Compliance Templates
Pre-built templates for device compliance policies across all major platforms. Enforce encryption, OS versions, security settings, and health requirements.
Windows Compliance Baseline
Standard compliance requirements for Windows devices:
- Minimum OS version enforcement
- BitLocker encryption required
- Secure boot enabled
- Code integrity enabled
- TPM requirement
- Password complexity rules
macOS Compliance Baseline
Compliance policies for macOS devices:
- Minimum macOS version
- FileVault encryption
- System integrity protection
- Password requirements
- Firewall enabled
iOS/iPadOS Requirements
Mobile compliance for Apple devices:
- Minimum iOS version
- Device not jailbroken
- Passcode required
- Device encryption
- Managed email profile
Android Enterprise Rules
Compliance policies for Android managed devices:
- Minimum Android version
- Device not rooted
- Google Play Services required
- Screen lock required
- Encryption required
Conditional Access Templates
Require MFA for All Users
Foundation identity protection requiring multi-factor authentication for all sign-ins.
Block Legacy Authentication
Prevent sign-ins using legacy authentication protocols that do not support MFA.
Require Compliant Devices
Only allow access from devices that meet compliance policy requirements.
Location-Based Access
Restrict access based on named locations and IP ranges.
Security Baseline Templates
Zero Trust Starter Kit
Foundation Conditional Access policies implementing Zero Trust principles. Requires MFA, blocks legacy auth, enforces device compliance.
Includes:
- CA: Require MFA for all users
- CA: Block legacy authentication
- CA: Require compliant device
- CA: Require app protection
Windows Endpoint Security
Comprehensive Windows security settings including BitLocker, Defender, firewall, and exploit protection.
Includes:
- BitLocker encryption
- Windows Defender AV
- Firewall rules
- Attack surface reduction