📄️ 001: Filters
Implementation Effort: Low – IT and Security Operations teams need to create new filters as smarter grouping and targetting method.
📄️ 002: Device groups
Implementation Effort: Low – IT and Security Operations teams need to create new devices groups.
📄️ 003: User groups
Implementation Effort: Low – IT and Security Operations teams need to create new user groups.
�📄️ 004: Scope Tags
Implementation Effort: Medium – IT and Security Operations teams need scope tags and assign them to users and devices.
📄️ 005: Scope Groups
Implementation Effort: Medium – IT and Security Operations teams may need to create new users and devices groups to be used for RBAC controls.
📄️ 006: Organizational Messages
Overview
📄️ 007: Log Analytics
Overview
📄️ 008: Data Warehouse
Overview
📄️ 009: Graph API
Overview
📄️ 010: Multi-Admin Approval
Overview
📄️ 011: Offboarding Strategy
Overview
📄️ 012: Connectors
Overview
📄️ 013: AI
Overview
📄️ 014: Quiet Time
Overview
📄️ 015: Automation / Orchestration
Overview
📄️ 016: DEX
Overview
📄️ 017: Review enrolled vs unenrolled for BYOD/Corporate
Overview
📄️ 018: Review security, compliance, resource access requirements (Certs/Wi-Fi/VPN)
Overview
📄️ 019: Review App config vs App protection policies
Overview
📄️ 020: Data protection
Overview
📄️ 021: Access requirements
Overview
📄️ 022: Conditional launch
Overview
📄️ 023: Backup to iCloud
Overview
📄️ 024: 3rd Party Keyboard
Overview
📄️ 025: Data protection framework using App protection
Overview
📄️ 026: MAM Compliance and Conditional Access
Overview
📄️ 027: RBAC
Overview
📄️ 028: Remote actions
Overview
📄️ 029: App config settings
Overview
📄️ 030: Managed Edge Browser
Overview
📄️ 031: Mobile Threat Defense
Overview
📄️ 032: Review enrolled vs unenrolled for BYOD/Corporate
Overview
📄️ 033: Review security, compliance, resource access requirements (Certs/Wi-Fi/VPN)
Overview
📄️ 034: Review App config vs App protection policies
Overview
📄️ 035: Data protection
Overview
📄️ 036: Access requirements
Overview
📄️ 037: Conditional launch
Overview
📄️ 038: Device Manufacturers
Overview
📄️ 039: Screen capture and Google Assistant
Overview
📄️ 040: Approved keyboards
Overview
📄️ 041: Require device lock
Overview
📄️ 042: Knox Attestation
Overview
📄️ 043: Require SafetyNet
Overview
📄️ 044: SafetyNet/ Hardware Back Key
Overview
📄️ 045: Data protection framework using App protection
Overview
📄️ 046: MAM Compliance and Conditional Access
Overview
📄️ 047: RBAC
Overview
📄️ 048: Remote actions
Overview
📄️ 049: App config settings
Overview
📄️ 050: Managed Edge Browser
Overview
📄️ 051: Mobile Threat Defense
Overview
📄️ 052: Require Threat Scan on apps
Overview
📄️ 053: Review enrolled vs unenrolled for BYOD/Corporate
Overview
📄️ 054: Review security, compliance, resource access requirements (Certs/Wi-Fi/VPN)
Overview
📄️ 055: Review provisioning strategy
Overview
📄️ 056: APNS Certificate
Overview
📄️ 057: Apple Managed Accounts
Overview
📄️ 058: FLW / Shared Devices
Overview
📄️ 059: Compliance policy
Overview
📄️ 060: Conditional access policy
Overview
📄️ 061: Enrollment Restrictions
Overview
📄️ 062: Certificates
Overview
📄️ 063: VPN
Overview
📄️ 064: Wi-Fi
Overview
📄️ 065: iOS Updates
Overview
📄️ 066: Store app deployment
Overview
📄️ 067: LoB app Deployment
Overview
📄️ 068: VPP app deployment
Overview
📄️ 069: Webapp Deployment
Overview
📄️ 070: User enrollment
Overview
📄️ 071: ABM Provisioning
Overview ##
📄️ 072: RBAC
Overview
📄️ 073: Remote actions
Overview
📄️ 074: Entra Shared Device Mode
Overview
📄️ 075: Shared iPad
Overview
📄️ 076: App config settings
Overview
📄️ 077: VPN tunnel
Overview
📄️ 078: Tunnel based VPN access for enrolled devices
Overview
📄️ 079: Mobile Threat Defense
Overview
📄️ 080: Remote Help
Overview
📄️ 081: Review enrolled vs unenrolled for BYOD/Corporate
Overview
📄️ 082: Review security, compliance, resource access requirements (Certs/Wi-Fi/VPN)
Overview
📄️ 083: Review app provisioning strategy
Overview
📄️ 084: Android Device Administrator Retirement
Overview
📄️ 085: Offboarding Devices
Overview
📄️ 086: FLW / Shared Devices
Overview
📄️ 087: Compliance policy
Overview
📄️ 088: Conditional access policy
Overview
📄️ 089: Enrollment Restrictions
Overview
📄️ 090: Certificates
Overview
📄️ 091: VPN
Overview
📄️ 092: Wi-Fi
Overview
📄️ 093: Store app deployment
Overview
📄️ 094: LoB app Deployment
Overview
📄️ 095: Web app deployment
Overview
📄️ 096: User enrollment
Overview
📄️ 097: Userless Enrollment
Overview
📄️ 098: Android Enterprise
Overview
📄️ 099: Kiosk Devices
Overview
📄️ 100: RBAC
Overview
📄️ 101: Remote actions
Overview
📄️ 103: Managed Home Screen
Overview
📄️ 104: Entra Shared Device Mode
Overview
📄️ 105: App config settings
Overview
📄️ 106: Zebra FOTA
Overview
📄️ 107: Samsung FOTA
Overview
📄️ 108: AR / VR Devices
Overview
📄️ 109: Mobile Threat Defense
Overview
📄️ 110: Tunnel based VPN access for enrolled devices
Overview
📄️ 111: AOSP
Overview
📄️ 112: Teams Devices
Overview
📄️ 113: Remote Assist
Overview
📄️ 114: Review provisioning strategy
Overview
📄️ 115: Co-management Strategy
Overview
📄️ 116: Deploy Hybrid Entra Join
Overview
📄️ 117: Deploy Entra Join Only
Overview
📄️ 118: Stop AD DJ for new workstations
Overview
📄️ 119: Autopilot User Enrollment
Overview
📄️ 120: Autopilot Pre-provisioning
Overview
📄️ 121: Migrate GPO to MDM policies
Overview
📄️ 122: GP Preferences
Overview
📄️ 123: File Shares to Cloud
Overview
📄️ 124: Apps Delivery / App Compat
Overview
📄️ 125: WSUS to WUFB
Overview
📄️ 126: Compliance Policies
Overview
📄️ 127: Device Configuration
Overview
📄️ 128: Office Apps
Overview
📄️ 129: Client Apps
Overview
📄️ 130: Windows Update
Overview
📄️ 131: MDM based policies for certs
Overview
📄️ 132: MDM based policies for Wi-Fi
Overview
📄️ 133: MDM based policies for VPN
Overview
📄️ 134: Browser
Overview
📄️ 135: VDI Strategy
Overview
📄️ 136: Enrollment Restrictions
Overview
📄️ 137: Compliance Policy
Overview
📄️ 138: Disk Encryption (Bitlocker)
Overview
📄️ 139: Security Baselines
Overview
📄️ 140: Windows LAPS
Overview
📄️ 141: Update Rings
Overview
📄️ 142: Feature Updates
Overview
📄️ 143: Quality Updates
Implementation Effort: Low
📄️ 144: Delivery Optimization
Overview
📄️ 128: Office Apps
Overview
📄️ 146: Store Apps
Overview
📄️ 147: LOB Apps via Intune
Overview
📄️ 148: WDAC / App Control
Overview
📄️ 149: WIP for Enrolled
Overview
📄️ 150: Endpoint Analytics
Overview
📄️ 151: Proactive Remediations
Overview
📄️ 152: Organizational messages
Overview
📄️ 153: Remote Assistance
Overview
📄️ 154: Unattended Remote Assistance
Overview
📄️ 155: Review logs using Azure Monitor in Microsoft Intune
Implementation Effort:
📄️ 156: WIP for Unenrolled
Overview
📄️ 157: Deploy MDM based policies for EDR/AV
Overview
📄️ 158: MDM based policies for security baselines
Overview
📄️ 159: MDM based policies for BitLocker
Overview
📄️ 160: MDM based policies for firewall
Overview
📄️ 161: Attack surface reduction
Overview
📄️ 162: Account protection
Overview
📄️ 163: Cloud PKI
Overview
📄️ 164: MAM for Edge
Overview
📄️ 165: Custom Compliance Policies
Overview
📄️ 166: EPM
Overview
📄️ 167: Remote Help
Overview
📄️ 168: Policies for Office Apps
Overview
📄️ 169: Scripts
Overview
📄️ 170: Remote Log Collection
Overview
📄️ 171: Review current management needs
Overview
📄️ 172: Evaluate macOS management with Intune + JAMF
Overview
📄️ 173: AMB provisioning
Overview
📄️ 174: Device config policies through settings catalog
Overview
📄️ 175: Deploy macOS SSO extension
Overview
📄️ 176: AV/EDR
Overview
📄️ 177: Firewall
Overview
📄️ 178: Deploy MDM based policies for EDR/AV
Overview
📄️ 179: Certificates / Wi-Fi / VPN
Overview
📄️ 180: App management
Overview
📄️ 181: Remote actions
Overview
📄️ 182: FileVault encryption
Overview
📄️ 183: Local account management
Overview
📄️ 184: Native update management
Overview
📄️ 185: Remote Assist
Overview
📄️ 186: Autopilot Device Preparation
Overview
📄️ 187: Enterprise App Management
Implementation Effort: Low
📄️ 188: Driver Updates
Overview
📄️ 189: Setup Notification and monitoring of Service Health Dashboard
Overview
📄️ MAM Overview
Implementation Effort: Medium – IT and Security Operations teams need to define app protection policies, configure supported apps, and maintain ongoing policy updates and user support.
📄️ Review Unenrolled BYOD MAM in the Context of Intune App Protection Policies
Implementation Effort: Medium – IT and Security Operations teams must configure app protection policies, define app configuration profiles, and maintain ongoing support for BYOD users.
📄️ Review Corporate Enrolled Devices in the Context of Intune App Protection Policies
Implementation Effort: Low – IT and Security Operations teams only need to apply targeted app protection policies to already-enrolled corporate devices, with minimal configuration overhead.
📄️ Review Data Protection Framework
Implementation Effort: Medium – IT and Security Operations teams must assess organizational risk levels, map users to protection tiers, and configure appropriate App Protection Policies (APP) in Intune.
📄️ Backup to Android Backup Services
Implementation Effort: Low – IT administrators only need to configure a single setting within the Android App Protection Policy in Microsoft Intune.
📄️ Backup to iCloud
Implementation Effort: Low – IT administrators only need to configure a single setting within the iOS/iPadOS App Protection Policy in Microsoft Intune.
📄️ Send Org Data to Other Apps
Implementation Effort: Low – IT administrators only need to configure a single setting within the App Protection Policy in Microsoft Intune.
📄️ Transfer Telecommunication Data
Implementation Effort: Low – IT administrators only need to configure a single setting within the App Protection Policies in Microsoft Intune for Android and iOS/iPadOS.
📄️ Tunnel for MAM
Implementation Effort: Medium – IT and Security Operations teams must deploy the Microsoft Tunnel Gateway, configure VPN profiles, and ensure apps are integrated with the Intune App SDK and Microsoft Authentication Library (MSAL).
📄️ Allow User to Save Copies to Selected Services
Implementation Effort: Low – IT administrators only need to configure this setting within the App Protection Policies for Android and iOS/iPadOS in Microsoft Intune.
📄️ Cut, Copy, Paste in App Protection Policies
Implementation Effort: Low – IT administrators only need to configure this setting within the App Protection Policies in Microsoft Intune.
📄️ Screen Capture
Implementation Effort: Low – IT administrators only need to configure a setting within the App Protection Policy or device restriction policy, depending on the platform.
📄️ Approved Keyboards (Android Only)
Implementation Effort: Low – IT administrators only need to configure the approved keyboard list within the App Protection Policies for Android in Microsoft Intune.
📄️ 3rd Party Keyboards for iOS
Implementation Effort: Low
📄️ Encryption in App Protection Policies
Implementation Effort: Low – IT administrators only need to enable encryption settings within the App Protection Policies in Microsoft Intune.
📄️ App Data Sync with Native Apps or Add-ins
Implementation Effort: Low – IT administrators only need to configure a single setting within the App Protection Policies in Microsoft Intune for Android and iOS/iPadOS.
📄️ Restrict Web Content Transfer with Other Apps
Implementation Effort: Low – IT administrators only need to configure a single setting within the App Protection Policies for iOS/iPadOS and Android in Microsoft Intune.
📄️ Org Data Notifications
Implementation Effort: Low – IT administrators only need to configure this setting within the App Protection Policies in Microsoft Intune.
📄️ PIN or Biometric
Implementation Effort: Low
📄️ Time Out
Implementation Effort: Low
📄️ PIN Reset
Implementation Effort: Low
📄️ Work or School Account
Implementation Effort: Low
📄️ Recheck Access Requirement
Implementation Effort: Low
📄️ App Condition
Implementation Effort: Low
📄️ Jailbroken/Rooted Devices
Implementation Effort: Low
📄️ Require Threat Scan on Apps
Implementation Effort: Low
📄️ Require SafetyNet
Implementation Effort: Low
📄️ Mobile Threat Defense
Implementation Effort: Medium
📄️ Knox Attestation
Implementation Effort: Low
📄️ SafetyNet / Hardware Backed Key
Implementation Effort: Low
📄️ Screen Capture and Google Assistant
Implementation Effort: Low
📄️ App Protection and Conditional Access
Implementation Effort: Low
📄️ MDM 01: Intune MDM for iOS and Android: Corporate-Owned vs BYOD Deployment Strategies
Implementation Effort: Medium
📄️ MDM_02: Device Compliance Policy in Intune for iOS and Android MDM
Implementation Effort: Medium
📄️ MDM_03: Enrollment Restrictions for MDM for iOS and Android in Intune
Implementation Effort: Low
📄️ MDM_04: Mobile Threat Defense for iOS and Android MDM in Intune
Implementation Effort: Medium
📄️ Company Portal Customization
Implementation Effort: Low – This feature only requires targeted configuration actions in Microsoft Intune, such as uploading branding assets and setting preferences.
📄️ Terms and Conditions
Implementation Effort: Low — Requires configuration policies and document upload, but does not require ongoing user management once deployed.
📄️ Windows Hotpatch & VBS
Implementation Effort: Medium — Requires IT to configure policies via Intune or Group Policy and coordinate across identity, device, and security teams.
📄️ Office Add-ins
Overview
📄️ Intune Advanced Analytics
Implementation Effort: Medium
📄️ Passwordless and Windows Hello for Business (WHfB)
Implementation Effort: Medium — Requires IT to configure policies via Intune or Group Policy and coordinate across identity, device, and security teams.
📄️ APNS Certificates
Last Updated: May 2025
📄️ Apple Business Manager / Apple School Manager
Last Updated: May 2025
📄️ Review 3rd Party Compliance API Connectors (PDM/PCM)
Last Updated: May 2025
📄️ Review Enrollment Restrictions
Last Updated: May 2025
📄️ Review Provisioning Strategy
Last Updated: May 2025
📄️ Reviewing Security, Compliance, and Resource Access Requirements
Last Updated: May 2025
📄️ Migration Tool
Last Updated: May 2025
📄️ Remote Help
Last Updated: May 2025
📄️ Scripts
Last Updated: May 2025
📄️ App Deployments
Last Updated: May 2025
📄️ Compliance Policies
Last Updated: May 2025
📄️ Conditional Access Policies
Last Updated: May 2025
📄️ Device Restrictions
Last Updated: May 2025
📄️ Managing OS Updates
Last Updated: May 2025
📄️ Resource Access (Certificates, VPN, Network Config)
Last Updated: May 2025
📄️ Single Sign-On (SSO)
Last Updated: May 2025
📄️ Await Configuration
Last Updated: May 2025
📄️ FileVault
Last Updated: May 2025
📄️ Local Account Management
Last Updated: May 2025
📄️ Enrollment Notifications
Last Updated: May 2025
📄️ Role-Based Access Control (RBAC)
Last Updated: May 2025
📄️ RMD_macos_22_Review enrolled vs unenrolled for BYOD and Corporate devices
📄️ Windows 365: Conditional Access
Implementation Effort: Medium
📄️ Windows 365: Device Identities
Implementation Effort: Medium
📄️ Windows 365: Link
Implementation Effort: Medium
📄️ Windows 365: Network Options
Implementation Effort: Medium
📄️ Windows 365: Operating System Images
Implementation Effort: Medium
📄️ Windows 365: Provisioning Options
Implementation Effort: Medium
📄️ Windows 365: Redirections
Implementation Effort: Medium
📄️ Windows 365: Regions
Implementation Effort: Low
📄️ Windows 365: Screen Capture Protection
Implementation Effort: Medium
📄️ Windows 365: Security Baselines
Implementation Effort: Medium
📄️ Windows 365: User Settings
Implementation Effort: Low
📄️ Windows 365: Watermarking
Implementation Effort: Medium