Ensure devices without a compliance policy are marked 'not compliant'
Why This Matters
Without a compliance policy assignment, devices in your environment can access organizational resources without meeting your security requirements. By marking these devices as not compliant, you create an enforcement point that can restrict or block access through Conditional Access policies, reducing your attack surface from unmanaged or misconfigured devices.
What Aether365 Checks
Aether365 verifies that your Microsoft Intune configuration has the setting Mark devices with no compliance policy assigned as set to Not compliant. This check appears in the Aether365 dashboard under microsoft-365 checks and is part of the CIS Microsoft 365 Foundations Benchmark.