Tech news for the week of December 4th, 2023

Topics in this week’s Newsletter

What’s New Updates

Training

Microsoft 365

Windows 365 and Azure Virtual Desktop

Microsoft Defender

Azure

Server

Identity Protection and Management

Information Protection and Management

Intune

Device Management

Scripting and Automation

Security Tools and Guides

Microsoft News

Security News

Industry Specific News

?

What’s New Updates

SharePoint Roadmap Update – Fall 2023 (1st party)

At the Microsoft 365 Conference in May 2023, we unveiled our vision for making it easier than ever to build more compelling and engaging SharePoint sites and pages. We shared how we are delivering on four key themes: simpler authoring, compelling content, deeper engagement, and a flexible platform. In this blog post, we’ll share our progress with you on our journey to enable everyone to make beautiful, impactful SharePoint sites and pages.

Windows Admin Center version 2311 is now in Public Preview! (1st party)

Today, we are releasing our latest version of Windows Admin Center to public preview – version 2311! Thank you to our customers, partners, and fans for helping us to continue to improve and make Windows Admin Center better! In this release, we’ve made improvements to some of our most used tools, added new experiences around Azure hybrid services like Azure Arc and Azure Migrate, and updated our platform.

?

Training

Fabric webinar series: Supercharge Organizational Analytics and Democratize Insights (1st party) [FREE]

December 5: Many organizations struggle to unlock business insights because the analytics team is working with limited resources and an ever-growing backlog. As a result, necessary data is often incomplete or not available, forcing employees to manually pull together the information they need in a manually created spreadsheet to perform their jobs.

Register for more details about Microsoft content management (1st party) [FREE]

December 6: Stay informed about Microsoft content management offerings, including Microsoft SharePoint, Microsoft 365 Backup, Microsoft 365 Archive, and more. You’ll be the first to hear about updates for Microsoft SharePoint Premium – our advanced content management and experiences platform and our next evolution for Microsoft Syntex – which brings AI, automation, and added security to your content experiences, processing, and governance.

Microsoft Security Tech Accelerator (1st party) [FREE]

December 6: Join us Wednesday, December 6th for a virtual day of demos and technical deep dives. And bring your questions for everyone's favorite – Ask Microsoft Anything (AMA). We’re excited for you to join us in the AI era of security. Our goal is to connect you to your security peers and equip you with the technical knowledge that will help you and your team safely and confidently adopt AI.

Azure Arc - Modern Server Management (3rd party) [FREE]

December 11: Azure Arc is a set of tools and services that extends the Azure cloud to your Windows and Linux servers; it allows you to manage and monitor from a central and secure location. In this webinar, you will learn why you need to start using Azure Arc, how it works, and all the incredible benefits Azure Arc has. We will take a look at deploying the Agent and the Resource Bridge, managing on-premises servers from the cloud, and protecting the control plane in Azure.

Generative AI for Beginners - A Course (1st party) [FREE]

Learn the fundamentals of building Generative AI applications with our 12-lesson comprehensive course by Microsoft Cloud Advocates. Each lesson covers a key aspect of Generative AI principles and application development. Throughout this course, you will be building your own Generative AI startup so you can get an understanding of what it takes to launch your ideas.

Take the next steps beyond Microsoft Ignite (1st party) [FREE]

Build skills that open doors with Microsoft Learn. Get connected with your peers, explore training opportunities, and more! Access topic-specific resources in one spot and dive deeper into session content from Microsoft Ignite through the Microsoft Learn Collections below.

Demos, deep dives, AMAs: Microsoft Technical Takeoff 2023 (1st party) [FREE]

The second annual Microsoft Technical Takeoff for Intune and Windows is currently underway! This free, virtual skilling event provides you with the prescriptive, technical depth you need to successfully deploy, use, and manage the latest capabilities in Microsoft Intune and the Microsoft Intune Suite. Explore scenario-based demos. Go deeper into features, settings, and policies. And, perhaps most importantly, engage with our engineering and product teams in the chat to get the answers and insights you need! All sessions are streamed live on Microsoft Tech Community, YouTube, X, and LinkedIn—and available on demand the same day so you can choose the excitement of the live broadcast or catch up on demand as your schedule allows. Q&A will be open all week!

Tutorial: Create and manage Azure budgets (1st party) [FREE]

Budgets in Cost Management help you plan for and drive organizational accountability. They help you proactively inform others about their spending to manage costs and monitor how spending progresses over time. You can configure alerts based on your actual cost or forecasted cost to ensure that your spending is within your organizational spending limit. Notifications are triggered when the budget thresholds you've created are exceeded. Resources are not affected, and your consumption isn't stopped. You can use budgets to compare and track spending as you analyze costs.

Azure webinar series - Unlock Critical Insights from Your SAP Data on Azure (1st party)

Watch this webinar to learn how you can derive real-time and predictive insights from your SAP data on Azure. Hear from experts on the latest tools and resources to get more out of our SAP data on Azure and learn from customer examples on using your SAP data on Azure to drive business outcomes.

?

Microsoft 365

SharePoint eSignature (1st party)

Request electronic signatures and easily sign using SharePoint eSignature, while keeping your content in Microsoft 365 throughout the signing process. Today, business is done digitally – from document creation and review to approvals and reuse. One of the fastest growing document transactions is electronic signatures. The signing process should be easy, secure, and within the flow of your business processes. With SharePoint eSignature, you can request signatures, and sign and store documents all while keeping your signed documents secure and compliant.

Real-Time Collaboration | Microsoft Loop Updates for Admins (1st party) [VIDEO]

Synchronize collaboration across your favorite app experiences and devices with Microsoft Loop, our Microsoft 365 co-creation app. Use Loop components to work fluidly with others, while staying in your favorite collaboration app for a connected and interactive experience. Content is always live and up-to-date. View and organize all your loop activity and provide a collaborative shared workspace for everyone to work together across projects using the Loop app. Generative AI with Microsoft 365 Copilot is integrated throughout the experience to help generate content without starting from scratch. Derek Liddell, Principal PM Manager for Microsoft Loop shares the latest user updates, and configuration, data security, and compliance controls for Microsoft 365 admins.

Microsoft Stream: The Future of Video in Microsoft 365 (1st party)

The future of video at work is bright and promising with Microsoft Stream, the enterprise video solution within Microsoft 365. Today, we’re introducing new experiences that put video into the flow of your everyday work. With new tools and features such as Copilot, quick trim, translations, video playback and recording in Outlook, and more, you’ll be able to make your videos more engaging and accessible to people at your work or school.

General availability of Viva Connections announcements (1st party)

We are excited to announce general availability of the Viva Connections announcements. This feature is now available in all normal Microsoft 365 tenants worldwide. Announcements allow you to create and share time-sensitive messages in Viva Connections. You can set up, manage, and schedule announcements from your organization’s SharePoint home site or directly from the Viva Connections user interface if you have the required permissions. Viva Connections announcements is part of a larger set of updates rolling out by end of 2023 and early 2024, packaged under the Viva Connections version 3. These updates are providing new set of features and capabilities for the Viva Connections experiences across mobile, tablet and desktop experiences.

New ways Microsoft Copilot and Viva are transforming the employee experience (1st party)

The rapidly evolving promise of AI can enable individuals to be more productive. But it can also make navigating work life in the moments that matter much easier than before – improving overall employee engagement and building a high-performance organization to drive towards better business outcomes. Today at Ignite, we announced new innovations in Copilot for Microsoft 365—combining the power of large language models, web search, your data in the Microsoft Graph and the Microsoft 365 apps, to help you unlock productivity and unleash creativity every day. Amongst these innovations we unveiled are exciting new connected experiences and insights between Copilot for Microsoft 365 and Microsoft Viva – applying AI to positively transform the employee experience.

Extend Copilot for Microsoft 365 using Teams message extensions (1st party) [VIDEO]

Seamlessly connect Copilot for Microsoft 365 to your preferred Line of Business and SaaS applications. In addition, discover how to enhance the user experience on Teams and Outlook through the integration of message extensions, empowering you to tailor Copilot for Microsoft 365 to your workflow needs.

Extensibility options for Microsoft Copilot for Microsoft 365 (1st party)

There’s a growing number of ways you can expand, enrich, and customize Copilot with plugins and Graph connectors. This article will discuss and compare Copilot extensibility options. Create plugins to extend Copilot's capabilities, such as crafting a Microsoft Teams message extension or a Power Platform connector. Alternatively, employ connectors to seamlessly integrate your enterprise data into the Copilot for Microsoft 365 experience. You have more than one way to personalize Copilot for Microsoft 365 with the intelligence of external services, apps, and data.

Extend Copilot for Microsoft 365 with external data with Graph connectors (1st party) [VIDEO]

Join Brian Jackett, Program Manager on the Microsoft Graph team, in this enlightening video as he explores the integration of external data sources into Microsoft Graph and Semantic Index using Microsoft Graph connectors. Watch as he walks through real-world examples of the power of extending Microsoft Copilot for Microsoft 365 with more of your organization's content.

?

Windows 365 and Azure Virtual Desktop

AMA: Windows in the Cloud - November 22, 2023 (1st party) [VIDEO]

Join us every month with your questions about Windows 365 features, deployment, customization, and best practices. During these one-hour Ask Microsoft Anything (AMA) events, we'll have members of the Microsoft engineering and product teams ready to help and provide answers. Not sure where to start? Watch our Windows in the Cloud web series to catch up on the latest.

Windows 365 hands-on episode 2: Using Passkeys with Windows 365 (3rd party) [VIDEO]

Welcome to Windows 365 hands-on! In episode 2 we had the pleasure to welcome Michael Mardahl who will join Morten Pedholt talking about Passkeys with Windows 365.

?

Microsoft Defender

Does Security Copilot include access to Microsoft Defender Threat Intelligence (MDTI)? (1st party)

Yes. All threat intelligence data from Microsoft Defender Threat Intelligence (MDTI) powers Security Copilot – at no extra cost. Security Copilot will include MDTI access via API, MDTI Workbench and MDTI analyst seats (same number as Security Copilot seats) at no extra cost. MDTI standalone SKUs continue to be available for customers who don't want to purchase Security Copilot.

Microsoft Defender XDR Timeline (1st party)

The timeline represents activities and alerts observed from a user's identity in the last 30 days. It unifies the user's identity entries across Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint workloads. By using the timeline, you can focus on activities a user performed or were performed on them in specific timeframes.

Enterprise IoT security is now included in Microsoft 365 E5 and E5 Security plans (1st party)

In this evolving digital landscape, more organizations are adopting enterprise IoT (eIoT) to streamline their business processes. According to Transforma Insights, IoT connections are expected to double to 30 billion by 20301. The surge in IoT adoption is expected to outnumber IT devices 3:1 by 20252 and expand the attack service exponentially. Organizations need a security solution that evolves with their existing endpoint security investments and empowers the SOC to secure IT and eIoT devices centrally. To help organizations achieve a more holistic endpoint security strategy that traverses both IT and eIoT devices easily, we are thrilled to announce that the eIoT security capabilities of Microsoft Defender for IoT are now included with Microsoft 365 E5 and E5 Security plans at no additional cost for new and existing customers.

BlueHat Conference sessions available (1st party) [VIDEO]

The 21st edition of Microsoft’s BlueHat security conference ran from Oct 11 to Oct 13, 2023, in Redmond, WA USA. Here is a YouTube playlist of 27 of the sessions from the conference. Hear directly from industry experts on a wide range of new and interesting security trends and technologies.

The Future of Security with AI (1st party) [VIDEO]

While the new era of AI presents unprecedented opportunities to elevate human potential, it also ushers in a new set of unknowns and risks. In this session, Charlie Bell and Vasu Jakkal will share how Microsoft is delivering AI for security with Security Copilot, and how we are enabling organizations to secure and govern AI with new capabilities.

Hairless in the Cloud - 097 - Ignite 2023 - Defender for Endpoint (3rd party) [VIDEO]

Paul Huijbregts is a Principal Product Manager for Defender for Endpoint and a legend in the team. We talk about the latest improvements he and his team is working on, like for example MDE for Windows Subsystem for Windows.

?

Azure

Start Your Cloud Adoption Journey with the New Azure Expert Assessment Offering! (1st party)

Are you looking for a way to accelerate your cloud journey and optimize your IT infrastructure, data, and applications? If so, you might be interested in the brand new Azure Expert Assessment Offering!? It is being launched as a new option within the Microsoft Solution Assessment Program.? This is a free one-to-one offering from Microsoft that helps you plan your cloud adoption by collaborating with a Certified Azure Expert who will personally guide you through the assessment and will make remediation recommendations for your organization. Azure Expert Assessment is a new offering where you will receive an assessment to help plan your cloud adoption, by collaborating with a Certified Azure Expert. It is designed with automation in every step of the engagement to expedite your unique assessment needs, whether it be SQL server migration, Windows server migration, FinOps and the Azure Well-Architected Review.? The assessment will provide you with a clear technical roadmap and a comprehensive business case to support your cloud strategy. You will also get access to best practices, tools, and resources to help you implement your cloud solutions.

Microsoft Azure delivers purpose-built cloud infrastructure in the era of AI (1st party)

At Ignite, we’re announcing innovation in Microsoft Azure that is powering more AI capabilities for our customers and helping enterprises with their cloud management and operations. We’re committed to bringing your AI ambitions to production and meeting you where you are. Whether you choose to build hybrid, cloud-native, or open source solutions, we’re rapidly expanding our infrastructure and adding intuitive tools for customers to help take your ideas to production safely and responsibly in this new era of AI. With Azure, you can trust that you are on a secure and well-managed foundation to utilize the latest advancements in AI and cloud-native services. Azure is adaptive and purpose-built for all your workloads, helping you seamlessly unify and manage all your infrastructure, data, analytics, and AI solutions.

Public preview: Private subnet (1st party)

Announcing the public preview for the ability to create private subnets. Currently, when virtual machines are created in a virtual network without any explicit outbound connectivity, they are assigned a default outbound public IP address.? These implicit IPs are subject to change, not associated with a subscription, difficult to troubleshoot, and do not follow Azure's model of "secure by default" which ensures customers have strong security without additional steps needed.? (The depreciation for this type of implicit connectivity was recently announced and is scheduled for September 2025.) The private subnet feature will let you prevent this insecure implicit connectivity for any newly created subnets by setting the "default outbound access" parameter to false.? You can then pick your preferred method for explicit outbound connectivity to the internet.

Public Preview: Azure Monitor Agent JSON log collection (1st party)

Azure Monitoring Agent now supports collection of JSON for ingestion into Log Analytics. Today we are happy to announce the public preview JSON Log collection for AMA. This new capability is designed to enable customers to collect their JSON formatted logs generated in their service or application and ingested into a Log Analytics Workspace table for analysis. You must be using the AMA agent to use custom JSON logs. The MMA agent is being deprecated, so now is a good time to migrate to AMA.

Elasticsearch enables next-gen search with Azure OpenAI Service (1st party)

Elastic specializes in search technology that helps customers, employees, and organizations find what they need faster while ensuring data security and keeping mission-critical applications running smoothly. Because its customers wanted a managed solution that was easy to operate, secure, and scalable, Elastic built Elastic Cloud using Microsoft Azure. Demand for Elastic Cloud has grown at twice the rate of the company’s on-premises solutions, while customers reap improved efficiency and better search results, by adding vector search tools that take advantage of Azure OpenAI Service.

Resiliency policies now available in Azure Container Apps (1st party)

We are thrilled to announce the public preview of Azure Container Apps resiliency policies. With this new resiliency feature, you can seamlessly recover from service and outbound dependency request failures just by adding simple policies, like timeouts, retries, and circuit breakers. The Distributed Application Runtime (Dapr) powers the resiliency feature behind the scenes; however, you don’t need any special Dapr code to configure resiliency policies. Resiliency policies can be authored and managed via Bicep (ARM), the Azure CLI, and the Azure portal. When an application activates a policy, you can use logs and metrics to confirm that the resiliency behavior is executed as you’d expect.

How Azure is ensuring the future of GPUs is confidential (1st party)

In Microsoft Azure, we are continually innovating to enhance security. One such pioneering effort is our collaboration with our hardware partners to create a new foundation based on silicon, that enables new levels of data protection through the protection of data in memory using confidential computing. Data exists in three stages in its lifecycle: in use (when it is created and computed upon), at rest (when stored), and in transit (when moved). Customers today already take measures to protect their data at rest and in transit with existing encryption technologies. However, they have not had the means to protect their data in use at scale. Confidential computing is the missing third stage in protecting data when in use via hardware-based trusted execution environments (TEEs) that can now provide assurance that the data is protected during its entire lifecycle.

Azure Monitor Logs archive provides up to 12 years of retention (1st party)

Over a year ago, Azure Monitor Logs launched a log archive solution that retains logs for up to seven years at a reduced cost. This capability is valuable for many customers with regulations that require them to retain data for long periods. Since the archive capability was launched, we’ve seen constant growth in the number of customers taking advantage of log archiving and an increase in the time customers choose to retain their archived data. We’ve also seen demand from many customers who need an archive solution for longer periods, beyond the supported seven years. Some examples are tax authorities and healthcare regulations in some countries, which require data retention for 10 to 12 years. After deep technical discussions and evaluations, we are happy to announce that we’ve extended the supported retention period, and Azure Monitor Logs now supports up to 12 years of data retention.

Announcing general availability of vector search and semantic ranker in Azure AI Search (1st party)

Over the past few months, we have delivered new capabilities as part of our goal to ensure our customers find the best the market has to offer in Azure AI Search when it comes to retrieval systems for generative AI applications. Today, we are pleased to announce vector search and semantic ranker (previously known as ‘semantic search’) are now generally available in Azure AI Search. Vector search in Azure AI Search, offers a comprehensive vector database solution to store, index, query, filter and retrieve your AI data in a secure, enterprise-grade environment.

What is Azure OpenAI Service? (1st party)

An Azure AI service that allows developers to use large-language generative AI models for enterprise-grade applications. Developers can apply these coding and language models to a variety of use cases, such as writing assistance, content generation, code generation, summarization and more. With built-in responsible AI and enterprise-grade Azure security, the service is designed to detect and mitigate harmful use.

Bye bye Azure Functions, Hello Azure Container Apps: Migration of the existing test environment (3rd party)

In this series of posts, we've been looking at the process we went through to migrate APIs that support one of our internal applications from Azure Functions to Azure Container Apps. Part one, covers the background to the project, and parts two three and four go into details about the changes that were needed to get the code running on ACA. This part of the series is a bit of an anomaly; as we mentioned in part 3, our application was hosted in Azure's UK South region. At the time we were going through this process, ACA wasn't available in UK South. We decided to press on anyway, but this meant we needed to migrate other resources - App Configuration, Key Vault and storage - across to North Europe, where we ended up deploying our ACA instance.

Understanding Terraform Dependencies on Azure - Terraform on Azure Part 5 (3rd party)

Dive into the intricate world of Terraform dependencies with this insightful guide. Learn how Terraform's dependency graph orchestrates and streamlines cloud infrastructure provisioning on Azure, complete with practical examples. Previously, we explored Terraform’s state file. Today, we’ll dive into the heart of Terraform’s magic: the dependency graph. Understanding this concept is crucial for efficiently managing and provisioning cloud infrastructure with Terraform.

?

Server

What’s New in Windows Server v.Next | BRK403 (1st party) [VIDEO]

If you are looking to run business critical workloads Windows Server v.Next is the answer. We'll provide an overview of Windows Server v.Next, a platform that enables IT professionals and developers to modernize their applications and enable hybrid use cases. Topics covered: Active Directory, File Server, Storage, Hyper-V, Security, and more. Discover how the latest innovations in this release can help your organization enhance its security, achieve better performance, and reduce costs.

?

Identity Protection and Management

Accelerate your Zero Trust journey with unified access controls (1st party) [VIDEO]

Learn how to simplify your Zero Trust architecture with universal policies for any access point, from legacy on-premises resources to cloud apps and web, without code changes. The identity-centric Security Service Edge (SSE) solution in Microsoft Entra takes Conditional Access to a new level, protecting any network destination with granular access controls that consider identity, device, and network. Secure access for anyone to anything from anywhere with unified identity and network access.

Windows LAPS: enhancements and roadmap (1st party) [VIDEO]

Learn about recent improvements to Windows LAPS and how they can help you deploy and use the feature. Also learn about the future plans we are working on!

Prevent AiTM with Microsoft Entra Global Secure Access and Conditional Access (3rd party)

Microsoft Entra Global Secure Access brings a new control to Conditional Access. By installing the Global Secure Access Client on (hybrid) Entra joined devices and enabling Global Secure Access signaling for Conditional Access, admins can now work with a new condition: All Compliant Network locations (Preview). That means we can add another layer to our tenant to prevent token theft and replay. Let’s have a first look.

Achieve higher Entra ID security with certificate bindings! (3rd party)

Microsoft Entra ID, formerly known as Azure Active Directory, is a cloud identity and access management solution that controls application access and protects identities. The term “Achieve higher security with certificate bindings” refers to a feature of Microsoft Entra ID that enhances user authentication security. This feature is part of the certificate-based authentication (CBA) process. Certificate bindings refer to the methods used to bind a certificate to a user’s identity, enhancing the security of the authentication process. There are seven supported methods for certificate bindings. These methods are considered high-affinity if they’re based on identifiers that can’t be reused, such as Subject Key Identifiers or SHA1 Public Key. This way, Microsoft Entra ID provides a secure and efficient way for users to authenticate and access applications.

?

Information Protection and Management

Top insights and best practices from the new Microsoft Data Security Index report (1st party)

A whopping 74 percent of organizations recently surveyed experienced at least one data security incident with their business data exposed in the previous year. That’s just one of our interesting insights from Microsoft’s new Data Security Index: Trends, insights, and strategies to secure data report, released today. Data security is a cornerstone of effective cybersecurity programs. Notably, of the security decision-makers we spoke to, the vast majority (89 percent) consider their data security posture critical to their overall success in protecting their data.

Learn Live: Prepare for, implement, and secure Microsoft 365 Copilot (1st party) [VIDEO]

This session examines the key tasks that administrators must complete as they prepare to implement Microsoft 365 Copilot, such as completing prerequisites, preparing data for searches, and assigning Copilot licenses. Then we will see how Microsoft 365 Copilot adheres to existing privacy and compliance obligations, how it ensures data residency and compliance boundary, and how it uses access controls and isolation to protect sensitive business data.

Elevating communication compliance with Microsoft Purview (1st party)

Amid a digitally driven business landscape that’s shaped by technology fusion and hybrid work models, the spotlight on communication compliance shines brighter than ever. Intensified by strict regulations and pervasive cross-platform communication, organizations are navigating a vast amount of data to satisfy communication compliance mandates. These heightened compliance standards also lead to increased penalties. For example, in 2022 the United States Securities and Exchange Commission imposed a combined $1.8 billion in fines on investment banking firms because employees had violated communication requirements by discussing business matters using company apps on personal devices. To avoid similar penalties and adhere to regulations, organizations need a solution that fosters safety and compliance across all communication channels. With Microsoft Purview Communication Compliance, organizations can swiftly detect, capture, and remediate potential risks.

Unleash the Future of Communication Compliance at Microsoft Ignite 2023 (1st party)

Ensuring robust communication compliance is more crucial than ever. In today’s dynamic digital business landscape, defined by technology integration and the rise of hybrid work models, organizations must navigate a vast sea of data while adhering to stringent compliance mandates to avoid significant penalties, such as the eye-opening $1.8 billion in fines levied on top investment banks by the United States Securities and Exchange Commission (SEC) in 2022(1). These penalties were a result of employees violating communication requirements by using personal devices and company applications for business discussions. Microsoft Purview Communication Compliance emerges as a strategic ally, a comprehensive solution armed with advanced AI capabilities. It swiftly identifies, captures, and addresses potential communication risks, offering seamless data security and compliance integration with everyday operations. This solution is not tethered to a single platform but seamlessly integrates with various communication channels, from Microsoft Teams to Microsoft Viva Engage, Microsoft Exchange email, and applications like Instant Bloomberg. It’s an adaptive response to the evolving digital landscape, where data security and compliance are paramount.

Now in Public Preview: Microsoft Purview integration with Microsoft Dataverse (1st party)

In the previous blog Govern your business applications data with Microsoft Purview, we announced the private preview for the integration between Microsoft Purview and Microsoft Dataverse. With the integration, organizations can enable automated data discovery and sensitive data classification by scanning their Dataverse environments, and better understand and govern their data estate from Microsoft Dynamics 365 and Microsoft Power Platforms. Today we are excited to announce that integration is launching to public preview. You can now start to scan your Dataverse environments and enrich your Microsoft Purview Data Map. The integration is only available for the enterprise version of Microsoft Purview.

Overview of Microsoft 365 Backup (Preview) (1st party)

Microsoft 365 Backup is currently in preview and will be rolling out to tenants in late 2023 or early 2024. You can set up billing for the product as described in Set up Microsoft 365 Backup. Once Microsoft 365 Backup has been deployed and is available for use in your tenant, you'll see it in the Microsoft 365 admin center page under Settings. During the preview period, performance and speed of web interfaces, initial configuration, and restores might be slower than expected as we scale up our infrastructure to remove undesirable latency from our system.

Microsoft 365 Backup Heading for Public Preview in December (3rd party)

A year ago, Microsoft announced their intention to enter the backup market with a product to backup Exchange Online and SharePoint Online data. Roll on to Ignite 2023, and Microsoft announced that a paid public preview will begin later this year (probably in December after the U.S. Thanksgiving holiday period.) I expect general availability will follow in 2024. According to the SharePoint Premium announcement, the Microsoft 365 Archive product is now available.

Enabling the Organizational Assets Library for Your Intranet (3rd party) [VIDEO]

Welcome to this YouTube series with Microsoft MVP Vlad Catrinescu & Sebastien Levert, Senior Program Manager at Microsoft!? We used to run a workshop together on Building the Ultimate Modern SharePoint Online Intranet? - and we decided to record it for YouTube - and make it available for everyone for free! In this ninth video of the series - we will learn what the organizational assets library is and how to use it!

?

Intune

Mastering Endpoint Management: Unveiling the new Microsoft Intune Advanced Deployment Guide (2023) (1st party)

Endpoint device management and security are critical for every organization, especially in the era of hybrid work and ransomware attacks. That’s why we are excited to announce the updated Microsoft Intune Advanced Deployment Guide (2023), a comprehensive resource to help you set up, configure, and optimize Intune for your organization’s needs. In this blog post, we will give you an overview of what’s new in the guide, how it can benefit you, and how you can get started with it today. The new guide gives you a roadmap to set up and configure Intune and includes enhanced tools to simplify deployment. Whether you are new to Intune or a seasoned pro, this guide will help your organization secure and optimize your device management settings and information technology operations.

Microsoft Intune reinvents Mac management (1st party) [VIDEO]

Learn about the latest developments in Intune Mac management that help simplify your IT workflows and better secure your complete device estate. Get a sneak peek into how we are innovating, including feature demos from the Intune Mac management roadmap.

Feedback wanted! IT made easy with low-code workflows (1st party) [VIDEO]

Let's talk! Find out what's available to simplify IT tasks with automation and orchestration. Share your company's goals around automating Intune with low-code/no-code solutions. Help shape Intune's direction around IT automation and orchestration.

Support tip: On-premises Intune Exchange connector will be turned off in January 2024 (1st party)

Microsoft Intune ended support for the on-premises Intune Exchange connector in July 2020, except for customers that were actively using it at the time. We’ll be ending support for all customers and turning it off on January 15, 2024. If you’re using the on-premises Intune Exchange connector, you’ll have received a notice in the Message center (MC673699) and you'll need to use a different method to enable Conditional Access for Exchange.

Troubleshooting the Cloud Policy service - part 2 (1st party)

Many customers have switched from Group Policy as a means for managing policies for Microsoft 365 Apps for enterprise on Windows devices, to the Cloud Policy service which allows administrators to configure policies for a large number of Microsoft 365 apps and services, including full support for Microsoft 365 Apps for enterprise on Windows as well as the other platforms, from a single administration experience. To accomplish this, a supported application makes a “check-in” call, passing the user’s authentication token, to one of the 5 platform specific Cloud Policy service “check-in” APIs.? When the application receives a successful response, it processes the response and determines which policies in the response need to be enforced based on which policies that application supports.

How to Install Fonts on macOS using Intune (3rd party)

In this article, we’ll show you how to install fonts on macOS using Intune. We will use the InstallFontsmacos.sh shell script to deploy custom font files on Mac devices using Intune. Intune allows administrators to remotely manage and configure various aspects of macOS devices, including font installations. One of our customers requested that we deploy a set of fonts on Mac devices. Because the Mac devices were already in Intune, all that was needed was a shell script to install the fonts.

Delivery Optimization Recommendations for Microsoft Intune (3rd party)

For those of you still having machines in an office type setup, you can reduce the load on your Internet link, and speed up downloads from Microsoft Intune quite a bit, by creating a device configuration profile with settings for Delivery Optimization (DO). For this post we prepared 18 Win32 apps in Intune of different sizes, ranging from 2MB up to 5GB, single files, multiple files, and deployed them to five machines in the same location. We then wrote down the deployment times and reviewed the network traffic. For the various tests we used a shared Internet connection of 100 mbit/s.

?

Device Management

What’s new with Windows at Microsoft Ignite 2023! (1st party)

This week at Microsoft Ignite, we're showing you how Windows is empowering employees and IT in the AI-enabled and cloud-powered future. As an operating system, Windows makes computing accessible to billions. But we're not stopping there. We believe that everyone can use technology to do and achieve more. We think technology should be more intuitive, helpful, and useful for all of us, workers and IT alike. To that end, Windows is unlocking a whole new way of working, making artificial intelligence (AI) available to more people across any device. Today we unveiled some exciting new features and updates for Microsoft Copilot, Windows 365, and Azure Virtual Desktop. These products are designed to enhance the productivity, security, and flexibility of Windows across different devices and scenarios.

Challenge or opportunity? Authentication, end-user education, and reporting when upgrading to Windows 11 (1st party)

As the end of support for Windows 10 in October 2025 approaches, it’s time to transition to Windows 11. Many of you are well on your way in this journey. But, if you’re an IT professional preparing to upgrade your devices to Windows 11, you might be wondering how to do it more efficiently and smoothly, without disrupting users or compromising compliance. I am a Windows and Intune Subject Matter Expert on the FastTrack team, and I’ve been working with enterprise customers over the last year on upgrading their Windows 10 devices to Windows 11. Overall, many have been surprised by what a smooth process this is, especially when leveraging Windows Update for Business and Microsoft Intune.?

Copilot coming to Windows 10 (1st party)

Today, we start to roll out Copilot in Windows (in preview) for Windows 10, version 22H2 to Windows Insiders in the Release Preview Channel. Bringing Copilot to Windows 10 enables organizations managing both Windows 11 and Windows 10 devices to continue considering a rollout of Copilot in Windows and provide this powerful productivity experience to more of their workforce.

Introducing: Configuration Manager SSRS Dashboards (3rd party)

Introducing a free solution of dashboards and reports, for Microsoft Endpoint Configuration Manager. The wealth of data these reports offer is like nothing you have ever seen, and they can help you troubleshoot a wide array of problems.

Lies, Damned Lies, and Statistics - Delivery Optimization by the Numbers (3rd party)

Doing research is a passion of mine, and there are a few weekends when I don’t sneak down to the lab for a few hours to test something. This weekend was no exception, and I sought answers to how much Internet traffic 25 freshly deployed Windows 11 23H2 clients would generate by just being online for a few hours. When you deploy a Windows 11 23H2 machine and log in as a normal user, you will find that the operating system, by default, will start to both install additional applications and update existing native applications and components to Windows in the background. The Windows P2P technology doing these downloads is Delivery Optimization, or DO for short, a native service in Windows 10 and Windows 11 (and Windows Server 2019 and Windows Server 2022).

"Surface Laptop Studio 2 is one of our most repairable devices": Microsoft demonstrates how to teardown and repair your own PC (3rd party)

Microsoft posts official walkthrough videos highlighting how much easier it is to disassemble the Surface Go 4 and Surface Laptop Studio 2 PCs in a win for repairability. Until recently, Microsoft had made the repairability of Surface devices more daunting than competitors. Of course, this aspect isn't an issue for users still covered under its official warranty repair service. Luckily, in the past few months, the company has doubled down on its efforts to enhance the repairability of these devices.

Windows 11 tests energy saver mode for both laptops and desktop PCs (3rd party)

Microsoft is adding an energy saver mode for Windows 11 Insiders (Build 26002) that “extends and enhances” the existing battery saver option. The new mode doesn’t apply to just laptops like battery saver does — you can also use energy saver on a desktop computer if you want to conserve electricity, too. Aside from availability on both desktop devices and laptops (even when they’re plugged in), energy saver works pretty much the same as battery saver mode.

Windows Verbose Status (3rd party)

By default, Windows servers display lots of details when you logon to them and rarely leave you wondering what it’s doing. If a computer is taking a long time to log in, from the user’s perspective, it looks like the computer would just sit at Welcome for 15 minutes. Yes, you can go dig into the event logs and see what’s causing that or you could make it so the computer can output what it’s doing, making it so the users can provide you with more useful information. To do this you need to enable verbose statuses. In this post, I will detail step-by-step how to enable the Windows verbose login status with a GPO or Intune.

?

Scripting and Automation

PowerShell 7.4 General Availability (1st party)

As we come to towards the end of 2023, we are excited to announce the general availability of PowerShell 7.4! This release is built on .NET 8 and similarly, is our latest Long Term Support (LTS) release supported for 3 years. Since PowerShell 7 is supported on Windows, Linux, and macOS, there are a variety of ways to get it. If you installed the previous PowerShell 7 stable release (7.3) via the Windows Store or MSI (and opted into Microsoft Update), you will be automatically updated to 7.4 GA.

Terminal Chat in Windows Terminal Canary (1st party)

At Build 2023, we announced that Windows Terminal users will be able to take advantage of natural language AI to recommend commands, explain errors and take actions within Windows Terminal. Since then, we have been listening to customer feedback and iterating on our AI chat experiments in Windows Terminal. The Windows Terminal team is committed to transparency, and we want to give the open-source community an opportunity to help us define what AI looks like in a terminal application. As a result, we are open sourcing our work on Terminal Chat, our AI chat feature. Open sourcing this feature will allow developers to get a chance to try this experience and build it with us.

Enable PowerShell SSH Remoting in PowerShell 7 (3rd party)

In this blog post, we will have a look at how you can enable and set up PowerShell SSH Remoting or PowerShell Remoting over SSh with PowerShell 7. With PowerShell Core 6, Microsoft introduced PowerShell 7 Remoting over SSH, which allows true multiplatform PowerShell remoting between Linux, macOS, and Windows. PowerShell SSH Remoting creates a PowerShell host process on the target machine as an SSH subsystem. Normally, Windows PowerShell remoting uses WinRM for connection negotiation and data transport. However, WinRM is only available on Windows-based machines.

Patch My PC and PSAppDeployToolkit join forces! (3rd party)

At MMSMiami, it was announced that PSAppDeployToolkit has partnered with Patch My PC - a leader in the 3rd party software update management space. Patch My PC is taking on a stewardship role of the PSAppDeployToolkit code repo. All of us are committed to keeping the toolkit Open Source and free to use. We are gearing up for accelerated innovation, enhancing the toolkit’s capabilities and solving some long-standing issues. This partnership isn’t just about growing; it’s about strengthening our commitment to providing a top-notch tool for the community. With #PatchMyPC’s expertise and resources, we’re set to bring you more features, customization, stability, and efficiency in your software deployment processes.

?

Security Tools and Guides

Stay ahead of rapidly evolving cyberthreats: 8 ways to modernize your security operations (1st party) [FREE]

As cyberattacks grow increasingly sophisticated, it’s more important than ever to equip your security teams with adaptable solutions. Get the infographic, Stay ahead of rapidly evolving cyberthreats, t explore eight ways to modernize your security operations and help protect your enterprise, discover how intelligent solutions make it easier for your security teams to detect, investigate, and respond to threats, and learn how to see and stop threats with Microsoft Sentinel—a cloud-native security information and event management (SIEM) solution, enriched by AI and automation.

7 common mistakes companies make when creating an incident response plan and how to avoid them (3rd party)

Cisco Talos recently covered the basics of NIS2, a new set of requirements for cybersecurity and security incident disclosures set to take effect next year in the European Union. To comply, Talos IR recommends creating or updating your organization’s incident response (IR) plan, along with the Information Security Policy, Business Continuity and Crisis Management Plan. The IR plan is a crucial document for each organization’s cybersecurity practice and should be among the first documents to be updated to comply with NIS2. Below, we’ll outline seven common pitfalls that organizations make when creating or updating an incident response plan. Avoiding some of these common mistakes ensures your organization’s plan will be updated faster and is more thorough, so you are ready to act when, not if, an incident happens.

Introducing Eclipse ThreadX (3rd party)

Every once in a while, a new open source initiative comes along which is truly an industry changing event. Today, Microsoft announced that Azure RTOS, including all of its components, is going to be made available as the Eclipse ThreadX open source project. This new project is exactly what the highly fragmented embedded software market has needed for a very long time. ThreadX is going to be the world’s first open source real time operating system Certified for functional safety and security.

?

Microsoft News

Adopt, extend, and build Copilot experiences across the Microsoft Cloud (1st party)

Microsoft offers a variety of Copilot assistants that can be adopted to enhance user productivity and creativity. Copilot is integrated into various Microsoft platforms and products, providing a more interactive and efficient digital workspace. Users can effortlessly adopt Copilot to streamline their workflows, while developers or creators have the flexibility to extend Copilot by integrating custom data. The core features that Copilot is built upon can also be used to build custom copilot solutions, which can be seamlessly integrated into new or existing applications.

Adopting Extending and Building Your Own Copilots (1st party) [VIDEO]

We know you've heard of Copilots but did you know that you can not only Adopt existing copilots but also Extend many of the Microsoft copilots using your own data and ALSO build your OWN copilot using your own data? In this session, you will learn no-code, low-code and high-code ways that you can use the Microsoft Copilot stack to maximize your data in this AI-verse. We will be exploring the Power Platform Copilots, Dynamics Copilots, Windows Copilot, M365 Copilots and more!

Microsoft named a Leader in 2023 Gartner Magic Quadrant for Access Management for the 7th year (1st party)

Today, we are honored to announce that for the seventh year in a row, Microsoft has been named a Leader in the 2023 Gartner Magic Quadrant for Access Management. We believe Microsoft’s placement in the Leaders quadrant validates our commitment to empowering our customers with a comprehensive solution powered by AI and automation. Microsoft Entra’s mission is to help you stay ahead of the evolving digital threat landscape by making it easier to secure access to everything, for everyone, from anywhere. This year, we released several key innovations in pursuit of this goal.

HPE transforms to cloud-native endpoint management with a rapid Intune migration (1st party)

Hewlett Packard Enterprise (HPE) is a global edge-to-cloud server, storage, and networking equipment manufacturer and IT services company based in Houston, Texas. Its more than 62,000 employees and 25,000-plus contractors help businesses turn data into insights and actions with greater security. To enable and enhance these efforts as efficiently as possible, the company recently implemented an enterprise-wide solution that uses Microsoft Intune for Mobile Application Management without enrollment and Windows mobile device management.

Microsoft Ignite 2023 Highlights – Copilot, Azure, SharePoint Premium, and more! (3rd party) [VIDEO]

It’s been a while, but the MS Refresh pair is back to talk about all their highlights from the Copilot-soaked event that was called Microsoft Ignite 2023. While AI stole the show, there was plenty to be happy about and… not so thrilled about. Microsoft Planner is taking over Project for the Web (for free!), but at the same time there are a now a bunch of services getting a “Premium” after their name. Join Matt and Sean on this winding path through what it means to live in a world where one of the largest companies in the world thinks you can’t live your life alone anymore.

Microsoft Paint adds DALL-E 3 AI support from OpenAI to keep the creative juices flowing in Windows 11 (3rd party)

In the past few months, we've seen Microsoft double down on its efforts to integrate AI capabilities across most (if not all) of its products and services. As expected, it was only a matter of time till the effect trickled down to Microsoft Paint. Now, the company is making good on yet another promise by integrating DALL-E 3 technology into its Microsoft Paint app. As you might recall, Microsoft had already begun testing a handful of nifty features in Microsoft Paint with Windows Insiders (Dev and Canary channels), including support for layers, transparency, the addition of a background removal tool, and the Cocreator feature.

?

Security News

Ransomware gang files SEC complaint over victim’s undisclosed breach (3rd party)

The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. Earlier today, the threat actor listed the software company MeridianLink on their data leak with a threat that they would leak allegedly stolen data unless a ransom is paid in 24 hours. MeridianLink is a publicly traded company that provides digital solutions for financial organizations such as banks, credit unions, and mortgage lenders.

A deep dive into Phobos ransomware, recently deployed by 8Base group (3rd party)

Cisco Talos has recently observed an increase in activity conducted by 8Base, a ransomware group that uses a variant of the Phobos ransomware and other publicly available tools to facilitate their operations. Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan. This commodity loader typically drops or downloads additional payloads when deployed. In 8Base campaigns, however, it has the ransomware component embedded in its encrypted payloads, which is then decrypted and loaded into the SmokeLoader process’ memory. 8Base’s Phobos ransomware payload contains an embedded configuration which we describe in this blog. Besides this embedded configuration, our analysis did not uncover any other significant differences between 8Base’s Phobos variant and other Phobos samples that have been observed in the wild since 2019.

Okta security breach affected all customer support system users (3rd party)

All Okta customer support system users were impacted by a security breach announced last month, the company’s chief security officer said Wednesday — revealing that the breach was far larger than previously understood. Last month, the company said hackers were able to access “files inside Okta’s customer support system associated with 134 Okta customers.” Several of the Okta customers affected — including Cloudflare, 1Password and BeyondTrust — criticized the company for its handling of the incident. BeyondTrust notified Okta of a potential security incident in early October but it took the company two more weeks before they were able to fully get the hacker out of their system.

FBI shares tactics of notorious Scattered Spider hacker collective (3rd party)

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation. Scattered Spider, also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra, is adept at social engineering and relies on phishing, multi-factor authentication (MFA) bombing (targeted MFA fatigue), and SIM swapping to gain initial network access on large organizations.

We tried to quantify how harmful hospital ransomware attacks are for patients. Here’s what we found (3rd party)

On a Thursday in early August, staff at Manchester Memorial Hospital in Connecticut realized they’d been hit by a ransomware attack. What happened next is the stuff of nightmares. Manchester Memorial had to ask ambulances to take emergency patients elsewhere. They cancelled elective surgeries and worked without access to essential imaging equipment like X-rays and CT scans. With their electronic health records inaccessible, clinical staff had to revert to pen and paper. It took nearly six weeks before Manchester Memorial declared “all services back online.”

?

Industry Specific News

Customs and Port - 3 keys to transforming customs and port operations with generative AI (1st party)

The power of AI to improve customs is showing up in the baggage screening process at Heathrow Airport in London.?? Scanners designed to examine luggage and cargo are using a multispecies AI model to find evidence of illegal wildlife tracking, such as ivory pieces or animal skulls. This technology is part of a Microsoft AI for Good initiative called Project SEEKER which, in its first trial, had a 70% detection rate in scanning 250,000 items per day. Project SEEKER was introduced in 2021 and it was a harbinger of the transformative impact that advanced AI can have on customs and port operations. Since then, Microsoft Azure OpenAI Service and Microsoft copilots have given virtually every individual the opportunity to experience the power of generative AI for themselves. This has inspired governments around the world to seriously evaluate how they can employ AI to improve operations and efficiencies.

Education - Coming soon: AI Bootcamp for Educators (1st party)

Today’s students can benefit from developing AI proficiency, regardless of their career aspirations. Whether they’re studying computer science, business, agriculture, or any other major, they need to skill up on AI—and now is your opportunity to teach them. To that end, we’re happy to announce AI Bootcamp for Educators (coming soon), where you can learn how to empower your students with the market-ready, in-demand AI skills they need to open doors for more employment opportunities and job success. These customizable bootcamps, designed by Microsoft, can help faculty and instructors in higher education teach students practical AI skills with Microsoft Azure AI technology. They also teach you how to prepare students to earn Microsoft Credentials, including industry-recognized Microsoft Certifications and verified scenario-based skill sets with Microsoft Applied Skills credentials.

Healthcare - The Power of Prompting (1st party)

Today, we published an exploration of the power of prompting strategies that demonstrates how the generalist GPT-4 model can perform as a specialist on medical challenge problem benchmarks. The study shows GPT-4’s ability to outperform a leading model that was fine-tuned specifically for medical applications, on the same benchmarks and by a significant margin. These results are among other recent studies that show how prompting strategies alone can be effective in evoking this kind of domain-specific expertise from generalist foundation models.

Healthcare - Mitigation Guide: Healthcare and Public Health (HPH) Sector (3rd party) [PDF]

This Cybersecurity and Infrastructure Security Agency (CISA) Mitigation Guide offers recommendations and best practices to combat pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sector. Identified vulnerabilities in organizations across the HPH Sector present opportunities to mitigate risks before intrusions occur. Unmitigated vulnerabilities increase the likelihood of threat actors successfully employing malicious tactics, techniques, and procedures (TTPs) against HPH organizations.