Forum Discussion

RobertK86's avatar
RobertK86
Copper Contributor
May 09, 2024

Intune Security Framework documentation?

Is the Intune Security Framework still a thing? The only documentation on Microsoft Learn seems to focus solely on App Protection Policies (https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-framework).

 

The GitHub repo for Intune Config Frameworks (https://github.com/microsoft/Intune-Config-Frameworks) hasn't been updated in 2 years. There have been enough new features added in Intune that the Github framework is missing or out of date.

 

Plus the CompliancePolicy_Import_FromJSON.ps1 and DeviceConfiguration_Import_FromJSON.ps1 scripts no longer function because they rely on modules and files that have been depreciated. I'm just looking for a good place to start backed up by security experts.

  • I'm not familiar with baselines for mobile device unfortunately.
    However, I would recommend you to take a look at CIS Benchmarks, to see if they have baselines available for mobile devices.
  • NicklasOlsen's avatar
    NicklasOlsen
    Iron Contributor

    Hi Robert,

    I think the best place to start is taking a look at the security baseline build into Intune. There is also the CIS framework available, and lastly there is a community-based baseline called OpenIntuneBaseline. 🙂

    https://github.com/SkipToTheEndpoint/OpenIntuneBaseline

    These are the place, that I would start looking for security baselines.

    • RobertK86's avatar
      RobertK86
      Copper Contributor
      Hi Nick,

      Sadly the only baseline built into Intune is for Windows devices. None exist for non-Windows devices.

      OpenIntuneBaseline looks interesting. It looks like when it comes to Android/iOS baselines the only thing there is a few App Protection policies. No Configuration or Compliance policies for Android/iOS. I'm starting to wonder if companies manage phones and tablets with only APPs.
      • NicklasOlsen's avatar
        NicklasOlsen
        Iron Contributor
        Hi Robert,

        Sorry, I thought it was for Windows devices.
        I assume you are looking for baselines focused on fully-managed mobile devices?

Resources