Previously, we talked about the new release of Windows 365 and how to deploy it by default. Today, we’re sharing how you can get creative. You can create your own custom Windows 365 deployments by utilizing Azure VM generation 1 and generation 2 images. It might sound daunting, but we’ve broken everything down for you.
The IT world is moving ever further into the cloud. Microsoft recently released Windows 365, which is supposed to be a simplified version of Azure Virtual Desktop. It’s marketed as “your PC in the Cloud,” which is mostly operable from Microsoft Endpoint Manager. There are many exciting things to expect from this launch, so you better get into it.
Usually, when deployed, Azure VMs don’t have BitLocker (a volume encryption feature) enabled. This may contradict your corporate security policy. To address that, you can use Azure Disk Encryption to encrypt Windows or Linux Azure VMs with BitLocker or DM-Crypt. However, to complete the process, you will need a secret and a key.
The Start VM on Connect feature for Azure Virtual Desktop is finally available for general use. It allows you to start Azure Virtual Desktop hosts specifically when the user connects to them. Using this new feature together with auto-shutdown will enable you to save Azure costs by not powering up Azure Desktop VMs when nobody’s using them.
Managing and ensuring the compliance of departments in your tenant is important to cybersecurity and smooth workflow. This is especially relevant for medium and large deployments. Combining Azure resources into groups and using Role-Based Access Management (RBAC) will reduce threats and increase work efficacy. Azure Policy can help enhance those processes further.
You can increase your Azure Portal Security by configuring Conditional Access, an Azure Active Directory (AD) Premium P1 feature, to enforce multi-factor authentication. The feature collects various signals from user IP location to group membership, allows you to see them in real-time, and decide whether to allow or deny application access to AD or allow limited access.
Azure Automation Update Management is primarily used for orchestrating Windows Server and Linux updates. But it can also be configured to add target machines or machine groups for updating automatically, using a registry key. One less headache! Otherwise, you’d have to add machines or machines to groups manually.
The new feature relies on Windows Server (WS) Azure Edition VM, which is a new type of WS Image. Hotpatching is now available in preview in all Azure regions. It allows establishing two types of baselines that will enable hotpatching without rebooting the WS Azure VM, which really invests in the smoothness of the experience.
Microsoft Azure offers its services on a pay-as-you-go basis. This means that your expenditure depends on the cloud resources used. You’ll want to keep them as close to an application’s needs as possible. Otherwise, you’ll either experience slowdown or unreasonable costs. Thankfully, you can alter your VM disk size and performance on the fly.
Among many good things, remote work creates new challenges for business cybersecurity. Regardless of whether the user uses VPN, having additional security measures can never hurt. Microsoft Defender for Endpoint introduces additional layers where you can also set web content filters to avoid your employees creating unwanted cyber threats.
