DV-01: Require Compliant Devices for Admin Access
Frequently asked questions about implementing and managing the DV-01 security control in Microsoft 365 and Entra ID.
QWhat is DV-01 (Require Compliant Devices for Admin Access)?▼
DV-01 is a security control that a compromised or unmanaged device can have keyloggers, malware, or screen capture tools. requiring managed, compliant devices for admin access ensures that privileged actions occur from endpoints you control and monitor. It requires that a conditional access policy requires compliant or entra hybrid-joined devices for admin portals and policy targets microsoft admin portals app or specific admin urls, unmanaged personal devices cannot access admin functions.
QWhy is Require Compliant Devices for Admin Access important for Microsoft 365 security?▼
A compromised or unmanaged device can have keyloggers, malware, or screen capture tools. Requiring managed, compliant devices for admin access ensures that privileged actions occur from endpoints you control and monitor.
QHow do I implement DV-01 in my tenant?▼
TrueConfig provides one-click remediation for DV-01. Creates a Conditional Access policy requiring device compliance. PREREQUISITE: Intune must be configured first.
QWhat license do I need for DV-01?▼
This control requires Azure AD Premium P1 (included in Microsoft 365 E3) or higher.
QWhich security baseline includes DV-01?▼
DV-01 is included in the Enhanced Security baseline (Level 2). This level adds stricter controls for security-conscious organizations.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial