Jul 15 2020 02:37 AM
Hi guys,
We are researching about the Intune MDM, security baseline to deploy as co-managed for our client but i have something unclear and want to ask:
- Is the Device security aspects in Microsoft Intune are all managed in device management portal?
- Can we config a device to be under both a security baseline and a separate policy or different baseline at the same time?
I know this is basic but i appreciate all comments.
Regards,
Arthur.
Jul 16 2020 03:18 AM
Jul 21 2020 04:00 AM
Yeah, as already stated you can use both to configure the security policies. You need to make sure that there is no conflict, otherwise settings will not be applied.
The Security Baseline should give a jump start to a recommended Enterprise Security config.
The individual policies like AV, EDR, etc. are a way to support SecOps or Security Admins to focus on their security settings only. Finally it's up to you what works best for you, but make sure to create no conflicts 🙂
Here is the docs article for that:
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-policy
best,
Oliver