Skip to main content

Intune Setup (Windows)

Learn how to create and enforce Intune compliance policies for Windows devices so ComplyJet can evaluate compliance across enrolled devices.

Upendra Varma avatar
Written by Upendra Varma
Updated over a month ago

To sync Windows device compliance data from Intune into ComplyJet, you’ll first need to create the right compliance policies inside your Intune (Microsoft Endpoint Manager) account. These policies help us detect and validate whether your devices meet security requirements.

Note: Without these compliance policies, even if you manually enable settings like screen lock or disk encryption on your machine, the compliance checks will not pass. Always create a compliance policy in Intune and assign it to all devices to ensure consistent enforcement.

Required Policies

ComplyJet checks for three specific compliance settings in Intune (Windows):

  • Screenlock / Auto-Lock

  • Antivirus

  • Disk Encryption (BitLocker)

1. Screenlock / Auto-Lock

This ensures devices lock automatically after inactivity and require a password to unlock.

Steps:

  1. In the Intune admin center, go to Devices → Compliance policies → Create policy.

  2. Choose Windows 10 and later as the platform.

  3. Under System Security, configure:

    • Require a password to unlock mobile devices → Require

    • Maximum minutes of inactivity before password is required → ≤ 60 minutes

    • Require password when device returns from idle state → Require

  4. Assign the policy to all Windows devices.

  5. Save and enforce.

2. Antivirus

ComplyJet detects antivirus on Windows in two ways:

  • If a supported antivirus app is installed and appears in the Discovered Apps list.

  • If your compliance policy requires antivirus to be installed.

Steps:

  1. In Intune, create a new compliance policy for Windows 10 and later.

  2. Under Device Health, set Require antivirus → Yes.

  3. Assign to all Windows devices.

  4. Save the policy.

Using another antivirus?
If you’re not relying on Microsoft Defender, ComplyJet also detects a wide range of third-party antivirus apps (Avast, CrowdStrike, Sophos, etc.) as long as they appear in the Discovered Apps inventory from Intune.

3. Disk Encryption (BitLocker)

This ensures Windows devices are encrypted. ComplyJet looks at information provided on the hardware section of a device:

Steps:

  1. Create a new compliance policy for Windows 10 and later.

  2. Under System Security, set Require encryption of data storage on device → Require.

  3. Assign to all Windows devices.

  4. Save and enforce.

Next Steps

Once these compliance policies are created and applied, connect Intune to ComplyJet.

ComplyJet will evaluate all the compliance policies attached to each device and display the compliance status directly in your dashboard—giving you a clear, centralized view of which Windows devices are compliant and which need attention.

Related Articles
Microsoft Intune Integration
Managing Employee Devices with MDM
Hexnode Setup (Windows)
Hexnode Setup (macOS)
Intune Setup (macOS)
Did this answer your question?