Intune policy sets

The modern way to manage and configured devices in the Microsoft Cloud is to use Intune to handle device enrolment and configuration. This can become complex quickly when you at look configuring across the different operating systems (iOS, Android, Windows, MacOS, etc) and the different policies (endpoint, compliance, restrictions, etc) because there are so many possible variations. If you then layer on a variety of users and their requirements, being consistent across the organisation can be a challenge.


Luckily, Intune now gives us something called Policy Sets which you can find in the Microsoft Endpoint Manager admin center as shown above.


As the opening screen, shown above, notes – Policy sets are basically a way to group a set of individual policy configurations together and have them applied as a group. Handy eh?


Basically, you follow through the wizard and select the policies you wish to group together and then users you wish that to apply to. You save that as an individual Policy set, of which you can create as many different ones as you like.

Once you create the policy it will be applied exactly the same as if you did each policy individually, but now you can do all that together via a single setting! You can go back in at anytime and edit the Policy sets you created.

Device manager Policy Sets allow you to easily group a variety of individual Intune policies together and apply them together to a group of users quickly and easily. This should save you lots of time over creating an individual enrolment policy and applying, then an individual compliance policy and applying, then an individual endpoint protection policy individually and so on.

Need to Know podcast–Episode 220

In this episode I speak with Leigh Wood from Node IT in the UK about what attending the Microsoft worldwide partner conference known as Inspire. Leigh gives us some great insights, experiences and the benefits of attending. A great episode for Microsoft partners to listen in to and learn from Leigh. We have our usual Microsoft Cloud updates from Brenton and myself. Stay tuned, stay up to date and listen along. Let us know what you think of this episode.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think –

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.





Microsoft submissions to Cyber 2020 strategy

Outlook on the web is becoming a progressive web app

Security defaults provides key security for free

Microsoft Partner Agreement

Azure Sentinel

Azure Sentinel is a great add on

MFA penetration in the Microsoft Cloud

Microsoft Norway now open

Azure cost management for partners

CIAOPS AZ-900 Exam prep course now available


I am happy to announce I have completed another online Microsoft exam prep training. This time it is for the Microsoft AZ-900 Azure Fundamentals exam. This exam is an excellent starting point if you are looking to get into Azure. It is quite broad but it is important to remember that it is focused on ensuring you have a basic understanding of most of the Azure services. That means, you need to know what they are and what they do NOT how to configure them individually.

I am a big believer in industry certifications as I have details previously here:

The benefits of certification

It is important to have Azure in your tool bag these days because new services like Windows Virtual Desktop are built on a variety of Azure services. To do anything with Windows Virtual Desktop, you are going to need to have Azure knowledge and this AZ-900 is a great starting point on that journey.

You can sign up for this new course here:

and look out for more courses coming soon from the CIAOPS.

Bad guys keep winning (Part V)


The above amazing slide is from the recent Microsoft Ignite 2019 session – SECI20 – Shut the door to cybercrime with identity-driven security.

This means that vast majority of Microsoft Cloud tenants DO NOT have their admin account secured via MFA. You could understand maybe 5 or 10 percentage as ‘break glass’ style accounts but 92%??

Would you not say that in the past year we, as a society, have become MORE dependent on technology? I know many business can’t run a business without technology but not enabling simple protective measure like this is simply amazing! It also makes you wonder at how much else is not secured appropriately? I think saying that 92% of ALL IT installations are not appropriately secured would not be far wrong.

The good news is that, if you take the time to implement things like MFA, you are more secure than 92% of systems out there. Given that bad guys go after the easiest target (law of the jungle), it kinda makes you less susceptible. Sad but true, that there are plenty of victims out there just waiting to happen!

I’m sure there is a lot of finger pointing that can be had as to who is responsible and who needs to do what, however all that is irrelevant as it simply means the bad guys are rubbing their hands together as the 92% vacillates over implementing what really should be mandatory!

CIAOPS MS-900 Exam prep course now available


I’ve just taken the wraps off my latest online Microsoft exam prep training. This time it is for the Microsoft MS-900 Microsoft 365 Fundamentals exam. This exam isn’t as technical as others but is still a very good broad overview of the what Microsoft 365 is all about and I certainly recommend people look at doing this exam, especially as a starting port for their certifications.

I am a big believer in industry certifications as I have details previously here:

The benefits of certification

The major benefit is provide a good base of knowledge to move forward in today’s ever changing technology world. This is important today because so many new cloud services are dependent on technologies like Azure AD, Identity and so on. Also, certification exams force you to learn the breadth of the product, which then allows you to provider better solutions and security.

You can sign up for this new course here:

and look out for more courses coming soon from the CIAOPS.

Techwerks 10–Sydney 12th February 2020


I am happy to announce that Techwerks 10 will be held in Sydney on Wednesday the 12th of February 2020. The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

or  sending me an email ( expressing your interest. This training is just before the Microsoft Ignite the Tour in Sydney, so if you are in town for that you can hopefully also take advantage of this training.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender ATP, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to see you there.

Keep calm and Twitter

Generally, the cloud is pretty reliable. However, it is not perfect and there will be downtimes and outages. Just because you move your information to the cloud doesn’t mean that you abdicate your responsibilities for it. Disaster planning is as important in the cloud as it is on prem.


The first place to start if you are having issues with what you believe to be related to Microsoft 365 is the Microsoft 365 Service Health page shown above, which can be found at:

Of course, if you are unable to access your tenant for any reason, then you’ll have to try another resource.


Your next point of call should be the Office 365 status page here and shown above:

This is fairly generic and also just links back to the Service Health in your own portal. However there maybe information here around any wider scale issues so it is always worthwhile checking.


Next, you should follow the @MSFT365Status Twitter account as shown above. Here you’ll find information posted that is on infrastructure outside Microsoft’s. You can also communicate with this account if you need to.


You can also find an Azure Status page at:

Given that many Microsoft 365 services are built on Azure, it is another area that may give you some insight.


There is also an Azure support Twitter account @azuresupport that will post information concerning issues and something you can also interact with if you need to.

There are also numerous third party services that will track whether a web site active.

Finally, a good approach is also to do a search across Twitter to see whether others are also having similar issues. People tend to be pretty vocal on social media when they are inconvenienced, so that should a source of both good and bad information.

As Noah knows, you prepare for the flood BEFORE it rains. In the event of cloud issues, how will you know the extent of the issues and where will you get good information? For me, that source has typically been Twitter as the major source. You do have to filter those results a tad to get helpful information there, but that is the nature of social media.

In short, you need a plan. Take my advice and start monitoring Twitter to get a better idea of what might be happening beyond your own screen.