Replies: 2 comments 1 reply
-
|
Hey @RainerZuf This is a tricky one with no great answer. How I've always handled "custom" or customer-specific policies is by maintaining an (unassigned) OIB profile, and either duplicating and amending it and calling it As far as alignment with CIS, as I'm working very closely with them on their benchmarks, I started to keep a comparison with their Intune benchmark as well as rationale as to why I don't include certain things here. This was done against the OIB v3.5 and v3.0.1 of the CIS Intune Benchmark. I still need to update it for v3.6 and v4 of CIS. I try and keep a very clear changelog of every policy change, but the reality is, documenting and keeping pace with the change is really hard. I'm always open to suggestions on how I can (feasibly) improve this though. |
Beta Was this translation helpful? Give feedback.
-
|
Hi James, Hat off to you, for keeping track of all of that! Anyway, if something comes your way, please let me know. Thanks again! |
Beta Was this translation helpful? Give feedback.
-
|
How do you handle exclusion from policies for part of the organization? Like Engineering maybe need more relaxed policies. Similar with prefixes? |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi James,
first of all, many thanks for your hard work.
We are using your templates in our environment and are pretty happy.
We are facing the challenge to somehow have an overview of all policies set and then track all changes coming up (through internal requests). In addition, we have to compare them against the latest CIS benchmarks provided to us. There are more ideas like exports, queries and change history of a single policy.
So, the overall question is: Do you have a tool that holds all the policies, their setting and changes? How do you track them?
Many thanks
Rainer
Beta Was this translation helpful? Give feedback.
All reactions