Follow Ru
Ru (Ruairidh) Campbell is a Microsoft MVP and Microsoft security solutions architect, helping customers with security, compliance, identity, and modern device management. Specializing in Azure AD, Enterprise Mobility + Security, and Microsoft Defender, you can connect with Ru on Twitter @rucam365.
Microsoft Defender for Endpoint (MDE) is much more than a traditional antivirus service. Now being offered in Plan 1 and Plan 2, the full offering you get with Plan 2 not only provides antivirus capabilities but also extended detection and response, attack surface reduction rules to harden the OS against common threat mechanisms, and threat…
New protection capabilities for Microsoft Defender for Endpoint (MDE) customers landed in public preview, Oct 7th 2021, for Windows Server 2012 R2 and Windows Server 2016. With the public preview, Windows Server 2012 R2 and 2016 gain ‘functional equivalence‘ to Windows Server 2019, thanks to a new agent that is being described as the ‘unified…
As you make the move from Microsoft on-premises infrastructure to the cloud, you’ll move from Group Policy management of your endpoints to MDM management. This move isn’t always a “lift and shift” process because there isn’t always a 1-to-1 relationship between the settings available in Group Policy and those in Intune. Additionally, you need to…
Enrollment restrictions are sets of rules assigned to Azure AD groups. There are two types of enrollment restrictions: device type and device limit.
To protect data at rest on your Intune-managed Windows devices, BitLocker disk encryption can be applied automatically using the BitLocker CSP. If you are deploying devices with Autopilot, this will also allow you to encrypt them at the time of deployment. Existing devices will be encrypted as soon as the device checks in with Intune…