Category: Azure

News Informatique

Microsoft Defender for Cloud Apps: Files page retires September 1, 2024

Microsoft will be retiring the Files page from Microsoft Defender for Cloud Apps on September 1, 2024. Information Protection policies can be created, modified and explored via the Policy Management page. You can explore malware files on the Policy Management page.

Decoupling Microsoft Purview Data Loss Prevention (DLP) Process form Microsoft Defender for Endpoint on Windows Devices

If you use a Firewall (Windows or 3rd party), non-Microsoft anti-malware, or application control solution and had to add the Microsoft Defender for Endpoint process to an allowlist to run, then an additional process (“MpDlpService.exe”) will need to be added to your allowlist. Starting June 2024, we will be decoupling the Microsoft Purview Data Loss …

Azure Information Protection Add-in for Office – it is the end

The Azure Information Protection (AIP) Unified Labeling add-in for Office is retired on April 11th, 2024. When this will happen: Important retirement milestones are: How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office applications, you must transition to the built-in labeling experience in Microsoft 365 …

[Public Preview] Support all Microsoft Defender for Cloud Apps users by Microsoft Defender XDR portal

As part of the transition to the Microsoft Defender XDR portal, the entire Microsoft Defender for Cloud Apps experience in the Microsoft 365 Defender XDR portal will be available for all supported by Defender for Cloud Apps admin roles. How this will affect your organization: For Public Preview customers, the entire Defender for Cloud Apps …

License enforcement for Microsoft Purview Information Protection for sensitivity labels

Microsoft Purview Information Protection helps organizations classify and protect their data while ensuring end user productivity. To apply a sensitivity label to documents, emails, meetings, groups, and sites manually, the following licenses are required for both the tenant admin and each end user: For both client and server-side automatic sensitivity labeling, the following licenses are …

Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps

Update of https://thibaultchatiron.fr/2023/07/31/use-double-key-encryption-to-protect-your-most-sensitive-files-and-emails-in-microsoft-365-apps/ To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. …

Authentication strength improvements to support passkeys

Conditional Access authentication strengths in Microsoft Entra ID will be improved to support registration of device-bound passkeys (defined at passkeys.dev) stored on computers, security keys, and mobile devices.  When this will happen: Public Preview: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. Worldwide: Microsoft will begin rolling out late …

Suspension of Azure Application Administrator role for Management of add-ins across Outlook, Word, Excel, and PowerPoint

Admins can manage add-ins across Outlook, Word, Excel, and PowerPoint from the Integrated Apps blade in the Microsoft 365 Admin Center. This capability is currently available to Global Administrators, Global Readers, Exchange Administrators, and Azure Application Administrators. Going forward, Microsoft is suspending capability for Azure Application Administrators from management of add-ins across Outlook, Word, Excel, and …

End of the Azure Information Protection Add-in for Office

Microsoft is retiring the Azure Information Protection (AIP) Unified Labeling add-in for Office on April 11th, 2024. When this will happen: The AIP Add-in for Office will be permanently disabled in Office after May 1st, 2024. How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office …

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Update of Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business) | Thibault Chatiron Beginning mid-February 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users …

Information Protection: Full File Evidence for all workloads in Activity Explorer

This new feature grants the user the capability to view the source link of the file associated with the activity flagged in Activity Explorer. When this will happen: Rollout will begin in late January 2024 and is expected to be complete by early February 2024.  How this will affect your organization: Users can view the …

Data Loss Prevention – View-only mode for Data Loss Prevention and Information Protection Policies and Labels

This capability allows the admin with view-only restricted permissions to view the Data Loss Prevention and Information Protection policy configuration details without editing the policies or label configurations. When this will happen: Microsoft will begin rolling out in late December 2023 and complete by early February 2024. How this will affect your organization: 1. Assign …

Ability to change retention period on labels set to start retention based on “When items were labeled”

Previously, admins could not change the retention period set on existing labels configured to start retention from when items were labeled. This feature will remove this restriction, and the resulting behavior will be consistent with other retention label types.   When this will happen: Rollout will begin in mid-January 2024 and is expected to be complete …

[Public Preview] Windows Autopatch Reliability Report

The Windows Autopatch Reliability report is a new feature that will be accessible in the Windows Autopatch Reports section of the Microsoft Intune admin center. This new report provides a calculated reliability score across update cycles based on the occurrences of stop code errors detected on managed devices. Scores are determined at both the service and tenant …

New Microsoft Defender Antivirus services on Windows Devices

Microsoft Defender Antivirus on Windows 10 and Windows 11 will be shipping with a new service: When this will happen: Microsoft will roll out to all rings (Current Channel (Preview), Current Channel (Staged) and Current Channel (Broad)) during the week of March 11th, 2024. How this will affect your organization: To enhance your endpoint security …

Changes to FIDO2 security key registration and sign-in experiences

During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to …

[PKI] Microsoft Secure Score – New Microsoft Defender for Identity recommendations

Microsoft is updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture. The improvement actions listed below will be added to Microsoft Secure Score. Your score will be updated accordingly. When this will happen: This is expected to be complete by late January 2024. How this will affect your organization: …

Retiring “MDE Settings” and “New version” options from Threat Explorer

Microsoft will be retiring the “MDE Settings” and “New version” options from Threat Explorer as they work to clean up and streamline the user experience. When this will happen: Microsoft expect to complete by late December 2023. How this will affect your organization: Users and Administrators will no longer see the “MDE Settings” and “New …

Exchange auto-labeling supports non-mail enabled security groups

Service side auto-labeling now supports scoping of Exchange auto-labeling to non-mail enabled security groups. When this will happen: Rollout is expected to be complete by late November.  How this will affect your organization: Admins can create new or edit existing auto-labeling policies to include new Exchange locations for non-mail enabled security groups. What you need …

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Beginning January 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users to perform phishing-resistant authentication using the devices that they already have. Microsoft will be expanding the existing FIDO2 authentication methods policy …