Відео

How do I prevent a particular app being blocked by Smartscreen which I am trying to install? Device is being maintained by Intune.

old videos doesn't work anymore

Great video

Amazing content thank you .Going passwordless sounds great but how are we going to authenticate on MSFT native apps in Android and apple devices like outlook or teams onedrive?

Awesome explanation! Thank you!

Open PowerShell Admin ************************************************************************************************ Set-ExecutionPolicy bypass Install-Script -Name Get-WindowsAutopilotInfo -force [Y] Yes Get-WindowsAutopilotInfo -Online ************************************************************************************************* (If you copy this for later use give a like please!)

Does this block work on mobile as well? As in if I have the word doc open in Edge browser on mobile, will it work there too?

Thank you bro

Does it require any log server setup beforehand

hi, great video. Can you make another video explaining how to authenticate an Azure app in Tableau server i.e. the changes that we need to do in Tableau server settings to register an azure app, so that an external application can access the work book, reports from Tableau via this Azure app..that will be great. Thanks :)

Helpfull

Hey Matt love your stuff...this is great to know. All of the sudden my Tenant is inspecting and at times blocking copy and paste into web apps....Any idea what kind of policy that might live in?

, but does not meet the criteria to access this resource

Does MAM model block user for adding organisation user to non-managed application for example non-managed mail app?

THANK YOU! I was looking for this!

hey there, im getting error 65000, on devices that I'm trying to configure these settings: windows 11 ver 22h2

This no longer works as of Aug 2022.

Hello ! Do you have service to read sensitive data file on web browser ?

Hi Matt, thank you for the video. I want to block third-party uploads, but we won't label documents. Can we still deploy this policy?

Does this process still work in 2024? I set this up exactly the same but it still allows the device to enroll and personal and never shows the serial number as Enrolled :(.

Really interesting content, thanks!

Excellent overview. Some of those functions seem like hooks just because they can offer hooks, not because they provide value. UEBA sounds interesting though.

i dont see that option to block storage at all is this for an older version

Hi, very nice explanation, i have a query, by configuring this do we can see email activity log in MCAS, i am no seeing any documentation or information specifically for Gmail user activity logs into MCAS, any help on this that will be useful, thanks

Hey Matt, this was great to see. I got right through it, but now I'm stuck just few screens after this last screen at time 2:30. Once the device is wiped the setup gets to the Remote Management screen where I click Enroll. A sign-in window appears and asks for credentials: Enter your credentials for "COMPANY NAME". But no matter what credential I enter it won't proceed any further. What credentials do I need to enter? if it's a user, the user has no MFA setup on the account and is not a part of any conditional access policies. Does an admin user enter credentials? or is it something else? can't find any info anywhere else on this detail.

With O365 MDM is available. Can we achieve the objective of whitelisting personal devices ?

How can I fully automate this process on power automate or any other tool?

Thanks you so much 🎉

Thanks you so much 🎉

So what is the way to fix it

Anyone have an idea how to do this with a Mac?

should probably update this video to reflect what we're seeing now

this video needs to be updated

Hi Matt how would we do this if we are on Gsuite rather the Microsoft environment? Thank you for your help.

Hey Matt, Really great explanation! Would love to know if we can download this file as it isn't available on the link provide.

but how does it see the tenant? does this require having intune running on a local server and the client device being on the same network?

Hey Matt, is there a way to remove "all apps" I want users to see apps that are appointed to them in a collection.

Hello Matt, is there any integration available where we can send the Activity Explorer data/ DLP incident and alerts info into external SIEM?

How to map user profile photo from azure AD to slack?

Hi Matt. Pleas i have a question. I wuld like to lock some files to a, specific hardware by serialnumber. So only that hardware can open it. Pleas if you have any idea on how to do that HELP PLEAS. Any software that can do that?. I use a Synthisizer that has a, serial number,so i wuld like to lock my sounds and files to my synthisizers serialnumber, so olny my synthisizer recodnize those files. So if you try to putt same foldes to another synthisizer that is same model but different serialnumber it should not open it. Pleas any advice or sokution or software that can make it PLEAS BEGING you

Or turn off connect on demand

How can you edit that small toast message that pops up on the users machine after isolation? Example at 1:20

can you please share the slide if possible

I have been working at MSPs for around 6 years and I'd add what are the ways we can retire legacy systems, and modernize infrastructure quickly to prevent security risks and daily performance issues in a business environment where we have to spread cost over time?

Whilst amazingly cool, I have noticed this is really hit and miss - we have had an issue for over 12 months, that MS themselves cannot even solve, a simple DLP rule (for Exchange online) - applied to one group of users, block sensitive information enabled + allow overrides (with business justitication). It works fine for one user in the group its applied to, but the other users after pressing send and entering justification, just have their messages blocked. Beyond frustrating.

Hi Matt, Nice demo. I have use case where I need to block file download from OneDrive and SharePoint to any external application application not defined in our tenant. is possible to set this ?

What about screenshot?

Will it collect data of other apps on personal device?

Is there a way to allow a removable device once an administrators password has been entered. If the device is removed and re-inserted it would need to be re-entered?

valuable :)