Force users to "entra register" their devices
Hi, is it possible to force user to register their devices when they log in with their company account to any other device than company owned? I tested on my private smarthphone. Logged in as normal user with company account and my device did not show up in entra as "Microsoft Entra registered" Any ideas? Thanks
Compliance licenses at tenant level
Hi, We are a small organization of about 200 employees, and we have following requirements. DLP policies configuration at Exchange, OneDrive, SharePoint BYOD security Users should not be able to send files outside the org And so on as we evaluate We already have M365 Business Premium. However, after researching we figured out that M365 Business premium will alone not solve our requirements. May be compliance license will. We want to apply security policies at tenant level in our organization but definitely do not want every user to get licenses as this will be expensive for us and there is no requirement at all for our users. The question is, Is there a way to solve the above scenario?Hidden Group and Hidden Group Membership
Hi everyone! I have come across a requirement where the client would like to use an excel spreadsheet, a service account and application registration to manage group membership for a confidential group. They would like to create a group from which the members cannot leave, see other team members and cannot see the group itself. Now, I have the concept of the flow with me but for the life of me, I cannot get around to finding/configuring a group that meets the requirement. Have you guys come across this sort of scenario? Group Configuration: Users should not be able to view the group Users should not be able to view members of the group Users should not be able to leave the group Thanks in advance.
Force additional MFA for PIN WH4B
so got a request from one of my clients and if you think about it, its on the verge of being valid but an edge case... Lets say you implement WH4B and leverage PIN, how do you prevent someone shoulder surfing and leveraging the PIN on that device if they take it? Or restrict pin patterns? (the patterns I am looking into) I know Fido2 is the best way along with biometrics...but they were wondering if there was a way to reprompt MS Auth App for a code after login/reboot... I couldnt find anything on this but I did find forcing a mfa device revalidation via graph api Any able to accomplish this with the entra joined device?MFA Rollout Question(s)
Hi All I hope you are well. Anyway, I'm normally more active in the Intune space but I have been tasked with rolling out MFA to a lot of non technical users. One of the questions is: What if I forget my phone with the MS Authenticator app on it? I can't seem to find any documentation or clear answer to this. Any ideas? SKUser with hundreds of Interactive Sign-In log entries that are "Interrupted"
I have one user in our organization that has hundreds of Interactive Sign-in logs in EntraID that are marked as "Interrupted". I don't even know where to start with the user. Does anyone have a recommendation for isolating the cause of these logs? Recent entries are 95% related to Office Online Core SSO application.
Security Admin Center Tenant Allow/Block List Not Able to Block IPv4?
While using the Security Admin Center Tenant Allow/Block List we have been able to block specific email addresses and IPv6 IP addresses but are unable to block IPv4 IP addresses. We have tried both using the console and the CLI but have turned up unsuccessful both times when it comes to IPv4. A large majority of the phishing attempts that we encounter come from IPv4 addresses but we have been unable to block any of these. Will there ever be functionality for IPv4 within the Tenant Allow/Block list or is the only option to use conditional access policies? Also why is this enterprise tool only functional with IPv6 and without documentation stating that it does not work for IPv4?Office 365 Backup
Iam Looking For: Find a backup solution for our Office 365 data such as SharePoint/OneDrive content, e-mails, calendars, contacts, notes, tasks etc. ! The harddrives of the machine definitly need to be encrypted. Not sure of synology can do that reliably (LUKS?). Synology had some security issues in the past, but they might have been only relevant if they are exposed to the internet. I think we have two options: Backup in the office on encrypted drives with very restricted access (SSH?) Encrypt backup and upload it to S3 (not sure if there's a tool for that) I'm fine with both. Is there an open source tool that can mirror Office 365 on a local machine? (Linux) is the Synology tool proprietary?
Azure Sentinel Incident Severity Mapping
Hi, So Sentinel categorizes its incidents as "Low, Medium or High". However, a typical SOC might have incidents ranging from P1-P5. I'm curious how have other organizations mapped the 3 Sentinel severitys to the a typical incident priority rating of P1-P5 (so 5 categories). We'd like to automate the logging of Sentinel tickets in our ISMS system, but how to map 3 into 5 priorities? Thank you, SK
