Edge Insider Preview

[Stella Kreuter]

Thisarticle walks you through the steps to join Microsoft Edge insider program on Windows 10/11. You can opt-in for the insider program by downloading and installing preview builds of Microsoft Edge.

Microsoft has an Insider preview program available for a lot of its applications, such as Microsoft Office, OneDrive, etc. You can even join the Windows Insider Program on Windows 11 to get early access to new features. In this article, I will share how to join the insider preview program for Microsoft Edge.

Select the desired Edge insider and click on the Download button. In case you want to download the Edge insider for other operating systems, click the arrow next to the download button and select your OS. In this example, I am going to download the Microsoft Edge Insider Dev build for my Windows 11.

Step 3: Run the MicrosoftEdgeSetupDev installer on your computer. The installer downloads the files required to setup Microsoft Edge dev. Make sure your computer is connected to internet during this process.

To verify if you have joined the Microsoft Edge Insider program, launch the Microsoft Edge dev browser. Click on Settings and select Help and Feedback > About Microsoft Edge. Under About, we see the installed version of Edge is Microsoft Edge Dev. The same icon appears on the desktop that will help you distinguish between stable edge and Edge Dev build.

Anyway, when Microsoft first announced the deprecation of the WIP service, they did not really announce a replacement for it. Instead, they said we should leverage other solutions such as Microsoft Purview Data Loss Prevention and Information Protection (i.e., Sensitivity labels). This advice was a little bit confusing since these technologies cannot really replace the functionality of WIP, which allowed us to do stuff like encrypt corporate data on devices, and issue remote wipe commands, even against unmanaged (personal) devices.

So, when the new App protection policies for Windows were announced (starting with a policy that can help us to manage the Edge browser) I was curious as to what our capabilities would be here. I expect (hope) that additional applications will eventually be added to these policies; for example, I want to wrap this protection around not only Edge but also the Outlook or OneDrive client applications, even on personally owned/unmanaged devices.

Before you go to configure the policy you may want to check a couple of pre-requisites off first. For example, we need to make sure that our Windows Automatic Enrollment settings are properly configured. Navigate to Devices > Enroll devices > Windows enrollment and find Automatic enrollment.

Next you should add a connector to Intune for Windows Security Center. This will allow you to take advantage of device health checks using your App protection policies. Navigate to Tenant Administration > Connectors and tokens > Mobile Threat Defense. Click on Add and pick Windows Security Center.

Only now are we ready to create our MAM policy for Windows. We deploy from the same place we do other MAM policies: Apps > App protection policies. Click Create policy and choose Windows (not Windows Information Protection).

All we can do here is put up the basic copy/paste/save boundaries, and block printing. This means that while we are browsing under our corporate identity on a personal device, we cannot print, copy or save data to personal locations.

Finally, you can assign your policy to a specified user group. Note that we cannot use filters with this policy, which is hugely disappointing. It means that if we target a user who has both corporate and personally owned Windows devices, the policy will have to apply equally to both. But in general, I would never want to apply this policy on a Company-owned workstation.

Anyway, this is gripe #1: when this goes to GA, hopefully we will have the ability to use filters for devices here, like we can with other MAM policies for iOS and Android, meaning that we have the ability to target apps specifically on unmanaged devices (read: without enrollment).

Before we go further, I will note that for the preview at least, you have to use Windows 11 22H2+, and one of the Edge Insider builds; I believe these requirements will go away for GA (certainly the insider build requirement, and hopefully will be available for Windows 10 too), so not as big of a deal.

Anyway, I digress. After you clear the checkbox and click OK, dismissing the Screen That Should Not Be, you will be able to click Done and then switch into your work profile where we are presented with another (as far as I can tell) optional screen.

I will say that at least we have good feedback when there are issues relating to the policy. That is, we have an actual log file available, which could be reviewed by an administrator to help in understanding why a certain failure occurred, e.g., was there a problem related to Conditional Access, Device Health, or something else?

At the end of the day, I feel rather let down by MAM for Edge, at least in its current state. Why you ask? Because this does not give us anything we did not already have with Conditional Access App restrictions or App control policies. In fact, I think I prefer the user experience of either of those two solutions over this one. However, if they add more apps to the policy, such as the Outlook client (especially the Outlook client), and the OneDrive client, then we may have a better story worth exploring.

In case you were curious, my personal favorite option for handling personally owned Windows, Linux and macOS devices remains No access. After all, it is the simplest and most secure option: we enforce simply by requiring compliant devices, while at the same time blocking personal enrollments. Then only company-owned, enrolled and fully managed workstations can access corporate apps and data. That having been said, I do hope our outlook improves in this area (pun intended), and eventually comes to parity with what we can already offer our customers on the mobile platforms.

3a8082e126