Co-authoring and AutoSave on Microsoft Information Protection-encrypted documents Client-based automatic and recommended labeling on Mac Mandatory labeling requiring users to apply a label to their email and documents Availability of audit label activities in Activity Explorer Native support for variables and per-app content marking You can leverage co-authoring using: Production or test tenant Microsoft 365 apps with the …
Automatic classification with sensitivity labels emails in transit in Exchange Online Improved capabilities on top of existing service-based auto-labeling include: Additional predicates with Exchange Online auto-labeling Encrypt only and Do Not Forward support Context-based detections Read more about the feature at: Automatically apply a sensitivity label to content in Microsoft 365 – Microsoft 365 Compliance | Microsoft Docs
Office apps (Word, Excel, PowerPoint, Outlook) will now respect the Admin policy setting to require users to apply a label to documents and emails on Windows, Mac, iOS, and Android (for the Office 365 subscription version of the apps). The Azure Information Protection unified labeling client supports this configuration that’s also known as mandatory labeling. For labeling built in to Office …
Zendesk app connector available in public previewA new app connector for Zendesk is available in public preview. You can now connect Microsoft Cloud App Security to Zendesk to monitor and protect users and activities. For more information, see Connect Zendesk. New Cloud Discovery parser for WanderaCloud Discovery in Cloud App Security analyzes a wide range of …
New log collector versionUpgraded Log collector for Shadow IT discovery is now available. It includes the following updates: Microsoft has upgraded our Pure-FTPd version to the latest version: 1.0.49. TLS < 1.2 is now disabled by default. Microsoft has disabled the “octet-counted” framing feature in RSyslog to prevent failed processing.For more information, see Configure automatic log …
Azure Sentinel Watchlists provides the ability to quickly import IP addresses, file hashes, etc. from csv files into your Azure Sentinel workspace. Then utilize the watchlist name/value pairs for joining and filtering for use in alert rules, threat hunting, workbooks, notebooks and for general queries. Watchlist Updating Functionality The new watchlist UI encompasses the following …
Expose verified publisher indicating in O365 OAuth appsCloud App Security now surfaces whether a publisher of an Office 365 OAuth app has been verified by Microsoft to enable higher app trust. This feature is in a gradual rollout. For more information, see Working with the OAuth app page. Azure Active Directory Cloud App Security adminA Cloud …
Authentication Context (Step-Up Authentication) in public previewMicrosoft has added the ability to protect users working with proprietary and privileged assets by requiring Azure AD Conditional Access policies to be reassessed in the session. For example, if a change in IP address is detected because an employee in a highly sensitive session has moved from the …
In August 2020, Microsoft announced that Microsoft Graph privacy controls would be available in the fourth quarter. These Microsoft Graph privacy controls allow administrators to more granularly configure the visibility of Graph-derived insights which includes documents and sites across Microsoft 365 apps and services. Microsoft also announced a six-month transition period before the new controls …
Microsoft is making some changes to the default lifetime of Access Tokens. The default lifetime of Access Tokens issued by Azure AD will change from a static value of 60 minutes to a value between 60-90 minutes (75 minutes on average). Microsoft is making this change to provide a smoother experience across the service. When …
Microsoft has introduced additional support for MIP protected PDF’s in Microsoft Edge. This is currently in preview. What is the feature? If your organization has Microsoft Information Protection enabled, Microsoft Edge could open MIP protected PDF files which were protected in the same tenant seamlessly; across Windows and Mac. The support is now extended to …
Service Health Dashboard availabilityThe enhanced Cloud App Security Service Health Dashboard is now available within the Microsoft 365 Admin portal for users with Monitor service health permissions. Learn more about Microsoft 365 Admin roles. In the dashboard, you can configure notifications, allowing relevant users to stay updated with the current Cloud App Security status. To learn how to configure email …
Exclusion of Azure Active Directory groups entities from discoveryMicrosoft has added the ability to exclude discovered entities based on imported Azure Active Directory groups. Excluding AAD groups will hide all discovery-related data for any users in these groups. For more information, see Exclude entities. API connector support for ServiceNow Orlando and Paris versionsMicrosoft has added support …
AIP UL client 2.11.58 is now GA and available to download https://aka.ms/AIPClient What’s new ? This version includes the following new features, fixes, and enhancements for the unified labeling scanner and client: Scanner usage logging in the Windows event log Scanner diagnostics tool improvements Improved scanner details output Updates for the scanner’s supported information types …
Today, Microsoft announced that AIP UL client 2.11.57 is now GA and available to download https://aka.ms/AIPClient What’s new ? This version includes the following new features, fixes, and enhancements for the unified labeling scanner and client: Scanner usage logging in the Windows event log Scanner diagnostics tool improvements Improved scanner details output Updates for the …
Status page deprecation noticeOn April 29, Cloud App Security will deprecate the service health status page, replacing it with the Service Health Dashboard within the Microsoft 365 Admin portal. The change aligns Cloud App Security with other Microsoft services and provides an enhanced service overview. Only users with Monitor service health permissions can access the dashboard. For more information, …
Enhanced Shadow IT discovery with Microsoft Defender for EndpointMicrosoft has further improved the Defender for Endpoint integration by leveraging enhanced signals for the Defender agent, providing more accurate app discovery and organizational user context. To benefit from the latest enhancements, make sure your organizational endpoints are updated with the latest Windows 10 updates: KB4601383: Windows …
Temporary Access Pass is a game-changer that completes the end-to-end passwordless onboarding experience for your users. Microsoft created Temporary Access Pass to address many of your passwordless account onboarding and recovery scenarios. For a user to truly be passwordless, they shouldn’t know or use their password, and instead use passwordless authentication methods and recovery if …
Note : This only impacts the iOS/iPadOS device enrollment using Apple Configurator. Only setup assistant workflow is impacted – all other iOS/iPad enrollment workflows are not affected. There was a certificate mismatch between Apple Configurator profiles and the Intune certificate issuing service for iOS/iPadOS enrollment through this setup experience. Existing devices remain enrolled as they …
Clarification about audit log improvements introduced in AIP Unified Labeling client 2.8.85, that allow clearer visibility and alignment with Office native audit logs: Audit logs for access events from the unified labeling client are now sent only when users open labeled or protected files, providing a clearer indication of user access. Information types are no …