Intune – New security focused policies available in preview

As you know, Intune/Endpoint Configuration Manager allows you to define policies to managed devices configuration and security settings.

Until now, all these configuration settings were available only using the Devices\Configuration Profiles and some of these settings were associated with profile type not always directly related to security.

To help you and your security teams to setup your devices security configuration (antivirus, firewall, disk encryption…), new security focused policies have been made available.

NOTE if you already have some security settings in place using the Configuration Profiles, they are not reported back here

To start using these new security focused policies, logon to your Endpoint Configuration Manager portal ( and access the Endpoint Security blade


There you will see the new policies options under the Manage section, allowing you configure antivirus, firewall, disk encryption, attack surface reduction or account protection options

These options are applicable to Windows 10 (and Windows Defender) or MacOS devices.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies