How to manage Inactive devices in Defender

Iron Contributor



I am wondering what is the best practice of managing inactive devices in Defender... 


I have several devices that are inactive - as they are not used anymore, and trying to find out how to deal with them. I have tried to mark them as "Exclude" so that they do not affect Exposure Score, but it still shows me a number of "High Exposure" devices and the excluded ones are included in that amount... I thought that EXCLUDing them is a way to not get them assessed and included in security checks etc?


thank you.

1 Reply
As far as I know the only way is wait until the age out and get deleted. I imagine you could use tagging to filter them out, I haven't tried it though.