1

We have a cloud-only setup using Azure AD + Intune to manage our organisation's windows devices, since all are remote workers/work from home.

I'm looking to remove the possibility for users to receive remote connections from anyone other than our IT team. Perhaps an unusual one, but in our small non-profit scenario its somewhat likely that users may consult their own local computer shops/IT support services to solve queries on their org devices. Obviously, this has the potential to be a security and data protection nightmare.

Is there any way of preventing users on Intune PCs from receiving any kind of remote support from anyone that isn't our IT team (teamviewer,etc)? It seems this could be kinda hard when we don't have the benefit of a domain group policy.

TMann
  • 13
  • 2

1 Answers1

0

Group Policy is not required to implement application white listing. In particular, Microsoft Defender Application Control or AppLocker have several ways to deploy including Intune.

Will be a bit of a project to implement. Especially if users are empowered to install things themselves. Or if you want to block legit TeamViewer that is not malware by the heuristics. But should be a very effective control at enforcing don't run this policy.

Naturally, the attacker technique of remote access tools and the mitigation of execution prevention have been around for a while.

John Mahowald
  • 30,009
  • 1
  • 17
  • 32