Let’s check about the latest development in Microsoft Intune supporting new security baseline for Office. Security baselines and policy management make it easier than ever to manage across thousands of settings for Office products.
Microsoft has added a lot of exciting features to the roadmap, including supporting a new security baseline for Office updates that are currently in the development and testing phase. You may expect the public preview to be announced in 2022 and the General Availability GA in May 2023.
You can manage and deploy the Office security baseline using mobile device management (MDM) settings and the Intune experiences around upgrades, comparison, and reporting.
Security baselines are groups of pre-configured settings that help you apply and enforce granular security settings recommended by the relevant security teams. You can also customize each baseline you deploy to implement only the required settings and values.
You deploy security baselines to groups of users or devices in Intune, and the settings apply to devices that run Windows 10/11. Security baselines can help you to have a secure end-to-end workflow when working with Microsoft 365.
- Intune Security Baselines Policies For Windows 10 Or Windows 11 Deployment Guide
- Deploy Windows 365 Security Baseline Policies to Cloud PCs
Microsoft Intune Support new Security Baseline for Office – Roadmap
Microsoft added the addition of security baseline for office to the roadmap starting November 2021, this feature soon to be expected in the Public preview and based on the mentioned date GA: May 2023.
|Feature||Release phase||Preview Expected (Year)|
|Security Baseline for Office||Preview||2022|
Access Security Baseline from Intune Admin Center
To manage baselines in Intune, your account must have the Policy and Profile Manager built-in role. Here’s how you can follow the steps to create security baseline policies from Intune.
- Sign in to the Microsoft Intune admin center https://endpoint.microsoft.com/ with appropriate permission.
- Navigate to the Endpoint Security node.
- Click on the Security Baselines node to see available security baseline policies in this node.
Available Security Baselines in Intune Portal
The following security baseline options are available for use with Intune. You can click on view the settings for recent instances of each baseline. You may expect the security baseline for Office to be added under the Endpoint security node.
- Security Baseline for Windows 10 and later
- Microsoft Defender for Endpoint baseline
- Microsoft Edge Baseline
- Windows 365 Security Baseline
- Office Baseline (Coming Soon)
Microsoft keeps publishing the security baseline for Office and Microsoft 365 Apps for enterprise productivity suites. IT Admins can apply baseline settings in different ways by choosing the option to download the content from the Microsoft Security Compliance Toolkit.
Microsoft Intune updates the versions of built-in Security Baselines depending on the changing needs of a typical organization. Each setting in a baseline has a default configuration for that baseline version.
You can create new profiles or update your existing profiles to the new version. Before you update the version of a profile that’s assigned to groups, test the version update on a copy of the profile so you can then validate the new baseline settings on the test group of devices.
See more details on how you can change the baseline version for a profile in the Manage security baseline profiles.
About Author – Jitesh, Microsoft MVP, has over five years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.