After starting delivering group policy objects like capability, Intune is now getting a security baseline feature.

You can start using it either by searching for Security Baselines from your Azure portal, Office 365 mobile device management portal, or by accessing it through the direct URL (as the feature deployment is still in progress this may  not yet be visible) https://ms.portal.azure.com/#blade/Microsoft_Intune_Workflows/SecurityBaselineMenu/securityBaselines

imageimage

The Security Baslines capability is based on the well known Security and Compliance Toolkit (SCT) – https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10

At this stage, only one baseline is available for Windows 10 but more will come

image

You have to take a care when starting using it as it seem the profiles you will create during the preview will not be migrated/converted after the general release.

First thing is to create a baseline profile by either accessing the Overview blade or the Profiles blade and use the Create profile

imageimage

From there you can then configure the different settings you want to configure

NOTE if you hit the explanation mark image it displays below the setting the explanation

image

Then once the profile is created you need to apply it by assigning to an Intune device group

After sometime you will get report of baseline compliant/not compliant devices

image

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.