Microsoft have introduced security baselines for Windows 10 devices enrolled into Intune, currently in preview.

Developing Intune security policies are important for the security of devices in a corporate environment, however creating policies that protect from the widest range of security threats possible can be a difficult challenge – with realising new threats and updating policies even more so.

Fortunately, with the introduction of the new security baseslnes features, administrators are now able to review, customise and deploy Microsoft’s recommended security baseline policies within the Intune portal. The recommendations from Microsoft are kept up to date on an on-going basis by Microsoft’s security teams and the service is able to compare your existing policies or previously deployed baselines with Microsoft’s latest recommendations, providing any feedback on what should be changed.

The Microsoft documentation for security baselines can be found here: https://docs.microsoft.com/en-gb/intune/security-baselines

Security baselines are currently in preview but are sure to help organisations maintain the security of devices more autonimously. Of particular interest to the Public Sector, Microsoft will be releasing additional baselnes aligned to government recommendations in the future, in the UK these policies are provided the National Cyber Security Centre (NCSC) but currently require manual creation or import using the Intune Graph API.