How to Configure Temporary Access Pass (TAP) to Prevent Lockouts
As organizations move toward passwordless authentication and stronger identity protection, having a reliable fallback mechanism becomes essential. That’s where Temporary Access Pass (TAP) comes in. TAP provides a time-limited passcode that users can use to register passwordless methods—such as Passkeys (FIDO2), Microsoft Authenticator, or certificate-based authentication—without requiring their existing password or MFA methods. For nonprofits and mission-driven organizations, TAP helps reduce account lockouts, simplifies onboarding, and strengthens security. What Is Temporary Access Pass (TAP)? Temporary Access Pass is a secure, limited-duration authentication method that allows: Secure onboarding of new users Recovery when users lose access to authentication methods Registration of passwordless sign-in methods Key characteristics: Time-limited Single-use or multi-use Assigned to specific users or groups Automatically expires and cannot be reused ✅ Licensing requirement: Microsoft Entra ID P1 or higher (included in Microsoft 365 Business Premium). Why TAP Prevents Lockouts TAP addresses common access issues: Lost MFA device: Users can reconfigure authentication methods Forgotten password: Users can move directly to passwordless sign-in New user setup: No need to share passwords insecurely Recovery scenarios: Provides an alternate path when normal sign-in fails Step 1: Enable TAP in Microsoft Entra Admin Center Open the Microsoft Entra admin center Navigate to: Entra ID → Authentication methods → Policies Select Temporary Access Pass Set Enable → On Assign to selected users or groups Start with a pilot group before broader rollout. Step 2: Configure TAP Policy Settings Lifetime settings Default: 1 hour Maximum: up to 8 hours (or more, if required) (Although Microsoft allows longer durations, shorter lifetimes increase security.) Usage Type One-time (recommended): Admin recovery Sensitive or privileged access Multi-use: Bulk onboarding Temporary workforce Assignments Recommended groups: Administrators Helpdesk staff (trained) New user onboarding groups Avoid assigning to all users without proper controls. Step 3: Create a TAP for a User Go to Entra ID → Users Select the user Choose Authentication methods Click Add authentication method Select Temporary Access Pass Configure: Lifetime One-time or multi-use Start time Select Add Security note: Deliver the TAP securely—never via email or unsecured messaging. Step 4: Use TAP for Secure Registration or Recovery Users redeem TAP at: https://aka.ms/mysecurityinfo This portal allows users to do the following by simplifying adding a sign-in method: Register passkeys (FIDO2) Set up Microsoft Authenticator Configure Windows Hello Recover access if MFA is unavailable TAP enables users to sign in without needing their existing password or MFA methods, providing a secure, time-limited path for onboarding and account recovery. Best Practices for Nonprofits Using TAP 1. Restrict who can issue TAP Limit to: Global/Admin roles Security or helpdesk staff 2. Use Just-In-Time generation Create TAP only when needed Never store or reuse codes 3. Enforce expiration discipline Keep lifetimes short Avoid long-lived passes 4. Monitor all usage Review sign-in logs Monitor authentication method activity 5. Align with Conditional Access Use TAP during Report-only testing Ensure policies allow TAP as a valid authentication method Conclusion Temporary Access Pass is one of the most effective tools organizations can use to: Prevent account lockouts Simplify onboarding Accelerate passwordless adoption Strengthen identity security When combined with Conditional Access and emergency access accounts, TAP becomes a key part of a resilient identity strategy. To learn how to fully configure Temporary Access Pass (TAP), refer to the official Microsoft documentation: Configure a Temporary Access Pass in Microsoft Entra ID to register passwordless authentication methods - Microsoft Entra ID | Microsoft Learn
ICYMI: Microsoft Dragon Copilot for Rural Hospitals
Partners supporting rural healthcare customers should be aware of the Microsoft Dragon Copilot offer available through the Rural Health Resiliency Program. This AI-powered clinical assistant helps reduce documentation burden so clinicians can focus more on patient care. What to know: Available to independent U.S. rural hospitals (CAH, REH, RCH) Includes discounted licensing + free readiness assessments + training Check out the Dragon Copilot offer two-pager What to do: Identify eligible rural hospital customers Introduce the offer and position within modernization efforts Guide customers to register via the Microsoft Rural Health Resiliency Program 👉 For more information, contact: mailto:RuralHealth@Microsoft.comAzure Policy: Modern Governance with Practical Recommendations
Azure Policy is one of Microsoft Azure’s most effective governance tools. It helps organizations enforce standards automatically, detect configuration issues early, and keep cloud environments aligned with internal policies and external regulatory requirements. For organizations that value security, predictability, and cost control—especially nonprofits—Azure Policy provides essential guardrails without relying on manual oversight. This guide explains why Azure Policy matters, how it works, and recommended best practices for using it effectively, with a practical example and step‑by‑step guidance. 📘 Official Azure Policy overview Why Azure Policy Matters Azure Policy allows you to define rules that Azure evaluates continuously. These rules ensure resources stay compliant during creation and over time. Policies can block, audit, modify, or remediate resource configurations automatically—reducing risk and operational overhead. Common governance scenarios include: Restricting which Azure regions can be used Requiring resource tags for cost tracking Enforcing encryption and security baselines Auditing misconfigurations Preventing unsupported or high‑risk deployments ✅ Recommendation Adopt Azure Policy early, before environments scale. Governance is far easier—and less disruptive—to maintain than to retrofit after sprawl occurs. Recommended Approach: Built‑In Policies First Microsoft maintains hundreds of built‑in policies that cover common governance scenarios, including region restrictions, security controls, and compliance baselines. One of the most widely used policies is: Allowed locations – Restricts where resources can be deployed (Deny or Audit) ✅ Recommendation Use built‑in policies whenever possible. They are: Maintained and updated by Microsoft Aligned with Azure platform changes Easier to audit, document, and explain to stakeholders Create custom policies only when built‑in options cannot meet specific business requirements. Why Region Restriction Policies Are Useful Restricting deployment regions is one of the most impactful governance controls an organization can apply. Key Benefits 🔐 Stronger security - Limits deployments to trusted, reviewed regions. 📜 Regulatory compliance - Supports data residency requirements (HIPAA, GDPR, donor data protections). ⚡ Performance optimization - Keeps workloads closer to users and connected systems. 💰 Cost governance - Prevents accidental deployment in higher‑cost regions. 🧭 Operational consistency - Establishes clear boundaries for teams and automation pipelines. ✅ Recommendation Apply region restrictions at the management group or subscription level to ensure consistent enforcement across environments. Step‑by‑Step: Assigning an Azure Policy (Portal) Step 1 — Open Azure Policy Sign in to <https://portal.azure.com> Search for Policy Open the Policy service Step 2 — Explore Policy Definitions Azure provides built‑in policies for: Tag enforcement Encryption requirements Diagnostic and activity logging Resource configuration and restrictions Security and compliance baselines ✅ Recommendation Group related policies into Initiatives (policy sets) for easier management—especially for compliance or nonprofit governance standards. 📘 List of built in policy definitions: Step 3 — Assign the Policy In the left menu, expand Authoring Select Assignments Select Assign Policy Select scope (management group, subscription, or resource group) Choose the policy definition during the assignment wizard Configure parameters Review and create Azure begins evaluating resources automatically. 📘 Assigning policies via the portal Compliance Reporting in Azure Policy Azure Policy includes a built‑in Compliance Dashboard that shows: Overall compliance percentage across assigned policies and initiatives Compliant vs. non‑compliant resources, aggregated by scope (management group, subscription, or resource group) Non‑compliant initiatives and policies, helping identify which policy sets are failing Individual policy evaluation results, showing exactly why a resource is non‑compliant Exemptions, errors, and not‑applicable states, including resources excluded from enforcement or failing evaluation Note: Compliance data is generated during evaluation cycles and may not be real‑time; results are updated periodically based on policy or resource changes. 📘 Compliance reporting documentation Why Azure Policy Is Especially Valuable for Nonprofits Nonprofits often manage sensitive donor, beneficiary, and financial data while operating under tight budgets. Azure Policy helps by: Enforcing security without increasing staffing Preventing costly configuration mistakes Supporting audit readiness Protecting donor trust Reducing operational waste Final Recommendations ✅ Start with built‑in policies ✅ Apply policies at the management group level when possible ✅ Use Deny for hard requirements; Audit for learning phases ✅ Group policies into initiatives ✅ Review compliance dashboards regularly ✅ Document governance decisions for transparency and audits Conclusion Azure Policy is a foundation of strong cloud governance. Whether you’re restricting deployment regions, enforcing security baselines, or preparing for audits, it delivers automated, consistent, and scalable enforcement. For nonprofits and mission‑driven organizations, Azure Policy ensures every cloud resource supports security, compliance, and responsible stewardship—without increasing operational burden.Strengthening Cybersecurity for Education‑Focused Nonprofits and Education Institutions
Cybersecurity is one of the most urgent priorities facing education‑focused nonprofits and education institutions today. Whether you’re a nonprofit delivering tutoring, literacy, STEM, or adult learning programs — or a school, district, or learning organization — you’re managing growing threat complexity with lean IT teams, rising ransomware risk, and sensitive learner and staff data to protect. Leaders across the education ecosystem need practical strategies that strengthen security without slowing down their mission. The Microsoft Elevate Education team is bringing you two powerful Signature Series webinars this spring to help education‑focused nonprofits and education institutions strengthen their cybersecurity posture from the inside out. Pick the topic and time that fits your day — or register for both. Webinar 1 | May 19, 2026 Preventing the Next Organization‑Wide Incident: Identity, Access, and Ransomware for Education‑Focused Nonprofits & Education Institutions Choose your session: 8:00 – 9:00 AM PT: https://msevents.microsoft.com/event?id=2868688952 4:00 – 5:00 PM PT: https://msevents.microsoft.com/event?id=1182185119 Webinar 2 | June 23, 2026 Self-Healing Security for Education‑Serving Organizations: Automated Investigation & Response with Microsoft Defender XDR Choose your session: 8:00 – 9:00 AM PT: https://msevents.microsoft.com/event?id=237608052 4:00 – 5:00 PM PT: https://msevents.microsoft.com/event?id=2738526889 Across both sessions, you'll learn how to: Reduce risk from over‑permissioned admin accounts and always‑on access Limit your organization’s blast radius through modern identity segmentation and access controls Automate threat investigation and response to contain incidents faster — even with a lean team Manage and approve remediation actions through a unified Action center Strengthen ransomware readiness using tools many organizations already own How This Benefits Education‑Focused Nonprofits Education‑focused nonprofits and education institutions face many of the same cybersecurity pressures — rising ransomware activity, increasingly sophisticated identity attacks, and the responsibility to protect sensitive learner, staff, and organizational data — often with limited resources and little room for disruption. These sessions tell the full cybersecurity story for organizations that teach, support, and deliver education: securing who has access and automating how you respond when threats occur. Together, they help nonprofits and education institutions move toward containment‑ready, resilient security operations that protect staff, volunteers, and the learners they serve. We hope to see you there. Microsoft Elevate EDURECAP: Microsoft Elevate Partner Community Monthly Call - May 2026
Be sure to catch the replay of this month's Microsoft Elevate Partner Community call. Thanks to all of our fantastic speakers as well! What we covered: Videos from Partner Day are now online 2026 Microsoft Partner of the Year Award is coming soon Education Security and Value Optimization Assessment ASPX Updates (AI Business Solutions & Security Partner Experience) Microsoft Elevate for Educators Microsoft Elevate for Changemakers Nonprofit Data Solutions in Microsoft Fabric Study & Learn New 3 year SKU for Nonprofits Featured Webinar: Teach & Study New eBook: The Academic Researcher's Guide to Generative AI Feel free to review the deck and watch the replay: Link to the deck: FY26 Microsoft Elevate Partner Community Call - May 2026 - PDF Link to the recording: Monthly Microsoft Elevate Partner Community Call - May 2026 To get the Microsoft Elevate Partner Community Monthly Call on your calendar, sign up here.Microsoft Elevate Partner Community Call for May 2026 - Don't Miss!
⏰REMINDER⏰- The Microsoft Elevate Partner Community call is coming up next week. Connect with fellow partners, ask questions, and stay up to date on programs and investments that support your nonprofit and education impact. Sign up here for the monthly series.How to Switch Between Multiple Organizations in Microsoft Teams
Introduction: If you collaborate with multiple companies, clients, or nonprofits, you’ve likely been invited to more than one Microsoft Teams organization (aka “tenant”). While Teams is a powerful tool for collaboration, switching between orgs isn’t always intuitive—and can slow you down if you’re not set up properly. In this blog, I’ll walk you through how to manage and switch between multiple organizations in Microsoft Teams smoothly—on both desktop and mobile. What Is an "Organization" in Teams? Each Microsoft 365 account is tied to a single organization (or tenant). When you're added to another org’s Teams environment, you're technically a guest there. Teams allows you to toggle between these orgs, but the interface isn’t always user-friendly, and you can easily miss notifications or messages if you're not careful. How to Switch Organizations on Teams Desktop App Open Microsoft Teams (desktop or web). In the top-right corner, click on your profile picture. Under your name, you’ll see a list of all the organizations you’re a member of. Click the name of the org you want to switch to. Teams will reload in that environment. Note: Each time you switch, Teams refreshes—so it can take a few seconds. switched organization shown below Switching Orgs on the Teams Mobile App Tap your profile picture in the top-left corner. Under your name, tap the dropdown arrow to view other organizations. Select the org you want to access. Note: On mobile, switching is usually faster than on desktop, and it’s a good backup when you cannot access your computer. Other Tips for Managing Multiple Orgs ✅ Use the Web App in Parallel Open teams.microsoft.com in a browser for one org while using the desktop app for another. This is especially helpful if you're constantly jumping back and forth. 🔔 Don't Miss Notifications Teams doesn’t show notifications from orgs you’re not actively in. Use the Activity Feed in each org to catch up when you switch. On mobile, you can enable notifications for all orgs (Settings > Notifications > Accounts). 💼 Keep Track of Which Org You're In Customize your Teams theme for each org to help visually differentiate them. Add org initials or emojis in team names (if you’re an admin) to make switching less confusing. 🧹 Leave Orgs You No Longer Use If you’re no longer collaborating with a tenant, go to myaccount.microsoft.com/organizations and remove your access. 🧠 Bonus: Using Multiple Desktops or Profiles If you’re more advanced, consider: Creating browser profiles (Chrome/Edge) for each org. Running Teams in multiple desktop user accounts or Microsoft Edge side-by-side mode. Wrapping Up Switching orgs in Teams is a necessary evil for consultants, volunteers, and cross-org collaborators. With the right habits—like using browser tabs, enabling notifications, and customizing views—you can stay productive without missing a beat.Turn AI Potential into Real Impact—One Day Is All It Takes
🌐 Online | Multiple session times 📅 May 6, 2026 🔗 Register: https://aka.ms/AgentathonMay2026 If AI is on your roadmap—but still feels out of reach—this is your reminder that May 6 is coming up fast. The Microsoft Global Agent‑a‑thon is your opportunity to move from AI interest to real, usable solutions in one day, with guidance and support that continues well beyond the event. This isn’t about watching demos or talking about possibilities. It’s about building. Why This Matters Right Now Across nonprofits, public sector, education, and business, teams are stretched thin. Workloads are increasing, expectations are growing, and there’s little room to experiment without support. AI agents can help—if teams know how to build and apply them responsibly and effectively. That’s exactly what the Agent‑a‑thon provides: Hands‑on building Clear learning paths Real use cases Ongoing guidance A global community solving real problems There’s a Level for You Whether you’re brand new to AI or already building solutions, there’s a path designed for your role and goals: 🌱 Explorer Build your first AI agent, no coding required and walk away with something you can use immediately. ⚙️ Commander Automate workflows, connect systems, and reduce repetitive work using Copilot Studio and no‑code tools. 🚀 Master Design secure, enterprise‑grade AI agents with governance, orchestration, and scale in mind. No matter the level, the focus is the same: practical impact, not theory. A Special Note for Nonprofits Nonprofits often feel the pressure of “doing more with less” the most. Through the Agent‑a‑thon, nonprofits can: Automate administrative tasks that drain time and energy Support staff and volunteers with faster access to information Scale services without adding overhead Explore AI in a safe, guided environment Build solutions aligned directly to their mission Most importantly, you don’t have to do it alone. The Agent‑a‑thon is designed to support you before, during, and after the event. More Than a Day—A Starting Point Yes, the build happens in one day. But the learning, support, and momentum continue. Participants can submit their agents, access continued resources, and learn alongside a global community focused on real‑world outcomes—not shelfware. If AI is on your list this year, this is your moment. One day to build. Ongoing support to grow. A chance to shine globally.Building Intelligent Apps With Azure
Technology is changing fast, and apps today can do far more than they used to. With artificial intelligence (AI) becoming part of everyday tools, organizations of all sizes are looking for ways to build smarter, more helpful apps. Microsoft Azure makes this easier by giving teams the tools and training they need to learn, experiment, and create with confidence. What Makes an App “Intelligent”? An intelligent app uses AI to make experiences feel more natural and responsive — like understanding language, recognizing images, or offering helpful suggestions. You can build these apps from scratch or modernize the ones you already have using Microsoft Azure. Cloud technology plays a big role because it keeps everything fast, secure, and easy to scale. Helping Teams Build With Confidence Working with AI can feel overwhelming at first. Teams often face challenges like: Not having much experience with AI Feeling unsure about which tools to use Wanting to make sure AI is used responsibly Azure supports teams with hands‑on learning, expert guidance, and built‑in responsible AI tools through frameworks like Microsoft Responsible AI, helping teams build safely and confidently. Start With the Basics Before building intelligent apps, it helps to understand where your team is today and what skills they may need. Azure and Microsoft Learn offer simple, practical resources to get started: AI fundamentals – Learn the basics of how AI works https://learn.microsoft.com/ai Generative AI – Explore tools like AI copilots and how to write effective prompts Craft effective prompts for Microsoft 365 Copilot - Training | Microsoft Learn Cloud‑native development – Build apps designed to run smoothly in the cloud Create cloud native apps with Azure and open-source software - Training | Microsoft Learn Modernizing older apps: Azure application modernization overview - Assess, plan, and modernize existing workloads Microsoft App Modernization Guidance for Azure - App Modernization Guidance | Microsoft Learn Power Platform modernization - Rebuild or extend legacy apps using low-code tools. Modernize applications with Power Platform - Power Platform | Microsoft Learn Azure & .NET modernization – Upgrade ASP.NET apps to modern .NET and deploy to Azure Modernize ASP.NET and ASP.NET Core web applications - App Modernization Guidance | Microsoft Learn These resources help teams learn at their own pace and build confidence as they go. Deploying Apps the Right Way Once your app is ready, you need a smooth way to launch it. Azure provides tools and best practices to help teams: Set up the right environment Build and test apps quickly Use containers and DevOps to speed up delivery Azure DevOps | Microsoft Azure Containers on Azure | Microsoft Azure Deploy AI features safely using Azure’s governance and security tools As many developers have noted, “What used to take weeks now takes hours.” Keep Improving Over Time Building an intelligent app isn’t a one‑time project. Teams need to monitor performance, keep apps secure, and make improvements as technology evolves. Azure offers resources to help with: Scaling apps as usage grows — Automatically adjust resources to meet demand while maintaining performance and reliability. Protecting apps from security threats — Use built‑in security, identity, and compliance tools to safeguard data and reduce risk. Improving accuracy and performance — Monitor models and applications to fine‑tune quality, responsiveness, and user experience. Managing costs — Track usage, optimize resources, and control spending as apps grow and evolve. Create a Culture of Continuous Learning The most successful organizations treat learning as an ongoing investment. As Forbes notes, helping people understand new technologies builds trust and prepares teams for the future. Microsoft offers a wide range of learning paths, tutorials, and hands‑on experiences to support your team as they explore AI and intelligent app development: https://learn.microsoft.com/ https://www.microsoft.com/nonprofits/offers-for-nonprofits https://learn.microsoft.com/industry/nonprofit/microsoft-for-nonprofits/
