MS-101: Microsoft 365 Mobility and Security
EXAM PASSED!!!
#MS365 #Security #365Security #CertifiedProfessional #CloudSecurity #CloudFamily #CyberSecurity #Microsoft365 #MicrosoftCloud #Microsoft #alwaysbelearning #MS101 #EXAM #PASSED
MS-101: Microsoft 365 Mobility and Security
EXAM PASSED!!!
#MS365 #Security #365Security #CertifiedProfessional #CloudSecurity #CloudFamily #CyberSecurity #Microsoft365 #MicrosoftCloud #Microsoft #alwaysbelearning #MS101 #EXAM #PASSED
Today I’m looking at Microsoft 365 Enterprise Mobility + Security E3 and E5 Licenses and trying to work out which licenses I need and what the differences are. I’ve reviewed the guide on features and pricing, visit compare-plans-and-pricing
There are four key areas for Enterprise Mobility + Security:
If you business it focused on Enterprise Mobility + Security E5 licenses but you need to save costs, its certainly worth reviewing what features your using and what is available / partially included in an Enterprise Mobility + Security E3 license. Microsoft would describe the differences as “Enterprise Mobility + Security E5 includes new and advanced security capabilities that make up our holistic and innovative approach to security for the mobile enterprise. Some E5 capabilities were previously only available as standalone products, such as Microsoft Cloud App Security, or as products in preview, such as Microsoft Azure Active Directory Identity Protection, Azure Active Directory Privileged Identity Management, and Azure Information Protection.”
A break down of the Key Additional Features in E5 and not in E3.
This is a quick break down of the additional features in the E5 license you don’t get in E3 currently. (Please check again, this is not a live feature list)
So does you business have any other 3rd party tools already providing the features of E5? It might be worth noting some components Enterprise Mobility + Security E5 can be purchased separately, but the logic is a suite gives more value in a bundle.
Another good option to get hands on and try the full E5 license, why not run a PoC to see if the features of Enterprise Mobility + Security E5 with a free Trial (90 days offered when I wrote this)?
I hope this post helped, additional information is available direct from the Microsoft Site.
Apologise if any information is incorrect, this is just a personal review and no way related to Microsoft.
BREAKING NEWS!!
STEPHEN HACKERS
PASSED the Microsoft 365 Identity and Services Exam.
#Microsoft #Certified #Professional
Intune – Mobile Device Management – App Protection Policy in Intune App Protection
Scenario – We want to securely publish a corporate app (OneDrive) to users who will be using their own mobile ( iOS) devices. We want to protect the corporate data used in the app and establish authentication before accessing it. Users should not be able to copy and paste data directly from the app on to their own device.
We need to create an an App Protection Policy in Intune App Protection.
For more in-depth detail:
https://docs.microsoft.com/en-us/mem/intune/apps/apps-add
https://docs.microsoft.com/en-us/mem/intune/apps/apps-deploy
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios
Create an App Protection Policy
or
Intune – Mobile Device Management – Intune Company Portal Install On An iPhone Device
Lets focus on BYOD (Bring Your Own Device)
Example Apple – iOS enrolment
BYOD
At this point we should have completed the basics in the Intune configuration portal
2. Sign in or Just select your Office365 account > Continue
Success !!! Device is now enrolled and awaiting apps and policies
Intune – Mobile Device Management – Device Enrolment – Add a Device
Lets focus on BYOD (Bring Your Own Device)
Example Apple – iOS enrolment
BYOD
At this point we have already completed the Pre Req’s (See Apple MDM Push Certificate if you haven’t done this already)
Apple Configurator / Devices
https://devicemanagement.microsoft.com
We need to add an iOS device you will need the serial number and device detail in a CSV file to import
CSV format <device serial>,<Detail Owner? Device type)
Add a device
Devices> iOS > Apple Configurator
Have you created a Profile? Create a Profile before adding a device, see this guide
Select a profile and import your CSV file contain all your devices. Then click add.
Success !! Devices Added
Additional info from Microsoft Docs available here
Intune – Mobile Device Management – Device Enrolment – Create a Profile
Lets focus on BYOD (Bring Your Own Device)
Example Apple – iOS enrolment
BYOD
At this point we have already completed the Pre Req’s (See Apple MDM Push Certificate if you haven’t done this already)
Now : Create a Profile
You need to create a profile before enrolling a device.
Apple Configurator / Devices
https://devicemanagement.microsoft.com
We need to add a Profile
Profiles > Create
Enrol with User Affinity ( i.e Map the Device to a User) + Auth via company Portal (Example options selected)
Then click “Create”
Success a profile is created
Intune – Mobile Device Management – Device Enrolment – Apple MDM Push Certificate
Lets focus on BYOD (Bring Your Own Device)
Example Apple – iOS enrolment
BYOD
MDM push Certificate required
Go to device management https://devicemanagement.microsoft.com
Enrol iOS devices in Intune
Devices > Apple Enrollment > Apple MDM Push Certificate
You will need an Apple ID used on your Device
Step 3 expanded….
Create your MDM push certificate redirects you to login to the Apple portal with your Apple ID
https://identity.apple.com/pushcert/
Click “Create a Certificate
Read, Tick and Accept the terms
Upload your CSR
Download Certificate
Then View Manage Certificates. Note Expiry date!
Now back to step 4.
Enter Apple ID
Step 5
Add your MDM push certificate
Click upload
Success….
Setting up Intune on your current Office365 subscription.
Things to know..
Getting started
Signup, Already using Office 365 = You already have an account
Yes, add it to my account
Try now
Continue
Check your email
Assign the license
Editing users (User Management) https://admin.microsoft.com
Add the Intune license
Save
You will now see the license is assigned to the user