Securing Global Administrator accounts
Hello all, According to this article: Use admin accounts only for Microsoft 365 administration. Admins should have a separate user account for their regular use of Microsoft 365 Apps, and only use their administrative account when necessary to manage accounts and devices, and while working on other admin functions. It's also a good idea to remove the Microsoft 365 license from your admin accounts so you don't have to pay for extra licenses. I should have a separate unlicensed admin account. How do I follow the above recommendation and continue to receive emails from the partner center? We have also been encouraged to use Privileged Identity Management, and use one account but only activate the admin role when needed. Does Microsoft recommend using PIM, or do they recommend using separate admin accounts? When using PIM, I only receive email sent to global administrators, when the PIM role is active. I am having trouble understanding how to follow this guidance when the admin portals do not appear to support emailing the "regular user account" of an administrator. When I asked Partner Center frontline support for clarification on this guidance I was asked to post my question here. Thanks!
Questions Regarding New CSP Authorization Enforcement Policies
I have the following questions about the scenario in which a direct bill partner does not meet the new requirements at the CSP tenant anniversary date: Restricted Status vs. Suspension/Revocation: Until recently, official documents indicated that at T+0, a direct bill partner would move to "Restricted" status, allowing them to continue billing and renewing existing customers, but not create new customers or subscriptions, for an indefinite period. This also allowed a reasonable timeframe for transition to indirect CSP. Now, the new enforcement policies state that at T+30, the tenant is placed in "Suspended" status, and at T+60, it is "Revoked," with no further possibility to operate on active customers and their subscriptions—even in cases where subscriptions have already been paid for annual or annual/monthly contracts. Could you clarify the reason for this change and the rationale behind the new, stricter enforcement timeline? Customer Transition Feasibility: How does Microsoft expect all customers to be transferred to an indirect provider within just 30–60 days after T+0? Is there any support or guidance for partners to manage such a rapid transition? Because in my opinion is not feasible and could be a potential risk to loose customers business. Prepaid Subscriptions: Even if it were possible to transfer all customers within the required timeframe, has Microsoft considered that many of these subscriptions have already been prepaid for an entire year or are in the middle of an annuality with monthly payments by the direct bill partner to Microsoft? We appreciate your attention to these concerns and look forward to your guidance on how to best manage compliance and customer impact under the new policies. My personal opinion is that is immediately necessary to restore the process as before with the Restricted Status if Direct Bill are not satisfied and give time (one year) to the partner to move to indirect provider all the customers/subscriptions. Thank you in advance for your support.
NEW! Microsoft 365 Customer Self-Serve Template for CSP partners
We’re excited to share the Microsoft 365 Customer Self-Serve Template to support your self-serve capabilities and insights for optimizing the commerce experience. Today, online buying is the norm, and customers are increasingly looking for one-stop shopping with a self-serve experience that’s fast, convenient, and on demand. The Customer Self-Serve Template gives you the tools to offer a seamless self-serve experience, streamlining the customer journey. Whether you leverage the content for new customer acquisition or for customer expansion, this quick-start guide will help you optimize the customer purchasing and provisioning process. With your self-serve capabilities in place, customers can easily choose, pay for, and auto-provision users on Microsoft 365 without manual partner interaction. Download the Customer Self-Serve Template to get started
security score requirements > 80 ?
Hi, I’m a distributor and noticed that there has been an update to the One-Page CSP Improvements Campaign – Authorizations One Pager. Previously, the document specified that a security score above 80 was required. However, I noticed that this requirement is no longer mentioned in the latest version I downloaded. Could you please confirm whether this criterion still applies, or if the only current prerequisites are as follows: Multi-Factor Authentication (MFA) must be enabled for all administrative users in the CSP tenant. A security contact must be designated within Partner Center. Security alerts must be responded to within 24 hours or less (not applicable to indirect reseller partners) I would appreciate your clarification on this matter. Ref https://learn.microsoft.com/en-us/partner-center/security/security-requirements i See On Update Partner Center Have New Tag Topic Mandatory requirements Or actually, just do this and it will pass the requirements section. New One Page Remark : When I click Details, I can't open the file at all Azure Information Protection Even though I signed in with an account Partner to view PDF, I can't open Give message Not Have Permission the file. Please help. Old One Page
Clarification on process to set up as direct bill CSP in another geographic region.
We are currently a Tier 1 direct bill CSP partner in the US. We have created a business entity in the British Virgin Islands with the aim of transacting CSP in the LATAM region. I am a bit stuck in the process of getting this set up, hoping someone here who has gone through it can help provide a sanity check. I have a ticket open with Microsoft but they've literally been ignoring my requests for update for a full week as of today. So far we've set up the BVI business entity and linked it to our main MPN in Partner Center as a new location. The tenant has been created in the BVI as well for the entity. It is my understanding we next need to enroll this new entity as a partner https://partner.microsoft.com/en-us/dashboard/account/v3/enrollment/introduction/partnership. When I fill the form I am getting errors the name already exists, even though it's a new entity.
