Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy

Hello All – In this post, we will see a quick over of how to create an Intune compliance policy for Windows 10 devices. Also, we shall discuss the options of creating a custom Intune compliance policy.

Create Intune Compliance Policy for Windows 10 Devices

Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 1
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 11
  • Click on policies – Create Policy
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 2
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 12
  • Platform – Windows 10 or Later
  • Click NEXT
Intune Compliance Policy for Windows 10
Intune Compliance Policy for Windows 10
  • Enter Name and Description
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 3
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 13

Main Logic User Intune Compliance Policy for Windows 10

Device Health

  • Device Health
    • Windows Health Attestation Service evaluation rules Require BitLocker
      • Require
      • Not configured
    • Require Secure Boot to be enabled on the device
      • Require
      • Not configured
    • Require code integrity

Operating System Version

  • Operating System Version
    • Minimum OS version
    • Maximum OS version
    • Minimum OS version for mobile devices
    • Maximum OS version for mobile devices
    • The valid operating system builds
  • Configuration Manager Compliance
    • Require device compliance from Configuration Manager
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 4
Create an Intune Compliance Policy for Windows 10 Devices Possible to Create Custom Intune Compliance Policy 14

System Security

  • Password Require a password to unlock mobile devices.
    • Require
    • Not configured
  • Simple passwords
    • Block
    • Not configured
  • Minimum password length
  • Password expiration (days)
  • Number of previous passwords to prevent reuse
  • Require a password when the device returns from the idle state (Mobile and Holographic)
    • Require
    • Not configured
  • Encryption of data storage on the device.
    • Require
    • Not configured
  • Device Security Firewall
    • Require
    • Not configured
  • Trusted Platform Module (TPM)
    • Require
    • Not configured
  • Antivirus
    • Require
    • Not configured
  • Antispyware
    • Require
    • Not configured
  • Defender Microsoft Defender Antimalware
    • Require
    • Not configured
  • Microsoft Defender Antimalware minimum version
  • Microsoft Defender Antimalware security intelligence up-to-date
    • Require
    • Not configured
  • Real-time protection
    • Require
    • Not configured
Select the required policies and click on NEXT button - Intune Compliance Policy for Windows 10
Select the required policies and click on NEXT button – Intune Compliance Policy for Windows 10

Actions of Noncompliance Policy

  • Actions for noncompliance
    • Mark device noncompliance
      • Retire the noncompliance
      • Immideitly after 30 days
    • The value must be at least 0. The value must be at most 365. The value must not be empty. The minimum number of days for retire action in 30 days (Intune Compliance Policy for Windows 10)
Actions for noncompliance devices - Intune Compliance Policy for Windows 10
Actions for noncompliance devices – Intune Compliance Policy for Windows 10

Scope Tags

  • Select Scope Tags –
  • Click NEXT to continue
+ Select Scope Tags - Intune Compliance Policy for Windows 10
+ Select Scope Tags – Intune Compliance Policy for Windows 10

Assignments – Target

  • Select AAD User Groups to deploy compliance policies
  • Click on NEXT
Assignment - Intune Compliance Policy for Windows 10
Assignment – Select Azure AD User Group – Intune Compliance Policy for Windows 10

Create

  • Click on Create to complete Intune Compliance Policy for Win 10
Create Compliance policy
Create Compliance policy

Custom Compliance Policy

We recently got a question in the HTMD Community forum third-part compliance check is possible with Intune or not. More details – https://forum.howtomanagedevices.com/endpointmanager/intune/third-party-compliance-check/

Resources

Leave a Comment