Microsoft 365 Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Microsoft Knowledge Hub
      3. Microsoft 365 Defender

      Defender for Endpoint Device De-Isolation Work Instruction

      This work instruction will allow an administrator to alleviate a device isolation process.

      This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

      Procedure Scope: Administrators

      Required Group Membership: Admin.SecurityIncident

      1. Navigate to the Device Inventory – O365 Defender, select the device in question.
      2. Select the three dots, locate the Release from Isolate option.
      3. A prompt will be generated asking for finalization on the de-isolation action, select Confirm to complete the device de-isolation.

      You're Finished!

      You should have successfully removed the specified device the isolated state. For any other problems or questions, reach out to us!