Month: January 2025

Managing Microsoft Edge browser extensions on Windows devices

by

This week is all about browser extensions. And more specifically, about Microsoft Edge browser extension on Windows devices. There are many reasons why organizations might want to look into managing and controlling Microsoft Edge browser extensions. Most of those reasons, however, are security related and focussed on staying in control of corporate data. Lately, there have been multiple examples of malicious browser extensions – not specific to the Microsoft Edge browser – that would collect user data and exfiltrate it to a malicious website. A good reason to get in control of the browser extensions that are being used within the organization. Either by fully controlling which browser extensions can be installed, or by at least blocking unwanted browser extensions. This post will look specifically …

Read more

Working with tamper protection on Windows devices to protect security settings

by

This week is all about working with tamper protection on Windows devices. Not because it’s something new, but mainly to give it some more attention. It does, by the way, introduce new management functionality. That new functionality is the ability to configure tamper protection on unmanaged devices. So, devices that are not managed by Microsoft Intune, or Configuration Manager, but that are managed via Microsoft Defender for Endpoint security settings management. Besides that, it’s just important to highlight the functionality of tamper protection again, to make sure that the functionality and usage is known. Especially as it’s nowadays enabled by default when using Microsoft Defender for Endpoint. Because it’s enabled by default, people easily forget that it’s configured and what it’s used for. This post will …

Read more

Quick tip: Blocking screen capture with app protection policies on iOS devices

by

This week a relatively short blog post. Not because it’s challenging to get up-and-running in this new year, but mainly to highlight a change in behavior on iOS devices. That change in behavior is all about app protection policies on iOS devices. For apps that have updated to v19.7.6 or later for Xcode 15 and v20.2.1 or later for Xcode 16 of the SDK, the default screen capture behavior will change. Before that update, blocking the screen capture was not option with app protection policies on iOS devices. That has now changed. Starting with that update, blocking screen capture is available in app protection policies and enabled by default when Send Org data to other apps is configured to anything other than “All apps“. This post will …

Read more

Getting started with Microsoft Connected Cache

by

This new year starts with an introduction to Microsoft Connected Cache and is sort of a follow-up on this post of about 4 years ago. That time it was about the addition of Connected Cache for Win32 apps in Configuration Manager. Now, 4 years later, Connected Cache is available as a standalone product and can be used to serve content for Windows feature and quality updates, Microsoft 365 Apps and updates, Intune apps, Store apps, and Windows Defender definition updates. Basically, Connected Cache is a software-only caching solution for delivering Microsoft content within the environment. It can be managed via the Azure portal and it can be deployed to Windows and Linux hosts. No matter if those hosts are physical or virtual. Connected Cache basically …

Read more