This month, we had a company event at Rapid Circle and I did a presentation about Security Baselines vs Endpoint Protection templates vs Settings Catalog vs device configuration policies. Yeah… that’s a mouth full. For a change, I didn’t want to do a technical deep dive, but instead, talk more about some best practices and […]
Category: Enterprise Mobility + Security
Blocking BYOD based on unsupported OS versions
A couple of days ago, a colleague asked me if it was possible to Block BYOD based on unsupported OS versions from accessing Microsoft 365 resources like Exchange Online or SharePoint Online and Teams, when using the desktop apps on unmanaged devices with older OS versions. In this scenario, BYOD’s are not allowed to MDM […]
going passwordless on shared Windows devices
Do you still prefer the password madness? While shared windows 10 scenario’s are excellent for passwordless, most users still sign in with their username and password which is old-school these days right? Besides using passwords, most will complain about long lasting logon times, low disk space due to many users and updates that install during […]
Eliminating passwords
Why is going passwordless such a thing and is it really safer than actually using passwords? When you find yourself asking this question, remember this; When it comes to passwords, human behavior is very predictable. Either a password is secure enough but hard to remember (%J5Uc#vN9s^hLg03P*ySE0Hca4!Ws$), or a password is easy to remember but not […]
Password Freedom
What does going passwordless mean to you? Think about that for a minute. It’s a long journey and we can’t get there in a few clicks. I’ve seen a lot of different implementations, but to me, going passwordless means password freedom. It means I no longer need to remember a complex string of letters, numbers, […]
Support Windows 10 BYOD with Microsoft Endpoint Manager and WIP-WE
If you’ve read my previous post about Windows Information Protection Without Enrollment (WIP-WE), than you probably figured out it’s a great solution but also comes with some limitations. However, I’m a fan of WIP and in this post I want to talk a little more about how to support Windows 10 BYOD with Microsoft Endpoint […]
Testing virtual Android Devices with Microsoft Endpoint Manager
When you’re testing Microsoft Endpoint manager, chances are, you’re using a virtual Windows 10 device to do most of your testing. For Windows 10, there are many virtualization platforms like Hyper-V, VMWare or Virtual Box. But when it comes to Android, it’s a different ballgame. There are emulators out there, but I find that most […]
Passwordless authentication with windows 10 and Azure AD
While passwordless authentication with Windows 10 and Azure AD is possible for quite some time, many organizations still use older and less secure authentication methods. I guess there is still a lot of mystery around going passwordless. Some System administrators are concerned about difficult time consuming configuration changes and user adoption challenges. With this blog, […]
OATH TOTP Hardware tokens with Azure MFA
The past few post I mainly wrote about Windows Information Protection and although it is a nice series of posts, I thought it’s about time to write about another topics . In this post we’ll be looking at using OATH TOTP Hardware tokens with Azure MFA instead of other MFA options. Personally I prefer other […]
WIP Learning Mode
When you first start with Windows Information Protection (WIP), you might want to consider starting with the Protection Mode set to Silent. This is also called Windows Information Protection Learning Mode or WIP Learning Mode. In silent/learning mode WIP runs silently and will not block anything. It will however encrypt and log all actions including […]