Windows Defender ATP now integrates with Microsoft Intune, allowing ATP device threat levels to be taken into consideration for Intune device compliance policies.
Microsoft is rolling out new device state conditions to Azure Active Directory conditional access to allow excluding hybrid Azure AD joined devices and compliant devices from policies.
Microsoft is rolling out a change in November for how conditional access policies treat devices that have no Intune device compliance policy assigned.
If you're trying to run a gradual Office 365 adoption project, managing access to individual apps and services is critical. Unfortunately, it's also not very simple.
How to use Azure Active Directory conditional access policies to enforce multi-factor authentication requirements when users login from unmanaged devices.
How to create and manage Office 365 Mobile Device Management policies and organization-wide settings.
There’s a lot of debate around the need to separate Microsoft 365 administrator accounts, especially when controls such as Privileged Identity Management exist within an organization. However, even with PIM there are remaining security concerns which necessitate the operation of separate accounts. This article explains the importance of using separate accounts; details how to target different Conditional Access policies for admin and user accounts and highlights how this approach increases your security posture and limits potential attack vectors against administrator accounts.
Convincing people to use MFA is one challenge. Convincing them to use a stronger authentication method than SMS is another. This article explains how to use PowerShell to find people still using SMS for MFA and send email to ask them to upgrade their authentication method.