News You can Use: April 2021

Tags: Infobits, ModernEUC, Newsletter

This newsletter contains a few items of interest that have caught my eye in the Modern EUC , Modern Device Management and Workforce Transformation space in the last month or so.

Prefer to get/view the PDF version” ModernEUC-InfoBits20210420.pdf Download

This month’s highlighted items:

As organizations move to Modern Device Management, and leave behind traditional methods of deploying and managing devices, I believe is vital to also transform the way they think about cyber security. Zero Trust and Modern Device Management conversation go hand-in-hand – you cannot do one without the other.
- Zero Trust security model is not a new concept, but in my opinion, it is more important than ever. More on my blog post here Zero Trust: What is it and MDM Role
- Also check out this post on Dell Technologies Perspectives: Using a Zero-Trust Model to Secure a Distributed, Remote Workforce

BIOS and driver updates are a very big challenge facing many organizations today. In fact, so many of them do not patch anything after initial deployment, and only if the device fails, they think of applying patches. This has never been a best practice, but with the introduction of Windows 10 and Windows as a Service (Waas), the lack of a update strategy for BIOS and drivers is a big NO-NO, and it needs to be solved.
- Organizations must think of:
  - For best and most secure performance: Windows 10 assumes t BIOS and drivers are current and updated.
- Read full blog post: BIOS Device Driver Updates with MDM – Modern EUC Blog

Speaking of security, a lot of questions this past month on Windows Autopilot and the security of it.
Two related blog posts on this can be found below:
- Windows Autopilot Security Risks
- Windows Autopilot after Hardware Failure

For those of you who have not yet embraced workforce transformation and modern device management I wanted to resurface the series short videos on YouTube I did a while back, I called it the EXPLAINED Series ( there are more coming)
- Explained: Workforce Transformation ( 9 minutes)
- Windows Autopilot/Microsoft Intune Explained (High Level Overview) (10 minutes)
- Modern Device Management with Microsoft Intune (Oct 2020) (26 minutes)

Microsoft 365 is an incredible value to organizations. It not only contains not the Operating System, Productivity Tools and endpoint management tools but also, embedded by design, contains many of the security pieces needed by organizations to maintain your identity, data, applications and endpoints strongly protected and secure ( see blog on: Zero Trust Security and MDM) . To my knowledge, the level of integration and scale of this complex and flexible platform is unparalleled. Many organizations have deployed only a portion of their Microsoft 365 workloads. Now businesses, large and small, are looking at why are they paying double licenses tools to manage multifactor authentication, single sign on and of course endpoint security Read more at blog: Microsoft Defender for Endpoint – More

Dell Technologies Services CyberSecurity

Something that is not well known is that Dell Technologies Services has an incredible portfolio of service offerings around cybersecurity, from products to services. covering endpoints datacenter and networking, and tightly aligned to NIST cybersecurity framework.

More info at:

EUC Related Services

Managed Detection and Response (MDR)
Vulnerability or Compliance Assessment
Endpoint Security Baseline, Encryption
Endpoint Detection and Response
Incident Response and Recovery (IRR)
Cloud App Security
New/Remediated Asset Deployment
Virtual Security Operations Center ( vSOC )
On Prem, Cloud, and Hybrid Active Directory
Network Security (Segmenting, VPN, Firewall, IDS)
Virtual Cybersecurity Team ( vCST )
Chief InfoSecurity Officer ( vCISO
Forensic Drive Preservation, Data
Decryption/Sanitization

For a bit deeper dive into the technical side:
- MVPDays is an event for the IT community that leverages the awesome individuals who hold the “Microsoft MVP” certification to share their knowledge and insights. T ( THANK YOU Cristal and Dave Kawula !!) This year was all about Endpoint – You can find the entire event on YouTube playlist: MVPDays Online April 2021 – Endpoint Day Alternatively if you can see the entire 7+ hour event with Dave & Krista hosting you can see the video here
- A question I get often asked is: Can I move all of my GPOs over to MDM policies?
  The answer is pretty straight forward: No, but do you really need to?
  - My answer has been the same since 2019 (Check this blog post) – On April 2021, Microsoft posted a blog post updating us on :The latest in Group Policy settings parity in Mobile Device Management

More Modern Device Management resources can be found at:

Dell’s InFocus Workforce Transformation Series
Modern EUC Blog (Twitter @moderneuc)
Modern Deployment Blog by Nathan Bridges

To receive this newsletter via email, you can SUBSCRIBE HERE

Disclaimer: Opinions are my own and not the views of my employer. Information is made available for educational, recreational, marketing and informational purposes only and is provided as-is with no explicit or implied warranties. ModernEUC.com is not associated, endorsed or sponsored by Dell Technologies.

You can also check out the archive of past newsletters here

If you have any articles you want me to consider including in future blog posts just ping me on Twitter: @moderneuc with some details!