Easier managing Device Control in Microsoft Defender for Endpoint using Microsoft Intune

This week is all about easier managing the basics of Device Control in Microsoft Defender for Endpoint using Microsoft Intune. It was already possible for a while to configure the different aspects of the Device Control feature on Windows devices, the configuration of some aspects just became a lot easier. In general, the Device Control features enable IT administrators to control whether users can install and use peripheral devices, such as removable storage, printers, or Bluetooth devices. In the end, the Device Control feature provides IT administrators with more tools to protect organizations from cyberthreats, such as potential data loss, or malware, by reducing the attack surface. Nowadays there are many different configuration options and different configuration profiles. This post will focus on the basic …

Read more

Controlling devices connected to Windows devices

This week is all about device control. Device control is often referred to as a feature of Microsoft Defender for Endpoint and is focused on preventing data leakage. That is achieved by limiting the devices that can be connected to a Windows device. The idea is also pretty straight forward: control which devices can connect to a Windows device. That can be achieved by looking at the hardware device installation, at the removable storage and at the bluetooth connections. Besides that it’s even possible to get creative with printers. Most of these settings – with exception of the printer settings – are configurable via the endpoint security options, but most settings are actually configured via different CSPs on the Windows device. This post will walk …

Read more