Newsworthy Highlights |
Microsoft To Do app for iOS and Android launching in GCC
We are excited to announce that the iOS and Android apps for Microsoft To Do (a tool for managing and sharing tasks and lists) is rolling out to GCC (Government Community Cloud) users. The rollout begins in late August, with plans to be completed by mid-September. This launch will add the mobile apps to the web and Outlook functionality that GCC accounts already have today.
Basic Authentication Deprecation in Exchange Online – September 2022 Update
Starting October 1st, we will start to randomly select tenants and disable basic authentication access for MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell. We will post a message to the Message Center 7 days prior, and we will post Service Health Dashboard notifications to each tenant on the day of the change.
Today we are announcing an update to our plan to offer customers who are unaware or are not ready for this change. GCC customers check your tenant Message Center for further details.
Microsoft To Do app in GCC - what are the possibilities?
Since Microsoft To Do app is launching in GCC , what kinds of tasks are you planning to use it for in the GCC space? What would you like to see?
Microsoft 365 Government Adoption Resources
Empowering US public sector organizations to transition to Microsoft 365
Release News |
Exchange Online
August 2022 Exchange Server Security Updates and support for Windows Extended Protection feature
SharePoint / OneDrive for Business
The automated fix suggestion that help users rename the problematic files on Windows and thus resolv...
A new feature was implemented that changes the format that is used to create user photo names from a...
The Enterprise websites Microsoft Graph connector allows your organization to index articles and con...
Teams
Q&A in Teams lets organizers create and moderate Q&A for their Teams meetings
Users will be able to capture a short video and playback in-line in Teams desktop and mobile
Pre-assign channel members to breakout rooms
User requests for apps in Teams store
Microsoft Purview
Temporary rollback of Adaptive policy scopes for retention & label policies in GCC-High and DoD
eDiscovery API for Microsoft Graph now generally available
Security/Identity
Co-authoring on Microsoft Information Protection encrypted documents on mobile devices
Microsoft 365
Microsoft 365 Apps implications when Windows 7 and Windows Server 2008 R2 Extended Security Updates ...
Microsoft Forms: Utilize Office Apps Administrator Role for Forms Administration
Microsoft 365 Management Activity API Fix
Redesigned Dictate toolbar and an additional 25 languages available to Microsoft 365 Apps
References and Information Resources |
Microsoft 365 Public Roadmap
This link is filtered to show GCC, GCC High and DOD specific items. For more general information uncheck these boxes under “Cloud Instance”.
Stay on top of Microsoft 365 changes
Here are a few ways that you can stay on top of the Office 365 updates in your organization.
Microsoft Tech Community for Public Sector
Your community for discussion surrounding the public sector, local and state governments.
Microsoft 365 for US Government Service Descriptions
· Office 365 Platform (GCC, GCCH, DoD)
· Office 365 U.S. Government GCC High endpoints
· Office 365 U.S. Government DoD endpoints
· Microsoft Purview (GCC, GCCH, DoD)
· Enterprise Mobility & Security (GCC, GCCH, DoD)
· Microsoft Defender for Endpoint (GCC, GCCH, DoD)
· Microsoft Defender for Cloud Apps Security (GCC, GCCH, DoD)
· Microsoft Defender for Identity Security (GCC, GCCH, DoD)
· Azure Information Protection Premium
· Exchange Online (GCC, GCCH, DoD)
· Office 365 Government (GCC, GCCH, DoD)
· Power Automate US Government (GCC, GCCH, DoD)
· Outlook Mobile (GCC, GCCH, DoD)
Be a Learn-it-All |
|
Public Sector Center of Expertise We bring together thought leadership and research relating to digital transformation and innovation in the public sector. We highlight the stories of public servants around the globe, while fostering a community of decision makers. Join us as we discover and share the learnings and achievements of public sector communities. |
|
|
Message Center Posts and Updates for Microsoft Teams in GCC |
Looking for what’s on the map for Microsoft Teams and only Teams in GCC?
Go right to the GCC Teams Feature Communications Guide
Message Center Highlights |
SharePoint Online / OneDrive for Business
MC422162 — SharePoint: Update to Create Sites From the SharePoint App Bar
We are releasing an update to a Sharepoint feature that has already rolled out. With this change, sites created from the SharePoint app bar won't be automatically associated with a hub.
When this will happen:
Targeted Release: We will begin rolling out late August and expect to complete by early September.
Standard Release: We will begin rolling out early September and expect to complete by late September.
How this will affect your organization:
New sites created from the SharePoint app bar will not be associated to a hub site. This will not impact any existing sites.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC419387 — Upcoming changes as we prepare for transition from Stream (classic) to Stream (on SharePoint)
We want to make you aware of upcoming changes as we prepare for the transition from Stream (classic) to Stream (on SharePoint).
1. Provisioning of Stream classic by default to stop for new customers
· For new customers with requisite Stream license, if a user accessed Stream (classic) for the first time via URL or tile in Microsoft 365 app launcher, it provisioned classic Stream for them.
· Coming soon, this is going to stop. Stream (classic) will no longer be provisioned by default for such customers.
2. Stream tile in Microsoft365 app launcher to go to the new Stream app on Office.com
· Stream (Classic) is transitioning to Stream (on SharePoint). Until Stream (Classic) fully retires, you can decide which Stream experience is most appropriate for your users when they click on the Stream tile from the Microsoft 365 application launcher via a new setting that was added to the SharePoint admin center in July 2022. [MC381948]
· This setting is the “Stream App launcher tile” and currently has a default option of “Automatically switch to Stream (on SharePoint) when recommended” which will send users to Stream (Classic) when they click the Stream tile.
· Coming soon, we will automatically change the “Stream app launcher tile” setting’s default option to send users to Stream (on SharePoint) instead.
In addition, if your organization has never used Stream (Classic) in the past, we will no longer let you use that experience and instead you will use Stream (on SharePoint).
When this will happen:
· Standard: Rollout will begin mid-October and complete by mid-November.
· GCC: Rollout will begin mid-October and complete by mid-November.
How this will affect your organization:
1. If you are already using Stream (classic), there is no change for your organization.
· If no user from your tenant has accessed Stream (classic) before 17th October, it will not be provisioned for your organization
2. If you’ve not already changed the “Stream app launcher tile” setting and have kept the default, then your users will be taken to the new Stream (on SharePoint) experience when this change is rolled out.
What you need to do to prepare:
1. No action is needed with regards to provisioning of Stream classic.
2. If you do not want your users automatically directed to the new experience, you’ll need to take action to change the setting for your organization.
To set the Stream tile destination in the Microsoft 365 app launcher:
· Go to the Settings page of SharePoint admin center and sign in with an account that has admin permissions
· Select Stream App launcher tile
· Select Stream (Classic) if you want your users to remain navigating to Stream (Classic) from the Stream tile.
· Select Save. It takes about 5 minutes for this change to take effect.
Learn more:
· Direct the Stream app tile launcher to Stream (on SharePoint)
MC415902 — SharePoint: Configure Navigation Links to Open in a New Tab
Microsoft 365 Roadmap ID 93318
With this update, users will be able to manage the experience for each navigation item to open in a new tab.
When this will happen:
Targeted Release: We will begin rolling out in early September and expect to complete rollout out by late September.
Standard Release: We will begin rolling out in late September and expect to complete rollout by mid-October.
How this will affect your organization:
This new feature will allow you to configure how you would like your navigation links to open. You will have the option to be able to choose to open in the same tab or in a new tab for your site, hub, and global navigation items.
The new Open in a new tab option gives you greater flexibility in how your users can interact with your sites and allows you to better control how they navigate.
Note: The new open in new tab experience will not work on the footer control when initially available. This will become available at a later date.
What you need to do to prepare:
You do not need to do anything to prepare. Your navigation links will continue to open as they do normally today, until you make a change to their behavior using the new control.
Learn More:
· Customize the navigation on your SharePoint site
MC412836 — (Updated) Classic Global term store retirement – update
Updated August 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
In mid-November 2021 (MC289683), we announced the rollout of the modern experience of the global term store for Syntex & SharePoint admin center. Aligning with our modernization efforts, we will start retiring the classic experience of the term store and recommend all our users to use the modern term store
When this will happen:
Targeted release: This is expected to start in late October (previously early September) and continue till mid-November (previously mid-September).
Production Release: This is expected to start in mid-November (previously mid-September) and continue till late December (previously early October).
How this will affect your organization:
You can learn more about where you can find all the features on the classic term store in the corresponding modern term store of the SharePoint admin center: Open the Term Store Management Tool.
Since there are no changes to our backend, this update will only enhance the user interface of managing and curating terms on the term store. All the enterprise taxonomy created by your organization will continue to exist and will be visible from the modern term store.
Admins will start to see a banner on the classic Term store page. The banner will display the date when the page will be retired and a link to documentation describing where to find all the features in the new admin center. Sample below:
After the retirement date, the classic Term store page will be replaced with a redirect page to the new SharePoint admin center so that any bookmarks continue working. Sample below:
What you need to do to prepare:
You may want to update any internal documentation or user training and share this with users with relevant permission and who are familiar with managing terms in your organization if not already done. Ensure you also revisit any bookmarked links of the classic term store to update with the modern term store link.
MC412380 — Configure the existing Stream tile in M365 app launcher to go to the new Stream app on Office.com
Stream (Classic) is transitioning to Stream (on SharePoint). Until Stream (Classic) fully retires, you can decide which Stream experience is most appropriate for your users on Office.com. Do this by configuring the target destination of the existing Stream tile in the Microsoft 365 app launcher from the SharePoint Admin Center.
When this will happen:
The Stream app launcher tile setting is rolled out and available in SharePoint Admin Center
How this will affect your organization:
SharePoint tenant admins will have the ability to set the target destination of the existing Stream tile in the Microsoft 365 app launcher from the SharePoint Admin Center. You will be able to set the target destination to either Stream (Classic) or Stream (on SharePoint) depending on your organization's needs.
Target destination options:
· Automatically switch to the new Stream (on SharePoint) when recommended: This is the default option. At this time, this option directs the Stream tile to Stream (Classic). However, in the future as we update and add to Stream (on SharePoint) we plan to point the Stream tile to Stream (on SharePoint) instead. Before making the change, we'll give notice in the message center, giving you time to choose a different option if you want.
·
If you don't want Microsoft to change what happens when your users select the Stream tile, select one of these options:
· Stream (on SharePoint): The Stream tile in the app launcher will always direct users to Stream (on SharePoint).
· Stream (Classic): The Stream tile in the app launcher will direct users to Stream (Classic) until Classic is retired.
What you need to do to prepare:
To set the Stream tile destination in the Microsoft 365 app launcher:
· Go to the Settings page of SharePoint admin center and sign in with an account that has admin permissions.
· Select App launcher tile.
· Select the option you want to set as the default destination for the Stream tile in the Microsoft 365 app launcher.
· Select Save. It takes about 5 minutes for this change to take effect.
Learn more:
· Direct the Stream app tile launcher to Stream (on SharePoint)
MC409422 — SharePoint: New Site Templates for Team Sites
Microsoft 365 Roadmap ID 93423
We are introducing three new SharePoint team site templates dedicated to helping you create sites for your IT helpdesk, crisis communication team, and new employee onboarding team. These site templates will help you expand what’s possible with content, pages, and web parts while helping you quickly get started building your own site. Each template contains pre-populated content and web parts that are fully customizable to meet the needs of your organization.
When this will happen:
Targeted Release: rollout will begin in early August and is expected to be completed in late August.
Standard Release: rollout will begin in early September and is expected be completed in late September.
How this will affect your organization:
Users will be able to benefit from the ability to browse, preview, and apply site templates to a new or existing SharePoint site. Users can select a site template that meets organizational business objectives and best fits the site goal while ensuring a higher level of consistency throughout their organization. They can then review pre-populated content and customize the site to address their needs.
Note: This feature will be on by default with no admin control.
New Team site templates will include:
· Crisis communication team – Centralize crisis communication, resources, and best practices
· IT help desk – Resolve technical requests, track devices, and share training materials
· New employee onboarding team – Guide new employees through your team’s onboarding process
To apply a template to an existing site: users can choose to browse site templates and can apply a template to an existing site at any time by accessing the template gallery from Site Settings and then select Apply a site template.
To apply a template to a new site: If a site owner is visiting their new site for the first time, they may see a message asking if they want to use a template that will then take them to the template gallery. Choose desired template.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
Share this template guide with end-users: Learn how to apply and customize SharePoint site templates.
MC408994 — (Updated) Private drafts for SharePoint pages and news
Microsoft 365 Roadmap ID 85629
Updated August 4, 2022: We have updated the linked resources to provide additional information.
We’re adding the ability to create private drafts for pages and news posts. A private draft is visible only to the page author, the people the author chooses to share it with, and site admins. It's great for creating and editing content that’s not ready for others to see except the people you want to collaborate with.
When this will happen:
This update will roll out to Targeted Release customers starting early August and to all customers by mid-September.
How this will affect your organization:
Authors of SharePoint pages and news will be able to create private drafts. When a private draft is created, only the creator and site admins can see the page (including from within the Pages library). The creator can then share the private draft with other people to allow them to access and edit the page. They will also have access to the assets associated with the page which are stored in the site’s assets library.
Like all pages and news posts, only one person at a time can edit the draft. When the draft is published, its permissions are reset and everyone in your organization who has access to the site will be able to view it.
What you need to do to prepare:
You do not need to do anything to prepare for this update, but you may want to let your users know about these improvements.
More information available here: Create a private SharePoint page or news post
MC408694 — (Updated) New 'Activity' Column in OneDrive 'My Files' list view
Microsoft 365 Roadmap ID 88913
Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
We are introducing a new Activity column in OneDrive My Files list view. The goal of this feature is to help users stay up-to-date on the files that they are working on with others by surfacing relevant activity information. We will show file activity related to actions, such as, user comments, edits, share, and @mentions.
When this will happen:
We will begin rolling out this feature in mid-September (previously late August) and expect to complete rollout by late September (previously mid-September).
How this will affect your organization:
There is no impact to your organization. This feature will be delivered as a user interface update in the form of an additional column in My Files list view with activity information related to files (e.g., file shared, user comment, @mentions).
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC403644 — (Updated) OneDrive: Sharing Experience - Share Menu Dropdown
Microsoft 365 Roadmap ID 83727
Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
We’re updating the Share button in Microsoft OneDrive to provide easy access to additional sharing options. When you select Share in OneDrive for Business on Web, you'll see a contextual menu with all choices available to you for sharing files or folders with your teammates.
When this will happen:
Targeted release: We will begin rolling this out in mid-September (previously late August) and expect to complete rollout by late September (previously early September).
Standard release: We will begin rolling this out in late September (previously early September) and expect to complete rollout by mid-October (previously mid-September).
How this will affect your organization:
Users who interact with the OneDrive/SharePoint share control will be able to see this new Menu.
· Share link, Email link or Send link: Email the file link directly to a one or more recipients.
o Note: users may see one of three different notations until finalized.
· Copy link: Copy a link to share with recipients directly.
· Manage Access: View and manage who has access to your files or documents.
Note: Some users may see this feature before others in your organization.
What you need to do to prepare:
There is no action needed from you at this time. You may want to notify your users about this new capability and update your training and documentation as appropriate.
MC402119 — (Updated) OneDrive/SharePoint: Review mode for Word documents
Microsoft 365 Roadmap ID 93400
Updated August 10, 2022: We have updated the rollout timeline below. Thank you for your patience.
What is Review mode?
When you open a document that was shared with you for review, you are automatically placed in Review mode.
In Review mode, you won’t have full edit control but instead are allowed to add suggestions to the document in the form of comments or tracked changes. Document owners or other collaborators who have full edit permissions will then need to approve the incorporation of any suggested changes to the document.
What's new?
We have changed the UI for Review Mode in the Share Dialog to include this mode as a permission called 'Can Review' inside of the sharing permission dropdown.
From OneDrive, SharePoint or Word for the web, share a document for review by clicking the Share button, and then clicking the Share command in the menu.
Once you have the share dialog open, select the people that you want to share with review permissions, and then choose the 'Can review' option from the permissions dropdown. You can find this option available as well from the Link settings page.
When this will happen:
Targeted release (entire org): Will begin rolling this out in mid-July and expect to complete rollout by late July. - Complete
Standard release: Will begin rolling this out in late-July and expect to complete by late August (previously early August).
How this will affect your organization:
Users who wish to share Word documents on Web through OneDrive, SharePoint or directly from Word online will be able to see this change.
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC397430 — (Updated) Stream on SharePoint: Video Collections Page
Microsoft 365 Roadmap ID 93352
Updated August 2, 2022: We have updated the rollout timeline below. Thank you for your patience.
SharePoint video collections pages make it easy to gather and display all videos from a SharePoint site collection in one place. This feature is particularly helpful for schools, universities and other organizations that tend to share videos in Teams channels.
When this will happen:
We will begin rolling out by mid-July and expect to complete by mid-August (previously late July).
How this affects your org:
With this feature you will be able to create a tab in your Teams channel that links directly to a specific collection of videos.
Note: You may see an empty state video collections page in the case your document library is empty. Whenever user creates a new site, an auto generated static layouts page for video collections gets created. This is a collection of all videos from the site's document library shown in Highlighted content webpart.
In order to access this static page, please append /_Layouts/15/Video_Collections.aspx to the site url. Once this page is edited and published, it will start appearing in the site pages as well.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC394844 — (Updated) Stream on SharePoint: Inline playback of videos in Hero web part
Microsoft 365 Roadmap ID 93351
Updated August 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
When users click to play a video in the Hero web part section of a SharePoint site, the video will play inline. This feature allows users to watch a video without being taken off the SharePoint page and allows users to browse or scroll through the other contents of the page while the video plays.
When this will happen:
We will begin rolling out by mid-July and expect to complete by early September 2022 (previously mid-August 2022).
Note: Some users may see this feature before other users within your organization.
How this affects your organization:
Video consumers on Hero webpart will now be able to consume video on the same site page where they encountered the video. That allows them to browse through other site content while watching/listening to the video, thus saving their browsing time.
What you can do to prepare:
You may consider updating your training and documentation as appropriate.
MC357317 — (Updated) OneDrive iOS: New information architecture
Microsoft 365 Roadmap ID 85571
Updated August 22, 2022: We have updated the rollout timeline below. Thank you for your patience.
This feature has started rolling out and we ask you to pardon that we did not provide adequate advance notice as is our customer commitment to you. This release adds a new bottom sheet menu to OneDrive for iOS to make options like share, annotations, delete, and bookmark easier to find.
When this will happen:
Standard (select users and entire org): We began rolling this out in early March and expect to complete rollout in late August (previously early August).
How this will affect your organization:
To use the new bottom sheet menu:
1. Open any file of your choice in OneDrive for iOS.
2. Tap the horizontal bar or drag the bottom menu upwards to expand the new menu.
The menu will show relevant actions for the specific type of file you've opened.
To help you navigate, we've compiled a list of available actions:
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
Microsoft Teams
MC423128 — Dynamic caller ID in Voice-enabled channels for government clouds: GCCH, DOD
Last year we enabled the capability where agents can use Dynamic Caller ID to call on behalf of a Call Queue or Auto Attendant from within Voice Enabled Channels. We are now bringing this capability to government clouds including GCCH and DOD.
We apologize for not meeting our commitment of providing notification prior to implementation and for any inconvenience.
When this will happen:
This has begun rolling out and will be complete by end of September.
How this affects your organization:
You can assign outbound caller ID numbers for the agents by specifying one or more resource accounts with a phone number. Agents can select which outbound caller ID number to use with each outbound call they make.
What you can do to prepare:
Review the Additional Information and consider updating your training and documentation as appropriate.
MC420060 — Microsoft Teams: Leave a Meeting From All of Your Devices
Microsoft 365 Roadmap ID 97397
We will be rolling out a new feature in Microsoft Teams that will allow multi-device users to leave all of their devices at once when leaving a meeting.
When this will happen:
Rollout began out in early August and is expected to be completed by early September.
How this will affect your organization:
When a Teams user attempts to leave a meeting or call from multiple personal devices, there have been challenges to fully disconnect from the meeting or call on all devices. With this new feature, there will now be an option displayed to multi-device users in a call that will prompt the user to leave the meeting or call from all devices when selected.
This feature will be enabled for desktop, iOS, and Android clients.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC420059 — Custom Download Location for Files in Teams
Microsoft 365 Roadmap ID 94719
Currently all file downloads from Microsoft Teams go to the Downloads folder. We are releasing a new feature that enables users to be able to choose their preferred download location for downloading files from Teams or specify a download location for each download.
When this will happen:
We will begin rollout in early September and expect rollout to be completed by late October.
How this will affect your organization:
To enable this feature, there is a new setting introduced under Files settings, which allows users to change the default download location to their preferred download location.
Additionally, there is a toggle, which if enabled, will prompt the user to select the location for each download.
Note: These settings will only apply to the files downloaded after the setting is enabled and will not impact any files downloaded in the past.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC420049 — Live Translated Captions in Meetings and Calls
Microsoft 365 Roadmap ID 94843
Users will now be able to choose the Live Captions in the language they prefer, with the help of Microsoft Cognitive Service Speech Translation Capabilities. This will help users fully participate in meetings where the spoken language may not be their most comfortable language to use.
When this will happen:
We will begin rolling out to worldwide and GCC at mid-September and expect to be completed by early-October.
GCC-H and DoD will be started to roll out at mid-October and expect to be completed by early-November.
How this will affect your organization:
Today, users can select just the spoken language, and the Live Captions will be in the same language as they selected. Please find the documentation here.
When this feature is released, users who turn on Live Captions will be able to see the menu options for Live Translated Captions in the “Subtitles” menu. By selecting any translation language, users will see the Translated Captions in the language they selected.
The spoken language is selected for everyone in the meeting, while the translation language for the Live translated Captions is selected only for the individual user.
List of supported spoken languages:
English (US), English (Canada), English (India), English (UK), English (Australia), English (New Zealand), Arabic (Arab Emirates), Arabic (Saudi Arabia), Chinese (Simplified China), Chinese (Traditional, Hong Kong SAR), Chinese (Traditional, Taiwan), Czech (Czechia), Danish (Denmark), Dutch (Belgium), Dutch (Netherlands), French (Canada), French (France), Finnish (Finland), German (Germany), Greek (Greece), Hebrew (Israel), Hindi (India), Hungarian (Hungary), Italian (Italy), Japanese (Japan), Korean (Korea), Norwegian (Norway), Polish (Poland), Portuguese (Brazil), Portuguese (Portugal), Romanian (Romania), Russian (Russia), Slovak (Slovakia), Spanish (Mexico), Spanish (Spain), Swedish (Sweden), Thai (Thailand), Turkish (Turkey), Ukrainian (Ukraine), Vietnamese (Vietnam)
List of supported translation languages:
Arabic, Chinese Simplified, Chinese Traditional, Czech, Danish, Dutch, English, Finnish, French, French (Canada), German, Greek, Hebrew, Hindi, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Romanian, Russian, Slovak, Spanish, Swedish, Thai, Turkish, Ukrainian, Vietnamese
Please note that some of the languages above will be in preview state when launching.
What you need to do to prepare:
Live Translated Captions and Live Captions are gated behind the same set of policies, to turn it on or off, here is the documentation for Meetings, and here is the documentation for Calls.
You may consider notifying your users about this change and updating your training and documentation as appropriate.
MC414474 — Microsoft Teams Meeting Auto-Transcription
Microsoft 365 Roadmap ID 97842
In Microsoft Teams, we will be releasing a feature that allows meeting organizers to transcribe meetings automatically if the meeting has been set to be recorded.
This will make the recording playback experience accessible.
When this will happen:
GA: We will begin rollout in late August and expect rollout to be completed by mid-September.
Government Clouds: We will begin rollout in mid-September and expect rollout to be completed by mid-October.
How this will affect your organization:
Live transcription can make your meetings (and calls) more productive and inclusive for participants who are deaf or hard-of-hearing or have different levels of language proficiency.
When the meeting organizer sets the Record automatically meeting option to On for a meeting, Transcription will now also be turned on with Recording when the meeting begins, if Transcription is allowed by admins.
What you need to do to prepare:
If transcription is on in your tenant, this feature will be automatically enabled, to review and change the transcription policy, please follow admin documentation for meetings.
Notify your users about this change and update your training and documentation as appropriate.
MC411679 — My Activity retirement in Teams mobile Activity
We will be retiring the support for 'My activity' in Teams mobile Activity App. This will be retired from other clients in the future.
Activity will now support only activities directed to you (the option to view activities initiated by you will be retired).
When this will happen:
We will begin rolling this out early September and expect to complete by mid-September.
How this affects your organization:
Once this change is implemented Teams mobile users will no longer see the "My activity" dropdown.
Note: there is no additional impact and all activities across the app can be accessed from the respective apps (like chat app for chat send, calls made from calls app etc.)
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
MC408687 — Pre-assign Channel members to Breakout Rooms
Microsoft 365 Roadmap ID 96350
This Breakout Rooms for Channel Meetings feature enables meeting organizers to efficiently pre-assign channel members to Breakout Rooms (both auto and manual) ahead of a channel meeting start.
Please note, that Meetings with Breakout Rooms are limited to 300 participants. If the channel contains more than 300 members, pre-assignment will not be available. Meeting organizers will have the ability to assign participants to Breakout Rooms during the meeting.
When this will happen:
Preview: We will begin rolling out early August and expect to complete by mid August
Standard Release: We will begin rolling out mid-August and expect to complete by late August.
How this will affect your organization:
Meeting organizers are now able to pre-assign channel members to Breakout Rooms of Channels Meetings by accessing the Breakout rooms tab in the Channel Meeting's meeting details.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate
MC408433 — (Updated) Live Transcript for Teams Meetings
Microsoft 365 Roadmap ID 82230
Updated August 4, 2022: We have updated the content below for clarity. Thank you for your patience.
Microsoft Teams now has a new Live transcription feature that will allow a real-time transcript during meetings (and calls), as well as post-meetings (and calls). This will help users in real-time recall what has been spoken during the meeting (and calls) as well as review after the meeting (and calls).
When this will happen:
We will begin rolling out in late August and expect rollout to be completed by early September.
How this will affect your organization:
Live transcription can make your meetings (and calls) more productive and inclusive for participants who are deaf or hard-of-hearing or have different levels of language proficiency.
What you need to do to prepare:
You may want to review this feature and decide if you want to turn it on and follow the admin documentation for meetings and admin documentation for calls to modify it as needed. Notify your users about this change and update your training and documentation as appropriate.
MC399073 — (Updated) Microsoft Teams: Automatically end stale Teams meetings
Microsoft 365 Roadmap ID 96710
Updated August 25, 2022: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Teams is enabled with a new feature that will allow meetings to automatically end if they're identified as stale. If a user is the sole participant in a meeting 10 minutes after the scheduled meeting end time has passed, then a dialog will appear in the call prompting them to end the call or dismiss the notification. If no action is taken on the dialog within 3 minutes, the meeting will automatically end.
If there is more than 1 user on the call and/or the scheduled meeting end time has not passed yet, then the feature will not trigger.
If the user dismisses the notification, they will not see it again for the same meeting, and it will not be at risk to automatically end anymore.
When this will happen:
We will begin rolling out to Production in early December (previously mid-September 2022) and expect to complete by mid-December (previously late October).
We will begin rolling out to GCC, GCC-H, and DoD in mid-January (previously late October) and expect to complete by mid-March (previously late November).
How this will affect your organization:
Users may see this feature in meetings and be removed from meetings that automatically end.
MC397435 — (Updated) Microsoft Teams: Start a Teams Chat with Distribution Groups, Mail-Enabled Security Groups, and O365 Groups
Microsoft 365 Roadmap ID 62354
Updated August 25, 2022: We have updated the rollout timeline below. Thank you for your patience.
You will now be able to start a Teams Chat with Distribution Groups, Mail-enabled Security Groups, and O365 Groups. This feature will respect the limits on members in a group chat, currently set to 250 members.
Organizations rely on Distribution Lists (DLs) as a tool to create groups of users that mirror organizational knowledge and workflows. Bringing this awareness to target audiences for specific content will enhance the core Teams experience. Allowing our customers to leverage DLs can increase workflow efficiency and bridge the gap between legacy knowledge of organization structure and a new Teams structure.
When this will happen:
We will begin rollout in late September (previously mid-August) and expect to complete rollout by late October (previously late August).
How this will affect your organization:
With this update, users will now be able to select Distribution Lists as an audience to begin a chat within Teams.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. You may want to notify your users about this change and update your training and documentation as appropriate.
MC394785 — (Updated) Speaker Coach in Microsoft Teams Meetings
Microsoft 365 Roadmap ID 88253
Updated August 12, 2022: We have updated the rollout timeline below. Thank you for your patience.
Speaker Coach provides private, personalized feedback on your speaking and presentation skills in both real-time as well as post-meeting in a summary.
When this will happen:
We will begin rolling out in mid-August (previously early July) and expect to complete rollout by mid-September (previously late August).
How this will affect your organization:
This setting is enabled by default. To turn it off, set AllowMeetingCoach to False. Tenant admins can manage the feature through the policy for speaker coach.
What you need to do to prepare:
You may want to notify your users about this new capability and update your training and documentation as appropriate.
Learn More:
· PowerPoint’s Presenter Coach Expands to Microsoft Teams and Takes on the New Name Speaker Coach
· Meeting policy settings - Speaker Coach
MC387640 — (Updated) Dynamic Caller ID in Calls app for Call Queue Agents
Microsoft 365 Roadmap ID 86992
Updated August 2, 2022: We have updated the rollout timeline below. Thank you for your patience.
Call queue agents can now place calls from the Calls app using a call queue phone number, defined in resource account, as their caller ID. This ensures the call is properly identified by the recipient and that the call back number is the call queue number rather than the agent's personal line.
When this will happen:
We will begin rolling out in early June and complete rollout by late August (previously mid-July).
How this will affect your organization:
You can assign outbound caller ID numbers for agents by specifying one or more resource accounts with a phone number. Agents can select which outbound caller ID number to use with each outbound call they make.
What you need to do to prepare:
The resource account used for calling ID purposes must have a Microsoft Teams Phone System Virtual User license and one of the following assigned:
· A Calling Plan license and a phone number assigned
· An Operator Connect phone number assigned
· An online voice routing policy (phone number assignment is optional when using Direct Routing)
Learn More:
MC383876 — (Updated) Collaborative Annotations on Presenter Shared Screen
Microsoft 365 Roadmap ID 86732
Updated August 5, 2022: We have updated the rollout timeline below. Thank you for your patience.
Collaborative Annotation helps you collaborate with others while screen sharing in Teams meetings. For example, if you want to ask for feedback on a design or if you’re working with a group on a project, Collaborative Annotation helps you get work done faster and with more voices included.
When this will happen:
· Standard: begin rollout in mid-June and expect to complete rollout by late June. - Complete
· GCC: begin rollout in early August (previously late July) and expect to complete rollout in late August (previously early August).
· GCC-High: begin rollout in late September (previously late August) and expect to complete rollout by early October (previously early September).
· DoD: begin rollout in late October (previously late September) and expect to complete rollout in early November (previously early October).
How this will affect your organization:
During screenshare, meeting attendees with Presenter roles will see the Annotation button in meeting controls at the top-center of their screen.
To turn on Collaborative Annotation while you're sharing your screen in a meeting, select the pen icon to Start annotation in meeting controls at the top-center of your screen, as shown below:
Note: You must be a Presenter role in a meeting to turn on Collaborative Annotation.
The red outline around the screenshare will turn blue, indicating Collaborative Annotation mode is on. All participants will see the Microsoft Whiteboard toolset at the top of the shared screen, as shown below. Everyone in the meeting can begin annotating right away in real-time.
Collaborative Cursors show the name of every attendee as they annotate and are turned on by default. Collaborative Cursors can be turned off by anyone attending the meeting from the Settings menu in the Collaborative Annotation toolbar.
To control who can annotate, the main Presenter can select Only I can annotate and unselect Everyone can annotate from the Settings menu in the Collaborative Annotation toolbar, as shown below:
To begin annotating, select one of the tools in the Whiteboard toolset, such as text, Sticky notes, Reaction tags, or digital ink, and begin typing or drawing on the screen.
To end the annotation session for everyone, select Stop annotation in meeting controls at the top-center area of your screen.
Collaborative Annotation is only available for full-screen sharing, not individual window sharing at this time.
Web and mobile users cannot start Collaborative Annotation while sharing content. However, if a desktop user shares the screen and starts Collaborative Annotation mode, web and mobile users are able to participate in annotating as well.
Exporting annotations is not supported at this time, but you can take screenshots during the meeting to save annotated content for later if necessary.
Meeting rooms using Android-based devices are not supported.
What you need to do to prepare:
This feature is enabled by default so there is no action needed.
Note: Annotation is powered by Microsoft Whiteboard. If Microsoft Whiteboard is disabled, it will also disable Annotations.
Learn More:
· Enable Microsoft Whiteboard for your Organization
MC379024 — Suggested Replies in Teams Desktop
Microsoft 365 Roadmap ID 92674
Updated August 5, 2022: We have updated the rollout timeline below. Thank you for your patience.
Suggested Replies present users with an option of three responses to choose from for selected messages and is now available to your users in Teams Desktop.
We apologize for not informing you about this change prior to it being released. We continue to work to ensure we are being proactive in our communications. Thank you for your patience.
When this will happen:
· Standard: Complete
· GCC: mid-May through early June - Complete
· GCC-High: late July (previously early June) through late August (previously late June)
· DoD: late July (previously early July) through early September (previously late August)
How this will affect your organization:
Once available, users will be able to quickly reply to a given message by tapping on a suggested reply.
What you need to do to prepare:
This feature ships default on; review Manage messaging policies in Teams.
If you wish to disable this feature in your tenant, please disable the Suggested Replies setting that is found in Messaging Policies.
Users also have a setting within the app so they can disable the feature.
MC375739 — (Updated) Attendance Dashboard for GCC-High and DOD
Microsoft 365 Roadmap ID 94856
Updated August 18, 2022: We have updated the rollout timeline below. Thank you for your patience.
This reporting dashboard will appear as a tab in the meeting detail providing:
· Attendance information for Teams regular meetings in meeting chat tab "attendance"
When this will happen:
· GCCH: This will be rolled out in late August (previously early August).
· DoD: This will be rolled out in early September (previously late July).
How this will affect your organization:
Once available, this will allow meeting organizers to view the attendance information in the dashboard without having to download the reports.
Note: This feature will be rolling out with the default ON.
IT admins can disable the attendance dashboard and turn off the AllowEngagementReport policy in the Teams Admin Center. Go to Meetings > Meeting policies, and set the policy to Disabled. In PowerShell: CODEFONTSet-CsTeamsMeetingPolicy
-Identity YOUR_USER_GROUP -AllowEngagementReport "Disabled".
What you need to do to prepare:
Determine if you would like to enable the Teams attendance report and you may consider updating your training and documentation as appropriate.
Learn More:
View and Download Meeting Reports in Teams
MC320460 — (Updated) Connected Templates with Microsoft Teams and SharePoint
Microsoft 365 Roadmap ID 84724
Updated August 17, 2022: We have updated the rollout timeline below. Thank you for your patience.
We determined that this notification did not go to the entire intended audience. We apologize for any inconvenience this delayed notification may have caused.
We are announcing the upcoming release of Connected Templates with Microsoft Teams and SharePoint. The connected templates will offer a new way of combining Microsoft Teams templates with SharePoint templates. Prior to this integration, clients needed to deploy Microsoft Teams or SharePoint-specific templates.
· Microsoft Team Templates allow administrators to easily deploy consistent teams across their organization using predefined or customized team templates across their organization.
· SharePoint templates offer a straightforward way for admins to build sites with pre-populated pages, page templates, news post templates, and web parts that can be customized to fit the needs of their organization.
Through this integration, Teams administrators can create templates that include SharePoint components, bringing together the capabilities of the Teams and SharePoint templates.
When this will happen:
We will begin rolling this out in mid-January and expect to complete rollout mid-October (previously mid-August).
How this will affect your organization:
Today, when you create a team through "create a team from templates' you get an automatically created SharePoint site that supports that template. We are adding SharePoint assets to the team you have just created with this new integration. In essence, all SharePoint applications that are associated with the new template will be automatically added, pinned, and displayed in this new team template.
· When you create a new team using a default template - for example, the “Manage a Project” template, the project management channels and apps, and the connected SharePoint template will get applied automatically. Now, the pages, lists, and Power Platform integrations from SharePoint will be automatically pinned as tabs in Teams and you can edit these pages and lists directly in Teams.
What you need to do to prepare:
You might want to notify your users about this change and update your training and documentation as appropriate.
MC320163 — (Updated) Updating default tenant-level tag management settings
Microsoft 365 Roadmap ID 88318
Updated August 26, 2022: Based on learnings from our early rings, we have made the decision to make additional changes before we proceed with the rollout. We will deliver a new Message center post once we re-start the rollout. Thank you for your patience.
We’re updating the default tag management settings based on customer feedback. The new defaults eliminate the need for team members to ask owners to create or edit tags on their behalf.
Key points:
· Timing: We will communicate via Message center when we are ready to proceed.
· Roll-out: tenant level
· Control type: Team owner and team member control
· Action: review and assess for appropriate experience
How this will affect your organization:
The Teams admin center default for who can manage tags will be updated from "Team owners" to "Team owners and members." Tenant admins still can override the default and limit Tag Create/Edit to Team Owners only. If you have already made any changes to any option in the Tagging settings in the Teams admin center, your settings will not be updated, and this change will not affect your tenant.
This tenant-level setting will be inherited by existing Teams, unless the Tags Settings in Manage Team has been updated. For example, if the “Tags are managed” by setting at the team level value has been changed, this change will not affect that team.
These changes simplify the Tags permissions model and makes it consistent with other Teams concepts like Channels.
For new teams created after this change is implemented, all team members will be able to create and manage tags by default, similar to the defaults for create and edit channels. The team owner will still have the option to override this management setting if "Let team owners override who can manage tags" is set to "On" in your Tagging settings in the Teams admin center.
What you need to do to prepare:
No specific action is required but you will want to review your settings and update your documentation as necessary.
MC318662 — (Updated) Communication Access Real-Time Translation Captions in Microsoft Teams for GCC-H and DoD
Microsoft 365 Roadmap ID 83614
Updated August 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
This coming new feature will enable users to view real-time captions coming from a Communication Access Real-Time Translation (CART) provider within the Microsoft Teams meeting window. Meeting organizers and participants will be able to ask their CART captioning providers to stream captions to Microsoft Teams.
When this will happen:
GCC-High: will begin rolling out in early June (previously mid-May) and expect to complete rollout mid-June (previously late May). - Complete
DoD: will begin rolling out in late July (previously mid-July) and expect to complete rollout late September (previously mid-August).
How this will affect your organization:
Tenant admins should ensure the policy for CART captions is enabled in order for their users to be able to schedule meetings with CART captions.
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC318662 — (Updated) Communication Access Real-Time Translation Captions in Microsoft Teams for GCC-H and DoD
Microsoft 365 Roadmap ID 83614
Updated August 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
This coming new feature will enable users to view real-time captions coming from a Communication Access Real-Time Translation (CART) provider within the Microsoft Teams meeting window. Meeting organizers and participants will be able to ask their CART captioning providers to stream captions to Microsoft Teams.
When this will happen:
GCC-High: will begin rolling out in early June (previously mid-May) and expect to complete rollout mid-June (previously late May). - Complete
DoD: will begin rolling out in late July (previously mid-July) and expect to complete rollout late September (previously mid-August).
How this will affect your organization:
Tenant admins should ensure the policy for CART captions is enabled in order for their users to be able to schedule meetings with CART captions.
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC279469 — (Updated) 1:1 VOIP and PSTN call recording and transcription in Calls App V2
Microsoft 365 Roadmap ID 83497
Updated August 16, 2022: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Teams will now release ability to record and transcribe 1:1 VOIP and PSTN calls and show the recording and transcription in Call history in the calls details panel. This is a critical feature specifically for our Public Switched Telephone Network (PSTN) customers. In absence of chat, PSTN callees do not have a way to view call recordings and transcriptions.
When this will happen:
· We expect to begin this roll out to Standard and GCC tenants in mid-December (previously late September) and expect the rollout to be completed by late February (previously late January). - Complete
· We expect to begin this roll out to GCC-High and DoD tenants in mid-March (previously mid-February) and expect the rollout to be completed by late September (previously early August).
How this will affect your organization:
· Call Transcription for 1:1 PSTN and VOIP calls will show in call history in call details panel.
· Call Recording for 1:1 PSTN and VOIP calls will show in call history in call details panel.
· Users can delete recording from chat and the recording will not show in call history in call details panel.
· If there are multiple recordings in a call, they will show in a list form in call history in call details panel.
What you need to do to prepare:
Teams admins will need to make sure that AllowCloudRecordingForCalls and AllowTranscriptionForCalling is turned on to enable recording and transcription of 1:1 VOIP and PSTN calls.
Exchange Online and Outlook
MC424190 — Basic Authentication Deprecation in Exchange Online – September 2022 Update
Message Summary
One month from today, we’re going to start to turn off basic authentication for specific protocols in Exchange Online.
Timeline and Scope
As we communicated last year in blog posts and earlier this year in MC375736, we will start to turn off basic authentication in our worldwide multi-tenant service on October 1, 2022. We will randomly select tenants, send 7-day warning Message Center posts, post Service Health Dashboard notices, and turn off basic auth in the tenant.
We’re turning off basic auth for the following protocols: MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS) and Remote PowerShell.
We are not changing any settings or turning off SMTP AUTH.
What If You Are Not Ready for This Change?
We recognize many tenants may still be unprepared for this change.
Today we announced an update to our plan to offer customers who are unaware or otherwise not ready for this change. You can read this announcement here.
Addendum to Public Message for Specific Government Community Cloud Customers
This specific Message Center post is being sent only to customers in our GCC environment.
Customers with tenants in the GCC cloud are unable to use the self-service diagnostic referred to in the blog for either opt out or re-enablement.
To avoid any protocol being disabled during October, please complete the form here, making sure your tenant ID is correct and the protocols you need to continue to use basic auth for are all selected. When complete please submit the form, and we will ensure those protocols are not disabled until soon after Dec 31st 2022.
If you miss a protocol and need it re-enabled after October 1st, you will need to open a service request, you won’t be able to do it online or by filling out the form again.
Change can be hard and it takes more time in large and complex environments, but the risks of attack are usually higher too, so we urge you to remove any dependency on basic auth from your tenant as soon as possible.
There will be no further extensions or exceptions. Basic auth for any enabled protocols will be disabled during the first few days of January 2023.
What should I do to prepare for this change?
Any client (user app, script, integration, etc.) using basic auth for an affected protocols will be unable to connect. The app will receive an HTTP 401 error: bad username or password. Any app using modern auth for these protocols will be unaffected.
If you are unsure if you have clients or apps that will be affected by this change, you can check the Azure AD Sign-In logs, or just check Message Center for any messages titled, ‘Basic Authentication – Monthly Usage Report’. We will send the usage report for August in the next few days. If you cannot see any of these messages, we have not detected basic authentication on the affected protocols in your tenant.
To read more on what can be done to switch apps from basic to modern auth please view our main documentation page and our latest blog.
MC422158 — Feature Update: Service health admin notifications in Outlook
We’re improving Service health admin notifications in the Microsoft Outlook client experience. This feature is available to Global administrators and Office Apps administrators, who are signed into the Outlook desktop client (for Windows). We’ve heard your feedback and have implemented some improvements, including:
· Notifications are now separated by “Latest notification” and “Previous notifications”, to more easily distinguish new information.
· New icons have been added to easily identify active versus resolved issues.
· Admins now can provide feedback on specific notifications, versus a generic bucket.
· Ability to fully manage (enable or disable) admin notifications within the notification pane.
When this will happen:
These enhancements will begin rolling out at the beginning of September 2022 and be made available to all customers by the end of the same month. Admin notifications are accessible to Global administrators and Office Apps administrators who have the feature enabled in the Outlook desktop client experience.
How this will affect your organization:
Global admins and Office Apps admin who already have admin notifications enabled in Outlook desktop client, will observe the above enhancements once the roll-out is complete.
What you need to do to prepare:
If you are a Global administrator or an Office Apps administrator and would like to receive Service health notification in the Outlook desktop client, use the following steps to ensure the feature is enabled:
· Before deployment: Navigate to File -> Options -> Advanced, and enable admin notifications.
· After deployment: Navigate to Help -> Admin notifications, and toggle “Show Admin Notifications”.
MC422154 — Microsoft Purview Data Lifecycle Management: Migration of 'Archive’ page to new Exchange Admin Center
To simplify the customer experience for managing Exchange account settings and avoiding duplication, we are removing the ‘Archive’ tab of the Data Lifecycle Management solution in the Microsoft Purview compliance portal. You will continue to be able to perform this operation from the Exchange Admin Center.
When this will happen:
The ‘Archive’ page will be retired and no longer be available on Microsoft Purview compliance portal from October 2022.
How this will affect your organization:
Currently, enabling or disabling mailbox archives is an available setting in both the Exchange Admin Center and the Microsoft Purview compliance portal. Once this migration is complete, your organization will no longer be able to access this setting through Data Lifecycle Management. However, the ability to enable and disable archive for each mailbox is already supported in the new Exchange Admin Center under the “Others” tab when managing a mailbox:
What you need to do to prepare:
No action is needed to enable this change.
Learn about archive mailboxes.
MC419386 — Retirement of Trello & Yelp add-ins for Outlook
The following Outlook add-ins are being retired:
· Trello - allows the user to create, edit, and comment on Trello boards without leaving the inbox.
· Yelp - allows the user to find and share great business around quickly through mail.
Note: If your users do not utilize either of these add-ins, you can safely disregard this message.
When this will happen:
December 15, 2022
How this will affect your organization:
If users are utilizing the Trello or Yelp add-ins, they will no longer be available in the store or function, after this change. For users of the Trello add-in, this will not impact data in Trello only the integration with Outlook.
What you can do to prepare:
Communicate this change with users as appropriate.
MC415186 — Microsoft Defender for Office 365: Enforce Authentication to Pass on AntiSpam Allowed Domains
We are strengthening Spoofing protection within Exchange online protection and Microsoft Defender for Office 365 Anti-Spam security policy. It will provide a way to secure your organization against spoofing attacks that may otherwise occur by allowing certain domains and senders.
Applies to:
· Microsoft Defender for Office 365 plan 1 and plan 2
Microsoft 365 Roadmap ID 93436
When this will happen:
Standard: Rollout will begin in late September and will be completed by late November.
GCC/GCC-H/DoD: Rollout will begin in late November and be completed by late December.
How this will affect your organization:
Security Admins and SecOps teams today can specify allowed domains and allowed senders within the Anti-Spam policy. We recommend never adding your own accepted domains or commonly trusted domains to the allowed domains list. Moving forward, when you specify internal tenant owned/accepted domains and senders to this list, DMARC authentication check will be enforced on these domains or senders and they will be allowed by the system only if authentication passes on these domains/senders. Otherwise, despite being specified, allowing messaging from these domains will not be honored.
In this way, our system will work to protect your organization against Spoofing attacks. In case you want to allow legitimate 'Spoofing' from these domains and senders, you will be able to continue adding them to Tenant allow block list - Spoofing (as you can do so today).
Note: This will impact any messages that are received from outside your organization, where the sender's domain is part of your organization accepted domain list and fails authentication.
What you need to do to prepare:
To prepare for this change it is recommended that you review the spoof intelligence report and ensure that any intra-org messages where the sender/sending domain is part of your accepted domain pass authentication as expected. Note you do not need to update items where authentication fails and that failure is expected. Review your existing Anti-Spam policies within threat policies and consider updating the list of Allowed domains / Allowed senders to allow whom you trust. We recommend updating your necessary training documents accordingly.
Learn More:
· Configure your anti-spam filter policies
· Create allowed spoofed sender entries using Tenant allow block list - Spoofing
MC411680 — Outlook Mobile Now Supports Multiple S/MIME Certificates
Outlook mobile (iOS and Android) will allow users to manually select their S/MIME signing /encryption certificates if there is more than one valid certificate available, and set them as active for signing and encryption.
When this will happen:
GA: Rollout will begin in late July and is expected to be completed by end of August.
Government Clouds: Rollout will begin in late August and is expected to be completed by mid-September.
How this will affect your organization:
If your company does not support S/MIME or does not need multiple S/MIME certificates, this will have no impact on you. If your company wants to use this feature, you will need to go on Intune and disable your SMTP address check for SMIME. Users will then be able to view multiple SMIME certificates and select them for signing and encryption.
What you need to do to prepare:
There is no action needed from you at this time if you do not need to use this feature. If this feature is needed, you can follow additional instructions in this link for setup.
MC411675 — Microsoft Defender for Office 365: Updates to the common attachment filter in the anti-malware policy
Microsoft 365 Roadmap ID 93431
In anti-malware policies, you can select specific file types to identify as malware using the common attachment filter. Any email message with attachments of these specific file types will be handled per the policy settings. You can configure this specific list of file types by selecting them from the pre-defined list in the policy properties in the Microsoft 365 Defender portal or by manually adding your own (custom) file types using the power shell Set-MalwareFilterPolicy cmdlet in Exchange Online PowerShell.
Based on internal research and best practices guidelines from industry and other organizations, we are updating the list of file types that are available for selection. Currently, there are 95+ file types in the list, of which 13 are pre-selected by default in the common attachment filter settings. We are expanding this list to cover over 200 file types, of which over 50 are selected by default.
After rollout, this new expanded list along with the default selection will automatically apply to:
1. Any new anti-malware policies that you create
2. The default anti-malware policy: The current list of the selection will be retained and appended with the new file types being added as part of default selection. As a result, the list of file selections in the default policy will be expanded while retaining all of the existing selection. There will be no changes to any of the other settings (like zap, admin notification configuration etc). The only change which will happen to the default policy is the expansion of the selection.
The file selections in your existing anti-malware policies (enabled or not) will be retained and will not be updated automatically. You will need to manually update your existing policies with the recommended list of default file types (see below).
In anti-malware policies, the common attachment filter allows you to select specific file types to block. Any email messages with these types of file attachment will be handled as per the policy settings. In addition to turning on the common attachment filter, you can customize the list of file types, but only by using the Set-MalwareFilterPolicy cmdlet in Exchange Online PowerShell.
We’re enhancing the anti-malware policy experience of anti-malware policy by adding the ability to view/add/remove custom file types in the anti-malware policy settings in the Microsoft 365 Defender portal.
When this will happen:
Starting early September and completion of deployment by early October.
How this will affect your organization:
Once these changes are rolled out, the list of default file type selections to the newly created policies and the default policy will differ from your existing policies. As the selection in the default policy will be expanded, there could be some messages which could be quarantined due to new file type addition. You will need to review the existing policies and update the list with recommended file types (see below).
What you need to do to prepare:
Once these changes are rolled out, you can view/add/delete file types (extensions) for the common attachment filter in the anti-malware policy settings in the Microsoft 365 Defender portal.
· Configure anti-malware policy
· Configure custom file types using power shell command
Review existing anti-malware policies and add the recommended file types to the block list. Since the default policy will now cover more file types, it’s likely that the expanded list of files in the default policy will block messages. If you do not want the new list of file types to be active, create a custom anti-malware policy (soon, before this feature deployment) with the file types that meet your needs. Review the following resources below to learn more:
· Anti-malware policy protection FAQ
· Current list of file types in pre-populated list
· Current list of default file type selection
The list of file types:
7z, 7zip,
a, accdb, accde,ace, action, ade, adp, apk, app, appx, appxbundle, arj, asf, asp, aspx, ani, avi,
bat, bin, bundle, bz, bz2, bzip2,
cab, caction, cer, chm, cmd, com, command, cpl, crt, csh, css,
deb, der, dex, dgz, dll, dmg, doc, docm, docx, dot, dotm, dtox, dylib,
elf, exe,
font,
gz, gzip,
hlp, hta, htm, html,
img, imp, inf, ins, ipa, iso, isp, its,
jar, jnlp, js, jse,
kext, ksh,
lha, lib, library, lnk, lqy, lzh,
macho, mad, maf, mag, mam, maq, mar, mas, mat, mav, maw, mda, mdb, mde, mdt, mdw, mdz, mht,
mhtml, msc, mscompress, msh, msh1, msh1xml, msh2, msh2xml, mshxml, msi, msix, msixbundle, msp, mst,
o, obj, odp, ods, odt, one, onenote, ops,
package, pages, pbix, pdb, pdf, php, pif, pkg, plugin, ppa, ppam, pps, ppsm, ppsx, ppt, pptm, pptx, prf,
prg, ps1, ps1xml, ps2, ps2xml, psc1, psc2, pst, pub, py,
rar, reg, rev, rpm, rtf,
scf, scpt, scr, sct, service, sh, shx, shb, shtm, so, sys,
tar, tarz, terminal, tgz, tool,
uif, url,
vb, vbe, vbs, vhd, vsd, vsdm, vsdx, vsmacros, vss, vssx, vst, vstm, vstx, vsw, vxd,
workflow, ws, wsc, wsf, wsh,
xhtml, xla, xlam, xll, xls, xlsb, xlsm, xlsx, xlt, xltm, xltx, xz,
z, zi, zip, zipx,
The default selection from the above file type list is:
ace, apk, app, appx, ani, arj,
bat,
cab, cmd,com,
deb, dex, dll, docm,
elf, exe,
hta,
img, iso,
jar, jnlp,
kext,
lha, lib, library, lnk, lzh
macho, msc, msi, msix, msp, mst
pif, ppa, ppam,
reg, rev,
scf, scr, sct, sys,
uif,
vb, vbe, vbs, vxd
wsc, wsf, wsh
xll, xz
z
MC411674 — Exchange Online Protection: Anti-malware policy notification settings change
Microsoft 365 Roadmap ID 93433
The current notification settings are commonly used for messages that are blocked/quarantined as detected malware, or due to a file attachment in the common attachment filter settings.
As part of this change, we’re separating out the handling of notifications based on whether the message was scanned and found to be malicious vs. matches from the common attachment filter:
· True malware: Both recipient and sender notifications will be retired. The message will be quarantined, and the selected quarantine policy configuration determines whether to send the end-user notifications. There is no option for sender notification.
· Common attachment filter: Notifications are split into two distinct options that the admin can choose (one or the other):
o Recipient notifications only: As with true malware detections, the selected quarantine policy configuration determines whether to send end-user notifications. There is no option for sender notifications.
o Non delivery report (also known as NDR or bounce message)) to sender: The message is rejected in an NDR to the sender. The message is not quarantined, is not recoverable, and there’s no option for recipient notifications.
When this will happen:
Starting early September and completion of deployment by early October.
How this will affect your organization:
Once these changes are rolled out, the current email notifications for recipients and senders will be stopped. Instead, any recipient notifications will be based on the selected quarantine policy (dropdown in the anti-malware policy).
What you need to do to prepare:
Review the 'Quarantine Policy' selection in your current anti-malware policies. With this feature change, for default and all existing policies,
· The selection in the 'Quarantine Policy' dropdown will be used for any recipient notifications.
· For the new settings in 'Common attachment filter detections', the selection will be set to 'Quarantine the message' option (which is the same as the Quarantine policy dropdown).
Review the following resources below to learn more:
· Quarantine policies in anti-malware policies
· Use quarantine notifications to release and report quarantined
MC411432 — We've changed the minimum iOS system requirements for Outlook for iOS and watchOS
Outlook for iOS is supported on the two most recent versions of iOS. When a new version of iOS is released, Outlook’s Operating System requirement becomes the two most recent versions: the current version of iOS and watchOS and the previous version.
With iOS 16 currently in beta, Outlook for iOS is preparing to drop support for iOS 14. In addition, once iOS 16 is released to GA, the system requirements for Outlook for iOS will be updated to reflect support for iOS 16. Microsoft will update the minimum system requirements for Outlook for iOS app from iOS 14 to iOS 15.
Microsoft will retire support for watchOS 7. watchOS 8 and 9 will be the only supported versions for Apple Watch.
How does this affect me?:
After iOS 16 is released, Outlook devices running iOS 14, or lower will no longer receive Office app updates.
At that time, customers will be able to continue to use the older version of Outlook for iOS. Once they update their device to iOS 15 or above, they will receive the newest version of Outlook.
Over time, Outlook for iOS on iOS 14 devices will eventually stop synchronizing email and calendar data, unless they have a supported version of iOS.
This change does not affect anyone using Outlook for iOS apps on iOS 15 or above.
What do I need to do to prepare for this change?:
We recommend that you communicate this change to your users to ensure they update their device operating system.
Please click Additional Information to refer to the current minimum system requirements for Office 365.
MC411428 — Microsoft Exchange Online: Change to soft-deleted period for inactive mailboxes
When all holds and retention policies are removed from an inactive mailbox, it becomes soft-deleted and remains in Exchange for a period of time to allow for recovery before permanent deletion. Based on customer feedback, and to maintain consistency with other solutions, we will be changing this period to 30 days (from current 183 days).
Following this change, after 30 days, any inactive mailboxes which are in a soft-deleted state are permanently deleted and are no longer recoverable.
When this will happen:
Rollout will begin in late August and is expected to be complete by end of September 2022.
How this will affect your organization:
When this change takes place, inactive mailboxes in the soft-deleted state which have been in this state for more than 30 days will be permanently deleted and no longer recoverable.
What you need to do to prepare:
No action is needed to enable this change.
Learn more: Delete an inactive mailbox
MC406647 — (Updated) General availability of Advanced Message Encryption - Office 365 Message Encryption portal access logs
Microsoft 365 Roadmap ID 93372
Updated August 25, 2022: We have updated the rollout timeline below. Thank you for your patience.
With this update, admins will be able to enable logging of external user activities accessing the Office 365 Message Encryption Portal to retrieve encrypted mail.
When this will happen:
Rollout will begin in mid-September (previously mid-August) and is expected to be complete by end of October (previously end of September).
How this will affect your organization:
This feature will enable logging of external user activities accessing the Office 365 Message Encryption Portal to retrieve encrypted mail. These logs can be retrieved using the Audit Logs functionality in the Microsoft Purview compliance portal. You can also access these audit logs through the management API.
What you need to do to prepare:
This feature is not available by default unless you have enabled auditing. To enable the feature, go to Microsoft Purview compliance portal > Audit log search page and select Turn on auditing.
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
You can enable the portal logs using Exchange PowerShell:
· Set-IrmConfiguration -EnablePortalTrackingLogs $true
Learn more:
· Search the audit log in the Microsoft Purview compliance portal
MC405568 — (Updated) Addition of Shared Mailboxes to the Mailbox Usage Report
Microsoft 365 Roadmap ID 93398
Updated August 9, 2022: We have updated the rollout timeline below. Thank you for your patience.
In the coming weeks, the mailbox usage report will be expanded to include additional mailbox insights.
When this will happen:
Standard Release: We will begin rolling out late July and expect to complete by late August (previously early August).
How this will affect your organization:
Upon querying for the mailbox usage report, you'll have the ability to view shared mailboxes which previously were not included. You'll need to refine your query to include a recipient type column which will show both user and shared mailboxes, but recipient type will not be an option until the change rolls out. Once live, click here for additional information to explain changes you can make to your mailbox usage report to view shared mailboxes as well as user mailboxes.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.
MC397458 — (Updated) Outlook Mac now supports retention Policy
Microsoft 365 Roadmap ID 88849
Updated August 1, 2022: We have updated the rollout timeline below. Thank you for your patience.
Use retention policies in Outlook for Mac to apply a policy to your messages in your mailbox. Retention policies define how long your messages will be saved. This update will only work in the new Outlook for Mac.
Note: If your organization is not using Mac OS, you can safely disregard this message.
When this will happen:
We will begin rolling out June 2022 and expect to complete by end of August 2022 (previously end of July 2022).
How this will affect your organization:
If you already defined the retention policy on your tenant and use that in Outlook Windows and Outlook on the web, now you could see them available in New Outlook for Mac on the message list view context menu and message item context menu.
What you need to do to prepare:
You do not need do anything to prepare this.
MC385450 — (Updated) Advanced Room Finder Coming to U.S. Government Clouds
Microsoft 365 Roadmap ID 93293
Updated August 31, 2022: We have updated the rollout timeline below. Thank you for your patience.
Room Finder is a web-based feature that you can set up for your users to find available meeting rooms and workspaces that are suitable for their use. Every meeting room and workspace must be set up in Exchange Online and added to a room list for it to display properly in Room Finder.
The Advanced Room Finder enables users to browse or search for Buildings/Room Lists by city and then filter by room type, capacity, floor and features.
When this will happen:
The Advanced Room Finder is currently available in WWMT. It will begin rolling out to U.S. Government Clouds in early June and be completely rolled out by early September (previously mid-August).
How this will affect your organization:
Users will be able to browse and search for Buildings/Room Lists and then filter for rooms in a Building/Room List by type, capacity, floor and features.
What you need to do to prepare:
Admins should ensure Room and Workspaces Mailbox properties are set to ensure users can browse and filter, especially location and feature related properties. The Advanced Room Finder currently uses: City, Capacity, Floor, AudioDeviceName, VideoDeviceName, DisplayDeviceName, IsWheelChairAccessible, and Tags.
Learn More:
· How to Configure the New Room Finder in Outlook
· Use the Scheduling Assistant and Room Finder for Meetings in Outlook
· Configure rooms and workspaces for Room Finder in Outlook
MC383875 — (Updated) Microsoft Defender for Office 365: updates to quarantine folder storage
Microsoft 365 Roadmap ID 93302
Updated August 2, 2022: We have updated the content below for clarity. Thank you for your feedback.
Microsoft Defender for Office 365 is making some changes to quarantine folder storage. The experience for users will remain the same and users can leverage the delete action to maintain the storage folder for their quarantined messages.
When this will happen:
Standard: will begin rolling out in mid-June and be completed by early September (previously late June).
Government: will begin rolling out in mid-September (previously early July) and be completed by late September (previously late July).
How this will affect your organization:
In the case that a user’s quarantine storage is full, new incoming messages routed to quarantine will be rejected and an NDR will be generated for those messages.
In the case of Zero hour Auto Purge, where malicious items need to be zapped from inbox to quarantine but there is no space, these messages will be instead, added to the junk mail folder.
Note: When there is a False positive Zero hour Auto Purge, messages wrongly moved to the Junk mail folder can be added back to their original location.
Previously, when messages were deleted by users from quarantine, those deleted messages could still be retrievable within a 30-day period after deletion was made. To help users better manage their storage, we will be introducing a hard delete experience whereby once the messages are hard deleted, they can’t be recovered.
Note: End users will only be able to delete quarantine messages that their Administrators has given them access to through the quarantine policy.
What you need to do to prepare:
The goal for this communication is mostly for informational awareness. You may consider updating your training and documentation as appropriate.
MC373889 — (Updated) Upcoming behavior change to the "DoNotRewrite" List
Updated August 5, 2022: We have updated the rollout timeline below. Thank you for your patience.
With the deployment of the Tenant Allow/Block List, as being the single source of truth for Tenant Allows, other mechanisms for Tenant Allows are being removed. This will give SecOps teams one place to manage all Tenant Allows.
Today, “DoNotRewrite” list is used to Skip
· wrapping URLs
· Detonation(SONAR)
· Verdicts.
The intended purpose of "DoNotRewrite" is to give tenants the ability to skip the wrapping of URLs. With the deployment of the Tenant Allow Block List, it is expected that all tenant allows (ex Detonation(SONAR) and Verdicts) shall be managed there.
When this will happen:
We will begin rolling this out in early June and expect to complete by late September (previously late July).
How this will affect your organization:
With this change, the Do Not Rewrite List behavior will be changed back to its intended purpose to skip the wrapping of URLs: Learn More
What you need to do to prepare:
Review your "DoNotRewrite" URLs list(s) and ensure you have not added entries to it for uses other than to skip wrapping of URLs.
Microsoft 365
MC394931 — (Updated) Microsoft 365 admin center: Reports in the Admin Center – API available to manage user, group, and site names
Microsoft 365 Roadmap ID 93313
Updated August 9, 2022: We have updated the rollout timeline below. Thank you for your patience.
Microsoft is releasing an API that helps Global Administrators change how user, group, and site names are displayed in the Microsoft 365 admin center based on their organization’s privacy practices without having to manually change the setting in Org Settings -> Reports. User, group and site names are concealed by default. When this setting is changed, administrative roles and the report reader role will be able to see identifiable user level information. Global reader and Usage Summary Reports Reader roles will not have access to identifiable user information, regardless of the setting chosen. Showing identifiable user information is a logged event in the Microsoft 365 Compliance Center Audit log.
When this will happen:
We will begin rolling out late June and expect to complete by late September (previously late July).
How this will affect your organization:
The update admin report setting API can be used with Global Administrator permissions. More information on the API can be found here Working with Microsoft 365 usage reports in Microsoft Graph Graph API names are update admin report settings and get admin report settings.
NOTE: This change affects the following products and APIs, and will help companies support their local privacy laws:
· Microsoft 365 Reports in the Microsoft 365 admin center
· Microsoft 365 usage reports in Microsoft Graph
· Microsoft Teams analytics and reporting in the Microsoft Teams admin center
· The reportRoot: getSharePointSiteUsageDetail API (1.0 and beta) for SharePoint site detail
What you need to do to prepare:
There is no specific action required, but you may want to update your documentation as needed.
Microsoft Purview
MC423139 — Microsoft Purview | eDiscovery Premium - Collections progress, statistics, and workflow enhancements (preview)
Microsoft 365 Roadmap IDs 93381 and 93382
Coming soon to public preview, we're rolling out enhancements for eDiscovery (Premium) Collections to simplify workflow and provide additional insights for eDiscovery admins.
When this will happen:
Rollout will begin in late September and is expected to be complete by late October.
How this will affect your organization:
With this preview update, eDiscovery admins can better understand the progress of Collections, see statistics on what content contributed to changes between estimated items with hits and actual collected items, and commit the collection directly from the estimate without navigating through the entire collection wizard.
What you need to do to prepare:
Get started by visiting the eDiscovery (Premium) solution in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn about collections in eDiscovery (Premium)
MC415900 — Microsoft Purview | Data Lifecycle Management and Records Management – Microsoft Graph APIs for extensibility (preview)
Microsoft 365 Roadmap ID 88276
As a part of our extensibility vision and first release to Microsoft Graph, we are introducing three new APIs for retention labels, events, and event types in the Microsoft Graph beta environment. These APIs will enable you to customize and extend on what we have built in the product so far.
These APIs can be used by compliance admins and developers to manage retention labels in Data Lifecycle and Records Management solutions.
When this will happen:
The APIs began rollout to the Microsoft Graph beta environment in mid-July and are now available in preview.
How this will affect your organization:
If your organization needs to automate any operation related to retention labels or events, we recommend you achieve this by using the new Graph APIs instead of using PowerShell cmdlets. With Graph, we use REST APIs that support better security, extensibility, and app authentication features.
The three APIs are available under the security node and the endpoints to access them are as follows:
Entity name
Endpoints
Solution
Labels
security/labels/retentionLabels
Data Lifecycle Management, Records Management
Events
security/triggers/retentionEvents
Records Management
Event types
security/triggerTypes/retentionEventTypes
Records Management
What you need to do to prepare:
Permissions
Currently, these APIs are supported through delegated permissions only, which are managed through the Graph interface. We are introducing two new permissions which you will need to access these APIs:
· recordsmanagement.read.all
· recordsmanagement.readwrite.all
Licensing:
Access to Data Lifecycle Management and Records Management features varies based on your Microsoft 365 license level. See Microsoft 365 guidance for security & compliance - Service Descriptions | Microsoft Docs for licensing requirement details.
You can find the Data Lifecycle and Records Management solutions in the Microsoft Purview compliance portal.
Learn more:
· Learn more about retention labels: Create retention labels for exceptions - Microsoft Purview (compliance) | Microsoft Docs
· Learn more about event-based retention: Start retention when an event occurs - Microsoft Purview (compliance) | Microsoft Docs
· DLM and RM Graph APIs at Microsoft Build 2022: Automate and customize retention and deletion scenarios (microsoft.com)
· Graph explorer platform: Graph Explorer | Try Microsoft Graph APIs - Microsoft Graph
MC412837 — Microsoft Purview compliance portal: eDiscovery (Premium) supports Teams reactions (preview)
Microsoft 365 Roadmap ID 88922
Coming to public preview, eDiscovery (Premium) will soon support discovery of reactions to Microsoft Teams chat and channel messages.
When this will happen:
Rollout will begin in mid-August and is expected to be complete by late September.
How this will affect your organization:
You will soon be able to discover Teams reactions in eDiscovery (Premium), including heart, thumbs up, thumbs down, laugh, surprised, and angry. This detail can provide additional user sentiment context for items captured in an eDiscovery (Premium) collection.
What you need to do to prepare:
Get started by visiting the eDiscovery (Premium) solution in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more:
· eDiscovery (Premium) workflow for content in Microsoft Teams
· Learn about collections in eDiscovery (Premium)
MC412835 — Microsoft Purview | Information protection: Co-authoring encrypted documents on mobile devices (GA)
Microsoft 365 Roadmap ID 98089
Currently available in public preview (MC337330), the ability to co-author Microsoft Purview Information Protection encrypted documents on both Android and iOS mobile devices will soon be generally available.
When this will happen:
Rollout will begin in late August and is expected to be complete by mid-September.
How this will affect your organization:
With this update, users will be able to collaborate seamlessly on documents encrypted with Microsoft Purview Information Protection from mobile devices (Android and iOS). This allows for greater flexibility and productivity on the go and supports hybrid and remote work scenarios. This expands on existing co-authoring support for Windows and Mac desktops and Office on the web.
What you need to do to prepare:
To use this feature, install or update Office Mobile, Word, Excel, or PowerPoint to version 16.0.14931 or higher on Android or 2.58.207 or higher on iOS.
Note: This feature is gated by the ‘Co-authoring for files with sensitivity labels’ setting for your tenant in the Microsoft Purview compliance portal (Global admin rights required).
· If you have already enabled the setting to use co-authoring on Desktop apps, mobile support will be enabled automatically on the supported versions.
· If you have not, you can opt-in to the setting to enable Co-authoring for both Desktop and Mobile apps when ready
To get started, visit the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW commercial and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Enable co-authoring for encrypted documents
MC412378 — Microsoft Purview compliance portal: Exact Data Match updated UI wizard
Microsoft 365 Roadmap ID 88895
We're rolling out a new Exact Data Match (EDM) UI wizard experience to provide a more simplified and automated way to configure EDM sensitive information types (SITs) in the Microsoft Purview compliance portal.
When this will happen:
Rollout will begin in mid-August and is expected to be complete by late August.
How this will affect your organization:
The new wizard in the Microsoft Purview compliance portal will enable easier and quicker configuration of EDM SITs and utilizes automation to reduce manual inputs. This new UI includes a guided experience that suggests the most accurate SITs to consider for the EDM configuration, which is based on an analysis of sample data supplied by the admin; the sample data uploaded should be representative of the actual specific sensitive data that is to be protected through the use of EDM.
What you need to do to prepare:
To explore the updated EDM wizard, visit the Microsoft Purview compliance portal > Data classification > Exact data matches, and use the toggle to switch between the legacy UI and the new EDM experience.
· Microsoft Purview compliance portal for Worldwide and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Get started with Exact Data Match
MC412376 — Microsoft Purview: eDiscovery (Premium and Standard) - Jobs limit update
Microsoft 365 Roadmap ID 93365
We will soon be making changes to jobs-related limits enforced in eDiscovery (Premium and Standard) solutions to give your organization’s eDiscovery administrators and managers greater flexibility on how jobs are run and what types of jobs can be run at the same time.
When this will happen:
Rollout will begin in mid-September and is expected to be complete by end of October.
How this will affect your organization:
With the introduction of new features to our eDiscovery services over the past few years, various limits have been introduced as a way to ensure resources are properly allocated and service stability can be maintained--this includes a range of jobs-related limits. In an effort to make these limits easier for users to understand and track, we are simplifying jobs-related limits in both eDiscovery Premium and Standard as outlined in the following table.
* eDiscovery (Premium) jobs count towards eDiscovery (Standard) limit but not the other way around. I.e. If you have 50 jobs running in Premium, then you won’t have room to start any Standard jobs until 1 or more of these jobs are completed.
This set of limits updates it not likely to significantly affect your organization’s eDiscovery workflow; the simplified jobs level limits either maintain the original limit set forth or increase flexibility by removing the specific job type associated with the limit.
What you need to do to prepare:
Assess whether the changes will change your organization’s eDiscovery workflow. If so, update internal documentation. Provide training to all eDiscovery users in your organization and update relevant documentation if needed.
Access the eDiscovery solution in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Microsoft Purview eDiscovery solutions
MC412375 — Microsoft Purview Information Protection: Sensitivity labels now apply to modified documents (WXP on PC and Mac)
Microsoft 365 Roadmap ID 93209
Currently available in public preview (MC393822), default labeling policies can be applied to any supported document that a user edits, not just a new document. This update applies to Word, Excel, and PowerPoint documents on PC and Mac platforms.
When this will happen:
Rollout will begin in late August and is expected to be complete by mid-October.
How this will affect your organization:
If you’ve configured users for a default sensitivity label policy for Office documents, the label you chose will automatically be applied to Word, Excel, and PowerPoint documents that users create or modify. Previously, this only applied to new documents only.
Note: This functionality is now generally available for Word, Excel, and PowerPoint documents on the Web (MC305436), and with this update will extend to Word, Excel, and PowerPoint on PC and Mac.
What you need to do to prepare:
View sensitivity labels and their policies and settings in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for WW and GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more:
· Get started with sensitivity labels
· Learn about the default labels and policies to protect your data
MC412046 — Microsoft Purview | Data Loss Prevention – Customizable DLP policy violation justification (GA)
Microsoft 365 Roadmap ID 93376
Now available in Microsoft Purview Data Loss Prevention, we're introducing the ability to customize the justification options that appear when end users request to override blocked actions as defined by DLP policy.
When this will happen:
This update is now available.
How this will affect your organization:
With this update, admins can customize and replace out-of-the-box justifications with text specific to the organization's policies and business needs. This enables organizations to better define relevant and appropriate justifications for overriding blocked actions and activities that are detected by DLP policies.
What you need to do to prepare:
Configure DLP policies and settings from the Data loss prevention solution in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more: Send email notifications and show policy tips for DLP policies
MC384312 — (Updated) Microsoft Purview | eDiscovery (Premium) - Case limit enhancements
Microsoft 365 Roadmap ID 85631 and 88896
Updated August 16, 2022: We have updated the rollout timeline below. Thank you for your patience.
We're rolling out a new case format in eDiscovery (Premium), increasing the total amount of content that can be managed in a single eDiscovery (Premium) case. Additionally, when selecting this new case format setting during case creation, eDiscovery admins have the option to collect Teams conversations as a transcript.
When this will happen:
· GCC: Rollout will begin in mid-June and is expected to be complete by late July. - Complete
· GCC-High and DoD: Rollout will begin in mid-June and is expected to be complete by late September (previously late July).
How this will affect your organization:
The new case format accommodates an increase in case size in response to time-sensitive, high-volume regulatory requests, investigations, and litigation in modern day regulated organizations.
With the new case format in eDiscovery (Premium), organizations will be able to:
· Create collections with up to 1 TB of data
· Commit collections with 1TB of pre-expansion data to a review set
· Collect Teams chat conversations as HTML transcripts as opposed to individual items
· Export 5 million documents or 500 GB of data (whichever is smaller) in a single export job
· Manage large volume cases with more than 40 million items per case
New case format support in eDiscovery (Premium) won’t affect your organization’s current eDiscovery workflow in existing cases. When creating a new case, you will have the ability to choose between a classic case (the existing case format) or new case format. With the new case format, you can create up to 1 TB of content per collection and then commit the collection to a single review set. When collecting content using the new case format, cloud attachments and contextual Teams and Yammer content are automatically added to the review set. This functionality helps to provide you with a complete picture of digital communications. With the new case format, you can manage large volume cases in excess of 40 million items per case, and effectively manage large data sets throughout the eDiscovery process.
As part of the new case format, eDiscovery admins will be able to collect Teams messages in transcript format. Instead of each message within a thread/conversation being brought into the review set and processed/exported individually, an entire transcript of the thread/conversation would be brought into the review set.
What you need to do to prepare:
Review and assess if the new case format will affect your organization’s eDiscovery workflow and, if necessary, update your internal documentation accordingly.
Learn more:
· Use new case format in eDiscovery (Premium)
· Teams transcript conversation threading in eDiscovery (Premium)
You can access the eDiscovery (Premium) solution here:
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-High cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
MC375741 — (Updated) Microsoft Purview compliance portal: Announcing data purge capabilities for Microsoft Teams content (preview)
Microsoft 365 Roadmap ID 88975
Updated August 18, 2022: We have updated the rollout timeline below. Thank you for your patience.
Coming to preview, this new feature extends data purge functionality to Microsoft Teams content to facilitate the purge of sensitive or misplaced data.
When this will happen:
Rollout to public preview will begin in early September (previously mid-July) and is expected to be complete by late September (previously mid-August).
How this will affect your organization:
Data spillage occurs when a confidential document is released into an untrusted environment. An eDiscovery case provides an effective way to manage data spillage investigations, so you can quickly assess the size and locations of the spillage, examine user activities around it, and then permanently purge the spilled data from the system.
With this update, you will be able to include Teams content in the scope of the data purge.
Note: Data purge can't delete items in a review set in eDiscovery (Premium) because the review set contains copies of items in the live service that are stored in an Azure Storage location. To delete items in a review set, you have to delete the eDiscovery (Premium) case that contains the review set. The purge signal will be available via the eDiscovery (Premium) Graph APIs, currently in public preview. For more information, see Close or delete an eDiscovery (Premium) case.
What you need to do to prepare:
Access the eDiscovery solution in the Microsoft Purview compliance portal:
· Microsoft Purview compliance portal for GCC cloud environments
· Microsoft Purview compliance portal for GCC-H cloud environments
· Microsoft Purview compliance portal for DoD cloud environments
Learn more:
· Search for and delete chat messages in Teams
MC321247 — (Updated) Advanced eDiscovery: Enhanced import custodians wizard experience
Microsoft 365 Roadmap ID 88814
Updated August 5, 2022: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to general availability, the Import custodian's wizard experience in Advanced eDiscovery allows eDiscovery managers to quickly validate and remediate any errors in their CSV file before submitting custodian import jobs.
When this will happen:
Rollout will begin in late February and is expected to be complete by late September (previously late July).
How this will affect your organization:
Previously, when you uploaded a CSV file to import multiple custodians into an Advanced eDiscovery case, the system did not perform an initial check to validate the values in the CSV file. We’ve heard from many of you that it’s painful to wait a long time for the import custodian job to complete, only to discover that the job has failed due to uncaught typos in the uploaded CSV file.
Now, with the enhanced import custodian's wizard experience, the system performs a set of initial checks to quickly identify errors in the uploaded CSV file before initiating the long running import custodians' job.
Download list of errors with information on the specific row, column, and error description to remediate the identified errors prior to your import.
Import the CSV file with confidence after remediating all the errors.
Note: For best results, consider splitting your CSV file for importing custodians into multiple files to work within the following limits:
· 1,000 custodians (1,000 rows) per CSV file
· 500 additional data sources per custodian (using the columns Workload 1 Type, Workload 1 location, Workload2 Type, Workload2 Location, and so on).
What you need to do to prepare:
Your organization must have the appropriate organization subscription for Advanced eDiscovery, and you must be an eDiscovery Administrator in your organization to manage communication templates and issuing officers.
Access the Advanced eDiscovery solution in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for WW and GCC
· Microsoft 365 compliance center for GCC-High
· Microsoft 365 compliance center for DoD
Learn more:
· Import custodians to an Advanced eDiscovery case
· Overview of Microsoft 365 Advanced eDiscovery
MC321240 — (Updated) Advanced eDiscovery: Updated timing for rollout of hold optimizations for U.S. gov clouds
Microsoft 365 Roadmap ID 70586
Updated August 5, 2022: We have updated the rollout timeline below. Thank you for your patience.
Timing update: We ask that you pardon our delay of this earlier planned feature release. We are now ready to proceed rolling out to Government environment. As previously announced in (MC256277 - Aug 2021), we're rolling out various service optimizations for Advanced eDiscovery, including service improvements for hold.
· Pre rollout (current): users see an error message when placing more than 1,000 mailboxes or 100 sites on hold which is the limit for eDiscovery holds.
· Post rollout: when placing more than 1,000 mailboxes or 100 sites on hold, the system will automatically scale the eDiscovery legal hold as needed.
Note: This is achieved as the system automatically adds data locations to multiple holds, instead of adding them to a single hold.
When this will happen:
Rollout will begin in early March and is expected to be complete by late September (previously early July).
How this will affect your organization:
The system will automatically scale eDiscovery legal holds as needed when you use the following Advanced eDiscovery custodian workflows:
· Advanced eDiscovery > Case > Data sources
o Add new custodians
o Import custodians
o Data source > Edit
o Data source > Release
· Microsoft Graph eDiscovery API (beta)
o Custodian resource type
Not all locations associated with a single custodian are guaranteed to be added to the same hold.
This release only impacts custodian workflows within an Advanced eDiscovery case.
· Creating query-based holds (Advanced eDiscovery > Hold > Create) will not automatically scale and will return same error as before due to hitting the limit.
· Adding non-custodial data locations (Advanced eDiscovery > Data sources > Add data locations) will not automatically scale and will return same error as before due to hitting the limit.
· This change does not affect holds in Core eDiscovery or the corresponding PowerShell cmdlets and will not impact any existing automation scripts that use PowerShell cmdlets.
All existing eDiscovery hold limits remain unchanged.
We are also changing naming schema in Advanced eDiscovery for auto-created legal holds:
· Existing naming convention for legal holds created by the system is: CustodianHold-{Case id}, for example, CustodianHold-b3d6b416-234f-47f8-b446-930df275be4e
· New naming convention for legal holds created by the system is: CustodianHold-{truncated case id}-{policy creation time in ticks}; for example, CustodianHold-b3d6b416234f47f8-0637541049083233486
What you need to do to prepare:
You might want to notify your users about this new capability and update your training and documentation as appropriate.
Access the Advanced eDiscovery solution in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC
· Microsoft 365 compliance center for GCC-High
· Microsoft 365 compliance center for DoD
Learn more:
· Advanced eDiscovery hold limits
· Importing custodians to an Advanced eDiscovery case
· Automate Advanced eDiscovery legal hold workflows that involve large scale cases using Microsoft Graph eDiscovery API
MC320945 — (Updated) Advanced eDiscovery: General availability of Communication templates and issuing officer settings
Microsoft 365 Roadmap ID 88813
Updated August 5, 2022: We have updated the content with additional links to resources.
We're soon rolling out new features to improve the efficiency of your hold notifications. Communication Library in Advanced eDiscovery allows eDiscovery administrators to create communication templates to quickly draft hold notifications. Issuing officer settings allows eDiscovery admins to manage a list of issuing officers for your organization to send hold notifications on behalf of.
When this will happen:
Rollout will begin in late February and is expected to be complete by late September (previously late July).
How this will affect your organization:
Communication templates
Previously, to send out multiple legal hold notices, eDiscovery managers had to repetitively follow the same multi-step process outlined in documentation (Create a legal hold notice - Microsoft 365 Compliance). With this update, eDiscovery admins can now manage a list of communication templates for their organization. eDiscovery managers can simply select from one of the pre-configured templates, instead of starting from scratch every time.
To create, edit, and delete communication templates, navigate to Advanced eDiscovery > Settings > Communication Library.
Previously, only eDiscovery case members with an active mailbox could be selected as issuing officers to send the legal hold notice on behalf of. With this update, eDiscovery admins can manage a list of issuing officers for their organization, without adding these issuing officers as “case members”, granting unnecessary access to each eDiscovery case. If an organization has a dedicated attorney “John Doe” to send all their hold notices on behalf of, an eDiscovery admin can simply add John Doe as an issuing officer under Advanced eDiscovery settings, without adding John Doe to all their cases as a case member.
To add and delete issuing officers, navigate to Advanced eDiscovery > Settings > Issuing officer.
Once the above settings are defined, you can select the issuing officer and the communication template options for your new legal hold notification from Case > Communications > New communication.
What you need to do to prepare:
Your organization must have the appropriate organization subscription for Advanced eDiscovery, and you must be an eDiscovery Administrator in your organization to manage communication templates and issuing officers.
Access the Advanced eDiscovery solution in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for WW and GCC
· Microsoft 365 compliance center for GCC-High
· Microsoft 365 compliance center for DoD
Learn more:
· Overview of Microsoft 365 Advanced eDiscovery
· Manage custodian communications templates in Advanced eDiscovery
· Manage issuing officers in Advanced eDiscovery
MC306112 — (Updated) Microsoft 365 compliance center; third party data connectors (Veritas)
Microsoft 365 Roadmap ID 82038
Updated August 12, 2022: We have updated the rollout timeline below. Thank you for your patience.
Admins can use data connectors to import and archive third-party data from social media platforms, instant messaging platforms, and more to mailboxes in your Microsoft 365 organization. This enables you to extend various Microsoft 365 compliance solutions to the imported content, helping ensure that non-Microsoft data is in compliance with the regulations and standards that affect your organization.
As previously announced in (MC267138 - July 2021), we are rolling out a new set of data connectors from Veritas to expand this capability to an additional group of third-party data sources. Note: We are rolling out these connectors first to public preview before making them generally available.
When this will happen:
Public preview: will begin rolling out in late December 2021 and is expected to be complete by early January 2022.
Standard: will begin rolling out in late September (previously late July) and is expected to be complete by mid-October (previously mid-August).
How this will affect your organization:
The following Veritas Technologies (formerly Globanet) data connectors are being onboarded to the GCC environment:
· CellTrust
· Cisco Jabber on MS SQL
· Cisco Jabber on Oracle
· Cisco Jabber on PostgreSQL
· EML
· FX Connect
· Jive
· MS SQL Database
· Pivot
· Redtail Speak
· Reuters Dealing
· Reuters Eikon
· Reuters FX
· RingCentral
· Salesforce Chatter
· ServiceNow
· Skype for Business
· Slack eDiscovery
· Symphony
· Text-delimited
· Webex Teams
· Webpages
· Workplace from Facebook
· XIP
· XSLT/XML
· Yieldbroker
· YouTube
· Zoom Meetings
Note: Before you can archive data in Microsoft 365, you have to work with Veritas to set up their archiving service (called Merge1) for your organization.
What you need to do to prepare:
You can access data connectors within the Microsoft 365 compliance center.
MC301684 — (Updated) General availability of AIP client and scanner audit logs in Microsoft 365 Audit and Activity explorer
This message is associated with Microsoft 365 Roadmap ID 89777
Updated August 8, 2022: We have updated the rollout timeline below. Thank you for your patience.
Azure Information Protection (AIP) administrators will soon be able to access data in Microsoft 365 compliance center Audit logs and Activity explorer, in addition to the AIP Analytics (Preview) portal.
When this will happen:
Rollout will begin in early December and is expected to be complete by late September (previously late July).
How this will affect your organization:
As part of our unified labeling and analytics experience across the Microsoft Information Protection (MIP) solution, we are expanding your ability to access and review data logged by AIP client, scanner, and MIP SDK beyond the existing AIP Analytics (Preview) portal.
· With this update, audit logs reported by the AIP client, the AIP scanner, and MIP SDK flowing today into the Log Analytics workspace will also be available in Microsoft 365 Audit logs.
· Additionally, you can use the Activity explorer screen for additional insights into labeling activity and history.
What you need to do to prepare:
Your data will be available in Activity Explorer, and you will be able to explore your AIP audit logs in Microsoft 365 portal. No action is needed as audit log data will flow into Activity Explorer by default. If you wish to opt-out, please follow the procedure explained here.
Administrators will be able to continue exploring AIP Audit logs in the Log analytics workspace in the AIP Analytics (Preview) portal. This is a supplemental access point.
You might want to notify your administrators about this new capability and update your training and documentation as appropriate.
Get started with Activity explorer in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC
· Microsoft 365 compliance center for GCC-H
· Microsoft 365 compliance center for DoD
Microsoft Defender
MC408693 — Announcing automatic redirection from Office 365 Security and Compliance Center to Microsoft 365 Defender portal
Microsoft 365 Roadmap ID 93418
We will soon begin redirecting users from the legacy Office 365 Security & Compliance Center to Microsoft 365 Defender portal in GCC, GCC-High and DoD environments, for all security workflows including: Alerts, Threat Management and Reports.
GCC Environment:
· Office 365 Security & Compliance Center old URL: protection.office.com
· Microsoft 365 Defender new URL: security.microsoft.com
GCC-High Environment:
· Office 365 Security & Compliance Center old URL: scc.office365.us
· Microsoft 365 Defender new URL: security.microsoft.us
DoD Environment:
· Office 365 Security & Compliance Center old URL: scc.protection.apps.mil
· Microsoft 365 Defender new URL: security.apps.mil
Items in the Office 365 Security & Compliance Center scenarios that are not related to security are not redirected to Microsoft 365 Defender. For compliance solutions redirection to Microsoft 365 Compliance Center, see MC244886.
This is a continuation of Microsoft 365 Defender delivers unified XDR experience to GCC, GCC High and DoD customers - Microsoft Tech Community, announced in March 2022.
When this will happen:
Standard Release: We will begin rolling out early September 2022 and expect to complete by late October 2022.
How this will affect your organization:
Users accessing the security solutions in the Office 365 Security & Compliance Center will be automatically redirected to the appropriate solutions in the Microsoft 365 Defender portal. This change enables users to view and manage additional Microsoft 365 Defender security solutions in one portal.
This change impacts all customers who use the Office 365 Security & Compliance Center in GCC, GCC High and DoD environments, including Microsoft Defender for Office (Plan 1 or Plan 2), Microsoft 365 E3 / E5, Office 365 E3/ E5 and Exchange Online Protection. For the full list, see Security & Compliance Center - Service Descriptions | Microsoft Docs.
This change impacts all users who logs in to the Office 365 Security & Compliance center portal, including security teams as well as end-users (who access the Email Quarantine experience, at the Microsoft Defender Portal > Review > Quarantine).
What you need to do to prepare:
Redirection is enabled by default and impacts all users of the Tenant.
Global Administrators and Security Administrators can turn on or off redirection in the Microsoft 365 Defender portal by navigating to Settings > Email & collaboration > Portal redirection and switch the redirection toggle.
MC387033 — (Updated) Microsoft Purview Data Lifecycle Management: Temporary rollback of Adaptive policy scopes for retention
Updated August 23, 2022: We have updated the rollout timeline below. Thank you for your patience.
As previously announced in Message Center post (MC306670 - December 2021 and tracked via Microsoft 365 roadmap ID 70578), we rolled out adaptive policy scopes for retention policies and retention label policies to your cloud environment. We recently discovered an issue that impacts creation of adaptive policy scopes in GCC High and DoD environments, caused by an incompatible older version of the service. To ensure compatibility of this service with the adaptive policy scopes feature, we will roll back this feature immediately.
How this will affect your organization:
You are receiving this message because your Microsoft 365 license grants access to Microsoft Purview Data Lifecycle Management and Records Management solutions, and you are currently unable to use the adaptive policy scopes feature.
Until this issue is resolved, you will continue to be unable to create adaptive scopes or use them in retention policies and label policies.
What you need to do to prepare:
We are working diligently to address this issue and anticipate relaunching adaptive policy scopes feature by the end of October (previously end of August). Status of this feature will be tracked via Microsoft 365 roadmap item 93329.
There is nothing you need to do to prepare. Once this issue has been resolved we will notify you via Message Center.
Learn more about this feature:
Adaptive policy scopes allow data administrators to scope retention policies and retention label policies to a dynamic set of users, SharePoint sites, or Microsoft 365 Groups. They do this by using the properties or attributes associated with these locations. Adaptive policy scopes work with all locations, including Exchange mailboxes, Microsoft 365 Groups, SharePoint sites, OneDrive accounts, Teams chats and channel messages (including private channels), and Yammer user and community messages.
· Documentation: Learn about retention policies & labels to automatically retain or delete content
· Blog: Adaptive Policy Scopes Microsoft 365 Records Management
· Webinar: Deep dive on adaptive solutions
MC296611 — (Updated) Microsoft Defender for Office 365: Introducing Built-In-Protection
Microsoft 365 Roadmap ID 72208
Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
Key points:
· Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
o Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
· Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Micro...
How this will affect your organization:
Built-In-Protection will not impact users who currently have a Safe Links or Safe Attachments policy in place.
Note: For users already covered under the standard or strict preset; or under an explicit custom policy, this new built-in preset will not impact them as this policy has the lowest priority.
Policies will be applied in the following order of precedence:
1. Strict
2. Standard
3. Custom
4. Built-In-Protection or default
This means that if additional domains are added to your tenant, they will automatically be protected through Built-In-Protection with a base level of Safe Links and Safe Attachment. This will reduce the administrative burden and time involved to protect these users, as they'll get instant protection under the Built-in preset.
What you need to do to prepare:
No security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
· We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
· Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
· MDO blog announcing Built-In-Protection
· Learn how to configure Built-in-Protection
· See the specific settings set in Built-In-Protection
Microsoft 365 IP and URL Endpoint Updates |