Getting Started with Microsoft Intune Security Baselines
Microsoft enables small businesses to efficiently run a secure computing environment and bundles in the core security applications you need to meet most compliance requirements regardless of your industry. However, Microsoft is competing with software vendors that rely mostly on ad revenue and can provide end users with software for free (assuming you don’t mind data mining). As a result, Microsoft offers subscriptions that don’t offer the security tools that companies require to meet compliance goals. In my blog posts, I aim to advise on the correct choices you need to make as a small business owner to make sure you are getting the best value from Microsoft products. Today I am going to talk a little about Microsoft Intune, which is a device management platform that comes as part of the Microsoft Business Premium, and all the Enterprise level subscriptions.
Microsoft Intune is a cloud-based service in the Microsoft 365 suite that helps businesses manage and secure devices. It provides device management, mobile application deployment, and remote assistance capabilities for Windows, macOS, iOS, Android and ChromeOS platforms. With Intune, you can centrally control policies such as password requirements and data encryption across your entire organization’s
One feature of Microsoft Intune are Security Baselines. Microsoft Intune Security Baselines provides organizations with a centralized platform that allows them to apply pre-defined configuration policies, such as requiring multi-factor authentication and patching, to all their devices. Intune Security Baselines help organizations keep up with the changing IT landscape by ensuring a secure and compliant environment.
To get started with applying Security Baselines log into https://intune.microsoft.com with your administrative account and select Endpoint Security.
Here you will see a list of Microsoft pre-configured policies that you can configure and deploy to your company. To get started select “Security Baseline for Windows 10 and Later”. The next screen will show you a list of all the profiles you created with the pre-configured policies. If you have never used this policy before your profile list will be empty. To get started with creating a profile hit “Create Profile”.
At this point, all you need to do is give the profile a name and then click next through each menu until you get to assignments. You can assign the profile to your test group and save the profile. The default settings that Microsoft recommends will now be applied to everyone in the test group.
In my next post, I will delve into some settings contained in the default profile and how you can change them to suit your business needs.
