Microsoft Intune Security Checks
All security checks Aether365 performs for Microsoft Intune.
| ID | Title | Severity | Framework |
|---|---|---|---|
| AE.1053 | Intune automatic device clean-up rule is configured. | Medium | Other |
| AE.1054 | Intune built-in Device Compliance Policy marks devices with no compliance policy assigned as 'Not compliant'. | Medium | Other |
| AE.1092 | Intune APNS certificate should be valid for more than 30 days | Medium | Other |
| AE.1093 | Apple Automated Device Enrollment Tokens should be valid for more than 30 days | Medium | Other |
| AE.1094 | Apple Volume Purchase Program Tokens should be valid for more than 30 days | Medium | Other |
| AE.1095 | Android Enterprise account connection should be healthy | Medium | Other |
| AE.1096 | Ensure at least one Intune Multi Admin Approval policy is configured | Medium | Other |
| AE.1097 | Ensure all Intune Certificate Connectors are healthy and running supported versions | Medium | Other |
| AE.1098 | Mobile Threat Defense Connectors should be healthy | Medium | Other |
| AE.1099 | Windows Diagnostic Data Processing should be enabled | Medium | Other |
| AE.1100 | Intune Diagnostic Settings should include Audit Logs | Medium | Other |
| AE.1101 | Default Branding Profile should be customized | Medium | Other |
| AE.1102 | Windows Feature Update Policy Settings should not reference end of support builds | Medium | Other |
| AE.1103 | Ensure Intune RBAC groups are protected by Restricted Management Administrative Units or Role Assignable groups | Medium | Other |
| AE.1105 | Ensure MDM Authority is set to Intune | Medium | Other |
| AE.1123 | Ensure BitLocker full disk encryption is configured | Medium | Other |