Auto create intune config profiles from secure score remediations, or at least assist and make secure score remediation easy

Avatar
Ryan Clark

A really useful feature would be able to take direct action on secure score remediations. Allow the user to choose a secure score recommendation, and them NMM will surface,suggest or even assign a policy to affected customers without much effort. Some CIS templates may fix the settings, so we would just suggest applying that config profile. Or the current NMM imported policies do not remediate it, it will create a config profile for you that you can assign.  Here are some screenshots. 

 

This one has two options to remediate. We have to somehow map these microsoft secure score recommendations to something on our end because these are reegistry and group policy settings
 

 

 

This has 3 different recommendations. NMM could still save time even if it doens't actually create the policy, but if you click an action button, it would get you as far as the settings catalog to create the intune config profile, and some sort of wizard based experience to assign and remediate.

 

4

Comments (1 comment)

Sort by
0
Avatar
Dave Stephenson

Now this idea is one of those wizard-level suggestions, Ryan!

Are you thinking it would be a one-time remediation, or would you want it to be more like a remediation script where if it detects the issue on a device in the future it automatically remediates it?

If you're more along the lines of automated remediation (which is ideal), how do you get around the licensing limitations (F3, E3, E5 required for remediation scripts) of the Business Premium offering?

Or, are you thinking of making it a recurring script in NMM so it checks for that value and changes it for any device? (i.e. a scheduled Shell App)

 

Sorry, I have so many questions, but I'm curious by nature. 🤓

Please sign in to leave a comment.