Skip to content

Enterprise Mobility + Security

Introducing support for Cryptography: Next Generation (CNG) certificates in Configuration Manager

We have added limited support for Cryptography: Next Generation (CNG) certificates in Update 1710 for System Center Configuration Manager Technical Preview. Now Configuration Manager clients can use PKI client authentication certificate with private key in CNG Key Storage Provider (KSP). With KSP support, Configuration Manager clients can now support hardware based private key such as...

Read more

New Azure Active Directory resilience features: action required

Howdy folks, If you are federating a separate identity system with your Azure Active Directory tenant, such as Active Directory Federation Server (ADFS), this blog post is for you! We’re totally committed to maximizing Azure Active Directory service availability. As part of that commitment we’re adding more resilience features over the coming months. For most...

Read more


Intune’s new Troubleshooting Portal makes diagnosing and resolving end user issues easier

This post is authored by Jon Lynn, Service Engineer, Intune Customer Experience team. Having the right data at your fingertips is a must when you’re troubleshooting issues with your end users. Intune’s new Troubleshooting Portal provides a “single pane of glass” for reviewing device status, assignments and policies affecting a user, eliminating the need to click...

Read more

cloud 1

Extended email security and compliance with Azure Information Protection

We made some exciting announcements at Ignite that help you protect your sensitive information regardless of where it’s stored or shared. For detailed information on new capabilities in Office 365 Message Encryption (OME), please read this Office 365 blog and watch this Ignite session. We’re also hosting an Ask Me Anything (AMA) session on OME on...

Read more

This one is important: Time to migrate your v1.0 Conditional Access policies to v2.0!

Howdy folks, Azure AD Conditional Access policies in the new Azure portal offer a powerful integrated experience to meet your organization’s security and compliance needs. As we approach the sunset date of Azure AD in the classic Azure portal, it’s important that you move from policies at an app level in the classic portal to...

Read more

How Microsoft Advanced Threat Analytics detects golden ticket attacks

If you’re in the business of threat detection, you are probably familiar with the term “golden ticket”. For those less familiar, a golden ticket is the name of a Kerberos ticket that is manually created by an attacker after gaining access to your environment’s encryption “master key”. A golden ticket allows an attacker to masquerade...

Read more


Active Directory Access Control List – Attacks and Defense

Recently there has been a lot of attention and a few different blog posts (references at the end of the post) regarding the use of Discretionary Access Control List (DACL) for privilege escalation in a Domain environment. This potential attack vector involves the creation of an escalation path based in AD object permissions (DACLs). For...

Read more


Webinar: Find out how Check Point’s threat intelligence enhances EMS’ device based conditional access

Join us for a webinar to find out how the combined power of Microsoft Intune and Check Point’s Sandblast mobile helps you secure mobile devices from advanced cyberthreats, and helps ensure that only compliant devices have access to company resources. Here’s what we’ll cover: SandBlast Mobile’s comprehensive mobile threat defense capabilities that help you stay...

Read more


Role Based Access Control: A Configuration Manager favorite, now in Intune

Role Based Access Control (RBAC) has been a favorite feature of the System Center Configuration Manager community since its introduction, and now it’s available in Intune. RBAC in Intune enables you to easily define who can perform various Intune tasks within your organization, and who those tasks apply to. RBAC gives you greater flexibility and...

Read more