Require Compliant Devices for Global Admins for Professional Services & Consulting

Professional Services & Consulting organizations face specific regulatory requirements including soc2, iso27001, cis. The DV-02 control helps address these requirements by:

• All Global Administrator sign-ins require compliant devices
• Devices are enrolled in Intune with compliance policies
• Non-compliant devices cannot access admin portals

Admin credentials on non-compliant devices are at high risk. Keyloggers, malware, and credential theft are common on unmanaged devices. Requiring compliance ensures admin actions occur from secured endpoints.

When implementing DV-02 in a professional services & consulting environment, consider:

• **Regulatory requirements**: soc2, iso27001, cis may mandate specific configurations
• **Risk tolerance**: Professional Services & Consulting organizations typically have moderate to low risk tolerance
• **Audit frequency**: Plan for regular compliance reviews
• **Documentation**: Maintain detailed records for regulatory inspections

To implement DV-02 in your Microsoft 365 environment:

• All Global Administrator sign-ins require compliant devices
• Devices are enrolled in Intune with compliance policies
• Non-compliant devices cannot access admin portals

TrueConfig can automatically remediate this control with one click.