Category: Azure

News Informatique

License enforcement for Microsoft Purview Information Protection for sensitivity labels

Microsoft Purview Information Protection helps organizations classify and protect their data while ensuring end user productivity. To apply a sensitivity label to documents, emails, meetings, groups, and sites manually, the following licenses are required for both the tenant admin and each end user: For both client and server-side automatic sensitivity labeling, the following licenses are …

Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps

Update of https://thibaultchatiron.fr/2023/07/31/use-double-key-encryption-to-protect-your-most-sensitive-files-and-emails-in-microsoft-365-apps/ To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. …

Authentication strength improvements to support passkeys

Conditional Access authentication strengths in Microsoft Entra ID will be improved to support registration of device-bound passkeys (defined at passkeys.dev) stored on computers, security keys, and mobile devices.  When this will happen: Public Preview: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. Worldwide: Microsoft will begin rolling out late …

Suspension of Azure Application Administrator role for Management of add-ins across Outlook, Word, Excel, and PowerPoint

Admins can manage add-ins across Outlook, Word, Excel, and PowerPoint from the Integrated Apps blade in the Microsoft 365 Admin Center. This capability is currently available to Global Administrators, Global Readers, Exchange Administrators, and Azure Application Administrators. Going forward, Microsoft is suspending capability for Azure Application Administrators from management of add-ins across Outlook, Word, Excel, and …

End of the Azure Information Protection Add-in for Office

Microsoft is retiring the Azure Information Protection (AIP) Unified Labeling add-in for Office on April 11th, 2024. When this will happen: The AIP Add-in for Office will be permanently disabled in Office after May 1st, 2024. How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office …

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Update of Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business) | Thibault Chatiron Beginning mid-February 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users …

Information Protection: Full File Evidence for all workloads in Activity Explorer

This new feature grants the user the capability to view the source link of the file associated with the activity flagged in Activity Explorer. When this will happen: Rollout will begin in late January 2024 and is expected to be complete by early February 2024.  How this will affect your organization: Users can view the …

Data Loss Prevention – View-only mode for Data Loss Prevention and Information Protection Policies and Labels

This capability allows the admin with view-only restricted permissions to view the Data Loss Prevention and Information Protection policy configuration details without editing the policies or label configurations. When this will happen: Microsoft will begin rolling out in late December 2023 and complete by early February 2024. How this will affect your organization: 1. Assign …

Ability to change retention period on labels set to start retention based on “When items were labeled”

Previously, admins could not change the retention period set on existing labels configured to start retention from when items were labeled. This feature will remove this restriction, and the resulting behavior will be consistent with other retention label types.   When this will happen: Rollout will begin in mid-January 2024 and is expected to be complete …

[Public Preview] Windows Autopatch Reliability Report

The Windows Autopatch Reliability report is a new feature that will be accessible in the Windows Autopatch Reports section of the Microsoft Intune admin center. This new report provides a calculated reliability score across update cycles based on the occurrences of stop code errors detected on managed devices. Scores are determined at both the service and tenant …

New Microsoft Defender Antivirus services on Windows Devices

Microsoft Defender Antivirus on Windows 10 and Windows 11 will be shipping with a new service: When this will happen: Microsoft will roll out to all rings (Current Channel (Preview), Current Channel (Staged) and Current Channel (Broad)) during the week of March 11th, 2024. How this will affect your organization: To enhance your endpoint security …

Changes to FIDO2 security key registration and sign-in experiences

During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to …

[PKI] Microsoft Secure Score – New Microsoft Defender for Identity recommendations

Microsoft is updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture. The improvement actions listed below will be added to Microsoft Secure Score. Your score will be updated accordingly. When this will happen: This is expected to be complete by late January 2024. How this will affect your organization: …

Retiring “MDE Settings” and “New version” options from Threat Explorer

Microsoft will be retiring the “MDE Settings” and “New version” options from Threat Explorer as they work to clean up and streamline the user experience. When this will happen: Microsoft expect to complete by late December 2023. How this will affect your organization: Users and Administrators will no longer see the “MDE Settings” and “New …

Exchange auto-labeling supports non-mail enabled security groups

Service side auto-labeling now supports scoping of Exchange auto-labeling to non-mail enabled security groups. When this will happen: Rollout is expected to be complete by late November.  How this will affect your organization: Admins can create new or edit existing auto-labeling policies to include new Exchange locations for non-mail enabled security groups. What you need …

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Beginning January 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users to perform phishing-resistant authentication using the devices that they already have. Microsoft will be expanding the existing FIDO2 authentication methods policy …

What’s new with Microsoft Entra ID Protection

In this increasingly digital world, identity is the most attacked surface area, and the sophistication and frequency of attacks continue to rise. Manual investigations and responses can’t keep pace. We need to think differently about how we protect identities from compromise and respond rapidly to emerging threats.   Microsoft Entra ID Protection (recently renamed from Azure …

Microsoft Purview Information Protection: Auto labeling (for files at rest in SharePoint Online) can now label PDF files

Auto labeling (for files at rest in SharePoint Online) will soon label PDF files. When this will happen: Preview: Rollout to public preview will begin in mid-July 2023 and expect to complete by early August 2023.   How this will affect your organization: Once the changes are rolled out to your tenant, the following are …

Microsoft Purview compliance portal: PDF files encrypted with sensitivity label can be searched and eDiscovered

Public preview alert. We have started rolling out support for labeled PDF files in SharePoint Online. SharePoint now supports search, eDiscovery, DLP for sensitivity label encrypted PDFs. The sensitivity column will start showing the label names for newly uploaded PDF files. When this will happen: Preview: This rollout is underway and expected to complete by …

Microsoft Purview Information Protection: Discover and co-author documents labeled with user-defined permissions

Currently rolling out in public preview, SharePoint and OneDrive will support discovery and coauthoring of files labeled with user-defined permissions.  When this will happen: Rollout to public preview began in mid-June and is expected to be complete by early September. Standard release will begin in mid-September 2023 (previously early September) and is expected to be …