Bluetooth is a highly convenient technology, but it also introduces significant security risks. Several well-known Bluetooth attacks include
Bluejacking: Sending unsolicited messages to Bluetooth-enabled devices.
Bluesnarfing: Unauthorized access to information on a Bluetooth device.
Bluebugging: Exploiting vulnerabilities to gain remote control over a device.
The most effective protection against Bluetooth threats is to disable Bluetooth when not in use.
However, since this may not be practical for all IT environments.
I choose only to allow Keyboards, Mice and headsets. According to this list:
https://learn.microsoft.com/en-us/windows/client-management/mdm/policy-csp-bluetooth
The following settings I enable In Intune
Use a Service Allow List
Configure the Bluetooth service allow list by specifying UUIDs for permitted Bluetooth peripherals.
Restrict Bluetooth Pairing
Allow pairing only with approved devices to prevent unauthorized access.
Enforce Strong Authentication
Require secure authentication methods such as PIN codes or biometric verification for pairing.
Monitor and Audit Bluetooth Connections
Regularly review Bluetooth usage logs to detect any unauthorized connections or suspicious activities.
Implement Proximity-Based Controls
Use policies to disable Bluetooth in high-security areas where wireless communication is unnecessary.
Use policies to disable Bluetooth in high-security areas where wireless communication is unnecessary.
I use the following settings in Intune:
{00001108-0000-1000-8000-00805F9B34FB}
{0000110B-0000-1000-8000-00805F9B34FB}
{0000110C-0000-1000-8000-00805F9B34FB}
{0000110E-0000-1000-8000-00805F9B34FB}
{0000110F-0000-1000-8000-00805F9B34FB}
{0000111E-0000-1000-8000-00805F9B34FB}
{00001124-0000-1000-8000-00805F9B34FB}
{00001200-0000-1000-8000-00805F9B34FB}
{00001203-0000-1000-8000-00805F9B34FB}
{00001800-0000-1000-8000-00805F9B34FB}
{00001801-0000-1000-8000-00805F9B34FB}
{0000180A-0000-1000-8000-00805F9B34FB}
{00001812-0000-1000-8000-00805F9B34FB}
{00001813-0000-1000-8000-00805F9B34FB}
{0000180F-0000-1000-8000-00805F9B34FB}