DougSBaker

In this video, I’ll walk you through how to manage Chrome browsers using Google Chrome Enterprise. 🚀

After making a video on managing Edge, the top question I got was: “What about Chrome?” — so here it is. I’ll show you how to set up Chrome Enterprise, enroll browsers, and start pushing out policies to your users.

You’ll learn how to:
✅ Sign up for a free Chrome Enterprise account
✅ Enroll Chrome browsers with an enrollment token
✅ Deploy Chrome management via Intune (or GPO/other tools)
✅ Enable reporting to see extensions, apps, and user activity
✅ Control and block browser extensions, while force-installing approved ones
✅ Integrate with Azure AD/Entra for single sign-on

Chrome Enterprise makes it possible to take real control over Chrome in your environment — extensions, security settings, reporting, and more.

🔔 Subscribe to Doug Does Tech for more quick wins in Microsoft 365, Intune, and Defender.
👍 Like this video if it helped you get started with Chrome management.
💬 Drop a comment with your questions or tips for managing Chrome in the enterprise.

#ChromeEnterprise #Intune #DougDoesTech #BrowserManagement

https://chromeenterprise.google/products/chrome-enterprise-core/

Welcome to Defender Tacticals, a new video series on Doug Does Tech! 🎯

The goal of this series is simple:
👉 Show you how to get a quick win in Microsoft Defender.
👉 Provide short, actionable demos for common security tasks.
👉 Build a reference library for you and your team to handle emergencies faster.

In these bite-sized episodes, I’ll walk through things like:

Quarantining a phishing email 📨

Isolating a compromised device 💻

Running an antivirus scan 🔍

Investigating threats with Defender tools 🔒

⚡ Speed matters when responding to incidents — this series is here to help you take action quickly. Whether you’re onboarding a new team member or just need a refresher, you’ll have a library of Defender quick wins at your fingertips.

In this episode of Defender Tactical, I walk you through how to isolate a compromised device in Microsoft Defender for Endpoint—right in the middle of an investigation.

When threats strike, every second counts. Isolating a device can help you:

🔒 Stop lateral movement in its tracks

⏳ Buy time to investigate safely

🛠️ Prevent the spread of malware to other endpoints

In this quick tutorial, you’ll learn:
✅ How to isolate a device from the Microsoft 365 Defender portal
✅ What the end-user sees when isolation is triggered
✅ How to un-isolate once remediation is complete
✅ What to do if Defender can’t release a device from isolation (and how to fix it)

If you’re managing incidents and want to be confident in your containment tactics, this video is for you.

🔗 Subscribe for more Defender Tactical videos
👍 Like the video if it helped
💬 Drop a comment if you have questions or use this in your own investigations!

🚨 In this Defender Tactical video, I’ll show you how to quickly find and remove a phishing or malicious email from all mailboxes in Microsoft 365 using the Defender portal. Whether it’s an urgent security incident or just an inappropriate message that slipped through, this step-by-step guide walks you through:

✅ Using Threat Explorer to locate suspicious emails
✅ Filtering by recipient, sender, or URL indicators
✅ Taking action to quarantine or delete emails across multiple users
✅ Submitting samples to Microsoft and creating blocks
✅ Assigning the right roles and permissions so you can take action in your environment

This is a critical skill for IT admins and security teams—removing malicious messages quickly helps protect your organization and stop phishing campaigns before they spread.

🔔 Subscribe for more Defender Tactical quick wins on Microsoft Defender, Purview, Intune, and Microsoft 365 security.
👍 Like this video if it helped you.
💬 Drop a comment with other scenarios you want to see covered!

#MicrosoftDefender #DefenderTactical #Microsoft365 #Security #Phishing

In this quick episode of Defender Tactical, I walk you through how to manually kick off an antivirus scan on a device in Microsoft Defender for Endpoint.

Whether you’re responding to an alert, checking a suspicious machine, or just want to keep things clean and compliant—I’ll show you:

✅ How to launch a Quick Scan from an incident or device page
🔍 Where to review scan results in the Device Timeline
🧠 How to verify last scan status and health
💡 Pro tips for managing endpoint scans during investigations

If you’re managing endpoints in Defender and want to keep your response playbook sharp, this one’s for you.

📺 Watch now and tighten up your AV response workflow!
👍 Like, 🔁 share, and ✅ subscribe if you want more Defender Tacticals.

#MicrosoftDefender #DefenderForEndpoint #AVScan #IncidentResponse #Cybersecurity #EndpointSecurity #Intune #DefenderTactical

Tired of rogue extensions, unsecured browsers, or users syncing home profiles into your corporate environment? In this video, I walk you through Microsoft’s new Edge Management capabilities and show how to lock down browsers across your org—without driving your users crazy.

We cover:
✅ Blocking risky browser extensions (with allow lists & user requests)
✅ Branding Edge for your org (name, color, logo)
✅ Setting default search engines (yes, even Google 😉)
✅ Deploying cloud-based Edge policies with or without Intune
✅ Using Defender for Endpoint to audit and approve browser extensions
✅ Enforcing password and SmartScreen protections
✅ Blocking other browsers like Chrome or Brave with WDAC
✅ Tips for avoiding policy conflicts and rollout issues

🔐 Whether you’re supporting BYOD, deploying Intune, or just want to sleep better knowing your browsers are secure—this guide gives you the policy blueprint to take back control.

💬 Got better policies? Share them in the comments!
👍 Like & Subscribe for more Microsoft 365, Intune, and security tips.

Managing Conditional Access (CA) policies can get messy fast — I’ve been there.
After years of struggling to keep track of all the rules, gaps, and exceptions, I built a PowerShell tool to help export, review, and analyze CA policies more easily.

In this video, I’ll walk you through:
– Exporting your Conditional Access policies
– Automatically checking for common risks (legacy auth, missing MFA, conflicting includes/excludes, etc.)
– Finding hidden gaps that could leave you exposed
– Quick links back to policies for easy clean-up
– Helpful tips and real-world things I look for when auditing environments

The tool is free and available on my GitHub here: [https://github.com/dougsbaker/CA-Export/blob/main/Export-CAPolicyWithRecs.ps1

Hope it helps!
#ConditionalAccess #AzureAD #PowerShell #Microsoft365 #IdentitySecurity

Do you need to design a Device Control Policy to block all but a few select USBs from being written to or read from? If that is you, this is the video to help!

I recently needed to create a policy to manage USBs. We wanted to block people from writing to USBs unless the devices were in our approved list. In this video, I’ll show you how to build out USB device controls using Intune and Defender for Endpoint.

We’ll start by discussing the need for such policies and then dive into the step-by-step process of designing and implementing them. You’ll learn how to:

– Create policies to control which USB devices can be plugged in and used in your environment.
– Block the ability to write to any USB devices except for those on your approved list.
– Configure policies to deny removable storage devices, CD-ROMs, and other specific device types.
– Use reusable device settings to streamline policy creation and management.
– By the end of this video, you’ll have a comprehensive understanding of how to manage USB device access in your organization, ensuring that only approved devices can be used. If you find this video helpful, please let me know in the comments!

Let’s hop into it and design some USB device control policies!

K Q L
DeviceEvents
| extend parsed=parse_json(AdditionalFields)
| extend MediaClass = tostring(parsed.ClassName)
| extend MediaDeviceId = tostring(parsed.DeviceId)
| extend MediaDescription = tostring(parsed.DeviceDescription)
| extend MediaSerialNumber = tostring(parsed.SerialNumber)
| extend DeviceInstanceId = tostring(parsed.DeviceInstanceId)
| extend DriverName = tostring(parsed.DriverName)
| extend ClassGUID = tostring(parsed.ClassGuid)
| where ActionType contains “PnPDeviceBlocked”
| project Timestamp, ActionType, DeviceInstanceId, DriverName, ClassGUID
| order by Timestamp desc

L I N K S
https://learn.microsoft.com/en-us/defender-endpoint/device-control-overview
https://learn.microsoft.com/en-us/defender-endpoint/device-control-deploy-manage-intune#defining-settings-with-oma-uri

In this video, I am deploying Microsoft Defender for Identity (MDI), one of my favorite security products from Microsoft. MDI is a powerful tool designed to secure on-premises Active Directory environments by detecting and responding to advanced threats. It helps protect user identities and provides insights into suspicious activities, making it an essential component of any robust security strategy.

In this video, I am going to be deploying Microsoft Defender for Identity into a new environment. MSFT just released a new PowerShell modules to help us deploy Defender for Identity. I’ll walk you through what Defender for Identity is, how to install it, and provide guidance on securing your on-premises Active Directory environment. Whether you’re new to Defender for Identity or looking for the latest deployment techniques, this video has got you covered. Stick around for a comprehensive guide and feel free to jump to the installation section if you’re already familiar with the basics. Let’s get started!

0:00 – Introduction
1:00 – What is Microsoft Defender for Identity?
3:00 – Importance of Securing On-Premises Active Directory
5:00 – Key Features of Defender for Identity
8:00 – Installation Prerequisites
10:00 – Running the Sizing Tool
12:00 – Setting Up the Service Account
15:00 – Configuring Group Managed Service Accounts
18:00 – Enabling Advanced Auditing
20:00 – Installing the Sensor Package
23:00 – Post-Installation Configuration
25:00 – Setting Up Sensitive Accounts and Honey Tokens
28:00 – Reviewing Security Alerts and Recommendations
30:00 – Conclusion and Final Thoughts

Welcome to my channel! In this video, I will walk you through the process of rebuilding my home lab environment using Hyper-V. We’ll cover everything from setting up the server, installing Windows Server 2022, configuring the network, setting up a Domain Controller, and configuring DHCP and DNS. Whether you’re setting up your own lab or just curious about the process, this video has got you covered. Let’s dive in!

Links:
https://labgopher.com/
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2022

Time Stamps:
00:00:00 – Introduction
00:00:39 – Overview of the Lab Setup
00:05:09 – Setting Up the Hyper-V Host
00:12:20 – Setting Up your Domain Controller
00:16:18 – Creating the Domain Forest
00:18:20 – DHCP and DNS Setup