Posts

Microsoft Defender for Endpoint for Android Enterprise Personal Profile and Privacy Controls

-
Image
  I recently implemented MDE for Android Work profile devices for a customer and as part of the requirements, the customer wanted to extend Defender management to Personal profile to meet their data protection IT security policies. In this blog, I explore the configuration and cover specifics involving data protection and privacy controls for personal profile in Android Enterprise. Defender for Endpoint for mobile devices has been around for sometime now. I had covered the details of MDE onboarding for Android devices back in 2022 and it still holds up. While organizations can leverage the MAM scenario to onboard personal devices on MDE, it doesn't cover all the device management capabilities as compared to enrollment into an MDM solution like Intune. To address both data protection and end user privacy requirements of an organization, the Defender management under work profile can also be extended to personal profile. This way organizations can collect the necessary information t
Post a Comment
Read more

Using Custom Detections to trigger response actions on macOS in Microsoft Defender XDR

-
Image
  Microsoft Defender XDR (Rebranded and formerly known as Microsoft 365 Defender) has many features and as part of Advanced hunting under incident & response, Custom detections is a great way to create rules to monitor events and system states proactively, including suspected breach activity and misconfigured endpoints. One can then enable & configure response actions using various device & identity attributes and set them to run at regular intervals, generating alerts. Custom detections uses Advanced hunting which is based on the Kusto Query Language (KQL) which is a powerful tool that uses schema entities organized in a hierarchy similar to SQL. The language is expressive, easy to read and understand. To manage custom detections, you need to be assigned one of these roles permissions at a minimum: - Security settings - Security administrator - Security operator To understand Custom detections better, I wanted to explore the possibility of initiating a response action on
Post a Comment
Read more

Manage Copilot in Edge & Microsoft 365 Apps on Mobile devices using Intune

-
Image
  I have finally jumped on the Copilot bandwagon and started familiarizing myself with the feature. For those who are unware or getting to know it like me, then it is Microsoft's latest AI-powered productivity tool that uses large language models (LLMs) and integrates data with the Microsoft Graph and Microsoft 365 apps and services. I don't intend to do a deep dive into what Copilot is as there is plenty of material available online for that, but I will like touch base on commercial data protection and what organizations can do to manage Copilot on mobile devices using Intune. According to Microsoft , To provide chat responses, Copilot uses global data centers for processing and may process data in the United States. Optional, Bing-backed connected experiences don't fall under Microsoft's EU Data Boundary (EUDB) commitment.  They also don't fall under the terms of the Data Protection Addendum (DPA) which requires company data to remain inside geographic or tenant b
Post a Comment
Read more