Intune policy sets

The modern way to manage and configured devices in the Microsoft Cloud is to use Intune to handle device enrolment and configuration. This can become complex quickly when you at look configuring across the different operating systems (iOS, Android, Windows, MacOS, etc) and the different policies (endpoint, compliance, restrictions, etc) because there are so many possible variations. If you then layer on a variety of users and their requirements, being consistent across the organisation can be a challenge.


Luckily, Intune now gives us something called Policy Sets which you can find in the Microsoft Endpoint Manager admin center as shown above.


As the opening screen, shown above, notes – Policy sets are basically a way to group a set of individual policy configurations together and have them applied as a group. Handy eh?


Basically, you follow through the wizard and select the policies you wish to group together and then users you wish that to apply to. You save that as an individual Policy set, of which you can create as many different ones as you like.

Once you create the policy it will be applied exactly the same as if you did each policy individually, but now you can do all that together via a single setting! You can go back in at anytime and edit the Policy sets you created.

Device manager Policy Sets allow you to easily group a variety of individual Intune policies together and apply them together to a group of users quickly and easily. This should save you lots of time over creating an individual enrolment policy and applying, then an individual compliance policy and applying, then an individual endpoint protection policy individually and so on.

Need to Know podcast–Episode 220

In this episode I speak with Leigh Wood from Node IT in the UK about what attending the Microsoft worldwide partner conference known as Inspire. Leigh gives us some great insights, experiences and the benefits of attending. A great episode for Microsoft partners to listen in to and learn from Leigh. We have our usual Microsoft Cloud updates from Brenton and myself. Stay tuned, stay up to date and listen along. Let us know what you think of this episode.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think –

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.





Microsoft submissions to Cyber 2020 strategy

Outlook on the web is becoming a progressive web app

Security defaults provides key security for free

Microsoft Partner Agreement

Azure Sentinel

Azure Sentinel is a great add on

MFA penetration in the Microsoft Cloud

Microsoft Norway now open

Azure cost management for partners

CIAOPS AZ-900 Exam prep course now available


I am happy to announce I have completed another online Microsoft exam prep training. This time it is for the Microsoft AZ-900 Azure Fundamentals exam. This exam is an excellent starting point if you are looking to get into Azure. It is quite broad but it is important to remember that it is focused on ensuring you have a basic understanding of most of the Azure services. That means, you need to know what they are and what they do NOT how to configure them individually.

I am a big believer in industry certifications as I have details previously here:

The benefits of certification

It is important to have Azure in your tool bag these days because new services like Windows Virtual Desktop are built on a variety of Azure services. To do anything with Windows Virtual Desktop, you are going to need to have Azure knowledge and this AZ-900 is a great starting point on that journey.

You can sign up for this new course here:

and look out for more courses coming soon from the CIAOPS.

Bad guys keep winning (Part V)


The above amazing slide is from the recent Microsoft Ignite 2019 session – SECI20 – Shut the door to cybercrime with identity-driven security.

This means that vast majority of Microsoft Cloud tenants DO NOT have their admin account secured via MFA. You could understand maybe 5 or 10 percentage as ‘break glass’ style accounts but 92%??

Would you not say that in the past year we, as a society, have become MORE dependent on technology? I know many business can’t run a business without technology but not enabling simple protective measure like this is simply amazing! It also makes you wonder at how much else is not secured appropriately? I think saying that 92% of ALL IT installations are not appropriately secured would not be far wrong.

The good news is that, if you take the time to implement things like MFA, you are more secure than 92% of systems out there. Given that bad guys go after the easiest target (law of the jungle), it kinda makes you less susceptible. Sad but true, that there are plenty of victims out there just waiting to happen!

I’m sure there is a lot of finger pointing that can be had as to who is responsible and who needs to do what, however all that is irrelevant as it simply means the bad guys are rubbing their hands together as the 92% vacillates over implementing what really should be mandatory!