Let’s check the options to download Intune CIS Benchmark for Windows 10. CIS benchmarks are produced and maintained by the Center for Internet Security (a.k.a CIS). They have developed CIS Benchmarks for more than 100 configuration guidelines across 25+ vendor product families.
I have seen most of the security teams are happy to implement CIS benchmarks. The security community widely accepts the CIS benchmark. The CIS helps to safeguard systems against today’s evolving cyber threats. Windows 10 group policy-related CIS benchmark configurations are available for many years.
I have seen many organizations are moving to modern management using Intune. Until recently, there was NO CIS benchmark released for Intune managed Windows devices. Recently, Mark Thomas kindly shared the details about Intune CIS Benchmark for Windows 10.
Create Security policies using Intune
Let’s first understand what the options to create security policies using Intune are. You have many options to create Windows security policies using Intune. It’s important to understand the best option(s) to build security policies using Intune.
The following are the best approach as per Microsoft’s recommendation. Also, Microsoft enabled over 1400 new mobile device management (MDM) policies with the latest version of Windows (coming soon version) announced by Mike Danoski.
- Settings Catalog – The best option to create security policies using Intune.
- Security Baseline – the Microsoft product group recommended security policies (easiest way to deploy security policies).
- Administrative Templates – Settings catalog has administrative templates as well. So better to use the Settings catalog wherever possible. Isn’t it?
- Device Restriction/Custom policies – Use this security setting if the security settings you are looking for are not available in any other types of options mentioned above.
I have presented Intune modern management security policies session at India Cloud Security Summit 2021 (ICSS). You can watch the video below to get more details below.
Intune CIS Benchmark for Windows 10
Recently CIS released the latest version (1.0.1) of Intune CIS benchmark for Windows 10. This is the CIS benchmark for Azure AD, and Hybrid Azure AD joined Intune managed Windows 10 devices. You can download the Intune CIS benchmark for free now.
This latest CIS Benchmarks for Microsoft Intune for Windows 10 is for version 2004. I do think there should be an update to this CIS benchmark version soon. Microsoft has released the latest version of Windows 10 21H2 and Windows 11 in insider preview.
I hope CIS will release Windows 11 security benchmark as well when it’s released in production. As per CIS, there are over 12,000 professionals in the CIS Benchmarks communities. This community does great work to create CIS Benchmark recommendations wide accepted by the security community.
NOTE! – You have an option to download the CIS benchmark for Windows 10 domain-joined PCs.
Free Intune Training
HTMD Community provided 63 Episodes of free Intune Training for IT Administrators. You can get more details about free Intune training from 63 Episodes Of Free Intune Training For Device Management Admins HTMD Blog (anoopcnair.com).
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with over 17 years of experience (calculation done in 2018). He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…..…