FIDO2 Security Key for Windows 10 (Part 1)
FIDO2 Security Key for Windows 10 (Part 1) As companies like Yubico announce the next generation of YubiKeys with biometrics, let’s take a look at...
1 min read
cloudservuscom Feb 17, 2020 7:47:58 PM
A company that sells and services communication devices had an upcoming Microsoft Dynamics Enterprise Resource Planning (ERP) deployment planned for the following week, but they overlooked one important detail. They needed to lockdown the new Zebra Technologies devices that they would be using to scan inventory barcodes into their ERP system. These devices would be used in their warehouse for inventory tracking, but they didn’t want employees using them to download games/apps or browsed the web. The customer was referred to us by one of our partners and needed assistance quickly. They had registered the devices in Microsoft Endpoint Manager (Intune), but they were having trouble applying the appropriate policies to lock them down to be a purpose-driven device.
We were able to get one of our Principle Consultants engaged quickly to evaluate the customer’s current Intune environment and recommended using Android Enterprise dedicated devices. Device enrollment needed to be quick and easy, so we leveraged the QR code for swift setup and Azure AD Dynamic Device groups to apply all the policies that were created. The customer needed a locked down menu, so we utilized a multi-app kiosk configuration profile and the Managed Home Screen settings of Microsoft Intune to achieve this. The final request was to lock down Google Chrome for Android, so we used Intune App Configuration policies to limit browsing to only corporate ERP system sites.
There were a couple of gotchas that we had to overcome:
Kudos to the team for helping this customer on very short notice! We enabled them to meet their Go-Live date for their ERP deployment. It’s always great when we can enable one of our customers to meet their business goals, even if it is short notice!
In a future blog we will provide some additional guidance on how we registered the devices and set some of these policies. Or if you need help, contact us!
FIDO2 Security Key for Windows 10 (Part 1) As companies like Yubico announce the next generation of YubiKeys with biometrics, let’s take a look at...
Recently, CloudServus received a high-severity alert from the Microsoft 365 Security & Compliance Center of one of our clients: a user account had...
Validate Azure AD Device Dynamic Membership Rules in Preview Previously when creating queries for dynamic membership rules in Azure AD, you would...