Shoulder surfers To start with, this looks harmless, but a way to scrape screen for Credentials and for sensitive stuff (documents, content) and co-workers and other people. Australian Signals Directorate calls this out in ISM (Information Security Manual) documentation specifically. While the Human Presence settings and Presence monitoring are already available in Windows 11, these … Continue reading Managing Screen Onlooker Detection Settings Via Intune
Tag: Windows 11
Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
Device compliance is one of the things that should be on top of the list of any organization's Cybersecurity activities. This enforces the next steps that can be taken by the device management solution from reporting to block access to resources immediately if the configured device policies are not meeting a certain standard. For an … Continue reading Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
How Office Macros Expand the Attack Surface
Regardless the size of the organization. There is always one or few macros setup in excel files that does some tasks for the users. These macros are so critical to the business, and most of the time employees' tasks are evolving around them.And most of the time, people who create the macros in the organization … Continue reading How Office Macros Expand the Attack Surface
Securing LSASS – Controls to Minimise Attack Surface
LSASS, one of the most important pieces in an OS - say Windows 11, and one of the pieces that a threat actors are very tempted to keep their hands on. LSASS - Local Security Authority Subsystem Service, the process which is responsible for handling authentication, logon and security policies on Windows. Often, organizations don't … Continue reading Securing LSASS – Controls to Minimise Attack Surface
Getting Started with Windows Autopatch in 2025 (cheat sheet)
Windows Autopatch have come a long way to become the new normal of updating your Windows endpoints, M365 apps, device drivers and Edge browser with Intune whether the devices are physical (workstations/ laptops/ kiosks/ billboards) or virtual (AVD/ W365). Microsoft Learn documentation will have more detailed info into the services, but this is a short … Continue reading Getting Started with Windows Autopatch in 2025 (cheat sheet)
🎙️Let There Be Cloud-Native Endpoints
Recently I got the opportunity to present all about Cloud-Native Endpoints at the first APAC online event series of Microsoft Zero to Hero Community. This was a virtual session where I presented about Microsoft Entra, Intune and how to build a strategy to move your Windows devices to cloud, which is Entra Joined and Managed … Continue reading 🎙️Let There Be Cloud-Native Endpoints
Windows Quick Machine Recovery With Microsoft Intune
We all witnessed the incident where Windows devices worldwide got hammered by the AV update that caused Windows to go BSOD. Machine recovery was one of the top things probably the IT admins did post incident to get their endpoints fleet up and running ASAP again to support day to day and all the critical … Continue reading Windows Quick Machine Recovery With Microsoft Intune
2. Cloud Native Endpoints: Why are You on Entra Hybrid Joined Today?
If you missed the blog roll, check below 👇🏼 https://emsroute.com/2025/05/09/cloud-native-endpoints/ Before moving to Cloud-Native, let's discuss the current phase where many organizations are possibly in at the moment. Entra Hybrid Joined state. This is the most common state I've seen in the organizations. What usually starts out as a PILOT or a POC to test … Continue reading 2. Cloud Native Endpoints: Why are You on Entra Hybrid Joined Today?
Configure Windows LAPS in Intune – March 2025 Update
Local Admin Password Solution has come a long way and the March 2025 Update (Service release 2503) had some good enhancements for the solution. Randomizing the LAPS username is one of them. Rather than enabling the local Administrator account or creating a special admin account for LAPS, having an auto randomizing username sounds confusing to … Continue reading Configure Windows LAPS in Intune – March 2025 Update
How to Change Intune Security Baseline Policy to Version 24H2?
Intune Security Baseline for Windows 10 and later Version 24H2 is finally here. This is a quick look at the policy and useful details on migration to the new policy. What you will see in the Security Baselines nowWhat's Available in Version 24H2Migrating from 23H2 BaselineTest Before Applying!Useful Links What you will see in the … Continue reading How to Change Intune Security Baseline Policy to Version 24H2?
How to Change Intune Security Baseline Policy to Version 23H2?
I'm excited to see the new Security Baseline version is finally available in Intune. Version 23H2 for Windows 10/11. This is a quick look at the policy and useful details on migration to the new policy. What you will see in the Security Baselines nowWhat's Available in Version 23H2Some Notable SettingsMigrating from an older BaselineIf … Continue reading How to Change Intune Security Baseline Policy to Version 23H2?
EMS Route 