DV-02 FAQ

Question 1

What is DV-02 (Require Compliant Devices for Global Admins)?

Accepted Answer

DV-02 is a security control that admin credentials on non-compliant devices are at high risk. keyloggers, malware, and credential theft are common on unmanaged devices. requiring compliance ensures admin actions occur from secured endpoints. It requires that all global administrator sign-ins require compliant devices and devices are enrolled in intune with compliance policies, non-compliant devices cannot access admin portals.

Question 2

Why is Require Compliant Devices for Global Admins important for Microsoft 365 security?

Accepted Answer

Admin credentials on non-compliant devices are at high risk. Keyloggers, malware, and credential theft are common on unmanaged devices. Requiring compliance ensures admin actions occur from secured endpoints.

Question 3

How do I implement DV-02 in my tenant?

Accepted Answer

TrueConfig provides one-click remediation for DV-02. Creates Conditional Access policy requiring device compliance for Global Admin role

Question 4

What license do I need for DV-02?

Accepted Answer

This control requires Azure AD Premium P1 (included in Microsoft 365 E3) or higher.

Question 5

Which security baseline includes DV-02?

Accepted Answer

DV-02 is included in the Enhanced Security baseline (Level 2). This level adds stricter controls for security-conscious organizations.

Question 6

Why is DV-02 marked as critical severity?

Accepted Answer

DV-02 is rated critical because failure to implement this control significantly increases the risk of security incidents. Admin credentials on non-compliant devices are at high risk. Keyloggers, malware, and credential theft are common on unmanaged devices. Requiring compliance ensures admin actions occur from secured endpoints.

DV-02: Require Compliant Devices for Global Admins

Related Resources

Still have questions?