Where do you start with improving your organization's security posture? You've heard about growing cyber threats and security statistics, hardening, and Zero Trust. Now a new learning module brings it all together with practical guidance to help secure your environment from chip to cloud.
Just to give you an idea of what's in the learning module, this article outlines:
While keeping up with the latest threats in your field and sector can be challenging, it is essential to regularly update your devices with monthly updates and leverage control and monitoring capabilities. On top of that, the new worldwide Zero Trust model requires continuous improvements to securing all parts of your estate: from chip to cloud. This includes hardware, operating system, applications, identity and privacy, and the cloud.
It's an ongoing effort and is certainly complex. However, we've put together a learning module to highlight the servicing that takes much of the burden off your shoulders. You'll learn about two types of security features: those that are built in and automated for you, and those that you can easily configure with Microsoft Intune.
Microsoft Intune is a mobile device management (MDM) endpoint solution built on Zero Trust. You might already be using it to manage all your organization's devices by securing access, protecting data, and responding to risk across the cloud, on-premises, and multiple OS versions. Though you and your organization may use another endpoint solution, we leverage Intune capabilities in this module to demonstrate many of the prescriptive how-to's across the module.
If you're just starting with Microsoft Intune, please check or prepare with the following steps:
Getting set up with Microsoft Intune is starting your security improvement journey with the cloud layer. Two essential Intune tools that allow you to secure your environment from the cloud to the chip are security baselines and settings catalog.
A security baseline is a recommended collection of configuration settings, which also details their security impact. Start by deploying any of the available security baselines to configure Windows devices:
Ensure good initial security posture for your organization with these pre-built baselines, which you can also modify before assignment. The learning module will walk you through a selection of specific features at different levels of your environment to show how to set these security baselines where available.
Another important tool to improve your security posture further is Intune's settings catalog. It is your one-stop shop to configure all the settings from chip to cloud in one place. Go beyond the security baselines and implement the particular compliance standards of your organization. Use the settings catalog to configure most of the features that advance your security posture.
To create a policy in the Microsoft Endpoint Manager admin center:
To browse thousands of settings available to you, search by category (e.g., browser), keyword (e.g., Office), a specific setting, or use Add settings > Search.
Your Zero Trust journey is exactly that – an ongoing journey. As you keep advancing your security posture from chip to cloud one feature at a time, keep monitoring it for your reporting and improvement goals. The learning module introduces two assessment tools you'll find helpful:
That's briefly what the learning module contains!
The visual table of contents maps out the topics covered in the module, along with opportunities and steps to improve your security posture one feature at a time. And why not earn some experience points while you're at it?
Bookmark Advance your security posture with Microsoft Intune from chip to cloud for your continuous improvement journey. While there are no prerequisites, you may want to brush up on Zero Trust and Intune with these learning paths:
Continue the conversation. Find best practices. Visit the Windows Tech Community.
Stay informed. For the latest updates on new releases, tools, and resources, stay tuned to this blog and follow us @MSWindowsITPro on Twitter.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.