• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Microsoft To Open Azure Cloud Data Center Region In Spain

Azure AD, Intune and Group Policy: What’s in (and not in) the box

December 28, 2020
Microsoft To Build New Azure Cloud Data Centers In Greece

Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

March 5, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft makes passwordless push in Azure Active Directory

March 5, 2021
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

Microsoft Power BI Premium Per User pricing is a game changer

March 4, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 4, 2021
8×8 makes raft of updates to platform

BitDam ATP+ protects Office 365 users from unknown threats

March 4, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

Cloud Network Engineer – Associate – ATL

March 3, 2021
Microsoft Outlines How To Set Up Windows Virtual Desktop

What’s New in Tufin Orchestration Suite 21-1

March 3, 2021
Innovative solutions for IT workers at home

BitDam Offers Complete Security for Office 365 Email, OneDrive and Teams With The Introduction of BitDam ATP+

March 2, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft to add new shared channels, encryption for calls, webinar features to Teams

March 2, 2021
Microsoft Declares ‘General Availability’ of Threat Experts Security Service

Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

March 1, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

March 1, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

March 1, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, March 7, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Microsoft To Build New Azure Cloud Data Centers In Greece

    Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft makes passwordless push in Azure Active Directory

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

    8×8 makes raft of updates to platform

    BitDam ATP+ protects Office 365 users from unknown threats

    Microsoft Outlines How To Set Up Windows Virtual Desktop

    What’s New in Tufin Orchestration Suite 21-1

    Innovative solutions for IT workers at home

    BitDam Offers Complete Security for Office 365 Email, OneDrive and Teams With The Introduction of BitDam ATP+

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Cloud Announces Three New Vertical Cloud Solutions

    Innovative solutions for IT workers at home

    Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

    Innovative solutions for IT workers at home

    What is database encryption?

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

    Microsoft Power BI Premium Per User pricing is a game changer

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Cloud Network Engineer – Associate – ATL

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft to add new shared channels, encryption for calls, webinar features to Teams

    Microsoft Declares ‘General Availability’ of Threat Experts Security Service

    Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Releases Azure Firewall Premium in Public Preview

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

    8×8 makes raft of updates to platform

    Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News

Azure AD, Intune and Group Policy: What’s in (and not in) the box

by AZURE SECURITY NEWS EDITOR
December 28, 2020
in News
0
Microsoft To Open Azure Cloud Data Center Region In Spain
491
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

It was roughly twenty years ago that Microsoft unveiled Group Policy. Since then it has become the “go-to” tool for managing and securing the windows desktop across the domain. Group Policy has been the way admins shore up security because Windows is not secure out of the box. Over the years, admins have used Group Policy to do things like:

  • Restrict control panel access
  • Change the default local administrator name
  • Enforce full disk encryption
  • Deploy configuration and registry settings

By leveraging the combined power of Administrative Templates and Group Policy Preferences into assigned GPOs, admins have control of more than 10,000 settings within the Windows operating system. Group Policy admins can also manage settings within Microsoft Office and Edge. Furthermore, ADMX templates are available to allow Group Policy management over third party applications such as Google Chrome. A domain administrator equipped with the Group Policy Editor has a lot of control over the desktop.

The Loss of Leverage with Azure AD

If you ask organizations why they are moving to the cloud, the typical answers include the following:

  • Greater agility
  • Centralized control
  • Greater security
  • Reduced costs

That being said, there aren’t GPOs within Azure AD.. The absence of GPOs is not indicative of their usefulness. Azure AD is comprised of different protocols than Server AD in order to manage web-based services. Azure AD architecture bases itself on user and device management for Azure and O365. Group Policy architecture is based on users and computer as objects within AD.

The irony in all of this is that when it comes to the management of configuration settings, Azure AD gives admins less control of Windows 10 settings and desktop configuration.

Less control therefore means less agility which is the opposite of what you’re going for.

Because admins now have less access to the enforcement of configuration and security settings, users and their desktops may be more vulnerable. Less admin control also means greater user access into things that can render help desk calls, which increase costs.

This is not to say that Azure is inferior to traditional AD (with its Group Policy.) It simply a different world than it was twenty years ago. It isn’t just a desktop that lives on-prem. Traditional Group Policy does only a fair job of managing mobile devices. It also isn’t a Windows only world anymore and Group Policy doesn’t help when you need to configure non-Windows devices.

There is also more to device management today than just the deployment of settings. Azure AD provides instant status information on your entire fleet of MDM joined devices as well as telemetry insights into the performance of them. Computers can be remotely reset and wiped. However, if you want an easy way to block access to the command prompt for standard users, you are currently out of luck with Intune.

PolicyPak as an MDM Supplement

Many organizations today have a mixture of Server AD-joined and Azure AD-joined devices. While MDM may not natively support utilize GPOs, there is a third party solution that brings the super admin power capabilities of Group Policy and Group Policy Preferences into your Azure AD, or any MDM environment.

It is called PolicyPak, a modern desktop management solution that empowers you to easily configure, deploy, and manage policies for on-premises, MDM, and cloud Windows environments.

PolicyPak MDM Edition lets you import group policy and group policy preference settings directly into your MDM. Designate a computer in your on prem domain environment to host the PolicyPak Admin Console. The PolicyPak Admin Console seemlessly integrates with Group Policy Editor. From there it is a matter of doing what you always do with Group Policy: create a new policy as is shown below.

-1

Note in the outlined portion of the above screenshot we have Administrative Templates Manager, Preferences Manager and Security Settings Manager. These are three of the solution products within the PolicyPak suite. Together they allow you to configure and deploy settings such as:

  • Security Settings
  • 3,000+ Administrative Template settings
  • Audit Policy
  • User Rights Assignment
  • AppLocker settings
  • All of the Group Policy Preferences Settings

There are also three collections contained within the outlined portion above as well called Windows 10 Laptops, Windows 2019 Servers and Windows 10 Desktops. You create collections to organize targeted settings. In this example, we are using Administrative Templates Manager in order to utilize the rich collection of settings provided by the ADMX/ADM templates. PolicyPak Templates Manager gives the same exhaustive list of settings as Group Policy as is shown below.

-2

PolicyPak works alongside your MDM to deliver and then finetune your GPO assignments using item-level targeting for Group Policy settings as well as Group Policy Preferences.

Whether you are creating new policies, or simply want to use existing GPOs, integrating them to your preferred MDM is easy. Simply export your real Group Policy settings using the PolicyPak Admin Console and wrap them up into a MSI file using the PolicyPak Exporter Utility. Then simply license your MDM for PolicyPak and upload the MSI file in the same manner as any MSI file you want to deploy to your MDM enrolled devices.

You can see a full video demonstration of how to deploy all Group Policy and PolicyPak settings using Intune here.

Don’t limit the potential of PolicyPak to just deploying policy settings. Every PolicyPak customer has access to our other tools as well such as PolicyPak Application Manager, which allows you to manage and deploy configuration settings for more than 500 enterprise applications. If you use it, chances are we can manage it.

We also have PolicyPak Least Privilege Manager to help you remove local admin rights plus provide “one click whielisting” to your desktop, without all of the work required by managing traditional whitelists. You can see our complete list of components here…

With PolicyPak, you do not have to sacrifice Group Policy when moving to Azure AD. We bring the two together, in order to create a combined solution in which the whole is greater than the sum of its parts.

The post Azure AD, Intune and Group Policy: What’s in (and not in) the box appeared first on PolicyPak.

Reference: https://securityboulevard.com/2020/04/azure-ad-intune-and-group-policy-whats-in-and-not-in-the-box/

Share196Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Microsoft To Build New Azure Cloud Data Centers In Greece

Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

by AZURE SECURITY NEWS EDITOR
March 5, 2021
0

Microsoft Azure Active Directory (AD) users can use YubiKeys to log into various applications now that Yubico has announced that its passwordless...

A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft makes passwordless push in Azure Active Directory

by AZURE SECURITY NEWS EDITOR
March 5, 2021
0

During a Microsoft Ignite 2021 session Wednesday titled, "Azure Active Directory: our identity vision and roadmap for strengthening Zero Trust defenses in...

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

by AZURE SECURITY NEWS EDITOR
March 4, 2021
0

Microsoft recently released a few new Azure Active Directory (AD) features, namely My Apps "collections" and new "risk detections" capabilities, into general availability (GA)....

8×8 makes raft of updates to platform

BitDam ATP+ protects Office 365 users from unknown threats

by AZURE SECURITY NEWS EDITOR
March 4, 2021
0

BitDam announced the availability of BitDam ATP+, its upgraded Advanced Threat Protection (ATP) solution, offering comprehensive defense against malware, phishing, business...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Microsoft To Build New Azure Cloud Data Centers In Greece

Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

March 5, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft makes passwordless push in Azure Active Directory

March 5, 2021
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

Microsoft Power BI Premium Per User pricing is a game changer

March 4, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In