Ru Campbell
There are a lot of compliance-based services across Microsoft 365's licensing options. At the highest level, a Microsoft 365 E5 subscription for a tenant gives administrators a ton of toys to play with. The naming, marketing, and placement of the capabilities you get can be fuzzy. In this article, we'll tackle Microsoft Information Protection (MIP),… Read More
by Ru Campbell
In this article, I'm going to describe how to use Microsoft 365 Defender Threat Analytics to improve security in your organization. Over three Petri articles, we've dived into what Microsoft Defender for Endpoint (MDE) is, how you can migrate to it, and how it should be configured. Part 1: Understanding Microsoft Defender for Endpoint and… Read More
by Ru Campbell
Microsoft Defender for Endpoint (MDE) is much more than a traditional antivirus service. Now being offered in Plan 1 and Plan 2, the full offering you get with Plan 2 not only provides antivirus capabilities but also extended detection and response, attack surface reduction rules to harden the OS against common threat mechanisms, and threat… Read More
by Ru Campbell
New protection capabilities for Microsoft Defender for Endpoint (MDE) customers landed in public preview, Oct 7th 2021, for Windows Server 2012 R2 and Windows Server 2016. With the public preview, Windows Server 2012 R2 and 2016 gain 'functional equivalence' to Windows Server 2019, thanks to a new agent that is being described as the 'unified… Read More
with 1 Comment by Ru Campbell
When approaching a rollout of Microsoft Defender for Endpoint (MDE) for your organization, it can be difficult to know where to start. In my last article, MDE was explained at a high level: what it is and why you should care. This time, we will get into the weeds of how to actually plan for… Read More
with 1 Comment by Ru Campbell
Microsoft Defender for Endpoint (MDE, previously known as Microsoft Defender Advanced Threat Protection) is Microsoft's endpoint security platform that goes far and beyond the traditional anti-malware engine and firewall to protect against the modern cybersecurity threats an organization faces. An evolving solution since it was first announced in 2016, MDE is part of the Microsoft… Read More
by Ru Campbell
World events since March 2020 have highlighted one of the key benefits of Office 365 and cloud-based SaaS services in general: they are available any time, any place, on any device. As the world was forced to work from home, Office 365 apps such as Teams, Outlook, SharePoint, and OneDrive could easily be accessed outwith… Read More
by Ru Campbell
As you make the move from Microsoft on-premises infrastructure to the cloud, you'll move from Group Policy management of your endpoints to MDM management. This move isn't always a "lift and shift" process because there isn't always a 1-to-1 relationship between the settings available in Group Policy and those in Intune. Additionally, you need to… Read More
with 3 Comments by Ru Campbell
When we think about administrative rights on Intune-enrolled Windows 10 devices, we need to consider two possible device states for that device: Azure AD joined (AADJ), or Hybrid Azure AD joined (HAADJ). This is due to the different administrative roles available at the directory level. For Azure AD joined devices, at the time of performing… Read More
by Ru Campbell
Enrollment restrictions are sets of rules assigned to Azure AD groups. There are two types of enrollment restrictions: device type and device limit.
by Ru Campbell
On-premises Active Directory domain-joined PCs have typically been managed with tools such as Group Policy. At larger scales, you may have Configuration Manager or third-party tools. The availability of Intune (part of Endpoint Manager) in Microsoft 365 subscriptions such as Business Premium and E3 has opened up an alternative. The benefit many are seeing over… Read More
with 1 Comment by Ru Campbell
Intune Administrators can deploy, make optionally available, or uninstall Win32 apps with the help of Windows 10's Intune Management Extension (IME). The IME is a service installed on Windows 10 that acts as the engine to execute these actions and, additionally, PowerShell scripts (which were originally its only purpose). Win32 apps in the context of… Read More
by Ru Campbell
To protect data at rest on your Intune-managed Windows devices, BitLocker disk encryption can be applied automatically using the BitLocker CSP. If you are deploying devices with Autopilot, this will also allow you to encrypt them at the time of deployment. Existing devices will be encrypted as soon as the device checks in with Intune… Read More
by Ru Campbell
Microsoft Defender has many layers and trying to understand all of the different components can be complex.
Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc.
Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:
Sponsored by:
