Blog
Demystifying Passkeys and Extending Microsoft Entra with Passwordless Authentication
Passkeys, introduced in Entra, are receiving much attention for their cryptographic and phishing-resistant authentication model. They are user-centric, unique per service, and stored only on the user’s device. Supported by Windows with TPM, they provide strong security and cross-device authentication. Implementing passkeys in Entra and Windows is straightforward, enhancing device security.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 4: SECURITY!
In part 4, of the Workspace ONE Admin’s Guide to Microsoft Intune. It covers security capabilities including Windows patching, security baselines, leveraging profiles for security hardening, account protection, conditional access, and remediations. Final thoughts include an upcoming webinar and future articles on API comparisons.
Deep Dive into Windows Patching with Microsoft Intune
Microsoft Intune presents a new approach to Windows patching, replacing on-prem servers with Windows Update for Business (WUfB). It offers features like Update Rings, Automatic Update Behavior, and a Deployment Service. Windows Autopatch on Intune automates patch deployment, but requires specific software/licensing. Best-in-class reporting is also available, addressing traditional reporting issues.
Securing Local Administration with Microsoft Intune
The article discusses securing local administrators with Microsoft Intune, covering creating the admin account, deploying the LAPS policy, protecting local administration groups, and working with Entra users and groups. It emphasizes the ease of using Intune for these purposes and shares insights on Entra user and group challenges. Overall, it advocates leveraging Microsoft’s EPM alongside Intune for robust security.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 3: Apps
In Part 3 of transitioning from Workspace ONE to Microsoft Intune we turn our attention to application delivery. We look at the different ways we can deliver apps on Windows devices.
ControlUp Secure DX: The Next Frontier of the Digital Employee Experience
The emergence of Digital Employee Experience Management (DEX) has been influential, with ControlUp Secure DX now enhancing the approach. Built on the ControlUp Edge DX platform, it focuses on security issues, leveraging policies and templates. Configuration is streamlined, and the admin experience offers comprehensive insights.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 2: To Profiles and Beyond!
Part 2 delved into profiles, baselines, scripts, and product provisioning. It demonstrated how to configure Windows 10 PCs in Workspace ONE and Microsoft Intune, covering CSPs and translating profiles. Baselines and scripts in both platforms were compared, highlighting differences and capabilities. Product provisioning was briefly outlined.
The Workspace ONE Admin’s Guide to Microsoft Intune Part 1
The author details their transition from VMware to the Microsoft stack and introduces a series called “The Workspace ONE Admin’s Guide to Intune.” In Part 1, they discuss UEM Core components in both Workspace ONE and Intune, covering infrastructure, device compliance, and integrations. They also compare device enrollment and compliance in both platforms, highlighting their differences and similarities.
The author plans to continue the series with a focus on profiles, policies, and scripts.
Microsoft Cloud PKI: SCEPman Killer?
The post discusses the introduction of Microsoft Cloud PKI as an alternative to SCEPman, highlighting its features, cost comparison, and user experiences. It covers the process of building a Microsoft Cloud PKI Root CA and Issuing CA, deploying certificates, and the platform’s reporting aspects. The author expresses a positive outlook towards Cloud PKI’s capabilities and future implications.
Cloud Kerberos Trust: The Windows Hello for Business Easy Button
Windows Hello for Business (WH4B) is often misunderstood as complex, but Cloud Kerberos Trust simplifies it. With familiar concepts and a straightforward setup process, it allows for seamless authentication to Azure/Entra ID. Configuring Azure AD Connect and Entra Kerberos Server for Cloud Kerberos Trust is simple, elevating user and admin experience.
Mobile Jon’s Final Act in VMware EUC: Android Secure Launcher Password Rotation
We can automate the rotation of the Workspace ONE Android Secure Launcher password via API with this tool that anyone can use.
New Windows 365 Boot Features in Public Preview
Microsoft recently announced new features in Public Preview, including Intune guided setup, dedicated and shared modes, fail-fast mechanism, and local PC settings management. These enhancements allow for personalized experiences and improved troubleshooting, showcasing Microsoft’s commitment to evolving Windows 365.