Planning for Device Compliance
Planning for Attack Surface Reduction
Configuring Security Baselines
This course explores the suite of tools available in Microsoft Endpoint Manager for establishing and maintaining security posture in an organization. These include tools like Microsoft Intune, used for enrolling devices as well as creating and enforcing device compliance, and Microsoft Defender, used for implementing device antivirus and malware defense tools. This course will also review the activities involved in reducing attack surfaces in an organization that bad actors could use to penetrate and expose sensitive data. This sensitive data is protected through the implementation of attack surface reduction rules which are deployed through careful auditing and testing to prevent any loss of productivity. This course will also touch on the security baselines made available to organizations wishing to enact a more granular security posture and have access to tools like secure score for evaluating the effectiveness of these efforts against known best practices.
- Create a compliance policy
- Monitor enrolled devices
- Setup surface attack reduction rules
- Deploy surface attack reduction rules
- Review security baselines
- Examine Microsoft secure score
This course is designed for individuals who are responsible for setting up and monitoring device compliance and security in Microsoft 365 as well as those pursuing Microsoft certifications.
To get the most from this course, you should have some familiarity and experience with the Microsoft 365 security suite of tools including Microsoft Endpoint Manager.
Let's take a look at the process of creating a compliance policy in Microsoft Intune. To use device compliance policy, our organization must be subscribed to Intune and if we plan to use conditional access, we must also have access to Azure Active Directory. The devices we wish to monitor must be supported which includes Windows, Android, IOS, and MacOS. These devices must be enrolled in Intune and be assigned to one user. To create a policy, we sign into Microsoft Endpoint Manager's admin center, select Devices, Compliance policies, and then Create Policy. On the side bar that opens, we select a Platform for this policy. Then select create to open the create policy configuration window. Here, we
can provide an easily recognizable policy name and description. On the next tab. We can expand the available categories and configure the compliance settings to match our desired policy. the Under Actions for noncompliance tab, we can specify a sequence of actions to apply automatically to devices that don't meet this compliance policy. We can add multiple actions and configure schedules and additional details for some actions. For example, we might change the schedule of the default action Mark device noncompliant to occur after one day. We can then add an action to send an email to the user when the device isn't compliant to warn them of that status. We can also add actions to lock or retire devices that remain noncompliant. On the Assignments tab, we can assign the policy to groups. Then after selecting create and review, we are ready to go as our policy has been created.
Steve is an experienced Solutions Architect with over 10 years of experience serving customers in the data and data engineering space. He has a proven track record of delivering solutions across a broad range of business areas that increase overall satisfaction and retention. He has worked across many industries, both public and private, and found many ways to drive the use of data and business intelligence tools to achieve business objectives. He is a persuasive communicator, presenter, and quite effective at building productive working relationships across all levels in the organization based on collegiality, transparency, and trust.