A new bug was discovered with Apple’s Facetime app that gives the caller the ability to listen to the other device and even watch the video without approving the call. This vulnerability is not giving access to corporate data or personal information, but have more consequences on personal level. Even though Apple temporarily kill the switch of the service and seems to have solved the problem via a future software update, there are some actions that can be made if you want to avoid trouble. You can manually turn off the Facetime app with iOS and MacOS. But, can we block this kind of app in an enterprise environment? Yes, you can block the facetime app on all devices by deploying a device configuration with Microsoft Intune. This post will show you how to block Apple facetime built-in app with Microsoft Intune. Device Configuration Note that you can deploy this … Read More
How to Strengthen Security for Intune with RBAC in SCCM
The majority of companies use SCCM to manage laptops, computers, servers and some for mobile devices, if they use Microsoft Intune in hybrid mode. In some situations, Intune and SCCM management is done by 2 different teams. Except for the Full Administrator role in SCCM, it’s possible to separate Intune with Configuration Manager infrastructure in the console by using security roles and security groups (RBAC). The goal is to ensure that an Intune administrator does not access Configuration Manager client devices and objects, as you don’t want to end up with people who may wipes or manages mobile devices when they are supposed to be only Configuration Manager admins. This post will explain how to strengthen security and separate Intune with Configuration Manager infrastructure in SCCM console. Create Devices Collection for Intune Client The first thing to do is create a device collection that targets Intune clients. There’s two ways to create … Read More