DV-03: Require Device Compliance for All Users
Frequently asked questions about implementing and managing the DV-03 security control in Microsoft 365 and Entra ID.
QWhat is DV-03 (Require Device Compliance for All Users)?▼
DV-03 is a security control that unmanaged devices can have keyloggers, malware, or lack encryption. requiring device compliance for all users ensures corporate data is only accessed from endpoints you control. this is a comprehensive zero trust control. It requires that a conditional access policy requires compliant or hybrid-joined device for all users and all cloud applications are covered, emergency access accounts are excluded.
QWhy is Require Device Compliance for All Users important for Microsoft 365 security?▼
Unmanaged devices can have keyloggers, malware, or lack encryption. Requiring device compliance for all users ensures corporate data is only accessed from endpoints you control. This is a comprehensive Zero Trust control.
QHow do I implement DV-03 in my tenant?▼
TrueConfig provides one-click remediation for DV-03. Creates CA policy requiring device compliance in report-only mode. PREREQUISITE: Intune enrollment required.
QWhat license do I need for DV-03?▼
This control requires Azure AD Premium P1 (included in Microsoft 365 E3) or higher.
QWhich security baseline includes DV-03?▼
DV-03 is included in the Maximum Security baseline (Level 3). This level is designed for high-security environments and regulated industries.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial