Category: Office 365

News Informatique

[MDO] Some cmdlets will be retired in May 2022

Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail will be retired Microsoft will be retiring the Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail cmdlet from Microsoft Defender for Office 365. Instead, Microsoft recommends the use of the Get-ContentMalwareMdoAggregateReport | Get-ContentMalwareMdoDetailReport cmdlet. Key points Timing: retirement will begin in early May and is expected to complete by mid-May Action: review and transition to the Get-ContentMalwareMdoAggregateReport …

Information barriers – management experience in Microsoft 365 compliance center [Public Preview]

Coming to public preview, you will soon see an updated user experience in the Information barriers solution within the Microsoft 365 compliance center. This update includes new landing pages for Segments and Policies. When this will happen: Rollout will begin in late November and is expected to be complete by late December. How this will affect …

New Conditions in Teams DLP [Public Preview]

Microsoft announced the public preview for 4 new conditions in Teams Data Loss Prevention(DLP) available through the Microsoft 365 Compliance Center.  These 4 conditions have already been available for Exchange DLP and are now available for Teams : Sender is  Recipient is  Sender domain is  Recipient domain is  With the availability of these conditions, customers can extend their existing Exchange policies to …

[MDO] Investigation updates for improved email threats and actions

Microsoft is improving Automated Investigation and Response (AIR) from Defender for Office365 The rollout of the updated email clustering will begin today, June 21st. Investigations will now only queue actions for approval when malicious emails are still in the mailbox (by using latest delivery location instead of original). Investigations only queue actions for malware or …

Microsoft Defender for Office 365: Introducing Advanced Delivery for Phishing Simulations and SecOps Mailboxes

Microsoft is introducing a new capability, Advanced Delivery, for the configuration of third-party phishing simulation campaigns and delivery of messages to security operations (SecOps) mailboxes. Admins will now be able to explicitly configure for the following scenarios and ensure messages configured as part of these scenarios are handled correctly across product experiences: Third-Party Phish simulation …

Microsoft Graph privacy controls to fully replace the classic Office Delve control in May

In August 2020, Microsoft announced that Microsoft Graph privacy controls would be available in the fourth quarter. These Microsoft Graph privacy controls allow administrators to more granularly configure the visibility of Graph-derived insights which includes documents and sites across Microsoft 365 apps and services. Microsoft also announced a six-month transition period before the new controls …

License check for Advanced eDiscovery

Starting April 16, 2021, all customers using Advanced eDiscovery must have the appropriate licensing in order to continue creating new cases in the solution.  You have to maintain an Advanced Compliance or E5 license. Key points: Timing: We will begin rolling this April 16, 2021 Action: review and ensure you have the appropriate licensing How …

New Endpoint DLP features [Public Preview]

Prerequisites Licensing Microsoft 365 E5 Microsoft 365 A5 (EDU) Microsoft 365 E5 compliance Microsoft 365 A5 compliance Microsoft 365 E5 information protection and governance Microsoft 365 A5 information protection and governance Hardware/software Your devices must be running Windows 10 x64 build 1809 or later. The device must have Antimalware Client Version is 4.18.2101.9 or later …

New features on ATP Safelinks

Microsoft add two new feature on ATP Safe Links : Display the organization branding on notification and warning pages Use custom notification ATP Safe Links branding is now rolling out for you! Check out your ATP Safe Links policy.

Teams DLP Playbook – Release

This document provides an overview of how enterprise customers can deploy Microsoft Teams-DLP for protecting sensitive information that is traversing with-in or outside of the organization. Unified DLP has integration with multiple workloads that help to protect customer data with a single policy. Teams-DLP is one of the workloads within the Unified-DLP console. This guide …

Publisher verification and app consent policies [General Availability]

With usage of cloud apps and the remote work, attackers leverage application-based attacks, such as consent phishing. Indeed, they try to to gain unwarranted access to valuable data in cloud services. General availability of publisher verification At the beginning of this month, Microsoft announced that publisher verification was generally available. This capability allows developers to add a …

Migrating from Exchange Transport Rules to Unified DLP

Microsoft shared a document that provides an overview of how enterprise customers can migrate their existing Exchange Transport Rules to Unified DLP portal. It walks through the different stages of migration and shows the effectiveness of the unified DLP portal as a single place to define all aspects of your DLP strategy. In summary, this …

Microsoft Endpoint Data Loss Prevention [Public Preview]

In order to accelerate the deployment of a comprehensive information protection strategy, Microsoft announcedb the public preview of Microsoft Endpoint Data Loss Prevention (DLP). Microsoft Information Protection (MIP) is a solution that understands and classifies data, keeps it protected, and prevents data loss across M365 apps, M365 services, third-party SaaS applications… Endpoint DLP now extends …

Office 365 ATP connector for Azure Sentinel [Public Preview]

Nice to see the Office 365 Advanced Threat Protection connector for Azure Sentinel ! Description Office 365 Advanced Threat Protection (ATP) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. By ingesting Office 365 ATP alerts into Azure Sentinel, you can incorporate information about email- and URL-based threats into …

On-premises data at rest DLP [Private Preview]

Microsoft DLP for on-premises is part of the Microsoft 365 DLP suite of features you can use to discover and protect your sensitive data across Microsoft 365 services. This feature will allow you to scan on-premises file shares or SharePoint and detect when sensitive data is overshared. This gives you the visibility and control you …

Application Guard for M365 Apps [Public Preview]

Files from the internet and other potentially unsafe locations can contain viruses, worms, or other kinds of malware that can harm your users’ computer and data. To help protect your users, Office opens files from potentially unsafe locations in Application Guard, a secure container that is isolated from the device through hardware-based virtualization. When Office …

Restrict guest access permissions in Azure Active Directory [Public Preview]

There are a new access level for Guest users in order to limit their permissions : Permission level Access level Same as member users Guests have the same access to Azure AD resources as member users Limited access (default) Guests can see membership of all non-hidden groups Restricted access (new) Guests can’t see membership of …

Revoke guest access to SharePoint Online and OneDrive after a defined period of time

Update 19/05/2021 : Microsoft has updated the rollout timeline. The roll out will begin at the end of May You will soon be able to create a policy that automatically revokes access for external guests to SharePoint Online (SPO) sites and individual OneDrives after a defined period of time.  When will this happenMicrosoft will gradually roll …

Azure AD My Sign-Ins – Portal to report unusual sign-in activity [General Availability]

Azure AD My Sign-Ins is now General Available — a portal that allows end users to review their sign-in history to check for any unusual activity. The My Sign-Ins page permits to see: If anyone is trying to guess their password. If an attacker successfully signed in to their account from a strange location. What …

Office 365 ATP: External email forwarding controls and policy change

Automated external email forwarding is a tactic attackers use to exfiltrate data out of an organization. To counter that, Microsoft is updating their anti-spam policies. First, they are providing a control to easily enable automatic external forwarding for select people in your organization. Second, they will change the “Automatic” setting to block automatic external forwarding. …