Blog series: Protect your Company Data using Enterprise Data Protection (EDP)

Recently I had the chance during a technical Friday jam session to play around with Enterprise Data Protection (EDP) with some other geeks .

EDP

In short Enterprise data protection (EDP) helps to protect against potential data loss without interfering end-user experience. EDP also helps to protect enterprise apps & data against accidental data loss on enterprise-owned devices, including personal devices that end-users bring to work without requiring changes to your environment or other apps.

Although EDP is introduced with Windows 10 release, the underlying technologies are common known. EDP is primary relying on Encrypted File System (EFS) and AppLocker. In a serie blog posts I will provid some guidance how EDP works and how to configure protected apps, Configuration Manager and Microsoft Intune.

  1. Introduction: Enterprise Data Protection – Under the hood
  2. Retrieve and Add Applications to Protected App List
  3. Deploy Enterprise Data Protection with Microsoft Intune
  4. Deploy Enterprise Data Protection with Configuration Manager 1511
  5. Enterprise Data Protection & Azure RMS better together

Note!

Enterprise data protection is currently being tested with a number of enterprise customers, and will become available to Windows Insiders soon.

Stay tuned!

Getting started with Windows Store for Business

clip_image001

With the new Windows Store for Business, organizations can make volume purchases of Windows apps. The Store for Business provides app purchases based on organizational identity, flexible distribution options, and the ability to reclaim or re-use licenses. Organizations can also use the Store for Business to create a private store for their employees that includes apps from the Store, as well private Line-of-Business (LOB) apps or deploy purchased apps offline by Configuration Manager or Microsoft Intune.

Choose the best app store for the right scenario.

Continue reading “Getting started with Windows Store for Business”

Windows 10 Enterprise Data Protection – Under the hood…

UPDATE: Enterprise Data Protection is available again from Windows 10 Version 1511 rs1 builds if you want to test Enterprise Data Protection!

UPDATE: Stay on Windows 10 Version 1511 th2 build 10576 if you want to test Enterprise Data Protection!

In this blog I’ll cover a brand new Windows 10 feature, Enterprise Data Protection (EDP). The Microsoft Intune product team recently announced EDP policies as part of the Intune October service update. With this update you’re able to create and deploy configuration policies for Windows 10 enterprise data protection (EDP) settings, such as the list of apps that should be protected by EDP, enterprise network locations, protection level, and encryption using the new Windows 10 Enterprise data protection template.

Win10_CheckIn_Partner_ Training_20150807

In this blog I’ll show you how to configure and apply EDP to your Windows 10 devices. Including some experiences from the field.

Continue reading “Windows 10 Enterprise Data Protection – Under the hood…”

Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships

March this year the Active Directory team announced Attribute Based Dynamic Group Membership for Azure AD. Until then, group membership was a manual thing that had to be done for each user. With this feature you can specify a rule on an Azure AD security group that will automatically manage the membership of that group based on user’s attribute values. Dynamic Group Membership is supporting by default a subset of user attributes which can be used.

image

But what if you use in your organization custom attributes for various applications-, business- and provisioning processes? In this blog post we go further and will explain how to use custom AD attributes, extend your Azure AD tenant and use these custom attributes to automatically populating a security group.

Continue reading “Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships”

Get Started with the Enterprise Mobility Suite

undefinedOver the next six weeks I’ll provide along with my colleagues Valerie Siroux and Arjan Vroege several webinars on Microsoft Enterprise Mobility Suite. If you want to know more about for instance Azure Active Directory Premium, Microsoft Intune, Azure Rights Management Services, you can not miss these webinars.

Learn more about EMS in 6 webinars

On the following dates will take place the Enterprise Mobility Suite webinars. Please note that these webinars are taught in English. Through the links below you can register free of charge.

Continue reading “Get Started with the Enterprise Mobility Suite”

Integrate your Microsoft Intune device enrollment with Azure AD!

May this year Microsoft announced a new capability of automatically enroll devices in Microsoft Intune as part of joining devices in to Azure AD (Premium). By joining a Windows 10 device to Azure AD it is extremely easy for end users to get the benefits of single sign-on, OS state roaming, and management capabilities.

image

This will work with both Microsoft Intune and with 3rd party MDM solutions. In this blog post I’ll show you how ease and transparent this process is and how powerful the integration is of Microsoft Online Services and Windows 10!

Continue reading “Integrate your Microsoft Intune device enrollment with Azure AD!”

The Enterprise Mobility Suite Portal Survival Guide

survival-guide I’m more than happy being your tour guide for today and walkthrough the various portals that the Microsoft Enterprise Mobility Suite (EMS) houses. For those who are involved with EMS, this might be a handy overview of all current available portals. I often heard  that it is not always clear which portal you need and where you can find it. In this blog I’ll do my best to cover all the portals including their purpose.

Continue reading “The Enterprise Mobility Suite Portal Survival Guide”