In this blog post I’ll explain how to configure and enable Windows Hello Multifactor Device Unlock using Microsoft Intune. Windows Hello Multifactor Device Unlock provides multifactor device authentication for login or unlocking Windows 10 devices.
In a mobile-first cloud first world the need of accessing corporate resources on unmanaged devices is rising. This is the cutting edge of managing your corporate data (keeping it safe) and give your users the freedom to be productive on any device.
With Conditional Access we can control access to corporate data (such as Exchange Online, SharePoint Online, Yammer, Delve, Teams, etc.) based on a device (health) status such as being managed or complaint. These scenarios (conditions) are based on devices being managed by your company (MDM managed). With the introduction of Session Controls, organizations are enabled to grant limited access to corporate resources without losing control on unmanaged devices.
Today I was happily surprised with the announcement, as of today Microsoft Enterprise Mobility + Security E5 licenses are available through Internal Use Rights (IUR). This is great news for those who’re a Silver or Gold EMM competency partner. By this Microsoft Partners are enabled to adopt the latest security features in their own organization too. “Practice what you preach”
One of the main benefits of the Microsoft Partner program are the IUR, which allows you to use Microsoft products in your own organization for free based on your partner competence levels. This applies to traditional software, software keys and Microsoft Online Services.
With IUR Microsoft Partners are able increase productivity, business value, and savings with your internal-use rights (IUR) benefits. The Enterprise Mobility + Security E3 had been available for some quite long time however the E5 was missing here, the more we’ve an imported role as partner to enable our customers with the latest Microsoft technology.
More information regarding Internal Use Rights can be found here.
New features like Azure AD Identity Protection & Azure AD Privileged Identity Management forms important (security) components in a more than ever emerging Enterprise Mobility + Security E5 proposition.
Click here to unlock your IUR benefits today!
ps. special thanks for those who make this possible ;-)
Recently Microsoft announced Microsoft Teams, a new chat-based platform in Office 365. For all mobile platforms (Android, iOS and Windows 10 Mobile) Microsoft released an native app, including a desktop app for Windows 10 and Mac OS X. The Microsoft Teams apps can be downloaded here. After I installed the Microsoft Teams desktop app on Windows 10 I bumped into the following funny message ‘Yikes! Looks like someone pulled the plug on the internet’.
Last week Microsoft announced the public preview of Azure AD Conditional Access to protect Azure AD SaaS applications based on device-based policy rules. Conditional Access (CA) is already available for a quite long time for those who are using Microsoft Intune, but was scoped to Microsoft cloud services such as Dynamics CRM Online, Exchange Online, Exchange on-premises, SharePoint Online and Skype for Business Online.
With the introduction of CA for Azure AD SaaS applications it’s a great step forwards raising the security bar in a mobile first cloud first world securing your SaaS applications and how they being accessed.
In this blog I will not elaborate the detailed operation of CA but will show you how easily it is to configure and apply Azure AD Conditional Access for an on-premise web application which we have published by Azure AD Proxy. Continue reading “Secure your SaaS & On-premises applications with Azure AD Conditional Access”
For those who are using Azure Multi-Factor Authentication Server (on-premises) hereby a quick post to inform you there is a new version of Azure MFA Server available. The new version of Azure MFA Server (22.214.171.124) can be downloaded through the Azure Management Portal or MFA Management Portal.
With the new Windows Store for Business, organizations can make volume purchases of Windows apps. The Store for Business provides app purchases based on organizational identity, flexible distribution options, and the ability to reclaim or re-use licenses. Organizations can also use the Store for Business to create a private store for their employees that includes apps from the Store, as well private Line-of-Business (LOB) apps or deploy purchased apps offline by Configuration Manager or Microsoft Intune.