Windows 11

Getting started with the Microsoft Defender Browser Protection extension for Google Chrome

by

This week is sort of a follow-up on the last couple of weeks. The last couple of weeks the focus was on getting started with the different Microsoft Purview extensions for Google Chrome and Mozilla Firefox, while this week the focus is on getting started with the Microsoft Defender Browser Protection extension for Google Chrome. The Microsoft Defender Browser Protection extension brings protection against online threats, like phishing and malicious websites, functionality known from SmartScreen in Microsoft Edge, to the Google Chrome browser. With that functionality it protects users against threats such as clicking on links in phishing emails and websites that are designed to trick users into downloading and installing malicious software. Of course Google Chrome also provides similar built-in functionality, but that will not …

Read more

Getting started with the Microsoft Purview extension for Mozilla Firefox

by

This week is sort of a follow-up on last week. Last week the focus was on getting started with the Microsoft Purview extension for Google Chrome, while this week the focus is on getting started with the Microsoft Purview extension for Mozilla Firefox. The story around the extension is pretty similar, as the Microsoft Purview extension for Mozilla Firefox extends the Endpoint data loss prevention (Endpoint DLP) capabilities to sensitive items in the Mozilla Firefox browser. And after the installation of that extension, on Windows devices, organizations get the ability to also monitor attempts to access or upload sensitive items to a Cloud service when using the Mozilla Firefox browser, and to actually enforce protective actions via data loss prevention policies. This post will provide a …

Read more

Getting started with the Microsoft Purview extension for Google Chrome

by

This week is all about the Microsoft Purview extension for the Google Chrome browser. Not because it’s something really new, but mainly to create some awareness around its existence. The Microsoft Purview extension for Google Chrome extends the Endpoint data loss prevention (Endpoint DLP) capabilities to sensitive items in the Google Chrome browser. After the installation of the Microsoft Purview extension for Google Chrome, on Windows devices, organizations get the ability to also monitor attempts to access or upload sensitive items to a Cloud service when using the Google Chrome browser, and to actually enforce protective actions via data loss prevention policies. This post will provide a brief overview of the Microsoft Purview extension for the Google Chrome browser, followed with the steps to automatically …

Read more

Preventing scareware with scareware blocker in Microsoft Edge

by

This week is all about a relatively new security feature within the Microsoft Edge browser, and that feature is scareware blocker. Scareware blocker is a security feature to protect against scareware attacks. Scareware attacks often display as full-screen pop-ups with all sorts of warnings claiming that the device has been compromised. The idea behind those attacks is often to frighten users into calling fraudulent support numbers or downloading harmful software. Scareware blocker can automatically detect and stop these attacks, by using machine learning. This post will start with a brief introduction about scareware blocker in Microsoft Edge, followed with the steps to enable it. This post will end with an overview of the user experience. Note: At the moment of writing scareware blocker is still …

Read more

Easier managing Device Control in Microsoft Defender for Endpoint using Microsoft Intune

by

This week is all about easier managing the basics of Device Control in Microsoft Defender for Endpoint using Microsoft Intune. It was already possible for a while to configure the different aspects of the Device Control feature on Windows devices, the configuration of some aspects just became a lot easier. In general, the Device Control features enable IT administrators to control whether users can install and use peripheral devices, such as removable storage, printers, or Bluetooth devices. In the end, the Device Control feature provides IT administrators with more tools to protect organizations from cyberthreats, such as potential data loss, or malware, by reducing the attack surface. Nowadays there are many different configuration options and different configuration profiles. This post will focus on the basic …

Read more

Understanding Device query for multiple devices

by

This week is all about Device query for multiple devices. A long awaited feature. With that, this will also be a follow up on this post about getting started with Device query and this post adding additional hardware properties to the device inventory. Especially the latter might be a little bit surprising, but will be explained throughout this post. Device query for multiple devices provides IT administrators with the ability to easily query for devices with specific properties and values (e.g. all Windows devices with specific application crash events) and the ability to easily summarize data about devices (e.g. count all devices with a specific CPU). Those queries, however, are not performed in real-time on the Windows devices within the environment, but are relying on …

Read more

Expediting Windows quality updates

by

This week is all about expediting the installation of the latest Windows quality updates. Expediting the installation of the latest Windows quality updates can be useful to quickly mitigate security threats when the normal update process wouldn’t facilitate in that deployment yet. That can be achieved because the deployment of expedited Windows quality updates is done without needing to pause or edit the existing update process. It basically enables the IT administrator to temporarily override the deferrals and deadlines to install the specified update as quickly as possible. And that can be used for the most recent monthly quality update as well as an out-of-band security update. This post will look closer at the concept of expediting Windows quality updates, followed with the steps to …

Read more

Configuring a single app, full-screen kiosk with Microsoft Edge on Windows 11

by

This week is all about configuring a single app, full-screen kiosk with Microsoft Edge on Windows 11 devices. A kiosk is nothing new and the Microsoft Edge browser not either. And even the combination of both is nothing new. That being said, there are often unknowns in the configuration options and what actually happens with Microsoft Edge when configuring it as the kiosk application. And that often causes questions. So, this post should take some of those questions away. One of the things that’s often forgotten, for example, is that the Microsoft Edge browser will also run in kiosk mode. And that puts limitations on its capabilities. This post will focus on configuring a single app, full-screen kiosk with Microsoft Edge on Windows 11 devices, …

Read more

Working with in-browser protection in Microsoft Edge for Business

by

This week another blog post focused on the security capabilities within Microsoft Edge. With the introduction of Microsoft Edge for Business, there is a larger focus on providing a Microsoft Edge experience for work. That experience provides IT administrators with the ability to give their users a productive and secure browser for work, across managed and unmanaged devices. With that, Microsoft Edge can be the secure enterprise browser for many organizations. Especially with the focus of Microsoft Edge on security, privacy, and manageability. And not just that, it includes enhanced productivity alongside the security features. That brings us to the focus of this week and that is in-browser protection. In-browser protection is a great example of that combination as it reduces the need for proxies, …

Read more