I did a presentation at Techdays Sweden on security features in M365. I still get the question many times on what the benefits of Co-Management is that is why this post is written. There are many great features we can use when using Intune / Co-Management for managing our Windows 10 devices. Now that Microsoft Endpoint Manager is announced I hope many more will move to Co-Management.
One is to be able to wipe a device if it is stolen or lost for example. More and more laptops have built-in WWAN and then they are connected, and we can wipe them. Which I had a customer that had a need of last week, but they aren’t using Co-Management so, sorry… 🙁
Another one which really few have tested and know how it works is the
possibility to wipe a Windows 10 device after x number of unsuccessful logins.
It will not actually wipe the device it will reboot the computer and set it in
Bitlocker Recovery mode. Awesome really.
If BitLocker is not used it will only reboot the machine, basically useless.
And for everyone that is using BitLocker without PIN this is a great feature.
Here is a short video on how it looks for the end user, in this video I have the above configuration set to 5 attempts.
There are many reasons to start with Co-Management and Intune Modern management. If you haven’t already test it out!
Nice article, wherre do I find this device lock settings? I have search all over Intune 🙂
Hi, so in other words – since “how to hack bitlocker” is a quick google – using this form of “security” is no security because the device is not wiped, hardly protected?!?!?