Microsoft have made Secure Boot a requirement for Windows 11. To avail of Secure Boot and the latest security features, devices need to be UEFI enabled. UEFI provides greater functionally to manage and secure the system boot process. Where BIOS ends at the calling of the boot loader, UEFI extends its control to include the […]
BIOS and UEFI Boot Process Comparison
Unified Extensible Firmware Interface (UEFI) is a firmware specification designed to improve and replace the older BIOS firmware standard. UEFI is a basic requirement to support the range of Windows firmware security features like TPM Secure Boot. UEFI and these security features are not all new to Windows 10. However, the features have been improved […]
Windows Autopilot – Preventing stolen devices from being reused
In the event of a Windows 10 device being lost or stolen, whats preventing someone resetting or re-imaging the device in order to have full use of the device? A managed device should be protected with all data and the company network protected. The device would be locked with a password or pin and all […]
Microsoft Endpoint Manager
The ConfigMgr and Intune management solutions are now being grouped together as a single management suite named Microsoft Endpoint Manager (MEM) including also Desktop Analytics and the Device Management Admin Center. The product licencing is also been merged whereby existing ConfigMgr client’s licences will now include Intune by co management as well as the other […]
Device Firmware Configuration Interface profiles with Windows Autopilot
Device Firmware Configuration Interface (DFCI) is a new UEFI feature available that gives the ability to easily and effectively automate the configuration of UEFI devices. This UEFI configuration would traditionally be performed as part of the device configuration or as a manual activity. DEFI allows UEFI settings to be managed remotely via Microsoft Intune. DFCI […]
Windows Autopilot – Migrating existing Windows 7 devices
Windows Autopilot is a means to automate and preconfigure Windows 10 modern managed Devices without the need for custom OS Images. This enables the customization of the Windows 10 OOBE experience, device enrollment and configuration. The standard means to enable Autopilot is part of the device procurement and factory load process, whereby the hardware OEMs […]
MSIX AppAttach
AppAttach is a development on the MSIX packaging tooling. In basic terms it’s a means to register regular MSIX apps on a device rather than physically installing them. No download or installation of the application binaries is required and the registration process is almost instantaneous. This could greatly reduce device provisioning times and enhance user […]
MSIX. Is it ready?
The industry has been touting MSIX as the replacement for the AppX and MSI packaging formats ever since its announcement in 2018. MSIX presents us with a new application packaging format for both the traditional and modern managed workplace environments. It is an improvement of the AppX format adding support for win32 apps to give […]
Windows Autopilot – Product Key ID Label
The standard means to register a device for Windows Autopilot is for the hardware OEM to register the device during the device OEM factory provisioning process, as the device is built it is automatically registered via the Windows Autopilot deployment service. This process allows for devices to be assigned an Autopilot profile and configuration before […]
Windows 10 Toast Notifications
Toast notifications are Windows 10 popup dialog boxes which provide the user with non-critical information. These notifications can be used to inform users about activity on their device. User action isn’t normally required with toast notifications but these notifications can be configured to give the user the ability initiate an action from within the notification […]