From 32f7faba5f4f0bfc9cfa1e7025ff4b19aadb1ca4 Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 08:26:05 -0700 Subject: [PATCH 1/8] Adding note about June service update release --- .../create-edp-policy-using-intune.md | 3 +++ .../images/edp-intune-app-reconfig-warning.png | Bin 0 -> 11214 bytes 2 files changed, 3 insertions(+) create mode 100644 windows/keep-secure/images/edp-intune-app-reconfig-warning.png diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index c5d390ea1c..f9914ecff8 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -19,6 +19,9 @@ author: eross-msft Microsoft Intune helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. +## Important note about the June service release +We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processess. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service release. This means that when you implement the June service release in your test environment, your existing Windows 10 enterprsie data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make a backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. After you implement the June service release and open an existing enterprise data protection policy, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Please note that if you exit the Policy UI before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be pushed to your employees with an empty app rules list. + ## Add an EDP policy After you’ve installed and set up Intune for your organization, you must create an EDP-specific policy. diff --git a/windows/keep-secure/images/edp-intune-app-reconfig-warning.png b/windows/keep-secure/images/edp-intune-app-reconfig-warning.png new file mode 100644 index 0000000000000000000000000000000000000000..af36a7cc4ed67802ef1198f4db038098b9c5e0a4 GIT binary patch literal 11214 zcmb_?by!sIw=XCHN-9W*fQpoqFhfgsiL`VN3^6DvEe(nwISidcceiv7HFS4}bPaGu z&+mEe_dMtK+;i`9?;ktfz4u!0T5GSp-nG{LgnW1}L-6R?BMb}-0y$YpRSb-Kuh8cM zxcAWe(81e6^a0aBRYn}6XyEx4dVpmirX+@eQ5ueiGJb#_Kl~)C?SO$n*!E|`?6S)- zLtmtDl=|qXW(RU~F}63y_+$)*II=^`9bW+1-?H=D0KDE~V6ceDNs6g|G1yDOt1*{y z+OR|N-29f}5?GN`>Qro!TQ*ZPxsYxi9>gh4!bx*_Li{smT6FN26upspv}Oo4$*RDG zCAObeZzzK(uIE^Am^>13t%OzgwB!M(JrM4S_3T-lyB$cQFi#_&=6V)ceJ;E)?{M3E zaOX5pq+e+@mN#9w&woDa&WM)wEBj=FYdMP$syl-iON@B5?kDI4u5T(~0PwyTF_sfk zCMB-#iyVoU2vK6JAK$&4_cS)1d!vGg_#5z&+?Q89c^9HXWyRxtUf@0>_uQ{pVZZ!! zO2 z?&6{fZ=n9JwYW(5B&jDj^ZiJ_lJy|}W~$%#eDpYxs`W$x1FdGkM<+FBJT#Ygr%Muq z-m4?uX;CLZG^i7tnXz$z^4u8_dBlyGwq;JF%BL?blffsej-(75Y$M5VT=LLma3&xd&uMF~&6TZ`$U@w(Vm6YgHq7j#L!Tu{Ea z&7+Gt(=n?}0!DdX4&oH?TPT17m34avtTl^cff){RBcYw?3N#(zJMpzVXC<+I!Uyd7 zvNz4~OODHXak^ZRkaC&$mvmgOD)FfcXWaPAp5gjpGsxec8AzBuYHD-e++hh9xZ}7T zY5M9~mG_2S(R-_S(DQs)u20gewh$PVSmH>Quriid{)Vy})>lmAVXETj8+8OyRa1Q8 znpHHF0L;*}5_FFSIbx6HX321%oxey5yqKNBw?#`d+ZyghkB$K*ZP5cflosDVB zSUtsp$cYs|{Paxz{uTXg4gHb?FRrf;-L)JvWd=2US=4Pl%LV8K9_pb2IFe7#{32sR zy6xS;oit@0y~x@g9LpeZ=Qo?9TGoxzcS?Ye8T8kBKS~Y|C8Kv1uLaz)n@8cKxSewz z-NaRT-oAE4duYEP=Z&G5uL-p#t(*%`gn zHN1UeIDfp7QXsq=?EU5VfT0m>@iCyO^6H9aVdVWfX2b^=p>_|`6&;2E;x*zVcdwoz z0BAG_k$X6+pD3rNG1E&;XZo;S2vAB{0^Z>VFX$aBbMhyl$ZpxTwJ{^-va{WzP z?6onxk$7ZLfFu-Jj=V$Fh0{9wj}FZ>3tT9(4+@lZ+xLMxpVt#WJ4j%MhJD#!1~8lr z$%3JkfFiu-?g4P)Q;pT?|1`?#NuS1A0uUO(57}2$$bHbU_tdwEov>GB4b^|*7;gLo7kE9|w8*22 zwyG$f(6bN0SS(Ap7|1^DICY*qZ{DP`5HMg+dsLKP zq$vIRZ$uWOe)LzE?GLg5^h^5?WDf=b&{2H|lO6H<;0gK+WBLIY8v{c$=mi2j*d)%R zL?5Vqf%h>mQYC(Z&;v)@5q$JIKqwZEi6(q0`-fft>whBZ9vV@+85J69w9w?e6|3C4 zQy;X+7ux4RbBZvs1jF5aAM6Mc78PHPZSP0zblEw{VgF$%{rzPotZrKWz%6sy!^(5c zZd9uwwQ1>m2Zue!MQ90v7K`F#UPk(da}oS0+q%LH%x-<&V&B-SB~kIAGaM$W`f1UV@>a{^g)}eC?Iiwjkq9wzq*+ zy`CCcHM*8x$o?o7jq@Z8{hKnkwvnHpagIWWQ0lbX=SHf9w2&#jJx$BY*ZNBAyjedy z@OGb4*|I9B&oGqE&WU356Ky_xTazD_M$R%;b)Zq*w6^7RE%df=H5o67=4K$$qR2z) zbj5U=`mVT$CF%!jk#65)m#{G;`5sS~;(Mifg-jR^+R#R#LnKC@w5Zh%YMSfL3$iC} zMv@jjy7l|udGFEVeKh0)4|Bj%wDj);$LOFFg0v2D@IGLfKOi)Zil(NbC`;B=g>LovirE%nH+b~fB3!1%UaI!w7Fpa z_QUB#xLzcsUVK{JiBp>%M$mg`e+SS{E8pmKnyu|8tt4YFP0)tv*n0Tb#Ld}$9~5$Z zHX=cU3tq=NFg$5Lj~&-)D5*PKm>@FHJ8&Cu+VNM7XVxO5%!IN3)hkXd8O=oHU|!`0 zNib$>SIoH?RAB zGIL)lSeeY-47X?MWt$Y4S@2e_oYvZsmQI!_Q`uYYM$Y%|vs^o3sIs$bGWvP@9oKO! zUn%3x3DX8lA$j<@49S7@k2>&^WEix|%pP@;DD7$-TQ9WR8^5Rzqj6_3JhU0Zh%2rU z+A9*sa9dBaI^Mnt)KXzzQY=4eX4R_+r*vD8BH8dZGt8@~j@1;oQXY#fu7@NU(Oj=m z65=EVS+6pcGOCY$9SqpKK90I&D&2^nd9?%a{0O;?cq8m~(i58!Q>Bz+%s3`$FE1Sg zb~ciV@!Cf=6(1XS;=cYM>Ikf91iBP;s=c>4Lox(q0Bx_Ifs#PW8Vci34nHcY>{Bz- zCw+(JRlKcLJ>%qGhrd=;w&**3y`NJR%oy#?R>`d{aD$1y2l_DxHnRo**e?Zy%3&!nhn&$$ z{w2~NOA@W#B^o7*PTYQ38y}gpM?%!%GrQSJgfb!aQH1Ns*|61-)S2_MmvE^0do3k7 zWN2h9!7q=XzfxhC!?tr%#zaK2o7S~X2YVAyVH>EUW5(q2Ps`>U$rtq^MBvVb@!HeE zF^Pp-7h4wwolfDi_}vSpal)phO&a>=cH4r=1unA-h`}Mr zE?SYZo|hUP)7S4DFGg7s>4vq=BZ!h$zr?>p0I5G-8tXjIak)2i|6xZtpU(^y$}#?G z`wA@&>HXxOux>iK{ii>MeyR6FELoCIlgf^BHaT+e;!Q;}1yX;#Bs{oeNA?4B^RI;s z^$%aU!O|Ui7{m2XiVf?G4%0(!yscYY211ejPdRcR7meGc)_MBj^{lehqL1f znM@P1$bcR92h!c2vbArh^h65>#$$imp~8vmU499{d4s&JVMN_n3Q%XmfP|jv()%ID z{E28^nZ{vT14&EZ-nsurUnQjT22k0%5N;X{#N{zObLwIj* zeGj~O}$93P>u^bHY)YGNjuPuQnfpZx+xf6V?BqL&D% z4Tl*#mSv_4fg_b4ZDlLH=lm-I_k;4U-uxpKm{0nq%zuS~aaX3}Z)Y)#ZhuiVMgi3( zG%Alnwv&~|cpKy`9*>hN>r~v?v45;GTmCh%?{K-14wT3%o-A%!BRG{C1xTYJlN|?bmGOFWG8-or~y1UDD;#>Z!|OoTTTJ8YRhMt`OB<)l2J=JhX`4OZ?UsO$YpOkAF#3Tb_ zcqIK+H&pw_Hy#{-PV^7tt^JDqSR~^N#kWy=N4fcJS=|LS+M`MgBLj*0>BSA?MNb!pTg(?WaXMHTZ#ycDf!U^-FHA?xNSr^Au$jrA*mpG{9PA5%p30jdc(89Lo*ZCe{ec>GdSFEp%L2~wcF-XGE5=|6ZNyI+<^Fvy+a?{!h; z=91mKW|L_t>>L!5N$jGZp2CCi)ip?oYcCs?=Vj*UG?Ox_6+nAUKBb(*=Ds)kF=%ge4Fjk%B~Agx{#x3>02@d456I-F zc<0s~8IEd^HeD)Hu5IWx#or)KwD>-h=SdMNT!}`wTaL-T| zwV9=mD_uRzB_b+Oce7|^jZ}Vvri;sP{0V}%={vO@(C5CIDC&a>9X4j^HrG0K5g}+1 ziu>z%MegQKgOm_-(u;BIPdL&~P+U|rS=^Nm6N>Rf+JK$*?9@fB{i)EY=&yHaen5w= zr7@>w?Ls>M;%DXdIwD6Q|5n{XPfPgD4sCt#46WK^WU$vxSN;1 zV(bG2Rr6r=(}u%18>q5fsTs0=*H@p@OauD5mhDb!Y|B0NrYleET-5eA54U!PH+xP- zS3|=UMQpJH^@}+b0A)^=^k*gs&PVFi_2ofvpeuix+GOv2hm)`Yp~T13xi>U&E0G{L z1C(gpZUHgXg#!i^McE`Ze#Fm&k%`8`Ff(EJndpSB_I;fb%Culd14g4S)378iR7`*8 zW6UrUzkZo=Mld>^EsZNuA;5(aR5)qfsX)G03kusx4wZ86*@>)%##_SPl?g-yNmZBk z`q~9rPN;MR!s4HWB(vkeZh(APwJA16u!yZSS_6H%WjmHrt+%S{zTlmiPaLIm+_S7x zBI+9W(F9Fftzm3MA*z@Exto=Q1Tf$bBZ^8U)y zAdSVK{twKp@xzv}(@CwR-GfNH zSA`=I(y<5bk>NwXSnzEWX{}no_xMF<`PCBQmS#k;fE>CD=)+3~C8|-&8vj`pnVp)A;Nd#m@p9DQz;gaxNa)Od5KttF6itOF?)d6{Aee?%Z*w9{{sFCi@W%tt~Z-FoUtr+-jvdf^V_QJ_c?B zT2-PfM-1?7YQC%3)tVZTgFT$l(ZyX`OmGfaZ*@LV+w0>h2K7rOYHyDrm7@l7l_1Ij z_Wb8v?FhkwL?XZl!E;xCjgLoXYvxBlse(;sgRSA2HnCWQ3!QvePin_-fDQX_o{BsB zG2A@!x$mx@#CXNsfIT>-hXo9NrwE7FP1bKg$OZM*<%T!8>TL|Lxw!c$-;vT*aKn5l zt2rSMwv%A9HX7{G444*N%FlcyVE4BNP8H@9uqL1L>oQCCGb$U8T1_6u9K~n4mZl$s zipkhs^U{?`aV4}-RQeO7h33<5>@Q8N??HyS4_B6qp^9odwsEp%Q@js1%0A+mb7nPH z7bKPn=QDSU;#Zo{9_n3H@}_83g;QPR!i)>xy8+L-Y_7t)77T0zHWs%j|QufU1NEOkj5y~51vHV!VG zu=Nb<%FYDc!n#=PrCa#ZXVv2*&iFFiYFe!(2HQb}5;<{tHAjPMI!_A76~ z?6ZUzpIdP%ojN3@&$tUiW2+s%J6<{Vw@6KFnGN^?0T?=73|k73V*5^R73;Uc`%+s; zJ6@cICeR5;A`+k4_Wq5yh4SXfR-F5Hh{0z6jcxEB8U+B#&6zmJ>#PY$A#U+Vsdm`rrChl+{3hi%4+o zIjKnRR+HfL)Va;~lO z?!u)G?+`iJE-$Wae}duepy~`z%O_<2SLS_!Ojwv`JQ%%j&c8tH637DdzXAcW{icQ& zNRA4T=k`n=6mU4Oib>c)3l#nk^av6@?7uXqhhw#N3;mp5?u zNYd+SOZX3(Z_L*}ha@0*id4LsCV;K(AaO40I+|@-Ri<}o0->9HLczr5f$816& zj`2NLkwgQ*wQFQyte?z*MM-7&Ow=np{@R4okJRaY1bm@ZQkb&if)Yzmac;jta#nj# zJmf|$QdM%sI5%Fz<2@Ps+Gws{Mncr``E!Ybqqk_lY!pmDS;GCm<6Ue@K{=e0#2DqM zZj>11=2%3EqsSo=TLfLm&0u6PXP?{>V625sa`JfopcZnP9b|G`qW?{D>P$K!b(c)_ zc~U@gQfvCIhSPW&Fw0`SxcM0CAm)1v8&!9zqTVC@l}=}^jBss{##n}KE8gp@bluw? zmBFVEI0VwPCkYs%OY5 zaK#iiJyeG4USUJ;JEw48EOkfj1muh8l@|@0ZYGgBZ zHjqO*kOibyOqh66VeRvG zKxDOfW%KDuv@mvQ?y>~mN)#Pg*~U1Iyi)|zLokQuQDD}|PT!sqk%O_g5{I>i=Q4#@ zlZvTOOM%iy#H(K8xsjNRMVx1MB?Q-P$64tO2Nn!{VVAxJb+Rm zHjeF*V`Z96RWH_+pK?-}XCP~*T#!Pv@~(XyGQWMhDMql3Ag1D!+006oMv6+sh1QR^ z$gPCZa9WdSBBK>>zJaZ_S7MtKZ*@(vDTAeZpo1o;&xNCsim;%w0J9K+kL(zX)3d=qV zh`4~dekEUCDkbu@G+>}R0#g!(^Hot){p2OL=8r4`BR}i9QsbkGFpNO_<^vxst{<6p zuY6nsb>F%CfgMyl`nP{Oj?jF(e!=i z)Ba-Z=Rx6ih-Ll}5kD>qW}0UXkAxY2f&xS4d-V_E$Y>M9ZW3iKN?RUV42eAE;_;co z)A2AkI~m@;yA+Sd1o#1wB!5>s7`j5#q$mbv7;+=0e`BX7t)?$}JBu9@jtDz6SNSZS z-A)L_ozq^ZhPMj72z^3J-?KS8PkF+&6}cDDcP4$6z?5OIy_@P*6e$l2$H8d z@$yZiF!na0B4<7Vn+?XNH5}bxp-br&QN8?*+ygi}x+x#1vF14IZy5%9WW)9hdXOuj z4W$OPgUK0U7d@nuXx^2GYW;metZyY-cWVqcvH@;wl#w!){8A||FN1okYwj85U6h{ z&iDgCrYz8_N3o(z=FHPN(9K%FJ)!DRK9?kRXz0GvmsZSa5N2SxVrqgSw`<(!RabZZ z00{ZCpCG9l1E7;4vQ?&CFPIyM#64d9#XP20smd#)u^a#!tBnRd-Q|Z13?Q=Ns%X9kNolZIvr7e`m zv2oEPRjm;7WRfgR1s@&NRK(8nS*Uy$v&MV|{2<8$l|OKcjBPwA0Xk$SC#- z%VTRX&^_)^q~?0OmF2g)wWO2kX7&|SIZv=>JF=4g2cSqY8+wN*`&rSd!e>7VX=lm8UFS(+T3G;67}*?8p}b- zqHbF%c-BmJeea-VC2YBX8$9_P!mDxCt6T0fN0D)W_;A7;jVjhVV)MOUc&=%jqMbwE zfnb+EvDTh?M!s5BLxd&d4`DWMe1P~g#Spw#PpzDh596ofirsl~00@Lc%%F<%-@GiR ztKo)*Or}`+Dw@o~Mh5)tzkKZo<6$zVrq^Oe6k(*`*$d#mK~UtB^0Up=Jh0O+r|E0} zIs32y)x5~=QE8B+zx?_5aL9#OCi2;c{w;611r}(n-2TNrBm@pv31)XJRhpAx^><1E zf9TX@ue6J+{DA8|jP^}@GaqNT-afrq?_yCWX8preJhEvl)EJgwO&O`pCem|#X-tDf z-o1k(l(OTb;`ES-(v4+@n$G;DpJEvy7ALf1-A=0yeqOTXfs8sd3s&J2-g5YaGWRS|WZG&e|lo-BGOS^wHx&`vO7QBeRw0-VbIBr4O$B&-)JzS_W8 z5D_1MHRX61qy6g!>+~exHNza1W~}PE<$-{Rf{(^ATR+oK3Dc9t4-A6{j?0A=-2T>$ zb|0p%lAG4`Ll2Q7%wI4hkLR0ukehl|jek5y+H1S!dy}e1FS*zt+?U{DBBt`cp zh%5t6^5Rw|=@jI4+PSYd9&@I7e$l(B6mWG9johUu6&*wSBo~ZJXgAsD$$j{m*>a2+ z=p~hGRoF9G6j2y>Bf&Yr4IlsPtAiN{D_`;b<#;tJ&(sU9L0{BkSJB+>@y9}ib z<(vw{BfmUqllmIi(d_YA8vNujMlB06JAQUgHS1eR{P6tJZf*YIuMSWDp)PHfP=jDB zfmMCEVK)q!ud98*`ytBP+MK~o6*A>4gLK~@L{{vkP>^C#a(I0vLt zLbd5V?2ag6^IM<&a&xT#NBD7TWW(plNieC^)OKRwPXu1411TrmqN#eIPr;?G+3N<8^`KPy@Lo}g_?PXxa)2wPcj%_I+6x5fz~@$m zC&$TJnIrT3J=kvmw%&yR-B28OxThU zm;4!nZYdh;A&u_eiv6jSDRh5=urdEUWb=Oq>iBmZ>i-c5@-L##;PpPkMhrAE##aZb z03Z@MVnX8yu`1dBi6H!Mc$L4%L0k!?gbm`0!t(mbe07e_41e?q4t=u07+4 z>`z6u$A9RDh*#flM!bOOy!ta`>dWq=Av!UxO3A;_7>S>PX)?ZMRv~|<2z=op9*)&B z`s6Q)hCpoJpXOm?F8zPv7=33S&b`^;wf*eveK%#nTPTvkGHBSGJKq%0*A8c!IW=c_ zt)}pw&>XBMCWbRDat2Z{LSWYvK^EVmCr#mc^uG7&jN zmHFyt6-vCMT@?GAt&`-vPj&>_dft2ovu;< literal 0 HcmV?d00001 From 9fa4dc0feca54e0a90a9a9da6771732f172b1e1b Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 09:08:45 -0700 Subject: [PATCH 2/8] Updated based on tech review --- windows/keep-secure/create-edp-policy-using-intune.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index f9914ecff8..6b5a7cbe75 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -19,8 +19,8 @@ author: eross-msft Microsoft Intune helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. -## Important note about the June service release -We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processess. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service release. This means that when you implement the June service release in your test environment, your existing Windows 10 enterprsie data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make a backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. After you implement the June service release and open an existing enterprise data protection policy, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Please note that if you exit the Policy UI before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be pushed to your employees with an empty app rules list. +## Important note about the June service update +We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Please note that if you exit the Policy UI before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be pushed to your employees with an empty app rules list. ## Add an EDP policy After you’ve installed and set up Intune for your organization, you must create an EDP-specific policy. From 1bcdf7d97851a66cc0f0b2db843cc3fe3e37072d Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 09:26:06 -0700 Subject: [PATCH 3/8] Updating based on tech review --- windows/keep-secure/create-edp-policy-using-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index 6b5a7cbe75..ca4ca31d0e 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -20,7 +20,7 @@ author: eross-msft Microsoft Intune helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. ## Important note about the June service update -We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Please note that if you exit the Policy UI before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be pushed to your employees with an empty app rules list. +We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Note that if you exit the **Policy** page before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be deployed to your employees with an empty app rules list. ## Add an EDP policy After you’ve installed and set up Intune for your organization, you must create an EDP-specific policy. From 108fac201b889ff7607b0fbaa473543eb0fade18 Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 10:00:33 -0700 Subject: [PATCH 4/8] Updated from tech reviews --- windows/keep-secure/create-edp-policy-using-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index ca4ca31d0e..19011c5fbd 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -20,7 +20,7 @@ author: eross-msft Microsoft Intune helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. ## Important note about the June service update -We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the Protected Apps area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Note that if you exit the **Policy** page before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be deployed to your employees with an empty app rules list. +We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the **Protected Apps** area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Note that if you exit the **Policy** page before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be deployed to your employees with an empty app rules list. ## Add an EDP policy After you’ve installed and set up Intune for your organization, you must create an EDP-specific policy. From 4793eb44cce24183fd6fc4d2017e47e091302cbb Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 10:42:48 -0700 Subject: [PATCH 5/8] Updated Note and Important to have blue band --- .../create-edp-policy-using-intune.md | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index 19011c5fbd..6b2d130180 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -41,9 +41,9 @@ During the policy-creation process in Intune, you can choose the apps you want t The steps to add your apps are based on the type of app it is; either a Universal Windows Platform (UWP) app, or a signed Desktop app, also known as a Classic Windows application. -**Important**
EDP-aware apps are expected to prevent enterprise data from going to unprotected network locations and to avoid encrypting personal data. On the other hand, EDP-unaware apps might not respect the corporate network boundary and will encrypt all files they create or modify, meaning that they could encrypt personal data and cause data loss during the revocation process. Care must be taken to get a support statement from the software provider that their app is safe with EDP before adding it to your **Protected App** list. -

-**Note**
If you want to use **File hash** or **Path** rules, instead of Publisher rules, you must follow the steps in the [Add multiple apps to your enterprise data protection (EDP) Protected Apps list](add-apps-to-protected-list-using-custom-uri.md) topic. +>**Important**
EDP-aware apps are expected to prevent enterprise data from going to unprotected network locations and to avoid encrypting personal data. On the other hand, EDP-unaware apps might not respect the corporate network boundary and will encrypt all files they create or modify, meaning that they could encrypt personal data and cause data loss during the revocation process. Care must be taken to get a support statement from the software provider that their app is safe with EDP before adding it to your **Protected App** list.

+ +>**Note**
If you want to use **File hash** or **Path** rules, instead of Publisher rules, you must follow the steps in the [Add multiple apps to your enterprise data protection (EDP) Protected Apps list](add-apps-to-protected-list-using-custom-uri.md) topic. **To add a UWP app** @@ -53,8 +53,9 @@ The steps to add your apps are based on the type of app it is; either a Universa **To find the Publisher and Product name values for Microsoft Store apps without installing them** - 1. Go to the [Windows Store for Business](http://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, Microsoft OneNote.

- **Note**
If your app is already installed on desktop devices, you can use the AppLocker local security policy MMC snap-in to gather the info for adding the app to the **Protected App** list. For info about how to do this, see the [Add multiple apps to your enterprise data protection (EDP) Protected Apps list](add-apps-to-protected-list-using-custom-uri.md) topic. + 1. Go to the [Windows Store for Business](http://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, Microsoft OneNote. + + >**Note**
If your app is already installed on desktop devices, you can use the AppLocker local security policy MMC snap-in to gather the info for adding the app to the **Protected App** list. For info about how to do this, see the [Add multiple apps to your enterprise data protection (EDP) Protected Apps list](add-apps-to-protected-list-using-custom-uri.md) topic. 2. Copy the ID value from the app URL. For example, Microsoft OneNote's ID URL is https://www.microsoft.com/store/apps/onenote/9wzdncrfhvjl, and you'd copy the ID value, `9wzdncrfhvjl`. @@ -81,7 +82,8 @@ The steps to add your apps are based on the type of app it is; either a Universa **To find the Publisher and Product name values for apps installed on Windows 10 Mobile phones** 1. If you need to add mobile apps that aren't distributed through the Store for Business, you must use the **Windows Device Portal** feature. -

**Note**
Your PC and phone must be on the same wireless network. + + >**Note**
Your PC and phone must be on the same wireless network. 2. On the Windows Phone, go to **Settings**, choose **Update & security**, and then choose **For developers**. @@ -96,7 +98,8 @@ The steps to add your apps are based on the type of app it is; either a Universa 7. Start the app for which you're looking for the publisher and product name values 8. Copy the `publisherCertificateName` value and paste it into the **Publisher Name** box and the `packageIdentityName` value into the **Product Name** box of Intune. -

**Important**
The JSON file might also return a `windowsPhoneLegacyId` value for both the **Publisher Name** and **Product Name** boxes. This means that you have an app that’s using a XAP package and that you must set the **Product Name** as `windowsPhoneLegacyId`, and set the **Publisher Name** as “CN=” followed by the `windowsPhoneLegacyId`. + + >**Important**
The JSON file might also return a `windowsPhoneLegacyId` value for both the **Publisher Name** and **Product Name** boxes. This means that you have an app that’s using a XAP package and that you must set the **Product Name** as `windowsPhoneLegacyId`, and set the **Publisher Name** as “CN=” followed by the `windowsPhoneLegacyId`.

For example:
``` json { @@ -242,11 +245,11 @@ If you have multiple domains, you must separate them with the "|" character. For ![Microsoft Intune: Add the primary internet domain for your enterprise identity](images/intune-primary-domain.png) ## Choose where apps can access enterprise data -After you've added a protection level to your apps, you'll need to decide where those apps can access enterprise data on your network. There are 6 options, including your network domain, cloud domain, proxy server, internal proxy server, IPv4 range, and IPv6 range.

-**Important**
-- Every EDP policy should include policy that defines your enterprise network locations. +After you've added a protection level to your apps, you'll need to decide where those apps can access enterprise data on your network. There are 6 options, including your network domain, cloud domain, proxy server, internal proxy server, IPv4 range, and IPv6 range. -- Classless Inter-Domain Routing (CIDR) notation isn’t supported for EDP configurations. +>**Important**
+- Every EDP policy should include policy that defines your enterprise network locations.

+- Classless Inter-Domain Routing (CIDR) notation isn’t supported for EDP configurations. **To specify where your protected apps can find and send enterprise data on the network** From f01b613f12322ede8e6ae098e3ecf6194f3cb43a Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 12:05:58 -0700 Subject: [PATCH 6/8] Added formatting to page names --- windows/keep-secure/create-edp-policy-using-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md index 6b2d130180..194bdc40b7 100644 --- a/windows/keep-secure/create-edp-policy-using-intune.md +++ b/windows/keep-secure/create-edp-policy-using-intune.md @@ -20,7 +20,7 @@ author: eross-msft Microsoft Intune helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. ## Important note about the June service update -We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the **Protected Apps** area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the OK button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Note that if you exit the **Policy** page before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be deployed to your employees with an empty app rules list. +We've received some great feedback from you, our Windows 10 Insider Preview customers, about our enterprise data protection experiences and processes. Because of that feedback, we're delighted to deliver an enhanced apps policy experience with the June service update. This means that when you open an existing enterprise data protection policy after we release the June service update in your test environment, your existing Windows 10 enterprise data protection app rules (formerly in the **Protected Apps** area) will be removed.

To prepare for this change, we recommend that you make an immediate backup of your current app rules as they are today, so you can use them to help reconfigure your app rules with the enhanced experience. When you open an existing enterprise data protection policy after we release the June service update, you'll get a dialog box telling you about this change. Click the **OK** button to close the box and to begin reconfiguring your app rules.

![Microsoft Intune: Reconfigure app rules list dialog box](images/edp-intune-app-reconfig-warning.png)

Note that if you exit the **Policy** page before you've saved your new policy, your existing deployments won't be affected. However, if you save the policy without reconfiguring your apps, an updated policy will be deployed to your employees with an empty app rules list. ## Add an EDP policy After you’ve installed and set up Intune for your organization, you must create an EDP-specific policy. From c9b2e5ce466a5a6dab3b95a7ab87bc1437ecb02d Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Mon, 6 Jun 2016 12:27:27 -0700 Subject: [PATCH 7/8] Updated for the service update --- windows/keep-secure/change-history-for-keep-windows-10-secure.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md index ccdef718f0..06485f9541 100644 --- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md +++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md @@ -16,6 +16,7 @@ This topic lists new and updated topics in the [Keep Windows 10 secure](index.md |New or changed topic | Description | |----------------------|-------------| +|[Create an enterprise data protection (EDP) policy using Microsoft Intune](create-edp-policy-using-intune.md) |Added an update about needing to reconfigure your enterprise data protection app rules after delivery of the June service update. | | [Windows Firewall with Advanced Security](windows-firewall-with-advanced-security.md) (multiple topics) | New | | [Advanced security audit policy settings](advanced-security-audit-policy-settings.md) (mutiple topics) | New security monitoring reference topics | From a41cf30f4ec36165c69e9d53fbb7053377ac4979 Mon Sep 17 00:00:00 2001 From: Tommy N Date: Mon, 6 Jun 2016 14:03:32 -0700 Subject: [PATCH 8/8] Add delete roaming cache support statement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit "The “Delete Roaming Cache” policy for Mandatory profiles is not supported with UE-V and should not be used." --- mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md | 1 + 1 file changed, 1 insertion(+) diff --git a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md index d2f8d804fb..81b493e1d2 100644 --- a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md +++ b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md @@ -695,6 +695,7 @@ Also… - The UE-V Windows PowerShell feature of the UE-V Agent requires .NET Framework 4 or higher and Windows PowerShell 3.0 or higher to be enabled. Download Windows PowerShell 3.0 [here](http://go.microsoft.com/fwlink/?LinkId=309609). - Install .NET Framework 4 or .NET Framework 4.5 on computers that run the Windows 7 or the Windows Server 2008 R2 operating system. The Windows 8, Windows 8.1, and Windows Server 2012 operating systems come with .NET Framework 4.5 installed. The Windows 10 operating system comes with .NET Framework 4.6 installed. +- The “Delete Roaming Cache” policy for Mandatory profiles is not supported with UE-V and should not be used.