Shoulder surfers To start with, this looks harmless, but a way to scrape screen for Credentials and for sensitive stuff (documents, content) and co-workers and other people. Australian Signals Directorate calls this out in ISM (Information Security Manual) documentation specifically. While the Human Presence settings and Presence monitoring are already available in Windows 11, these … Continue reading Managing Screen Onlooker Detection Settings Via Intune
Tag: Windows
Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
Device compliance is one of the things that should be on top of the list of any organization's Cybersecurity activities. This enforces the next steps that can be taken by the device management solution from reporting to block access to resources immediately if the configured device policies are not meeting a certain standard. For an … Continue reading Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
How Office Macros Expand the Attack Surface
Regardless the size of the organization. There is always one or few macros setup in excel files that does some tasks for the users. These macros are so critical to the business, and most of the time employees' tasks are evolving around them.And most of the time, people who create the macros in the organization … Continue reading How Office Macros Expand the Attack Surface
Securing LSASS – Controls to Minimise Attack Surface
LSASS, one of the most important pieces in an OS - say Windows 11, and one of the pieces that a threat actors are very tempted to keep their hands on. LSASS - Local Security Authority Subsystem Service, the process which is responsible for handling authentication, logon and security policies on Windows. Often, organizations don't … Continue reading Securing LSASS – Controls to Minimise Attack Surface
Getting Started with Windows Autopatch in 2025 (cheat sheet)
Windows Autopatch have come a long way to become the new normal of updating your Windows endpoints, M365 apps, device drivers and Edge browser with Intune whether the devices are physical (workstations/ laptops/ kiosks/ billboards) or virtual (AVD/ W365). Microsoft Learn documentation will have more detailed info into the services, but this is a short … Continue reading Getting Started with Windows Autopatch in 2025 (cheat sheet)
🎙️Let There Be Cloud-Native Endpoints
Recently I got the opportunity to present all about Cloud-Native Endpoints at the first APAC online event series of Microsoft Zero to Hero Community. This was a virtual session where I presented about Microsoft Entra, Intune and how to build a strategy to move your Windows devices to cloud, which is Entra Joined and Managed … Continue reading 🎙️Let There Be Cloud-Native Endpoints
Windows Quick Machine Recovery With Microsoft Intune
We all witnessed the incident where Windows devices worldwide got hammered by the AV update that caused Windows to go BSOD. Machine recovery was one of the top things probably the IT admins did post incident to get their endpoints fleet up and running ASAP again to support day to day and all the critical … Continue reading Windows Quick Machine Recovery With Microsoft Intune
5. Cloud-Native Endpoints – Group Policy Analytics
Previously.. https://emsroute.com/2025/06/13/4-cloud-native-endpoints-from-config-manager-to-intune/ Group Policies are a major piece of the Cloud-Native Endpoints puzzle and it's not always easy to track back and remove the legacy policies and now you are planning on policy push via Intune and it's vital to add the GPOs in to the mix. Chances are there are GPO settings you still … Continue reading 5. Cloud-Native Endpoints – Group Policy Analytics
4. Cloud-Native Endpoints – From Config Manager to Intune
Previously.. https://emsroute.com/2025/06/11/3-cloud-native-endpoints-building-a-plan/ If you have Config Manager today and you are thinking of or planning on moving the devices and the workloads to Intune, this article is for you. If you are in that state today, chances are you have a stable (or near-stable) method of managing the devices, patch updates, and GPOs. Moving the … Continue reading 4. Cloud-Native Endpoints – From Config Manager to Intune
🚨Important update for Intune Admins!
As you may already know, the Intune Connector that is used for Entra Hybrid Join is getting deprecated at the end of June 2025. Announcement: 🔗Read all about this important change here 💡Why? As a part of Microsoft's Secure Future Initiative, this will strengthen the account security. A Managed Service Account (MSA) will be used instead … Continue reading 🚨Important update for Intune Admins!
1. Cloud-Native Endpoints: Intro
This is article 1 of the Cloud-Native Endpoint Series. This is a nugget-sized how-to series where I want to showcase how to unlock capabilities to achieve the full cloud-native end goal. 💡Value of going Hybrid? ➡You have the immediate opportunity to use Entra and Intune-related policies and settings.➡You are already making an effort to move … Continue reading 1. Cloud-Native Endpoints: Intro
Configure Windows LAPS in Intune – March 2025 Update
Local Admin Password Solution has come a long way and the March 2025 Update (Service release 2503) had some good enhancements for the solution. Randomizing the LAPS username is one of them. Rather than enabling the local Administrator account or creating a special admin account for LAPS, having an auto randomizing username sounds confusing to … Continue reading Configure Windows LAPS in Intune – March 2025 Update
How to Change Intune Security Baseline Policy to Version 24H2?
Intune Security Baseline for Windows 10 and later Version 24H2 is finally here. This is a quick look at the policy and useful details on migration to the new policy. What you will see in the Security Baselines nowWhat's Available in Version 24H2Migrating from 23H2 BaselineTest Before Applying!Useful Links What you will see in the … Continue reading How to Change Intune Security Baseline Policy to Version 24H2?
My 2024 LinkedIn Rewind and Thank you!
https://coauthor.studio/rewind was awesome as it just collates all the LinkedIn activities. And as 2024 is coming to an end, it is always to look back what you have accomplished and what impact you have had on the community. Looking forward to 2025! I would like to thank everyone who is reading my blogs and getting … Continue reading My 2024 LinkedIn Rewind and Thank you!
From ConfigMgr to Fully Intune Managed in 2024. Let’s Make That a Reality
If you have Config Manager today and if you are thinking or planning on moving the devices and the workloads to Intune, this article is for you. If you are in that state today, chances are you have a stable (or near stable) method of managing the devices, patch updates, and GPOs. Moving the capabilities … Continue reading From ConfigMgr to Fully Intune Managed in 2024. Let’s Make That a Reality
Preparing workstations for the Cloud Journey with Hybrid Azure AD Join
In almost all the cases, the organization is not in a position to get away from the local domain as its tightly connected with other services that are running on-premises and maintaining the on-premises identity is vital. Further, you have the on-premises domain and the workstations are joined to it, GPOs being pushed across and … Continue reading Preparing workstations for the Cloud Journey with Hybrid Azure AD Join
Azure Files – Create File Shares in Azure and Authenticate via Azure AD Domain Services
Almost everyone is familiar with the traditional Windows file servers/ shared drives concepts and its a heavily used Windows Service. Users are very familiar with how to access those directories, request access to certain files and folders and request for file recovery if it's deleted.So far this mechanism has been used/ still using with on-premises … Continue reading Azure Files – Create File Shares in Azure and Authenticate via Azure AD Domain Services
EMS Route 