Newsworthy Highlights |
New Insider Risk Management features in general availability
Today, we are excited to announce the general availability of more than 25 features for government and commercial customers.
Expanding cloud logging to give customers deeper security visibility
In response to the increasing frequency and evolution of nation-state cyberthreats, Microsoft is taking additional steps to protect our customers and increase the secure-by-default baseline of our cloud platforms. These steps are the result of close coordination with commercial and government customers, and with the Cybersecurity and Infrastructure Security Agency (CISA) about the types of security log data Microsoft provides to cloud customers for insight and analysis.
Microsoft 365 Government Community Call
Join Jay Leask and other members of the Government Community live on LinkedIn!
Where to Start with Microsoft Teams Apps in Gov Clouds
Customers in our Office 365 government clouds, GCC, GCCH, and DoD, are continuing to evolve how they do business in the hybrid workplace. As Microsoft Teams is the primary tool for communication and collaboration, customers are looking to improve productivity by integrating their business processes directly into Microsoft Teams via third-party party (3P) applications or line-of-business (LOB)/homegrown application integrations.
Microsoft 365 Government Adoption Resources
Empowering US public sector organizations to transition to Microsoft 365
What’s New in Microsoft Teams | Microsoft Inspire 2023
Release News |
Exchange Online
Working hours and location in Outlook for the web - GCC July, GCCH & DoD August
Teams
Microsoft Defender for Endpoint Plan 2 included in Microsoft Teams Rooms Pro licenses – GCC & GCCH
BlueJeans meetings can be joined from Microsoft Teams Rooms on Windows via Direct Guest Join
Purview
Label footers enhancement for emails
eDiscovery (Premium): Guest reviewer
Defender
Unified RBAC for Defender
References and Information Resources |
Microsoft 365 Public Roadmap
This link is filtered to show GCC, GCC High and DOD specific items. For more general information uncheck these boxes under “Cloud Instance”.
Stay on top of Microsoft 365 changes
Here are a few ways that you can stay on top of the Office 365 updates in your organization.
Microsoft Tech Community for Public Sector
Your community for discussion surrounding the public sector, local and state governments.
Microsoft 365 for US Government Service Descriptions
· Office 365 Platform (GCC, GCCH, DoD)
· Office 365 U.S. Government GCC High endpoints
· Office 365 U.S. Government DoD endpoints
· Microsoft Purview (GCC, GCCH, DoD)
· Enterprise Mobility & Security (GCC, GCCH, DoD)
· Microsoft Defender for Endpoint (GCC, GCCH, DoD)
· Microsoft Defender for Cloud Apps Security (GCC, GCCH, DoD)
· Microsoft Defender for Identity Security (GCC, GCCH, DoD)
· Azure Information Protection Premium
· Exchange Online (GCC, GCCH, DoD)
· Office 365 Government (GCC, GCCH, DoD)
· Power Automate US Government (GCC, GCCH, DoD)
· Outlook Mobile (GCC, GCCH, DoD)
Be a Learn-it-All |
|
Public Sector Center of Expertise We bring together thought leadership and research relating to digital transformation and innovation in the public sector. We highlight the stories of public servants around the globe, while fostering a community of decision makers. Join us as we discover and share the learnings and achievements of public sector communities. |
|
|
Microsoft Teams for US Government Adoption Guide
|
|
|
 |
|
Message Center Highlights |
SharePoint Online
MC653734 — (Updated) SharePoint: User experience and Image Coherence in SharePoint Online (SPO)
>60 Days
Updated July 26, 2023: We have updated the content below to show as intended. We apologize for any inconvenience.
We are currently working to improve user experience by providing a coherent profile photo experience across Microsoft 365. This primarily impacts those users of SharePoint online (SPO) who neither have an exchange license nor are using Delve for uploading images. This may also impact a small number of SPO admin who upload the user profile image on behalf of the end users.
When this will happen:
We will begin rolling out this change in mid-August 2023 and expect to complete by late March 2024.
How this affects your organization:
Currently, for users who do not have an Exchange License and have uploaded multiple different images across different apps in Microsoft 365, it is likely that SPO displays images uploaded locally in SPO which will be different from User Profile images in other Microsoft 365 apps.
To ensure that the same image is available across all Microsoft 365 experiences, going forward, SPO will display images sourced via MS Graph endpoint from Microsoft People System (MPS). This implies that the image uploaded via other apps in Microsoft 365 will take precedence and get displayed in SPO instead of the locally available image in SharePoint. There is no action required from users at this point.
For users with Exchange licenses there is no functional change.
To ensure profile coherence, we will disable local uploads from SPO to mysite host and instead enable centralized uploads to Microsoft People System (MPS).
What you can do to prepare:
For all users identified above: The profile image will no longer be edited/uploaded through SPO “Edit Profile UI” experience or through “Person Immersive” UI experiences. Instead, all such users would be requested to use the “Universal Me” control available on top right corner of the SharePoint Home page for uploading images. Alternatively, they can also use Delve to upload profile images.
For SPO admins: Admins who upload the user profile image on behalf of the end users will no longer be able to upload images via SPO Admin Centre. Instead, all SPO admins will be requested to upload user profile images via MAC Admin Centre or AAD admin center.
We are providing an early heads-up to ensure our customers have sufficient time to adapt to upcoming changes as we will not be able to grant any extension for this change.
MC650415 — SharePoint: New site creation experience
30-60 Days
Microsoft 365 Roadmap ID 141819
With this update, you will choose a site template based on your scenario to get started creating your site. When choosing a template you can see its capabilities, and even see a preview. This change will help site owners through the process by simplifying and providing additional guidance while creating the site.
As a part of this update, several site templates have been renamed to clarify their purpose and simplify the selection of a template as a part of the site creation process.
Standard team – the new name for the default team site template (formerly “team collaboration”).
Standard communication – the new name for the default communication site template (formerly “Topic”).
Training course – the new name for the template used to present training courses (formerly “Training and courses”).
Training design team – the new name for the template used by teams while developing training (formerly “Training and development team”).
We are also updating the content in several of our site templates with this update. This includes content updates to the following templates: Organization home, Event, Human resources, Volunteer center, and Crisis management.
To make template selection easier, we have updated the site template gallery to include a full visual preview, a list of site capabilities, and a list of pages and other features that come with each template.
Site Creation: Site template details
Site Creation: Site template preview
Site Creation: Set site properties
When this will happen:
Targeted Release: We will begin rolling out will begin rolling out in Late July
Standard Release: We will begin rolling out in mid-August to complete by early September.
How this will affect your organization:
With this update, all users who create sites will experience the new site creation process. Both the end-user and administrator experiences now include the selection of a site template as a part of the site creation process.
Site administrator site creation
As a part of this update, several site templates have been renamed to clarify their purpose and simplify the selection of a template as a part of the site creation process.
Standard team – the new name for the default team site template (formerly “team collaboration”).
Standard communication – the new name for the default communication site template (formerly “Topic”).
Training course – the new name for the template used to present training courses (formerly “Training and courses”).
Training design team – the new name for the template used by teams while developing training (formerly “Training and development team”).
We are also updating the content in several of our site templates with this update. This includes content updates to the following templates: Organization home, Event, Human resources, Volunteer center, and Crisis management.
There are no further customizations to the site creation experience and if you have disabled self-service site creation this will not impact your users. Only users and administrators who create sites will interact with this updated site creation experience.
What you need to do to prepare:
There are no actions needed to prepare for this update. If you use self-service site creation in your organization, you should consider educating or informing your organization of these upcoming updates.
MC600726 — (Updated) Microsoft Lists User Experience Update
>60 Days
Microsoft 365 Roadmap ID 124867
Updated July 18, 2023: We have updated the content below with additional information. Thank you for your patience.
This update improves the overall performance of Microsoft Lists and introduces new features, including the ability to add ratings to any list, drag and/or paste images directly into a list, see who is collaborating with you in real-time, switch views by clicking tabs, view date/time values in your preferred date settings and timezone, and more.
When this will happen:
Targeted Release: We will begin rollout in late July 2023 (previously mid-July) and expect to complete rollout by early August 2023 (previously late July).
Standard Release: We will begin rollout in early August 2023 (previously late July) and expect to complete rollout by early October 2023 (previously late September).
Note: Some users may see this feature before others in your organization.
How this will affect your organization:
Users in affected tenants will see Lists feature updates as described in this blog post. These improvements will reach all Lists, except those that have been configured with the following features:
SharePoint Framework extensions
PowerApps forms
Approvals
The Playlist template
Lists that are using these features will not receive the new user experience with this feature rollout. Future rollouts will bring support for Lists that are using these features.
Lists with the new experience will always open inside the Lists app, whether those lists are opened from Lists Home, a sharing link, a direct link, or a link in SharePoint navigation. This means SharePoint site elements like the header and left navigation will not be shown on initial load. There are two ways to show these site elements in a List:
Users can click the “Open in Site” button in the upper right corner of the list. This causes the List to reload inside the parent SharePoint site with those site elements visible on the page.
Admins can set a property on a site collection to make all lists in that site collection always load with the site elements intact. This property is called ListsShowHeaderAndNavigation. This an example PowerShell cmdlet that will set this property for a site given its URL: Set-SPOSite -Identity https://contoso.sharepoint.com/sites/site1 -ListsShowHeaderAndNavigation $true
Site owners can navigate to the Navigation Elements settings page and configure a new setting called “Lists in Sites.” This setting causes navigation links to lists in that site collection to always open inside the parent SharePoint site.
What you need to do to prepare:
You don’t need to do anything to prepare for this change.
The ListsShowHeaderAndNavigation setting is currently available if you wish to proactively set this setting to prepare for this rollout. Doing so will mean that lists inside those sites will always be shown with SharePoint site elements like the header and left navigation.
MC531214 — (Updated) SharePoint: Improving the Page Authoring Experience
<30 Days
Microsoft 365 Roadmap ID 117376 and 117377
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are releasing new improvements to the Page authoring experience in SharePoint. These new improvements should help reduce clutter, increase productivity, and add more value for users when editing a page.
When this will happen:
We will begin rolling out in late-March and expect to complete rollout by late August 2023 (previously late June).
How this will affect your organization:
The new updates will include:
Surfacing the layout options in the web part toolbars, including in Quick Links, Events, People, Hero, News, and Title Region
Moving the “add section” action to be inline on canvas and visible on hover
Introducing a consolidated and enhanced Image web part toolbar
Adding new text overlay capabilities in the Image web part, such as the ability to change positions, text size and styling, text box color and opacity, and image overlay color and transparency.
What you need to do to prepare:
There is nothing you need to do at this time.
MC564196 — (Updated) Microsoft Stream: Playlist View in SharePoint List Webpart
<30 Days
Microsoft 365 Roadmap ID 124808
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Users can soon select a playlist to be displayed in the list webpart in the full-blown playlist view along with video playback.
When this will happen:
Standard Release: We will begin rolling out in early June 2023 and expect to complete rollout by late August 2023 (previously late July).
How this will affect your organization:
Users will be able to select a playlist from the list picker while configuring the list webpart.
Users will be able to see the full-blown playlist view as the default view for playlists.
What you need to do to prepare:
There is no action required at this time, this change will be enabled automatically.
MC561187 — (Updated) Stream Classic webpart retirement and new Stream (on SharePoint) webpart availability
<30 Days
Microsoft 365 Roadmap: 124800
Updated July 13, 2023: We have updated the timeline below. Thank you for your patience.
This is an important message for customers who use the Stream (Classic) webpart to add videos to SharePoint Pages and news posts. Microsoft will retire the Stream (Classic) webpart on Aug 15, 2023 and it will no longer be available for use after this date. The Stream (Classic) webpart will be replaced by the new Stream (on SharePoint) webpart.
When this will happen:
The Stream (Classic) webpart will be retired on August 15, 2023.
The Stream (on SharePoint) webpart will begin its general availability roll out in mid-August (previously mid-June), and we expect the rollout to complete by mid-September (previously mid-July).
How this will affect your organization:
Your organization will not be able to use Stream (Classic) webpart after August 15, 2023.
All SharePoint pages and news posts that were built using Stream (Classic) webpart with single video as a source will continue to play your videos until February 2025.
After your organization migrates video content to Stream (on SharePoint), single videos configured on the Stream Classic webpart continues to play inline while channels configured on the webpart is replaced by a button that redirects to the migrated folder location.
If you would like to publish videos from Stream (on SharePoint) on SharePoint Pages, you can currently use video eligible webparts such as “File and Media”, “Hero”, “Highlighted content” and “List” webparts. Additionally, you will be able to use the new Stream (on SharePoint) webpart when it becomes available.
For re-publishing Stream Classic webpart videos post migration, users will have to manually do so using the share URL via above mentioned webparts.
What you can do to prepare:
Please follow this documentation for detailed timelines and video publishing guidance on the new Stream: Stream (Classic) web part transition plan & new Stream Webpart
OneDrive for Business
MC660614 — Updated Experience for Office Document Conflict Resolution in OneDrive Sync
<30 Days
We have updated the experience to resolve Office document conflicts in the OneDrive sync app.
Previously, clicking the “Resolve” action on a conflict would require the user to choose between opening the file in the Office desktop app to merge changes or keeping both versions of the file (forking the document and appending the computer’s name to the forked file). After this change, the user can only open the document with a conflict in Office to merge the changes. The option to fork the document will be removed.
When this will happen:
We will begin rolling out to the Production ring across Windows and macOS in early August 2023 and expect to complete rollout by late August 2023.
How this will affect your organization:
Users will no longer be able to keep both documents and must open the changes in the corresponding Office desktop app to fix the sync conflict.
What you need to do to prepare:
No action is required at this time. If you have documentation that describes fixing sync conflicts by forking the document, you will need to update it to reflect the change.
MC626577 — (Updated) OneDrive Sync Account Detection
<30 Days
Microsoft 365 Roadmap ID 146851
Updated July 28, 2023: We have updated the rollout timing below. Thank you for your patience.
In the past Windows Business users could add a consumer account to Windows to use within various apps. Users could use this Consumer account to configure syncing their OneDrive consumer files via the OneDrive sync client. This summer the OneDrive Sync client will start prompting Business users if they’d like to sync their Consumer files using a detected Microsoft Consumer account known to Windows.
When this will happen:
Minimum required version: 23.086
Insiders: We will begin rolling out early July 2023 and expect to complete by late July 2023.
Standard Release: We will begin rolling out early August 2023 and expect to complete by late August 2023
How this will affect your organization:
Consumer files will start syncing down to your user's devices IF they confirm this behavior in the prompts that the Sync client will give them.
What you need to do to prepare:
There is nothing you need to do to enable these prompts within your system
If you would like to disable these prompts there are two policies you can deploy
DisableNewAccountDetection (client version 23.063) will suppress these messages from being shown to your users, but still allow users to manually configure their Consumer accounts to sync their OneDrive Consumer files.
DisablePersonalSync will disable users from syncing their Consumer OneDrive files completely.
MC626572 — OneDrive: Color, font, and navigation changes in OneDrive for Web
<30 Days
Microsoft 365 Roadmap ID 146071 and 146068
We are introducing an improved left navigation in OneDrive for web and minor color, font, and icon changes to the user interface.
When this will happen:
Targeted Release (if applicable): We will begin rolling out in early to mid-July through the end of July.
Standard Release (if applicable): We will begin rolling out in the end of July through late August.
Note: Some users may see this feature before others in your organization.
How this will affect your organization:
With this update you will see the following changes:
The background of the web app is now grey instead of white
The Suite navigation on the app is also grey (no longer the standard blue)
A new left navigation with a "New" button for creating new content from anywhere within OneDrive
Upload file and Upload folder are within the "New button"
The new left nav can be expanded or collapsed!
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
MC565161 — (Updated) Relocating Sync Command in OneDrive's My Files view to Settings
<30 Days
Microsoft 365 Roadmap ID 124902
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are relocating the Sync command in OneDrive for Business Web for My Files. Currently the command is in the command bar, and we are moving it to the setting gear.
When this will happen:
Targeted Release: We will begin rolling out in early June and expect to complete rollout by mid-June.
Standard Release: We will begin rolling out mid-June 2023 and expect to complete rollout by mid-August 2023 (previously late July).
How this will affect your organization:
All functionality will remain the same for users, the only change is a new entry point for the command.
What you need to do to prepare:
There is no action required from you at this time. You may want to notify your users of this update. For additional information, please visit this page.
MC560718 — (Updated) OneDrive: Simplified Sharing
<30 Days
Microsoft 365 Roadmap ID 124933
Updated July 5, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are completely revamping the Sharing control to help you and your organization share more easily and confidently. You can focus on the people you want to share with and how you want to share with them. The link scope is always shown at the bottom of the dialog and can be modified at the top-right, under the settings gear, to best fit your scenarios prior to sharing with others. The copy link section now returns a quick success toast when the link successfully copied to clipboard. The ability to share to Outlook is still available for users who enabled it in the top menu.
When this will happen:
Targeted Release: We will begin rolling out late May and expect to complete by mid-July.
Standard Release: We will begin rolling out mid-July and expect to complete by late August (previously late June).
How this will affect your organization:
Users who interact with the OneDrive/SharePoint will be able to see this refreshed experience.
Note: Some users may see this feature before others in your organization.
What you need to do to prepare:
There is no action required from you at this time. We recommend making your users aware of this upcoming update.
MC559933 — (Updated) OneDrive: Restore files to original location when turning off folder backup
<30 Days
Updated July 18, 2023: We have updated the rollout timeline below. Thank you for your patience.
OneDrive: Restore files to original location when turning off folder backup.
This feature provides new functionality for users who turn off folder backup (also known as “PC folder backup” and “known folder move”). When users turn off folder backup, they will have the option to restore the files back to their original location. Note: when a folder contains files stored only in the cloud, those files will not be moved; they will remain in the cloud
When this will happen:
Standard Release: This is currently rolling out and will complete rolling out in mid-August 2023 (previously mid-July).
Note: Some users may see this feature before others in your organization.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.
Power Platform
MC663626 — Power BI Administrator is Renamed to Fabric Administrator
Rolled Out
On May 23, 2023, Microsoft unveiled Microsoft Fabric, which provides a Data Factory-powered data integration experience, Synapse-powered data engineering, data warehouse, data science, and real-time analytics experiences and business intelligence (BI) with Power BI—all hosted on a lake-centric SaaS solution. We centralized the tenant and capacity level administration for all these experiences in the Fabric Admin portal (previously known as the Power BI admin portal).
The Power BI Admin role is being renamed to Fabric administrator to align with the changing scope and responsibility of this role.
When this will happen:
This feature is now available.
How this will affect your organization:
All applications including Azure Active Directory, Microsoft Graph APIs, Microsoft 365, and GDAP will reflect the new role name. As a reminder, your application code and scripts shouldn’t make decisions based on role name or display name.
What you need to do to prepare:
There is nothing you need to do to prepare for this change. For more information on the Fabric admin role, please visit this documentation.
Learn more about Fabric in this link.
MC661206 — Power Platform - Creating, using, and adding Access Teams to a Solution
Rolled Out
We are happy to announce that you can now include Access Team templates in your solution. This allows you to export your access team templates from one environment and import it into another.
How does this affect me?
This feature is now generally available to use globally.
Access team template allows you to create teams of users who can access records of a certain table with specific access rights. For example, you can create an access team template for the account table and specify the Read, Write, and Share access rights on the record for the sales team. The sales team members are dynamically added to access the record on the account form.
These are system-generated access teams which are dynamically formed and dissolved. You can create multiple access teams templates with different access rights on a form, for example, you can have an access team with Read only access rights and another access team with Read, Write and Share access rights.
You no longer need to re-create the access team templates in your target environment when you include your access team templates in a solution and import it. You can now update all your solutions that contain Form customizations with access team templates to include your access team.
What do I need to do to prepare?
Inform your customizers and/or Makers that they can add access team templates in their solution, and review and update your existing solutions that contain Forms with access team template customizations.
You can also review the following resources for more information:
Create a team template and add to an entity form
Use access teams and owner teams to collaborate and share information (Microsoft Dataverse)
YouTube Video: How to create and use Access Team templates and add them to a Solution
MC649410 — Updates to Power Platform SKU Names
Rolled Out
On August 1, 2023, we will roll out minor changes to several of the Power Platform SKU names to better clarify the capabilities included in each SKU:
The Power Apps “Per User” SKU will be renamed to Power Apps “Premium per user.”
The Power Automate “Attended RPA per user” SKU will be renamed to Power Automate “Premium per user” and the price will be reduced from $40 per user/month to $15 per user/month.
The updated SKU names and reduced pricing will take effect August 1st, 2023 in the price list. There are no changes to the capabilities or service plans that are included in these SKUs.
How will this affect your organization:
If you are an existing customer of the Power Automate “Attended RPA per user” SKU, you will eligible to take advantage of the new pricing on your renewal date. If you are an existing customer of the Power Apps “Per User” SKU, your SKU name will be automatically updated in your Microsoft Agreement on August 1st, 2023.
Please reach out to your Microsoft representative if you have additional questions.
MC649343 — Dynamics 365 and Power Platform 2023 release wave 2 plans available now!
>60 Days
Today, we published the 2023 release wave 2 plans for Dynamics 365 and Microsoft Power Platform, which is a compilation of new capabilities that will be released between October 2023 through March 2024. The new features and enhancements provide you with significant capabilities to help transform your business using our applications.
What actions do I need to take?
You can use the Release planner to view and manage release plans across all active release waves in a unified and interactive interface, while giving them the option to personalize, filter, sort, and collaborate.
We’ve done this work to help you—our partners, customers, and users—drive the digital transformation of your business on your terms. Get ready to share your feedback in the community forum for Dynamics 365 or Power Platform.
MC630301 — Power Platform admin center - Changes to support request product list
Rolled Out
We are making changes to the product listing when creating a new support request in the Help + support page within the Power Platform admin center. Starting on April 7, 2023, this update will begin rolling out per our normal deployment schedule.
How will this affect me?
The following products, which were previously listed as problem subtypes under the Dynamics 365 Customer Engagement product, are now available in the primary product selection menu:
Dynamics 365 Sales
Dynamics 365 Marketing
Dynamics 365 Customer Service
Dynamics 365 Omnichannel for Customer Service
Microsoft Dataverse
Power Platform Administration
Note: This change will not have any functional impact on your license(s).
Microsoft Viva
MC662248 — Update Search Experience for Viva Connections
>60 Days
We are making some changes to the search experience in Viva Connections app to make it easier to search in Viva Connections.
When this will happen:
Standard Release: Rollout will begin in early August and is expected to be complete by late September.
GCC: Rollout will begin in late September and is expected to be complete by early October.
GCCH: Rollout will begin in early October and is expected to be complete by late October.
How this will affect your organization:
With the changes, when you use Viva Connections and click into the search box in Teams, you will start to see the text change to “Search in Viva Connections” (or the name you chose for your Viva Connections app). You will continue to get the same suggestions as before with chats, people, etc. and clicking these will continue to take you to the corresponding Teams experience.
As you type, you will notice that the search suggestions will show two new lines in the list that appears under the search box: first one (the default option) to search in Viva Connections, and the second one to search in the rest of Teams.
If you select enter (or choose the first suggestion), you will be taken to a workplace search experience similar to the one you might already experience on your intranet corporate portal. If you’d rather go to the search results page of Teams, choose the second suggestion.
What you need to do to prepare:
You may want to notify your users about this change in the search experience while in Viva Connections.
Note: These changes are rolling out first to the current version of Teams and will be coming to the "New Microsoft Teams App" in the coming months.
MC590126 — (Updated) Viva Insights Manager, Leader, and Advanced Insights Available for GCC
TBD
Microsoft 365 Roadmap ID 88843
Updated July 28, 2023: We are currently evaluating the rollout timing for this change and will communicate via Message center when we are ready to proceed. Thank you for your patience.
Premium Viva Insights capabilities will soon be available for Government Community Cloud environments.
When this will happen:
We are currently evaluating the rollout timing for this change and will communicate via Message center when we are ready to proceed.
How this will affect your organization:
In addition to the personal insights and experiences available with a Microsoft 365 subscription, users with a Viva Insights license will also have access to premium personal features available through the Viva Insights app in Microsoft Teams and on the web. Premium personal features which include additional time management features, shared plans, schedule send in Teams, and more - further enable individuals to build better work habits and improve their effectiveness at work. More details here: Personal insights in Viva Insights.
Manager and leader insights are available through the Viva Insights app in Teams and on the web provide visibility into work patterns that can lead to burnout and erode productivity. The metrics presented to managers and leaders have built-in safeguards to protect the privacy of individuals, like de-identification, aggregation, and differential privacy. More details here: Team and Organization insights.
The advanced insights app is used for deep-dive analysis. Viva Insights analysts can use flexible, out-of-the-box report templates as well as advanced tools to generate custom insights tailored to specific business challenges. More details here: Introduction to advanced insights.
The following controls will be available to IT Admins to configure the roll out:
Manager and leader insights and premium personal insights require a Viva Insights license for every user. Admins can assign Microsoft Viva Insights service plan to users or for specific groups in your organization to enable these enhanced experiences in Viva Insights app in Teams and on the web.
For advanced insights, every individual included in the analyzed population must be licensed and assigned the Microsoft Viva Insights service plan. Admins can set up advanced insights using these instructions: Microsoft Viva Advanced Insights setup.
What you need to do to prepare:
Review and assess the impact for your organization. Consider updating documentation as appropriate.
Microsoft Teams
MC662254 — Microsoft Teams: Shared Device License on Mobile App for Android
30-60 Days
Microsoft 365 Roadmap ID 126706
We are pleased to announce that we will soon support the Microsoft Teams Shared Device license on the Teams Android mobile application. The Teams Shared Device license offers a shared identity-based , common area phone experience, including basic and advanced calling, people search, voicemail and walkie talkie.
When this will happen:
Preview: Rollout will be complete by early August 2023.
Standard Release: Rollout will begin in late August 2023 and is expected to be complete by early September 2023.
GCC: Rollout will begin in late August 2023 and is expected to be complete by early September 2023.
How this will affect your organization:
This feature will enable Android phones to be set up as shared devices. Walkie Talkie, call queues, auto attendants, cloud voicemail, call park and all other calling features currently supported on common area phones will be available through the Teams Android app.
What you need to do to prepare:
We will share an update once we start rolling out the feature to all customers. Please ensure your Teams Android mobile application is updated with the latest version after the feature is released. No further action is required from your end currently. For more information, please visit this documentation.
MC661825 — (Updated) Microsoft Teams: On-Demand Recording Feature in Webinars
30-60 Days
Microsoft 365 Roadmap ID 123052
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Organizers can soon publish the recording of their webinars and automatically send an update to their attendees, in which they will receive a link to watch the on-demand recording hosted on their event page.
When this will happen:
We will begin rolling out in late September 2023 (previously late August) and expect to complete rollout by late October (previously late September).
How this will affect your organization:
The organizer would have the ability to pre-approve the recording prior to publishing it for attendees to view. This provides the opportunity for the organizer to either publish the default recorded event or upload their own custom video from their personal OneDrive.
Additionally, the organizer can also customize and preview the attendee notification prior to sending it out. Once sent, the attendees would then receive a link in their event invite and email to watch the on-demand recording on the event page.
What you need to do to prepare:
Tenant admins may need to apply the following policy changes to allow publishing of recordings:
Policy property will be under: CSTeamsEventsPolicy
Policy Property name:
AllowedWebinarTypesForRecordingPublish
Policy Values:
None
InviteOnly
EveryoneInCompanyIncludingGuests
Everyone
MC661228 — Join third-party meetings from Teams
30-60 Days
Microsoft 365 Roadmap ID 138139
When a third-party meeting is created from Outlook or OWA, participants of the meeting will now be able to Join the meeting directly from Microsoft Teams. The participants will see "Join" button on the Teams calendar events card and in the meeting details page. On clicking on the Join button, the link will route the users to the browser or the third-party application to join the meeting. This experience will be available on both mobile and desktop.
When this will happen:
Preview: We will begin rolling out late August 2023 and expect to complete by early September 2023.
How this will affect your organization:
This will impact all Teams users who attend and organize third party meetings from Outlook.
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
MC661224 — Channel meeting invitation | Allow organizer to send a channel meeting invite to everyone in team
<30 Days
Microsoft 365 Roadmap ID 142405
Channel meeting invitations will now allow channel meeting organizers the ability to share invites on personal calendars of all channel members.
When this will happen:
Standard Release: We will begin rolling out in early August, expected completion by mid-August.
How this will affect your organization:
Often, channel meetings get missed since users are not appropriately notified about them. With the added enhancement, meeting organizers can turn a toggle button on the scheduling form when scheduling a channel meeting. Once the toggle is turned on and meeting is saved, all channel members will be notified of the meeting on their main work calendar.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.
MC660071 — Microsoft Teams: Front Row AI (artificial intelligence) enhancements for Teams Rooms on Windows
30-60 Days
Microsoft 365 Roadmap IDs 95267 and 122554
The latest version of Teams Rooms on Windows app 4.18 update includes Front Row AI enhancements including:
Front row gallery improvement – video segmentation with a unified background
Spatial audio on the front row
When this will happen:
We will begin rolling out in mid-August and expect to complete rollout by late September.
How this will affect your organization:
Front Row gallery improvement – video segmentation with a unified background:
Using Microsoft AI, the front row layout removes individual backgrounds, adjusts video participant’s size, and applies a unified background for remote participants to make them appear as if they are in the same room. This removes distractions and provides in-room meeting participants with better connection to remote participants in Teams meetings.
This feature is turned ON by default for the Teams Rooms on Windows devices with 4 cores or higher CPUs. Devices with lower processing capability will optimize for audio and video quality and will not enable this feature. Room admins can turn this feature ON or OFF via XML and end user control is also provided in the layout switcher during a Teams meeting. Please find more details on the Microsoft Learn documentation that will be included in the release notes for Teams Rooms on Windows 4.18.
Spatial audio in the Front Row experience:
Spatial Audio in Teams Rooms on Windows brings next-generation audio to the Front Row experience when connected to stereo speakers. This intelligent audio technology delivers a more natural and inclusive experience for in-room participants by playing audio from channel closer to physical location of remote participants on Front row layout, making it feel like remote people are in the room with them and reducing meeting fatigue.
You can achieve the best spatial audio experience with Teams-certified stereo speakers and by following guidance on designing a Signature Teams Room. The list of certified speakers will be documented, and the release notes will include the link to relevant documentation.
The feature is turned OFF by default. To enable the feature, use the following XML:
<SkypeSettings> ;
<IsSpatialAudioEnabled>true</IsSpatialAudioEnabled>;
</SkypeSettings> ;
Once the feature is enabled, you can also turn it ON or OFF using the audio setting under … (More) menu during a meeting. This toggle affects every meeting joining from the device.
What you need to do to prepare:
Please notify your users about this new experience and update your training and documentation as appropriate.
MC649939 — (Updated) Join Microsoft Teams Meetings by a Meeting ID and Passcode – GCCH & DoD
>60 Days
Microsoft 365 Roadmap ID 94620
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Teams users will soon be able to join meetings by Meeting ID. This release of Microsoft Teams Meeting ID will be rolling out across Microsoft Teams Desktop, Mobile and Web and will provide an additional way for users to join a Microsoft Teams meeting by entering a digital ID and Passcode.
When this will happen:
GCC-H: We will begin rolling out in mid-September 2023 (previously late August) and expect to complete rollout by early October 2023 (previously mid-September).
DoD: We will begin rolling out in late September 2023 (previously early September) and expect to complete rollout by late October 2023 (previously late September).
How this will affect your organization:
All meetings will have a Meeting ID and passcode that is automatically assigned to a Microsoft Teams user and added to the meeting invite under the meeting link. Meeting attendees can join the meeting by entering the Meeting ID. For all meeting attendees, the pre-join, lobby and security will remain the same.
To join a meeting by ID in Outlook, you can find the meeting details section in the meeting invite in Outlook in the details for Meeting ID and Passcode. You can enter this Meeting ID and Passcode on the Teams app or the Website to join the meeting.
To join a meeting by ID on Teams desktop, you can enter a Meeting ID and Passcode to join the meeting from the Calendar in the Teams app. You will see the option to join meeting by ID in the top right corner of the calendar.
To join a meeting by ID from a Web Page, we are introducing a public web page where users can enter the Meeting ID and Passcode for any meeting to initiate a meeting join.
To join a meeting by ID on mobile for both iOS and Android, you can enter a Meeting ID and Passcode using the meet icon in the top right corner of the Calendar in the Teams app.
What you need to do to prepare:
You may want to notify your users about this new capability to join meetings and update your training and documentation as appropriate. Meeting ID and Passcode can be used on the app and Teams website link to join a meeting. There will continue to be individual separate sections for existing Video conferencing ID and Dial in by Phone, which are independent of Meeting ID.
MC649926 — Microsoft Teams: 1000 Channels per Team
30-60 Days
Microsoft 365 Roadmap ID 127496
Microsoft Teams channel limits are soon increasing to 1000 channels per team. Users will be able to create any combination of standard and shared channels, plus up to 30 private channels, for a total of 1000 per team, allowing for even more collaboration and organization within your team.
When this will happen:
Preview: We will begin rolling out in late July and expect to complete rollout by early August.
Standard and GCC: We will begin rolling out in mid-August and expect to complete rollout by late August.
GCCH and DoD: We will begin rolling out in mid-September and expect to complete rollout by late September.
How this will affect your organization:
The current 200 standard and 200 shared channel limits are changing to a combined increased channel limit, allowing teams to have greater flexibility when creating a new channel. Teams will be able to create any combination of standard and shared channels up to a total of 1000—including up to 30 private channels per team.
What you need to do to prepare:
No preparation is needed. Organizations will be enabled for the increased channel limits as part of this rollout.
MC649917 — Microsoft Teams: Stream Preview and Playback in Teams Chat and Channels
<30 Days
Microsoft 365 Roadmap ID 127596
Users can preview and play Stream videos directly in Teams Chat and Channel without having to open them in a browser and going to Stream.
When this will happen:
We will begin rolling out in late July and is expect to complete rollout by late August.
How this will affect your organization:
Stream videos that are saved in OneDrive and SharePoint are now embedded in chat and channels enabling users to preview and play them directly in Teams without the need to open a browser window.
What you need to do to prepare:
There is nothing required from you at this time. You may want to notify your users and update any relevant training documentation as appropriate.
MC649047 — Call delegation feature enhancements
30-60 Days
Microsoft 365 Roadmap ID 123753
Call delegation feature enhancements -
Delivering a more tailored experience for delegates and delegators with a refreshed, simplified UI in the Calls app, and the ability for delegates and delegators to join active calls, if permitted.
When this will happen:
Standard Release: We will begin rolling out mid-August and expect to complete by late September for Teams Desktop and Teams Phone devices.
How this will affect your organization:
After this change users will notice a new UI experience for delegation, if permitted they will be able to join active calls on the delegator line.
What you can do to prepare:
If you use boss delegation in your tenant, you can review the permissions for delegates. Join active calls is OFF by default for delegates, delegators do not need permission to join active calls on their line.
Please ensure that your Teams phone devices are updated with the latest application from Teams Admin Centre to get access to the feature.
MC644068 — Teams Cross Cloud Guest Access Public Preview
Rolled Out
Microsoft 365 Roadmap ID 145459
Cross Cloud Guest Access (CCGA) extends existing Guest Access functionality allowing a user to participate in rich collaboration experiences in teams, channels, documents and Teams meetings between tenants across Microsoft clouds. Guests are able to participate in a full collaboration experience including audio/video, screen share, file share and both 1:1 and 1: many chats. These features are enabled through the Azure Active Directory B2B feature and the newly released Cross Tenant Access Settings. When combined tenants can enable trusts between tenants and between Microsoft clouds.
When this will happen:
Preview: This rollout is currently underway and is expected to complete by late July.
How this will affect your organization:
This change only impacts your organization if there are configured cross tenant access settings between tenants in different Microsoft clouds and Teams Guest Access is enabled. Once configured users will be able to invite new guests and add guests from another cloud to Teams using the same procedures they use today for guests in the same cloud.
Any compliance controls, identity governance or other management tooling used today to manage same cloud B2B Guests may need to be reviewed, updated or extended to include support for B2B guests from another Microsoft cloud. Azure Active Directory Identity Governance has already been updated to fully support management of B2B guest from other Microsoft clouds.
What you need to do to prepare:
If you are interested in using this feature, familiarize yourself with Azure Active Directory B2B, Cross Tenant Access Settings, Identity Governance and Teams Guest Access.
Client machines running Windows 10 must have KB5027293 installed.
Client machines running Windows 11 must have KB5027303 installed.
The following minimum client versions are required:
Windows Desktop Client: 1.6.00.4472
Mac Desktop Client: 1.6.00.4464
Android Client: 1416/1.0.0.2023121301
iOS Client: 5.12.0
Customers who apply strict firewall rules for access to M365 resources should review their existing rules to ensure communication with other Microsoft clouds has been enabled. IP address information for the various Microsoft clouds can be found here: Microsoft 365 endpoints - Microsoft 365 Enterprise | Microsoft Learn
MC644065 — Teams Cross Cloud Authenticated Meetings
Rolled Out
Microsoft 365 Roadmap ID 145460
Cross-cloud authenticated meeting join (CCM) delivers the ability for a Teams user to join a meeting hosted in another cloud while signed into their account in their home tenant. This feature provides the meeting host the ability to validate the identities of meeting participants without granting those participants any access to the host tenant.
When this will happen:
Preview: This rollout is currently underway and is expected to complete by late July.
How this will affect your organization:
This change only impacts your organization if there are configured cross tenant access settings between tenants in different Microsoft clouds and Teams Cross Cloud Meeting join is enabled for inbound and/or outbound connections. Once configured users will be able to join meetings hosted in different Microsoft clouds as authenticated users by signing in to their home tenant.
What you need to do to prepare:
If you are interested in using this feature, familiarize yourself with Azure Active Directory B2B and Cross Tenant Access Settings.
Client machines running Windows 10 must have KB5027293 installed.
Client machines running Windows 11 must have KB5027303 installed.
The following minimum client versions are required:
Windows Desktop Client: 1.6.00.4472
Mac Desktop Client: 1.6.00.4464
Android Client: 1416/1.0.0.2023121301
iOS Client: 5.12.0
Customers who apply strict firewall rules for access to M365 resources should review their existing rules to ensure communication with other Microsoft clouds has been enabled. IP address information for the various Microsoft clouds can be found here: Microsoft 365 endpoints - Microsoft 365 Enterprise | Microsoft Learn
MC642270 — (Updated) Enable 2nd video stream for Teams Content Camera on Desktop feature
>60 Days
Microsoft 365 Roadmap ID 118580
Updated July 28, 2023: We have updated the rollout timing below. Thank you for your patience.
Users will be able to enable a second video stream to support both their Personal Video and Teams Content Camera on Desktop.
When this will happen:
Standard Release: Rollout has begun and expect to complete by mid-October 2023 (previously mid-August).
How this will affect your organization:
When enabling the Teams Content Camera on Desktop feature, the Personal Video is expected to be maintained so long that the user selects a separate Camera to support the two video streams.
What you need to do to prepare:
You may consider updating your training and documentation as appropriate.
MC642265 — Cloud IntelliFrame: A New Way to See People in Teams Rooms
<30 Days
Microsoft 365 Roadmap ID 130219
Cloud IntelliFrame is a new experience that allows online meeting attendees to see people in Teams Rooms more clearly, enhancing the hybrid meeting experience by creating smart video feeds of in-room participants. The smart video feed is created by zooming into their faces and eliminating distractions. You can see the expressions and gestures of the people in the room more easily, which will help improve collaboration in hybrid meetings. It creates equity in hybrid meetings as everyone can be seen and heard.
Cloud IntelliFrame will be rolling out across Microsoft Teams Rooms on Windows with Pro license and can be viewed on Microsoft Teams Desktop (Windows & Mac) with any license.
When this will happen:
Standard Release: We will begin rolling out to commercial tenants in mid-August and expect to complete rollout by early September.
GCC and GCCH will begin rollout by mid-August.
This experience is not available for DoD.
How this will affect your organization:
All Microsoft Teams Rooms on Windows with a Pro license equipped with cameras in the supported camera list will automatically opt-in to Cloud IntelliFrame. Online participants on Microsoft Teams Desktop (Windows and Mac) will see the IntelliFrame video feed by default from Rooms with these cameras.
An icon on the top right of the Room video feed indicates that Cloud IntelliFrame is being displayed.
People in the Room can disable IntelliFrame by using in-meeting settings on the console. This turns off IntelliFrame and switches back to standard view for the Room. All online attendees would then see the standard view from the respective Room.
People on Teams Desktop can also toggle IntelliFrame on/off by right clicking on the Room video tile and selecting ‘Turn off IntelliFrame’. This switches off the IntelliFrame view just on their Teams client.
The following camera models when deployed in a Microsoft Teams Room on Windows with a Pro license will automatically use Cloud IntelliFrame:
AVer CAM520 Pro
AVer CAM520 Pro2
BRIO 4K Stream Edition
EagleEye Cube USB
HD Pro Webcam C920
Jabra PanaCast
Logi Rally Camera
Logitech BRIO
Logitech ConferenceCam CC3000e
Logitech MeetUp
Logitech Webcam C925e
Logitech Webcam C930e
Microsoft® LifeCam Studio
Polycom EagleEye IV USB Camera
PTZ Pro 2
PTZ Pro Camera
ThinkSmart Cam
Yealink UVC30
Yealink UVC34
Yealink UVC50
Yealink UVC80
Yealink UVC86
What you need to do to prepare:
You may want to notify your users about this capability. Cloud IntelliFrame shows the smart feed when there are 9 or less people in the room. It automatically switches between the standard room view and IntelliFrame view based on in-room activity. For example, if someone enters the meeting room, the view would automatically switch to standard room view until the individual settles down.
Cloud IntelliFrame is ideal for focus rooms and medium spaces. Large spaces may not be ideal as people furthest from the camera may appear blurry after digital zoom. You may also want to switch off Cloud IntelliFrame in Rooms with glass walls without any privacy filter.
To switch off Cloud IntelliFrame in a room:
Follow this guide to create an XML configuration file
Add the following element: <CloudIntelliFrame>False</CloudIntelliFrame>
Restart the console to process the configuration changes.
MC638138 — Microsoft Teams: Pin / Favorite Channels on Teams Walkie Talkie
<30 Days
Microsoft 365 Roadmap ID 99943
Teams Walkie is enabling users to pin/favorite up to five channels on the Microsoft Teams Walkie Talkie Home Page. Users can easily switch in between the favorited channels with a single tap going forward.
When this will happen:
Preview: We will begin rolling out in mid-July and expect to complete rollout by early August.
Targeted Release: We will begin rolling out in mid-July and expect to complete rollout by early August.
Standard release: We will begin rolling out in early August and expect to complete rollout by late August.
How this will affect your organization:
Users collaborating on Microsoft Teams Walkie Talkie will be able to favorite up to five channels to the Walkie Talkie Home Screen and switch between these channels with a single click. Users will also receive a visual alert on the pin channels when a secondary channel is communicating.
What you need to do to prepare:
No action is expected from tenant admins at this time to enable the feature. Tenant admins should inform their users in their organization of this update. For additional information, please visit this documentation.
MC638135 — Limiting public webinar attendee joins to three concurrent devices
<30 Days
Microsoft 365 Roadmap ID 147098
Currently in public webinars, an attendee can use their registration link to join and be present in a webinar with any number of devices. For public webinars, there is also a possibility for that attendee to forward their registration link to others who have not registered and have them join with the registered attendee’s join link. With this new update, only 3 concurrent join instances can be present in a webinar using the same registration join link. This means that attendees can now use only up to three devices to participate in a webinar.
When this will happen:
Standard Release: We will begin rolling out early August and expect to complete by mid-August.
How this will affect your organization:
Public webinars will now have a restriction on how many devices can actively be in a webinar using the same link.
What you need to do to prepare:
We recommend informing your organization on this update and encouraging public webinar participants to keep their join links safe and not to share or forward them.
MC635983 — Dynamic Emergency Calling on Teams Web
Rolled Out
We will be enabling Dynamic Emergency calling support for Teams Web. This will allow users to manually add an address on the web client before dialing the 911 call. Since this is critical functionality, we will be releasing this functionality as soon as possible.
When this will happen:
Standard: We will begin rolling out early July and expect to complete by mid-July.
Gov. Clouds: We will begin rolling out in August.
How this will affect your organization:
Users will be able to add an emergency address manually in Teams web client.
What you can do to prepare:
You may consider updating your training and documentation as appropriate.
MC602596 — (Updated) Microsoft Teams Panels Update
30-60 Days
Microsoft 365 Roadmap ID 129366
Updated July 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
With this update, Teams Panels will support reserving a room using a QR code. This feature lets Microsoft Teams users book a room for meetings now, in the future, or add the room to an existing meeting by scanning a QR code on the scheduling panel and using the Teams app on their Android or iOS mobile phones.
All Teams Panels will have a QR code shown in the top left of the home screen. Panels users can either schedule a new meeting with the room pre-populated for them or easily see the room’s availability for their meetings and book the room with one click.
When this will happen:
Rollout is expected to begin in late August 2023 (previously early August) and is expected to be complete by late September 2023 (previously early September).
How this will affect your organization:
In order to access this feature, be sure to have the most up-to-date release of Teams Panels from Teams Admin Center, a Teams Rooms Pro or Teams Shared Devices license assigned to the account on the Panel, and check that your users have access to the latest version of the Teams app on their mobile phones.
Please note the following:
External tenants are currently not able to use this feature.
This feature will ship default "ON".
You can disable this feature on Teams Panels under Settings > Device settings > Teams Admin Settings > Meetings.
To reserve the room:
Users need to scan the QR code using their mobile phone.
In the Teams app on their mobile phone, users should select if they’d like to ‘Schedule a new meeting’ or ‘Reserve for existing meeting’.
If the user schedules a new meeting, the room will be auto added as the location of the meeting. Users can then fill out the other meeting details.
If the user selects to reserve the room for an existing meeting that is happening between now and midnight the next day, they will be able to see whether the room is available or booked at those times and can reserve with one click.
What you need to do to prepare:
To prepare for this incoming feature, we strongly recommend communicating this new feature to your users and share instructions if needed.
A recommended scanner for this feature is the mobile system/OS scanner on mobile phones. However, for Android, the scanning may not work if your users have both work and personal profiles on their Android phones. In this case, users will need to add mobile system/OS scanner in the work profile. To do that, follow the steps below:
In Intune go to Apps -> Android and add
Select Android enterprise system app
Enter type of Android phone and Google and paste OS camera package name
Assign to user / group of users
MC591878 — (Updated) Introducing "Microsoft Default" setting to Teams Tag Management Settings
<30 Days
Microsoft 365 Roadmap ID 88318
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are introducing a Microsoft Default setting to Teams Tag Management settings in Teams Admin Center.
If you have already explicitly made a selection to your Tag Management settings your tenant will not be affected by this change.
If you have not made changes to Tag Management settings, Microsoft Default settings will apply for your tenant. Microsoft Default settings currently map to "Team Owners" value but is subject to change in the future.
As Admin, please set tag management settings to reflect tenant-level preference. Select “Team Owners” to keep tag management limited to Team Owners, or select “Team owners and members” to allow all team members to create and edit tags.
In Teams client, users will still see the same options as they do today: "Team Owners" and "Team owners and members".
When this will happen:
Preview: We will begin rolling out late June 2023 and expect to complete by late July 2023 (previously mid-July).
Targeted Release: We will begin rolling out early July 2023 and expect to complete by early August 2023 (previously mid-July).
Standard Release: We will begin rolling out mid-July 2023 (previously early July) and expect to complete by early August 2023 (previously mid-July).
How this will affect your organization:
If you have already explicitly made a selection to your Tag Management settings your tenant will not be affected by this change.
If you have not made changes to Tag Management settings, Microsoft Default settings will apply for your tenant. Microsoft Default settings currently map to "Team Owners" value but is subject to change in the future.
If you are an EDU tenant, non-owner students cannot manage tags as long as the Tenant level settings is Team Owners or Microsoft Default. We will continue to respect explicit and preferred tenant settings over Microsoft Default settings. Select your preferred tag management setting for your tenant to ensure you are not impacted by future changes.
What you need to do to prepare:
As tenant Admin, please change your tag management settings to your preferred setting. Here are some steps you can take:
Sign in to Microsoft Teams admin center at https://admins.teams.microsoft.com.
In the left navigation pane under Teams section, select Teams settings
Under Tagging section, select your preference for "Who can manage tags"
MC579612 — (Updated) Admin Policy for Collaborative Annotations
<30 Days
Microsoft 365 Roadmap ID 92502
Updated July 28, 2023: We have updated the rollout timeline below. Thank you for your patience.
With privacy and security restrictions, we have implemented a user-level IT admin policy for admins to choose whether some or all users in the company can use Collaborative Annotations. Currently, there is a way to turn Annotations ON or OFF through cmdlet Set-SPOTenant-IsWBFluidEnabled, this will also influence Whiteboard.
When this will happen:
We will begin rolling out in mid-August 2023 (previously mid-June) and expect to complete rollout by late August 2023 (previously late July).
How this will affect your organization:
IT admins will be able to turn ON or OFF Collaborative Annotations from the Teams admin center in Meetings --> Meeting policies.
What you need to do to prepare:
There is nothing you need to do to prepare.
MC567496 — (Updated) Introducing Dark Mode in Teams Admin Center
Rolled Out
Updated July 5, 2023: We have updated the rollout timeline below. Thank you for your patience.
We're excited to announce the addition of Dark Mode for Teams Admin Center. This highly anticipated feature will offer a visually appealing interface while reducing eye strain.
When this will happen:
We will begin rolling this out in early June 2023 and expect to complete rollout by late July (previously late June).
How this will affect your organization:
Administrators will see a toggle button on the top right corner of the Teams admin center Dashboard to toggle ON or OFF between the light mode and dark mode.
What you need to do to prepare:
You may want to notify your Teams administrators about this new capability and update your training and documentation as appropriate.
MC561700 — (Updated) Microsoft Teams: App Suggestions by Task in In-Context Stores
30-60 Days
Microsoft 365 Roadmap ID 122527
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Users think about which tasks they need to complete, such as creating a survey, inside Microsoft Teams. Soon, app suggestions will be organized by tasks that the apps support as opposed to conventional categories (productivity, project management). As a result, the new categorization will reduce the amount of time users need to spend learning about these apps – helping them to work more effectively.
When this will happen:
GA: Rollout will begin in mid-August 2023 (previously late July) and is expected to be complete by early August 2023 (previously mid-June).
GCC: Rollout will begin in late August 2023 (previously early August) and is expected to be complete by late September 2023 (previously late August).
GCCH: Rollout will begin in early August 2023 (previously mid-July) and is expected to be complete by late August 2023 (previously late July).
How this will affect your organization:
The task-based app suggestions will be added to the Tabs, Messaging Extension, and Bots in-context Stores.
What you need to do to prepare:
There is no action required at this time. You may want to notify your users of this update.
MC550081 — (Updated) Microsoft Teams: New Channels Experience
30-60 Days
Microsoft 365 Roadmap ID 91683
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
A new channels experience in Microsoft Teams has been built with an intuitive design that allows teams to focus and stay on tasks, bring everyone up to speed, and actively engage in real-time. The following features will be rolling out:
The compose box and recent posts will appear at the top of the page. It'll now be much easier to start a new post, keep up with the latest conversations and participate - giving users the confidence that they’ve not missed anything.
Every post is now a true conversation that users can focus on. Users can navigate to a conversation view that makes the discussion more engaging and synchronous, just like a chat. Users can also pop out the post, keep an eye on the discussion, while continuing to work on other topics.
A streamlined information pane will include all the important contextual information like channel’s members and pinned posts so new team members can quickly on-board and for all members to find the information they need, right in the channel.
Pin posts to make it easy for everyone to know what’s important in the channel and quickly reference it.
Simplified badging is making it easier for users to understand when there are new unread activities in teams. In addition, the simplified design helps users focus on the specific channels which requires the most attention, like channels in which the user was @mentioned.
When this will happen:
Targeted Release: Started rolling out in May and is expected to complete in early July.
Standard and GCC: We will begin rollout in early August (previously late July) and expect to complete rollout by mid-August (previously early August).
GCC-H and DoD: We will begin rollout in mid-August (previously early August) and expect to complete rollout by mid-September (previously late August).
How this will affect your organization:
Users in your organization will not need to make any changes and will get the new channels experience by default.
What you need to do to prepare:
Admins will not need to make any changes.
MC538385 — (Updated) Collaborative Meeting Notes
TBD
Microsoft 365 Roadmap ID 101509
Updated July 18, 2023: We have updated the rollout timeline below. Thank you for your patience.
We will not be rolling this feature to customers in GCC at this time. We will communicate via Message center when we are ready to proceed. Thank you for your patience.
Teams across Microsoft are coming together to provide tools that help make meetings more effective. More specifically, we’re improving how you track what you want to discuss (Agenda), what you discussed/decided (Notes) and what you need to follow up on (Follow-up Tasks). These capabilities are now integrated into the end-to-end meeting experience in Teams, Loop, Planner, To Do, Office.com and OneDrive for Business.
When this will happen:
Preview Release: We will begin rolling out late May (previously late April) and expect to complete by early June (previously mid-May).
Standard Release: We will begin rolling out mid-June (previously late May) and expect to complete by early August 2023 (previously mid-July).
How this will affect your organization:
Users within your tenant will see a Notes button during meetings that invokes these new capabilities. The meeting notes will be shown on the right pane of the meeting window with the ability to open them in the browser for more room or on a second monitor. Participants can collaborate in real time, create an agenda, take notes and add tasks. When participants are assigned a task in the meeting, they will also receive an email notification and it will be synced with the Planner and To Do apps.
Meeting organizers will also see an ability to add Collaborative notes before meetings, to prepare by adding agendas or other materials in one place.
After the meeting, Collaborative notes will remain accessible for all participants on the Teams calendar meeting details page. The experience is a Loop component, so they can be copied easily out of the meeting and into chats, group chats, emails and other documents. This makes prepping and follow-up even more seamless.
What you need to do to prepare:
Nothing is required to prepare. This capability will be enabled by default when it rolls out.
Note: the new Collaborative notes file will generate a Company Shareable Link (CSL) by default.
You can manage this feature via SharePoint PowerShell with:
Set-SPOTenant -IsCollabMeetingNotesFluidEnabled (boolean)
You can read more about admin controls here: Manage Loop experiences (Loop app and Loop components) in SharePoint.
MC537952 — (Updated) Microsoft Teams for Mobile: Chat Details Update
30-60 Days
Microsoft 365 Roadmap ID 114938
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are updating the chat details experience for Teams Mobile Group Chats, One on One Chats, and Self Chats.
When this will happen:
Targeted Release and Preview: We will begin rolling out in late July (previously mid-June) and expect to complete rollout by early August (previously late June).
Standard Release: We will begin rolling out in early August (previously late June) and expect to complete rollout by early September (previously early July).
GCC, GCC-H, DoD: We will begin rolling out in early September (previously early July) and expect to complete rollout by late September (previously late July).
How this will affect your organization:
The following items will be new:
Updated UI and layout.
Users are now able to access their own people card from the chat details and see Files and Apps from that conversation rather than seeing Files and Apps from the chat canvas, which will be deprecated.
What you need to do to prepare:
There is no action required at this time. You may want to notify your users of this change.
MC537412 — (Updated) Teams Rooms: Windows 11 support for Teams Rooms on Windows devices
Rolled Out
Microsoft 365 Roadmap ID 122148
Updated June 30, 2023: We have updated the timing outlined below. Thank you for your patience.
While our rollout plans have not changed, based on feedback from customers who need some additional time to test Windows 11, we are offering a temporary hold on Windows 11 upgrade to customers until November 20, 2023. Customers who want to utilize this option MUST follow these instructions before mid-June 2023 (before 4.17 app update) to delay upgrade to Windows 11.
Instructions:
Set this registry key to put the Windows 11 upgrade on an MTR on hold.
Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PPI\SkypeSettings
Key: CBU11
Data: 1 (as a dword)
Delete the registry key to resume the upgrade.
Important: If you do not set this registry key prior to 4.17 app update (releasing in mid-June), eligible devices will automatically upgrade to Windows 11. Please also note that this only applies to existing in market/ in channel devices not on application version 4.17, and that OEMs have already moved to Windows 11 based images (due to end of sales for Windows 10 IoT Enterprise in Oct 2023, and lead time needed for OEMs to create media).
Teams Rooms on Windows devices that are eligible for Windows 11 upgrade will receive the Windows 11 22H2 release in June 2023 (previously May). This will be offered and installed on their devices with 4.17 dot release. Devices that are not eligible due to an incompatible processor will continue to use Windows 10 per Windows hardware support policy. These devices will be offered Windows 10 22H2 release.
Devices that cannot upgrade to Windows 11 will continue to be supported until the end of Windows 10 End of servicing for General Availability Channel or hardware support from OEM, whichever comes first. Windows 10 releases information atWindows 10 release information. Please note, not all Windows releases are supported for Teams Rooms, to find supported version, see Microsoft Teams Rooms app version support.
In addition, Teams Rooms on Windows OEMs will shift their manufacturing to Windows 11 IoT Enterprise as Windows 10 IoT Enterprise end of license sales is fast approaching (10/14/2023). OEMs with existing Windows 10 licenses inventory (or to support recovery media for existing Windows 10 based devices) may continue to provide Windows 10 based images for some time that should automatically update to Windows 11 post setup. All OEMs are expected to move to Windows 11 IoT Enterprise based images in future. Customers should ensure all new hardware purchases check for Windows 11 compatibility to future proof their device investment.
When this will happen:
Standard Release: We will begin rolling out late June (previously early May) and expect to complete by late July (previously late May).
How this will affect your organization:
Microsoft Teams Rooms on Windows application release 4.17 will be available in June 2023 (previously May). This app will allow eligible Teams Rooms on Windows devices to receive Windows 11 22H2 update through Windows update. After the dot release has booted normally at least once, customers can either wait for 8 days for Windows 11 22H2 to install automatically or can pull the latest Windows 11 update from Windows Updates manually by checking for updates from the Windows Settings app. Devices that are not eligible will be offered Windows 10 22H2 release.
To check if your device is eligible for Windows 11, you can either check the list of eligible Intel processors for Windows 11 at https://learn.microsoft.com/en-us/windows-hardware/design/minimum/supported/windows-11-supported-int...
What you need to do to prepare:
To ensure that there are no issues preventing the Windows update in your environment, it is recommended to manually update a small set of devices to 4.16.134.0 (Release notes for Microsoft Teams Rooms---manual-update-only) and check for updates, after 4.16.134.0 release has been installed and booted normally at least once on them. From admin mode, check for updates using the Windows Settings app: Windows 11 22H2 or Windows 10 22H2 (depending on what’s supported for your devices) should be offered and should download and install. If the updates are not offered or installed, check for external policies (such as MDM or Active Directory Group Policies) that might be in place for your organization that could block this update.
MC536885 — (Updated) Changes in Normalization
>60 Days
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Stopping normalization on number that starts with plus sign (+)
Normalization in Microsoft Teams was not designed to do normalization when the phone number starts with plus sign (+) as documented, but we've never enforced this in the Teams desktop or Web client. We are planning to enforce this in the future but for now we recommend avoiding this pattern.
We are making this change to align with our Calling Service, other Teams services, Azure Communication Services SDKs, and other Microsoft services. Numbers that start with a plus sign (+) will not pass through any normalization rules.
Translated numbers that do not start with a plus sign (+), will pass through normalization rules more than once. Please see Create and manage dial plans for more information.
When this will happen:
Standard Release: We will begin rolling out mid-October 2023 (previously mid-July) and expect to complete by late October 2023 (previously late August).
How this will affect your organization:
There is no immediate impact. We are letting you know, so you can prepare for this change. If you are relying on dial plan policies to translate numbers dialed starting with a +, those rules will no longer work. You will need to instruct your end users to either dial the correct E.164 number starting with a +, or dial numbers without a + to match dial plan policies.
What you need to do to prepare:
There is no action needed to prepare for this change. You may want to notify your users about this change and update any relevant documentation as appropriate.
MC534741 — (Updated) Collaboration Security for Microsoft Teams
30-60 Days
Microsoft 365 Roadmap ID 117595
Updated July 18, 2023: We have updated the rollout timeline below. Thank you for your patience.
The rise of collaboration tools like Microsoft Teams also represents a new attack surface for adversaries. Attacks like phishing and ransomware that for decades have primarily used email as an entry point, are expanding to target collaboration tools more frequently. While Microsoft Defender for Office 365 has been providing protection in Microsoft Teams at time of click, we are excited today announcing a preview of enhancements to that protection, further protect users in Microsoft Teams and enhance the Security operations flows.
NOTE: this preview is only available to Microsoft Defender for Office P2 customers.
Description of the feature set:
Building on the current Safe Links protections for teams we are adding, in preview, additional functionality to enable end users in Microsoft Teams to report suspicious messages, zero hour auto-purge (ZAP) for malicious items along with the relevant Security operations flows such as alerting, submissions and quarantine.
When this will happen:
Public Preview: We will begin rolling out on late March and expect to complete by mid-May.
GA: We will begin rolling out late June 2023 and expect to complete by mid-September 2023 (previously late August).
How this will affect your organization:
Teams Admins, SecOps and End Users will see new added experiences in Teams Admin Center, Security Console and Teams Client (web and desktop) respectively for the following features:
Enhanced visibility into the attack landscape through end-user reporting
Effectively Respond with Post Delivery Analysis, ZAP & Quarantine
Proactively hunt for threats in Microsoft Teams with advanced hunting
Build Microsoft Teams user resilience in your organization.
What you need to do to prepare:
You can follow the instructions on how to Opt-in here Microsoft Defender for Office 365 support for Microsoft Teams (Preview)
MC533815 — (Updated) Virtual Appointment as a new Teams Meeting Template in GCC
>60 Days
Microsoft 365 Roadmap ID 100705
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
A new Teams Meeting Template, Virtual Appointment, will be added as a new template type in GCC tenants accessible from the 'New meeting' dropdown menu in the Teams Calendar. This is a free experience that brings enhanced business-to-consumer meeting features into the lightweight and familiar Teams scheduling experience. When meeting with someone from outside of your organization, the Virtual Appointment meeting can be used to ensure the person you are meeting with has a seamless experience with the meeting from start to finish - all without having to learn new tools or leave the standard scheduling flow.
Users can use the Virtual Appointment template instead of a standard Teams meeting for meetings with external users. They can select the meeting type, fill out the tailored scheduling form, including external guests and meeting details, and then send the meeting. The external guests invited will receive a customized meeting invitation that includes key appointment details and a quick-join button, which allows users to join the meeting from anywhere - without downloading Teams - and enter a pre-appointment waiting room before the meeting begins. This provides a familiar experience to internal users and makes external user join a seamless experience.
When this will happen:
We will begin rolling out to GCC early January (previously early June) and expect to complete by late January 2024 (previously early July).
How this will affect your organization:
Virtual Appointment will release as an out-of-the-box Teams Meeting Template and will appear as a configurable template type within the Teams Admin Center where the Meeting Options can be configured, and it can be hidden/shown for groups within your organization. The Virtual Appointment Teams Meeting Template will appear as a template type within the New Meeting dropdown menu in the Teams Calendar, unless hidden by an Admin (then it will not appear at all).
What you need to do to prepare:
When the Virtual Appointment Teams Meeting Template rolls out in June, it can be managed from the Teams Admin Center. To restrict who can access the template, navigate to Teams Admin Center > Meetings > Meeting template policies to show/hide the template based on global and group policies in the tenant. To restrict the default value and visibility of the Teams Meeting Options within the Virtual Appointment Meeting Template, navigate to Teams Admin Center > Meetings > Meeting templates > Virtual appointment > Edit and configure options.
Microsoft 365 Roadmap ID 100705
MC513049 — (Updated) Video Closed Caption in PowerPoint Live
30-60 Days
Updated July 28, 2023: We have updated the rollout timeline below. Thank you for your patience.
Closed captions will soon be supported for embedded videos in PowerPoint Live for Teams. Video closed captions in PowerPoint Live will be rolling out across Microsoft Teams Desktop and Web and will allow PowerPoint Live users to create accessible presentations that include video.
Microsoft 365 Roadmap ID 114494
When this will happen:
We will begin rolling out to PowerPoint Live users in early-March and expect to complete rollout by mid-March.
GCC, GCC-High and DoD: We have begun rolling out and will complete by late September 2023 (previously mid-July).
How this will affect your organization:
When creating a PowerPoint presentation in PowerPoint for Windows or PowerPoint for Mac, users have the option to include a closed captions file with their video (as shown below).
When the presentation is shared via PowerPoint Live for Teams, any embedded video that includes closed captions stored in a separate file will automatically include the option for attendees to turn on closed captions.
When closed captions are turned on, they will appear at the bottom of the slide, as shown below:
When no closed captions are available for a video, the closed captions button will be disabled.
What you need to do to prepare:
To prepare for this change, you may want to notify your users about the new support for video closed captions in PowerPoint Live for Teams, update your training and documentation as appropriate, and encourage your users to make their PowerPoint presentations more accessible by adding closed captions for their embedded videos.
MC509577 — (Updated) Visio Personal App in Teams – GCCH & DoD
<30 Days
Microsoft 365 Roadmap ID 109596
Updated July 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
Visio will be available soon as a Teams Personal App. There are no changes to the existing file open behavior, however there are new abilities that the Visio Personal App can provide. Additionally, this change comes with a number of UX improvements to the Office ribbon in Teams to provide a decluttered experience consistent with Office for the Web.
When this will happen:
Standard and GCC: this has completed.
GCC-High and DoD: will begin in early August 2023 and expect to complete by late August 2023.
How this will affect your organization:
The Visio personal app will come pre-installed for all users. New abilities that Visio Personal App will provide include:
Ability to pin the app to the app bar for easy entry point.
Right click the app icon in the app bar to pop out documents in a new window, to allow multi-tasking between Teams chats and document editing.
App home page to navigate documents, view recommended files, or create new file.
Changes to the Office ribbon in Teams include:
Introduction of the Share menu, consistent with Office for the Web
What you need to do to prepare:
No action is required from admins at this time; the Visio personal app will be available to all users.
Microsoft Stream
MC644063 — Microsoft Stream Mobile app for GCC-H and DoD Users
<30 Days
Microsoft 365 Roadmap ID 139272
Microsoft Stream mobile app will soon be rolling out to GCC-H and DoD users. The app gives users access to Stream (on SharePoint) video content. The mobile app is available for iOS and Android. Additionally, Microsoft Stream includes enterprise-level security, compliance, retention, and permissions features you expect from Microsoft 365.
When this will happen:
Rollout will begin in early August and is expected to be complete by late August.
How this will affect your organization:
The Microsoft Stream mobile app will allow GCC-H and DoD users to:
View a personalized home feed showing shared videos, meeting recordings, and collaboration updates
Record or upload videos
Download videos to watch offline later
Search for any videos in your organization using keywords or author names
Catch up on missed meetings with Microsoft Teams meeting recordings
Mark important videos as ‘Favorites’ and find them anytime from the library section
Share videos with co-workers with a single click
What you need to do to prepare:
Please notify your users of this update. You may want to update any relevant training documentation as appropriate.
The app can be downloaded from Android and iOS play stores in this link.
For additional information, please visit this documentation or this blog post.
MC635989 — Automatic Transcription for Video Uploads to SharePoint Online, Yammer, and Office.com
<30 Days
Microsoft 365 Roadmap ID 124932
Videos uploaded to SharePoint Online, Yammer, and Office.com will have transcriptions automatically generated shortly after upload. This feature will not be available for A1 and trial tenancies.
When this will happen:
Standard Release: We will begin rolling out in late July and expect to complete rollout by late August.
How this will affect your organization:
This change will be ON by default but can be disabled at tenant-level settings using the Media Transcription property within PowerShell. MediaTranscriptionAutomaticFeatures is the PowerShell command.
What you need to do to prepare:
There is nothing you need to do to prepare for this. You may want to notify users of this update. For additional information, please visit this documentation.
MC567476 — (Updated) Planned Maintenance: Noise suppression in Stream will be down for limited time
Rolled Out
Updated July 13, 2023: We have completed necessary work. Thank you for your patience.
We have maintenance planned for: Noise suppression in new Microsoft Stream
When this will happen:
Starting June 1, 2023.
Ending July 31, 2023.
How this affects your organization:
We understand that temporarily turning off the Noise Suppression feature in the new Stream may cause inconvenience to our users. However, please know that we are doing this to comply with the new regulations, specifically the Cyber EO compliance requirement, which enforces a secure development lifecycle for machine learning models. We want to ensure that we are compliant with these regulations and that our users can trust our product. Our team is working hard to gather all the necessary documentation for the Noise Suppression model, and we expect to have everything ready by the end of July. We apologize for any inconvenience this may cause and thank you for your understanding and patience during this time.
MC556773 — (Updated) View video analytics for ODSP videos
Rolled Out
Microsoft 365 Roadmap ID 124873
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
Video specific analytics for ODSP videos are being made available in the Governments cloud. Users will be able to experience total views and viewers for the last 7, 30, 90 days and all time within the playback experience. They can also access the viewership retention chart to identify the most popular parts of the videos and pinpoint where viewers are dropping off.
When this will happen:
Standard Release: We will begin rolling out late May 2023 and expect to complete by late July 2023 (previously early June).
How this will affect your organization:
There will be no impact on the tenant. Users will additionally be able to see analytics for videos they have access to.
What you need to do to prepare:
There is no specific preparation needed.
Microsoft Intune and Identity
MC660607 — Accept Apple’s new terms and conditions to ensure Intune can communicate with Apple as expected
Rolled Out
On July 27, 2023, Apple will release new Terms and Conditions for Apple Business Manager. An IT admin will need to accept these terms when using Apple School Manager, Apple Business Manager, Apple Volume Purchasing Program, or Automated Device Enrollment to ensure that the managed devices can continue communicating with Microsoft Intune.
How this will affect your organization:
This will only affect you if you use Apple Automated Device Enrollment, Apple School Manager, Apple Business Manager, or Apple Volume Purchase Program. You will need to accept the new terms and conditions to ensure your Intune service is not interrupted. If you do not accept the new terms and conditions the Intune service will receive the error – “T_C_NOT_Signed” from Apple.
What you need to do to prepare:
Simply login to the appropriate URL listed in the support article from Apple here: https://support.apple.com/HT203063. Once you have logged in and accepted the new terms and conditions, managed Apple devices will once again be able to communicate with Apple’s device management servers.
MC650420 — Changes to the registration campaign feature in Microsoft Entra (previously Azure Active Directory)
30-60 Days
Publicly switched telephone networks (PSTN) such as SMS and voice authentication are the weakest for.... To help your users move away from these less secure MFA methods we are introducing changes to the Microsoft managed state of the registration campaign (aka Nudge) feature in Microsoft Entra (previously Azure Active Directory).
When this will happen:
Starting September 2023
How this affects your organization:
Users in your organization who are relying on PSTN (SMS and/or voice) for MFA will be prompted to use the Microsoft Authenticator app. Users can skip this prompt for a maximum of 3 times, after which registration of the app will be required by default. Note: admins can decide it they want to opt out of the “limited” 3 snooze configuration or give their end users the ability to snooze indefinitely.
What you can do to prepare:
We urge you to motivate your users to immediately stop using SMS and voice for MFA. You can take advantage of several new admin levers to achieve this such as system-preferred MFA and Microsoft Authenticator Lite, in addition to registration campaign. However, if some of your users require more time you can exempt them for now. Sign in as Global Administrator or Authentication Policy Administrator and go to Microsoft Entra > Identity > Protection > Authentication methods > Registration campaign and exclude these user groups.
Stay alert, stay secure!
Microsoft Identity & Network access (IDNA) product group
MC638137 — Service health and Message center: 'Identity Service' rebranding to 'Microsoft Entra'
Rolled Out
Today, Tuesday, July 11th, 2023, we announced that Azure Active Directory will be rebranded as ‘Microsoft Entra ID’. Historically this service has been represented under the service name ‘Identity Service’, within Service health and Message center experience. To align on the changes included in today’s announcement, ‘Identity Service’ will be rebranded to ‘Microsoft Entra’ and represent Service health and change communications for that family of products.
When this will happen:
This will be rolled out to Service health and Message center by end of July.
How this will affect your organization:
Communications related to “Microsoft Entra” and its family of products may appear under “Microsoft Entra” in Service health and Message center.
What you need to do to prepare:
You might consider updating your administrator training and documentation as needed.
MC637368 — Azure AD is becoming Microsoft Entra ID
>60 Days
Microsoft Entra ID is the new name for Azure Active Directory (Azure AD).
No action is required from you.
The name change to Microsoft Entra ID represents the evolution and unification of the Microsoft Entra product family, and a commitment to simplify secure access experiences for everyone.
No changes to capabilities, licensing, or pricing
Features and capabilities of Azure AD will continue to be available in Microsoft Entra ID. Prices, terms, and service level agreements also remain the same. To make the transition seamless for you, the Azure AD URLs, APIs and authentication libraries are staying the same, as are developer experiences.
When this will happen:
The name change will roll out across all Microsoft products and experiences throughout the second half of 2023. Customers who have access to Azure AD will continue to have access without any planned disruptions.
Resources:
Learn more about the name change for Azure AD
Read the blog about the latest Microsoft Entra announcements
MC584364 — (Updated) Changes to the Registration campaign feature in Azure AD
Rolled Out
Updated July 7, 2023: We have updated the rollout timing of this change. Thank you for your patience.
Publicly switched telephone networks (PSTN) such as SMS and voice authentication are the weakest for.... To help your users move away from them we are introducing changes to the Microsoft managed state of the Registration campaign feature in Azure Active Directory.
When this will happen:
July 14, 2023
How this affects your organization:
Starting July 10th, 2023, users in your organization that are relying on SMS and voice for MFA will be prompted to use the Microsoft Authenticator app. They can skip this prompt for a maximum of 3 times, after which registration of the app will be required.
What you can do to prepare:
We urge you to motivate your users to stop using SMS and voice for MFA. However, if some of your users need more time you can exempt them for now. Sign in as Global Administrator or Authentication Policy Administrator and go to Azure AD > Security > Authentication methods > Registration campaign and exclude these users.
Microsoft Defender
MC653730 — Microsoft Defender for Endpoint Plan 1 backfill to Microsoft 365 G3 customers.
30-60 Days
You will soon see a new service plan associated with your Microsoft 365 license: Microsoft Defender for Endpoint Plan 1.
When this will happen:
The rollout will begin in late August and through early September.
How this will affect your organization:
A new service plan, Microsoft Defender for Endpoint Plan 1, will be added to your Microsoft 365 license. With the new service plan you can enable endpoint protection features in your tenant. You can find more details at www.aka.ms/mde
What you need to do to prepare:
No action is required as this update will not impact the user workflow or admin experience. You may wish to make a note of the new service plan name for your records.
MC649480 — Microsoft Secure Score is adding SSPM support for new SaaS applications
<30 Days
We’re updating Microsoft Secure Score is adding SSPM support for new SaaS applications, to ensure a more accurate representation of security posture.
The following SaaS applications are now supported by Microsoft Secure Score:
GitHub, see more info.
DocuSign, see more info.
Okta, see more info.
Citrix Share File, see more info.
In order to view these new SaaS applications security recommendations, the applications must be configured via the App connectors settings page in Microsoft defender for cloud apps (learn more).
When this will happen:
This will begin rollout in late-July and is expected to be completed by mid-August.
How this will affect your organization:
Once the application connector is configured, the associated recommendations will be added to Microsoft Secure Score. Your score will be updated accordingly.
What you need to do to prepare:
There's no action needed to prepare for this change, your score will be updated accordingly once the SaaS application connector is configured. Microsoft recommends reviewing the recommendations listed in Microsoft Secure Score.
MC611732 — (Updated) Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps
>60 Days
Microsoft 365 Roadmap ID 124984
Updated July 28, 2023: We have updated the rollout timeline below. Thank you for your patience.
To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. Sensitivity labels configured with DKE in Microsoft Purview Compliance Portal are now available for users in Word, Excel, PowerPoint, and Outlook to publish or consume content protected with DKE.
When this will happen:
General availability:
Current channel available mid-August 2023
Monthly Enterprise channel available mid-September 2023
Semi Annual Enterprise Channel early January 2024
How this will affect your organization:
Users who have sensitivity labels configured with DKE will be able to publish and consume DKE-protected content using the built-in labeling client in Word, Excel, PowerPoint, and Outlook.
With this update, organizations that have also enabled "co-authoring for files encrypted with sensitivity labels" can now deploy DKE labels in the same tenant, allowing users to benefit from M365's collaboration tools even if some of your users require DKE content for some of their documents.
What you need to do to prepare:
If you're already using DKE with the Azure Information Protection (AIP) add-in, you can now enable co-authoring for encrypted files and start planning your migration to the built-in labeling client before the add-in is retired in April 2024 (https://aka.ms/AIP2MIP/RetireAddin).
If you've been considering DKE for your organization, now is the time to plan for DKE in your environment using the built-in labeling client instead of attempting to deploy it through the AIP Add-in. (https://aka.ms/AIP2MIP/HowTo/GetStarted)
Microsoft Purview
MC663642 — Microsoft Purview compliance portal: Named entities SITs
30-60 Days
Microsoft 365 Roadmap ID 82116
New named entities sensitive information types (SITs) and enhanced unified policy authoring templates will soon roll out to generally availability.
When this will happen:
Rollout has started and is expected to complete by mid-September.
How this will affect your organization:
Named entities are sensitive information types that can’t easily be identified by a regular expression or a function. Examples include medical terms and conditions, person names, and physical addresses. This update includes 51 new generally available SITs representing named entities. You can use these within the Microsoft Purview compliance portal and with the PowerShell cmdlet "Get-DlpSensitiveInformationType".
This update also includes 10 enhanced policy templates that have definitions which include named entities. These enhanced templates can be used in solutions such as data loss prevention (DLP) and auto-labeling and align to important regulations such as US HIPAA and EU GDPR.
What you need to do to prepare:
Get started with sensitive information types in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more:
Learn about sensitive information types
Read the announcement blog post
MC663629 — Microsoft Purview: General Availability of Microsoft Purview Insider Risk Management forensic evidence add-on
30-60 Days
Microsoft 365 Roadmap ID 117565
Microsoft Purview Insider Risk Management forensic evidence add-on is an optional, additional capacity feature in Microsoft Purview Insider Risk Management that gives security teams visual insights into potential insider data security incidents, with user privacy built in.
Organizations with Microsoft 365 E5/G5, Microsoft 365 E5/G5 Compliance, or Microsoft 365 E5/G5 Insider Risk Management are eligible to purchase Insider Risk Management Forensic Evidence 100GB Add-on.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
When this will happen:
This new SKU, Insider Risk Management Forensic Evidence 100GB add-on, will be available starting September 1, 2023.
What you need to do to prepare:
Starting September 1, 2023, organizations can purchase Insider Risk Management Forensic Evidence 100GB add-on.
MC662252 — Microsoft Purview eDiscovery (Premium) Collections enhancements: Collect to Export
<30 Days
Microsoft 365 Roadmap ID 100056
We're enhancing the Collections experience in eDiscovery (Premium) to enable a streamlined process for exporting results.
When this will happen:
Standard Release: We will begin rolling out in July and will complete by the end of August.
How this will affect your organization:
Now admins will be able to directly export a report or results of a Collection without adding to review set first. This will streamline processes for organizations who require ability to conduct analysis on item reports of relevant content and those who need to quickly get data from Microsoft 365 into the hands of auditors or regulators.
What you need to do to prepare:
We recommend that you share this update with the eDiscovery administrators and managers in your organization so they can review the documentation and try out the new options for export item report and export results. Be sure to update relevant internal eDiscovery process guidance with these additions to help with assessment of collection results including partially indexed items and access to exports for time-sensitive situations.
Get started with eDiscovery (Premium) in the Microsoft Purview compliance portal.
Learn more: Create a collection estimate
MC660616 — (Updated) Microsoft Purview Information Protection: Require sensitivity label to restrict permissions
30-60 Days
Microsoft 365 Roadmap ID 109532
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Users with access to Microsoft Information Protection (MIP) are redirected from old protection mechanisms towards the modern sensitivity labeling experience.
When this will happen:
Preview: We will begin rolling out in mid-August 2023 (previously late July) and complete by early September 2023 (previously mid-August).
Standard Release: We will begin rolling out in early September 2023 (previously mid-August) and complete by late September 2023 (previously early September).
How this will affect your organization:
Users will no longer be able to apply IRM protection to new or existing documents and instead will be directed to apply MIP labels.
What you need to do to prepare:
Users with access to MIP that require the old IRM protection mechanisms will need to either need transition towards MIP labels or request a registry key capable of reverting to the old behavior.
MC653731 — (Updated) Microsoft Purview | Information Protection - New Credentials SITs (U.S. Government clouds)
30-60 Days
Microsoft 365 Roadmap ID 93265
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
New credential sensitive information types (SITs) will soon roll out to generally availability in U.S. Government clouds.
When this will happen:
We will begin rolling out early August (previously mid-July) and expect to complete by early September 2023 (previously mid-August).
How this will affect your organization:
Once the changes are rolled out to your tenant, you’ll be able to do the following with Credential sensitivity information types:
- View them in content and activity explorer
- Test files for them in Data Classification
- Configure them to be used in the following solutions/applications:
Data Loss Prevention
Information Protection
eDiscovery
Records Management
Data Lifecycle Management
MDA
Insider Risk
MIP SDK
What you need to do to prepare:
Learn more about our offered credential types: All credentials entity definition - Microsoft Purview (compliance) | Microsoft Learn
MC649937 — Outlook: Support Pop-up Messages in Outlook that Warn/Justify/Block Emails being sent with Sensitivity Labels
<30 Days
Microsoft 365 Roadmap ID 139754
Outlook for desktop native sensitivity labeling will support the oversharing pop-up dialogue to warn, justify or block emails being sent.
When this will happen:
Rollout will begin in early August 2023 and is expected to be complete by late August 2023.
How this will affect your organization:
When enabled by the admin, Outlook will use the values set on the Purview portal to show Pop-up messages that warn, block or request for an explicit acknowledgement/ justification from users when they attempt to send email messages that include a sensitivity label on the email or attachment.
Furthermore, based on the customization Outlook will show a “learn more” URL to ensure that end users receive valuable guidance on the rule that initiated the display of the pop-up.
What you need to do to prepare:
Configure policy tips for Data Loss Prevention in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more:
Learn how to configure a DLP rule with oversharing popups: Create and Deploy data loss prevention policies
View the AIP migration playbook: Migrate Oversharing Popups from AIP
MC649921 — Microsoft Purview | Endpoint DLP – Detect sensitive files that are password protected/ encrypted (Gov Clouds)
Rolled Out
Microsoft 365 Roadmap ID 124790
Currently available in GA for Microsoft Purview Data Loss Prevention, we're introducing the ability to detect and protect encrypted/ password protected files on endpoint devices for Government Clouds.
When this will happen:
This feature is currently available.
How this will affect your organization:
With this capability, your Microsoft Purview Data Loss Prevention (DLP) policies will be able to detect the presence of and prevent unauthorized use of encrypted, password protected files on Windows endpoint devices. This enables you to introduce policy controls for scenarios such as when an information worker from HR department in your organization is accessing a password protected excel file on endpoint (say laptop/workstation) and trying to copy it to a USB drive. With this update, predicate “Password Protected/Encrypted” can now be leveraged on Gov Cloud Tenants (GCC, GCC-H, DoD).
Supported File Types for Password protected condition: office file types, archive (zip, 7z, RAR) & Symantec PGP encrypted files
Please note that support for PDF file type for “password protected/encrypted” condition will be available by end of September’23
What you need to do to prepare:
Get started with Data Loss Prevention in the Microsoft Purview compliance portal.
Learn more: Using Endpoint DLP
MC644062 — Microsoft Purview compliance portal: PDF files encrypted with sensitivity label can be searched and eDiscovered
Rolled Out
Microsoft 365 Roadmap ID 85617
Public preview alert. We have started rolling out support for labeled PDF files in SharePoint Online. SharePoint now supports search, eDiscovery, DLP for sensitivity label encrypted PDFs. The sensitivity column will start showing the label names for newly uploaded PDF files.
When this will happen:
Preview: This rollout is underway and expected to complete by late July 2023.
How this will affect your organization:
Once the changes are rolled out to your tenant, the following are the changes you can expect:
The sensitivity column will start showing the label names for newly uploaded PDF files.
You can perform user search and eDiscovery search on sensitivity label encrypted PDF files.
You can apply labels to PDF files at rest in SharePoint using Autolabeling. Learn more: Automatically apply a sensitivity label in Microsoft 365 - Microsoft Purview (compliance) | Microsoft Learn
If you default SharePoint document library labels configured, then newly uploaded PDF files will start showing the label name in the sensitivity column.
If you want to remove labels with encryption from PDFs then you can use this cmdlet: Unlock-SPOSensitivityLabelEncryptedFile.
Viewing protected PDFs in SharePoint and OneDrive will be supported in the following clients on
Desktop:
Edge in the browser to view directly on SharePoint and OneDrive (user must be signed in)
Adobe for downloaded files *
FoxIt for downloaded files *
NitroPDF *
AIP viewer for downloaded files*
Mobile:
AIP viewer
FoxIt
* Note that using a PDF reader that requires download may conflict with DLP policies that prevent download of files
What you need to do to prepare:
With this release you can expect more PDF files to be protected via sensitivity labels and encryption. You should prepare to train your users on methods to view protected PDFs both in browser and apps as described above.
Note that this functionality is default turned OFF. If your organization is ready for consumption of sensitivity label encrypted PDF files, you have the option to enable this functionality via SharePoint Admin PowerShell cmdlet.
Set-SPOTenant -EnableSensitivityLabelforPDF $true
Please note that it may take around 15 minutes after this setting is enabled for labeling of PDFs to occur.
MC635990 — (Updated) Microsoft Purview Information Protection: Unsaved default label indicator
<30 Days
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
When default labeling of files is enabled in Word, Excel, and PowerPoint Microsoft 365 Apps for Windows, a default sensitivity label is applied to any unlabeled document when it is saved. To improve user confidence that default labeling is functioning, the sensitivity bar will now indicate that a label will be applied on next save when the user opens a new or previously unlabeled file.
When this will happen:
Standard Release: We will begin rolling out mid-August 2023 (previously early July) and expect to complete by late August 2023 (previously mid-July).
How this affects your organization:
When the change is rolled out, when a user opens a new or previously unlabeled file and default labeling is enabled, the sensitivity bar will indicate that a label will be applied on next save.
What you can do to prepare:
You may consider updating your training and documentation as appropriate.
MC635975 — General availability of Microsoft Purview eDiscovery (Standard) to eDiscovery (Premium) case upgrade tool
Rolled Out
Microsoft 365 Roadmap ID 109542
Currently available in public preview (MC552329), we are releasing a tool to allow eDiscovery administrators to upgrade their existing eDiscovery (Standard) case to eDiscovery (Premium) to unify cases into a single platform.
When this will happen:
Rollout will begin in early July and is expected to be complete by late July.
How this will affect your organization:
With this tool, an eDiscovery administrator will be able to select a particular case from eDiscovery (Standard) cases list to move to eDiscovery (Premium).
All upgraded cases will have their existing search and hold retained. This upgrade is architected to change the case type and not perform any actual migration of the hold policies. This means no hold is removed and no new hold is re-created in the process. This ensures no data is lost or erased in the migration process.
Note: The case upgrade can be triggered by an eDiscovery Administrator only.
Choosing to upgrade a case from eDiscovery (Standard) to eDiscovery (Premium)
What you need to do to prepare:
Assess if the changes will change your organization’s eDiscovery workflow. If so, update internal documentation and provide training to all eDiscovery users in your organization as needed.
The upgrade is not reversible so please ensure you test this process with a few test cases before proceeding with a mass upgrade.
Get started with eDiscovery (Premium) in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more: Microsoft Purview eDiscovery solutions
MC635971 — Microsoft Purview Communication Compliance – Enhanced Investigation and Remediation Experience (preview)
<30 Days
Microsoft 365 Roadmap IDs 124929 and 124976
Coming soon to public preview, Microsoft Purview Communication Compliance will release enhancements to the investigation and remediation workflows which will help designated investigators facilitate quicker and better-informed actions on policy matches. Enhancements will be available to designated Communication Compliance investigators with the appropriate role-based access control permissions, and include bulk policy exports, interactive how-to demos, and additional context around policy settings and keywords/conditions flagged in a policy.
When this will happen:
Public Preview: Rollout will begin in mid-July and is expected to be complete by early August.
How this will affect your organization:
No policy configuration changes are needed to enable enhancements to investigation and remediation workflows. The following screenshots show how/where each enhancement can be found in Communication Compliance.
View policy settings with one click:
Policy conditions viewable to all roles except “Read Only” via the highlighted icon
Default filters bar with new Body/Subject filter:
Default filters in Pending tab view with new Body/Subject filter
What you need to do to prepare:
Microsoft Purview Communication Compliance provides the tools to help organizations detect business conduct and regulatory compliance violations (e.g. SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.
Get started with Communication Compliance in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn about communication compliance
MC626569 — Microsoft Purview eDiscovery (Premium): Tag templates and review set tagging usability enhancements
Rolled Out
Microsoft 365 Roadmap ID 124962
We are excited to introduce several usability enhancements for tagging items in review sets within the eDiscovery (Premium) solution in the Microsoft Purview compliance portal.
When this will happen:
Rollout will begin in early July and is expected to be complete by late July.
How this will affect your organization:
With this new tag templates features, eDiscovery admins can
Manage tag templates that can be reused across multiple review sets and cases.
Import tags relevant to their cases from existing tag templates
Manage tag templates
Create tag templates
With the tagging usability enhancements in the review sets, eDiscovery managers can
Add tag status columns
Bulk tagging count indication (show count of existing items with the tag)
Import tag templates
Tag status column, count indicators for bulk tagging
What you can do to prepare:
No action is needed to enable these updates. Once the rollout is complete, you can take advantage of the new grouping options and configurations in your eDiscovery (Premium) review sets. Distribute the following documentation to your organization's eDiscovery admins and managers for a better understanding of the new enhancements:
Get started with eDiscovery (Premium) in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environment
Learn more: Tag documents in a review set
MC590098 — (Updated) Records Management eDiscovery (Premium) – Discover the document version that has been shared
30-60 Days
Microsoft 365 Roadmap IDs 106099 and 106100
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
To help you efficiently meet regulatory obligations for retention and eDiscovery of shared content in your organization, we're rolling out a new Records Management capability that enables you to automatically apply retention labels and retain the version of files shared as cloud attachments or hyperlinks in email via Exchange and chat via Teams. This enables eDiscovery (Premium) to discover the version of the document at the time that it was shared.
When this will happen:
Rollout will begin in early September 2023 (previously late June) and is expected to be complete by late September 2023 (previously mid-July).
How this will affect your organization:
Information workers in organizations benefit from quickly sharing cloud attachment files for visibility and collaboration, however this practice has been challenging for eDiscovery and legal professionals who are required to preserve and discover that content. eDiscovery (Premium) now supports the ability to discover the version of the document at the time that it was shared to help ensure that the relevant version of the file is available to eDiscovery processes.
To make this possible, you will now be able to create a retention auto-labeling policy in the Records Management solution, within the Microsoft Purview compliance portal, where you will be able to select the option to include files shared as cloud attachments (live links of SharePoint or OneDrive content shared as attachments or hyperlinks via email or Teams messages).
What you need to do to prepare:
Get started with Records Management and eDiscovery (Premium) in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more:
Collect cloud attachments in eDiscovery (Premium)
Auto-apply labels to cloud attachments
MC567472 — Microsoft Purview Records Management: Enhancing inherited and auto-applied retention label behavior in Exchange Online
30-60 Days
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are releasing an enhancement to better align Exchange item lifecycle behaviors with the principles of retention and labeling principles shared with other workloads like SharePoint Online.
This change affects items which have a Microsoft Purview retention label or legacy MRM tag auto-applied or inherited from a parent folder which is then moved to the "Deleted Items" folder either by drag & drop or manual deletion. It does not affect existing behavior for items that are 'permanently' deleted by the user (for example, using the SHIFT+DEL combination), items that have no Microsoft Purview retention labels applied, or items which have a Microsoft Purview retention label or legacy MRM tag applied manually by the user.
The enhancement includes multiple behavior changes which are summarized in the 'How this will affect your organization' section below.
When this will happen:
Rollout will begin at the mid-July (previously late June) and is expected to be complete by the mid-September (previously late August).
How this will affect your organization:
The following behaviors will change for items that have an auto-applied retention label, a retention label inherited from a parent folder, or a legacy MRM tag inherited from a parent folder:
Items with any retention setting applied by Microsoft Purview (any label which retains content for a period of time even if a user deletes them) will have that retention setting enforced when moved to the "Deleted Items" folder regardless of how it was applied or if a default MRM tag applies to the "Deleted Items" folder.
For items which do not retain content and only enforce deletion after a certain period of time or any other action, when moved to the "Deleted Items" folder will behave as follows:
If a Microsoft Purview retention label is auto-applied to an item, it will remain applied to the item regardless of whether there is a default MRM tag applied to the "Deleted Items" folder and actions will be processed accordingly based on the auto-applied label's settings.
If a Microsoft Purview retention label or MRM tag is applied to the item by inheritance from a parent folder and a default MRM tag is not applied to the "Deleted Items" folder, the inherited label/tag will remain applied to the item and actions processed accordingly based on the label/tag settings.
If a Microsoft Purview retention label or MRM tag is applied to the item by inheritance from a parent folder and a default MRM tag is applied to the "Deleted Items" folder, the label or tag with the shortest deletion period will win and its actions will be processed accordingly based on that winning label or tag settings.
This change does not affect:
The behaviors of any other folders within the mailbox.
Items that are 'permanently' deleted by the user (for example, using the SHIFT+DEL combination).
Items that have no Microsoft Purview retention labels or legacy MRM tags applied.
Items that have a Microsoft Purview retention label or legacy MRM tag manually applied by the user.
What you need to do to prepare:
No action is needed to enable this change; however, you may want to update your documentation and end-user training to incorporate the change in behavior.
Get started with Records Management in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn about retention for Exchange
MC560728 — (Updated) Microsoft Purview compliance portal: General availability of new Insider Risk Management capabilities
30-60 Days
Microsoft 365 Roadmap IDs: 83966, 93259, 98160, 115492, 115494, 117601, 117602, 117603, 117604, 117607, 117608, 124772, 124775, 124857, 124860, 124861, 124862, 124863, 124864
Updated July 18, 2023: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to general availability, Microsoft Purview Insider Risk Management will be rolling out multiple features including an enhanced alert experience, cumulative exfiltration anomaly detection, sequence detection enhancement, new insider risk indicators, trainable classifier support, and new noise management capabilities.
When this will happen:
Rollout will begin in early June and is expected to be complete by late September 2023 (previously early September).
How this will affect your organization:
The following capabilities will soon be generally available within the Insider Risk Management solution:
Enhanced alert triage experience introduces various improvements to the alert review experience to accelerate time to action, including the ability to further drill into detected sequences within activity explorer, add new alert filtering capabilities, and explore the user activity timeline view with a richer alert history.
Policy customization from alert review experience allows admins to customize an Insider Risk Management policy and adjust policy thresholds from within the alert review experience instead of going through the policy configuration wizard, so customization decisions can be made in the context of alert review activities.
Cumulative exfiltration anomaly detection helps identify data exfiltration risks when a user’s exfiltration activities across all egress channels over the past 30 days exceed organization or peer group norms. A risk score is assigned if the user's cumulative exfiltration activity is unusual compared with others within the same organization or with the same role.
Sequence detection in Insider Risk Management has a few updates:
Sequence detection can recognize both allowed and unallowed domains, configured by admins with appropriate permissions. Sequences that involve allowed domains will be excluded from being scored, and sequences that involve unallowed domains will receive higher risk scores.
Sequence detection can be used as a policy trigger. For example, if admins define a sequence such as downloading from a Microsoft 365 location, obfuscating, exfiltrating, then deleting, users who perform the sequence of activities will match the policy and the alert will show up in Insider Risk Management.
Allows admins to select sequences in data leak and data theft policies without the requirement to select underlying individual indicators. This will allow admins to create more targeted policies with improved alert signals.
New insider risk indicators:
Increased set of first party indicators will be available in Insider Risk Management, including user activities in Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Defender for Cloud Apps.
Label downgrading insights can detect users downgrading sensitivity labels on files or SharePoint sites.
Physical access indicators and connector will allow admins to define priority physical assets. With priority physical assets enabled and the physical badging data connector configured, Insider Risk Management can correlate signals from an organization’s physical control and access systems with other user activities to help make more informed response decisions for alerts.
Trainable classifiers will be supported in Insider Risk Management to recognize various content types specific to your organization.
Noise management capabilities:
File path exclusions allow admins to configure file path exclusions, so activities around files with specific file paths won’t generate alerts.
Sensitive information type exclusions allow admins to define sensitive information type exclusions, so files that contain certain sensitive information types won’t generate alerts.
File type exclusions will extend to email attachments to help reduce noisy signals.
System noise generated by a single user activity will be de-deduplicated, reducing noise in alerts without losing risk context.
Site URL and keyword exclusions allow admins to configure SharePoint site URL and keyword exclusions, so activities involving these sites or file names and email subject lines containing certain keywords won’t generate alerts.
Bulk import and export of domains allows admins to upload or download a CSV file of unallowed, allowed, and third-party domains in insider risk settings to fine-tune the detection of activities involving certain domains.
Integration with Communication Compliance: admins with the right permissions can use a Communication Compliance event to configure insider risk policies. This feature helps customers gain more context and identify potentially higher-risk activities that may result in a data security incident such as exfiltration of sensitive information.
What you need to do to prepare:
To enable cumulative exfiltration activities detection and new insider risk indicators, admins can visit Insider risk settings > policy indicators to choose those new indicators.
To configure allowed and unallowed domains and all types of exclusions, admins can visit Insider risk settings > intelligent detections.
To configure physical access indicators, admins will need to set up a connector in the compliance portal to import physical badging data.
To leverage new indicators and integration with Communication Compliance, admins with the right permissions can visit Policies page to create a new policy or add indicators to existing policies.
No action is needed to enable other features.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Get started with Insider Risk Management in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn about insider risk management
MC557813 — (Updated) Microsoft Purview Data Lifecycle and Records Management: Simulation mode for retention labels
30-60 Days
Microsoft 365 Roadmap ID 109569
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
We're introducing "simulation mode" in Microsoft Purview Data Lifecycle Management and Microsoft Purview Records Management for auto-labeling policies of retention labels.
When this will happen:
Rollout will begin in mid-August (previously late June) and is expected to be complete by mid-September (previously late July).
How this will affect your organization:
Simulation mode enables compliance administrators to test their retention auto-labeling policy configuration by identifying which content may be matched by the policy. The simulation of a policy can take as little as a few hours (dependent on the amount of data analyzed), helping admins to rapidly test, modify, and confidently deploy their retention labels through automatic labeling.
Simulation mode will work with policies that apply labels when content contains sensitive information or based on content’s properties or metadata using KQL (Keyword Query Language) queries.
What you need to do to prepare:
There's nothing you need to do to prepare or access this new functionality. To leverage this feature, you will find in the wizard to create a new auto-labeling policy a new step called "Mode". To explore simulation mode, choose the option ‘Test the policy before running it.’
Get started with retention labels and policies in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more: Learn more about simulation mode
Blog: Simulation mode for retention labels
MC535701 — (Updated) Microsoft Purview Information Protection: Extend sensitivity labels to meetings (GA)
30-60 Days
Microsoft 365 Roadmap ID 117507
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
You will soon be able to extend Microsoft Purview Information Protection sensitivity labels to meetings.
When this will happen:
Rollout will begin in early May and is expected to be complete by late September 2023 (previously late June).
How this will affect your organization:
With this update, admins will be able to extend sensitivity labels to Microsoft Outlook appointments, meeting invites in Microsoft Teams and Outlook, and Teams online meetings*. This enables admins to include labeled meetings in the scope of Information Protection policies.
*Note: Applying sensitivity labels to protect Teams online meetings requires Teams Premium licensing.
What you need to do to prepare:
Get started by configuring sensitivity labels in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more:
Create and publish sensitivity labels
Learn about sensitivity labels
Get started with sensitivity labels
MC515536 — (Updated) Microsoft Purview | Data Lifecycle Management and Records Management – Microsoft Graph APIs for extensibility
30-60 Days
Microsoft 365 Roadmap ID 88276
Updated July 28, 2023: We have updated the rollout timeline below. Thank you for your patience.
As a part of our extensibility vision and first release to Microsoft Graph, we are introducing three new APIs for retention labels, events, and event types in the Microsoft Graph beta environment. These APIs will enable you to customize and extend on what we have built in the product so far.
These APIs can be used by compliance admins and developers to manage retention labels in Data Lifecycle and Records Management solutions.
When this will happen:
Rollout will begin in late March 2023 (previously late February) and is expected to be complete by late September 2023 (previously mid-August).
How this will affect your organization:
If your organization needs to automate any operation related to retention labels or events, we recommend you achieve this by using the new Graph APIs instead of using PowerShell cmdlets. With Graph, we use REST APIs that support better security, extensibility, and app authentication features.
The three APIs are available under the security node and the endpoints to access them are as follows:
|
Entity name |
Endpoints |
Solution |
|
Labels |
security/labels/retentionLabels |
Data Lifecycle, Records Management |
|
Events |
security/triggers/retentionEvents |
Records Management |
|
Event types |
security/triggerTypes/retentionEventTypes |
Records Management |
What you need to do to prepare:
Permissions
Currently, these APIs are supported through delegated permissions only, which are managed through the Graph interface. We are introducing two new permissions which you will need to access these APIs:
recordsmanagement.read.all
recordsmanagement.readwrite.all
Licensing
Access to Data Lifecycle Management and Records Management features varies based on your Microsoft 365 license level. See Microsoft 365 guidance for security & compliance - Service Descriptions for licensing requirement details.
Get started with Data Lifecycle Management and Records Management in the Microsoft Purview compliance portal:
Microsoft Purview compliance portal for WW and GCC cloud environments
Microsoft Purview compliance portal for GCC-High cloud environments
Microsoft Purview compliance portal for DoD cloud environments
Learn more:
Use the Microsoft Graph records management API
Create retention labels for exceptions
Start retention when an event occurs
Exchange Online
MC664093 — Refiners Available in Outlook Web
<30 Days
Microsoft 365 Roadmap ID 141109
We are launching Refiners on Outlook Web which will appear after a user completes a search. These will allow users to filter down their search results further to find their emails easily.
When this will happen:
Rollout has already begun and is expected to be complete by late August 2023.
How this will affect your organization:
With this update, users will be able to filter results easily after conducting a search in Outlook.
What you need to do to prepare:
There is nothing required from you at this time. You may want to notify your users of this feature and update any relevant training documentation.
MC663633 — Outlook: Search Box Interface Improvement
30-60 Days
Microsoft 365 Roadmap ID 151024
The interface of Search Box in Outlook is being upgraded, making it more prominent and discoverable, with higher color contrast on the input area, border, and font, along with fine tunes on all themes, as well as light and dark modes.
When this will happen:
We will begin rolling out in early September and expect to complete rollout by late September.
How this will affect your organization:
Users will have a slightly new Search Box interface.
What you need to do to prepare:
No action is needed in preparation for the update.
MC661223 — Control inbox and calendar sharing options in Outlook mobile
<30 Days
Microsoft 365 Roadmap ID 146733
Outlook mobile users can give author, editor, and reviewer permissions to their inbox from the mobile experience.
They can also give view, edit, and delegate permissions to their calendar.
When this will happen:
Standard Release: We will begin rolling out early August and expect to complete by end of August.
How thus will affect your organization:
Starting at the beginning of August, tenant admins will be able to turn off the ability for users to share their inboxes and calendars with the above permissions from Outlook mobile using app configuration values.
When the app config value is turned on, the user experience is as follows:
Under the “Share Your Inbox” settings, users will have “Add People” greyed out. Users that have already shared their inboxes will have their delegates listed here.
Under the “Share” option in calendar settings, users will have “Add People” greyed out. Users that have already shared their calendar will have their delegates listed here.
Blocking sharing is limited to the sharing entry points in settings for mail and calendar in Outlook mobile. All other sharing entry points, like share sheets, compose forwarding, etc. are not affected with this feature. The addition of shared and delegate mailboxes are also not affected. Users who have already been added to a shared mailbox or as delegates to an inbox or calendar will still be able to add those to their Outlook mobile experience.
This new capability is off by default.
App Configuration Keys
The app Configuration keys used to control this experience are:
For mail: com.microsoft.outlook.Mail.Blocksharing
For calendar: com.microsoft.outlook.Calendar.Blocksharing
What you need to do to prepare:
If admins wish to continue to allow users to delegate their inboxes and calendars, no action is necessary.
For more information on app configuration keys, please visit: Deploying Outlook for iOS and Android app configuration settings in Exchange Online | Microsoft Lear...
MC660070 — Final reminder: Retiring Remote PowerShell use through Connect-IPPPSession
Rolled Out
As communicated in MC541649 (April 2023) and MC586563 (June 2023), the legacy Remote PowerShell (RPS) protocol will be retired this week on Thursday July 27, 2023.
How this affects your organization:
On July 27, SCC customers will access EOP using REST-based APIs instead of RPS. Please click Additional Information to learn more.
You are receiving this message because our reporting indicates your organization may be using RPS to connect to EOP.
What you need to do:
Steps to switch to REST-based cmdlets:
Install the EXO module version 3.2.0 (current GA version) from here.
Use Connect-IPPPSession to establish connection.
What you can do to prepare:
REST-based cmdlets are available now in the latest GA version - we recommend customers install the latest EXO module version 3.2.0 as soon as possible (steps above).
Why this is happening:
In line with our vision to enhance the security of our cloud, the SCC admin experience will move to REST-based APIs.
In releasing the REST interface, RPS-based cmdlets will run as REST API calls instead of running via an RPS session. The REST API has the same cmdlets available and feature parity with RPS v1 cmdlets, so existing scripts and processes don't need to be updated. Simply using the new module will ensure REST is used rather than RPS.
MC649482 — Sender Rewriting Scheme (SRS) Expanding to SMTP/Mailbox Forwarding
>60 Days
We’re making changes to SMTP forwarding from mailboxes in Exchange Online. This change will result in forwarded messages being rewritten with Sender Rewriting Scheme (SRS).
We’ll further consolidate our rewriting feature for messages that are automatically forwarded outside of Exchange Online. Today, not all forwarded messages are rewritten using SRS. Messages forwarded with SMTP or mailbox forwarding have their P1 Mail From address replaced with the forwarding mailbox address. This behavior will change to use SRS rewriting instead. The change will be rolled out slowly, and it might take time to reach your organization.
When this will happen:
We will begin rolling out in mid-August and expect to complete rollout by late October.
How this will affect your organization:
This behavior change might be noticeable to systems that rely on the P1 Mail From address. All messages that are forwarded externally from Exchange Online to the internet will be subject to new SRS rewriting. The risk of any impact on those messages should be low. Recipients of the messages will see the P2 From address of the original sender. You can find out more about SRS behavior from the link provided. Any email servers that are configured to act on the P1 Mail From address will be affected. Other messages that are already being rewritten by SRS would already display different behavior.
Because messages that are relayed to on-premises email servers aren’t rewritten with SRS, this set of forwarded messages would not have the P1 Mail From address rewritten. This result should be fine for delivery to on-premises mailboxes. However, there’s a risk if customers route mail out to the internet via their on-premises servers instead of Exchange Online. These forwarded messages will go out without being rewritten, which could result in them being rejected by recipient email mail servers. To avoid this problem, a new setting has been added to on-premises connectors to enable SRS rewriting for those messages.
This change will affect where NDR messages are sent if a message was forwarded but failed to reach the forwarding destination mailbox. SRS enables NDRs to go back to the original sender of a forwarded message so that they know the message may not have reached the intended destination and been read by the recipient. This behavior is a change from the current behavior where the NDR is sent to the forwarding mailbox and may not be seen.
What you need to do to prepare:
Before this change takes effect, customers who route traffic to the internet from their on-premises environment through Exchange Online should enable the new parameter named SenderRewritingEnabled on their Exchange Online outbound mail flow connector of type on-premises to avoid any disruptions. You can do this using the Set-OutboundConnector
Note: Although the SenderRewritingEnabled parameter only works for On-Premises connectors, this parameter is visible on Partner connectors as well, where it is set to “FALSE”. This is inaccurate, as the behavior is enabled by default on Partner connectors regardless of the setting value. There is no need to explicitly set to “TRUE”. If you still try to set SenderRewritingEnabled parameter to TRUE on a Partner connector, you will receive an error - “SenderRewritingEnabled cannot be set to TRUE if Connector type is not On-premises”. This error is expected and can be ignored.
MC579609 — (Updated) S/MIME sensitivity label support natively on Outlook for Windows
<30 Days
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Outlook desktop will support S/MIME (Secure/Multipurpose Internet Mail Extensions) sign and encryption as sensitivity label outcome. Customer admins could use set-label advanced setting to define the label to have S/MIME sign or encryption or both, and emails with those labels applied will enforce S/MIME sign and encrypt accordingly, and also it will support content marking of the label.
When this will happen:
Standard Release: We will begin rolling out in early August 2023 (previously mid-July) and expect to complete by late August 2023 (previously late July).
How this will affect your organization:
If you have defined S/MIME email labels for your organization, you will see that S/MIME label also available in Outlook on the web to apply. If you do not have any S/MIME labels today, then it will not impact your organization.
What you need to do to prepare:
If you would like to start using S/MIME labels, please refer the admin instructions how to enable S/MIME labels via set-Label cmdlets advanced setting.
MC556159 — (Updated) Message List Selection UI updates for Outlook on the Web and New Outlook for Windows
<30 Days
Microsoft 365 Roadmap ID 125905
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
In order to save space on the message list in Outlook, we are making an UI update: From "selection circles on the left side of each row" to "Select mode that you have to get into before checkboxes appear", using a button in the top-right corner of the Message List. Users may have to acclimate themselves to the new Selection user experience.
In addition, mouse+keyboard multi-selection where users hold down Ctrl or Shift will continue to work as before.
When this will happen:
We will begin rolling out in mid-May 2023 and expect to complete rollout by mid-August (previously early July 2023).
How this will affect your organization:
This will affect users who do not have "Sender Images" enabled in the Message List. If you have "Sender Images" turned on, hovering over the images will still show the checkboxes, even if you did not get yourself into "Select Mode". To review if you have "Send image" enabled, go to Settings > Mail > Layout and scroll to "Sender image".
What you need to do to prepare:
There is nothing to prepare for this change.
MC488586 — (Updated) Announcing Retirement of Remote PowerShell (RPS) protocol in Exchange Online PowerShell
30-60 Days
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
You might already be aware that we made REST-based Exchange Online PowerShell v3 module generally available in September 2022 (read more here: Exchange Online PowerShell V3 Module General Availability). We will now be retiring RPS protocol from the beginning of June 2023. Instead, we recommend the utilization of the v3 module, which is where we will continue to invest our development resources.
When this will happen:
We'll be gradually rolling this out to customers in early June 2023, and the roll out will be completed by late September 2023 (previously late July).
How this will affect your organization:
You are receiving this message because our reporting indicates your organization may be using this RPS through New-PSSession or through Exchange Online PS v1 and v2 modules.
The users will no longer be able to use RPS protocol, when this change is implemented.
What you need to do to prepare:
If you are using RPS to establish an Exchange Online connection, you will not be able to do so after July 1, 2023. If you use the following, then you are using RPS:
Connection using New-PSSession
Exchange Online PowerShell v1 and v2 modules
Any newer version of Exchange Online PowerShell module with the -UseRPSSession parameter
To switch to the v3 module and use REST cmdlets, take the following steps:
If you are using New-PSSession to establish an RPS connection:
Install the latest Exchange Online Management v3 module from here: ExchangeOnlineManagement 3.0.0.
Use Connect-ExchangeOnline instead of New-PSSession to establish connection.
If you have installed any module earlier than v3:
Uninstall previous versions of ExchangeOnlineManagement module by running "Uninstall-Module ExchangeOnlineManagement" from an elevated (admin) PowerShell command prompt.
Install the latest Exchange Online Management v3 module from here: ExchangeOnlineManagement 3.0.0.
Discontinue the use of -UseRPSSession parameter (if you are using it.)
We are excited about providing you with a more secure and performant environment, and we remain committed to our journey to empower you with the most modern features and tools. If you have questions/concerns, please leave comments here or email us directly at RPSdeprecation@service.microsoft.com
Microsoft Defender for Office
MC649928 — Introducing Microsoft Teams Post-Delivery Protection
<30 Days
Microsoft 365 Roadmap ID 117595
We are introducing Zero-hour auto purge (ZAP) for Microsoft Teams. Internal messages containing potentially malicious content with Malware and High Confidence Phish verdicts will be automatically blocked for the end user and quarantined. Zero-hour auto purge will be ON by default once rolled out.
The blocked Teams messages can be reviewed in quarantine by the admin or end user (depending on the custom quarantine policy the admin has configured) and message details can be viewed on the Teams message entity panel. The Teams quarantine action can be configured in the Microsoft Teams protection policy under quarantine policies. If no custom quarantine policy is configured, the default will be set to admin only access policy.
These features will be available to P2 and E5 customers.
When this will happen:
We will begin rolling out in late July 2023 and expect to complete rollout by late August 2023.
After August 18th 2023, automated ZAP actions of blocking messages will occur unless you specify a different action. You will have until August 18th, 2023 to opt-out.
How this will affect your organization:
Internal teams messages with Malware and High Confidence Phish verdicts will be blocked for end users on the Teams client. These messages can be reviewed in quarantine.
You can opt-out by running the cmdlet or disabling the Microsoft Teams protection policy. For more information, please visit:
Policy details: Zero-hour auto purge in Microsoft Defender for Office 365
Cmdlet details
What you need to do to prepare:
No additional action is required if you would like to enable ZAP in Microsoft Teams as the feature will be the cmdlet or disabling the Microsoft Teams Protection policy. For more information, please visit: Zero-hour auto purge in Microsoft Defender for Office 365.
MC649048 — Microsoft Defender for Office 365: Attack Simulation Training Release in GCCH Environment
<30 Days
Microsoft 365 Roadmap ID 124854
Attack simulation and training (AST) in the Microsoft 365 Defender for Office is an intelligent risk reduction tool, which allows customers to run realistic phishing attack simulation scenarios in their organization, identify vulnerable users, and help drive behavior change through an integrated security awareness training program. Attack Simulation Training will be rolled out to the GCC High environment.
When this will happen:
Rollout will begin in mid-August and is expected to be complete by late August.
How this will affect your organization:
With this feature release, the Microsoft 365 defender portal will include a new tab called 'Attack simulation training' in the navigation bar under Email & Collaboration. By assigning the right Azure AD RBAC permissions, you can begin simulating phishing attacks in a harmless environment and train your users in recognizing and reporting phishing attacks.
What you need to do to prepare:
Before implementing simulations and training campaigns for the entire organization, it is advisable to become acquainted with the interface, go through the documentation, and conduct a few test campaigns with a small set of users. This will allow you to familiarize yourself with the process and make any necessary adjustments before expanding to a larger scale. For additional information on attack simulation training, please visit this documentation.
MC640228 — Microsoft Defender for Office 365: DMARC Policy Handling
<30 Days
Microsoft Roadmap ID 117533
In order to better protect our customers from exact domain spoofing attacks and improve deliverability of email, we are making changes to how we handle DMARC p=reject and p=quarantine.
For the enterprise customers, we are making updates to how DMARC policy-based reject can be handled. This change will help Security Administrators be able to choose how DMARC policy-based reject and quarantine can be applied within their organization.
When this will happen:
Standard: Rollout will begin on July 13th, 2023, and policies will take effect by August 10, 2023. Customers will have 25 days to opt out.
Gov Cloud: Rollout will begin on July 19, 2023 and policies will take effect by August 14, 2023. Customers will have 25 days to opt out.
How this will affect your organization:
For enterprise customers, the Anti-Phishing policy will have a new default setting to honor DMARC policy. The default actions for 'p=reject' and 'p=quarantine' will be set to 'reject' and 'quarantine,' respectively.
With the updated actions for spoof intelligence settings in the Anti-Phishing policy, recipient tenant admins will have the flexibility to choose how they want to handle DMARC policy.
In the default enabled state, we will take the specified action of 'reject' or 'quarantine' based on the sender's DMARC record. The tenant admin can modify it to either "reject" or "junk" the message as per their preference.
What you need to do to prepare:
After the rollout date, the UX and cmdlet will be set to default values, but the actions will not be taking effect until the specified date. If you prefer to handle DMARC actions differently, you can modify the settings before the specified date. from the specified date, the selected settings will come into effect.
In preparation for honor DMARC, you may choose to review spoof intelligence insight to identify legitimate senders who are sending DMARC reject or quarantine emails. Based on your organization’s email sending business, you may override the sender domain pairs to the Tenant allow block lists – Spoofed Senders. You may want to notify your users about this change and update your training and documentation as appropriate.
MC519232 — (Updated) Attack Simulation and Training- Update to predicted compromise rate metric for tenant payloads
30-60 Days
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Attack Simulation Training under Microsoft Defender for Office is an intelligent phish risk reduction tool that measures behavior change and automates the deployment of an integrated security awareness training program across an organization. One of the most crucial elements in running a phishing simulation is the right selection of payload, to drive the right user behavior.
A core metric that can be used towards payload efficacy is predicted compromise rate (PCR) that predicts the percentage of people who will be compromised by this simulation (users compromised / total number of users who receive the simulation).
As part of this update, we are introducing an intelligent machine learning driven mechanism to predict a more accurate potential compromise rate if the payload was used within a simulation.
As part of this change, there will be 2 updates:
Updates to the PCR values for global payloads available within Content library -> Global payloads:
Introduction of an on-demand PCR calculation experience:
As part of the payload authoring experience, you can create your payload content and use the PCR machine learning model to determine the efficacy of your payload. This will be an addition to the existing experience and does not impact existing payload authoring experience.
When this will happen:
We plan to do a staggered rollout in following phases:
Updates to global payloads will start to roll out from 3rd week of February, and are expected to complete by mid-April - Complete
The on-demand PCR calculation for English language payloads will start to roll out from 1st week of March, and is expected to complete by end-April - Complete
The on-demand PCR calculation for non-English language payloads will start to roll out from 2nd week of April, and is expected to complete by late September 2023 (previously late July)
How this will affect your organization:
As part of this update, you will see minor changes in the PCR value for payloads. You will also see a mechanism to calculate PCR values as part of your payload authoring experience. There are no changes to your simulation, training workflows or content library.
There is no impact to the end users within your organizations, and only updates the experience for admins with access to Attack Simulation and Training experience.
Microsoft 365
MC662253 — Access the Office add-ins from the Home tab and File Menu
>60 Days
The Office extensibility “get add-in” button will be moved from the Insert tab to the Home Tab. We also aligned the extensibility experience across Word, Excel, PowerPoint, Outlook, and Teams with a consistent logo and a flyout where users can easily find their installed add-ins while browsing the recommended add-ins at the same time.
Microsoft has a comprehensive extensibility ecosystem. You can gain access to a large number of our 1st-party add-ins and 3rd-party add-ins provided by our professional partners to enhance the capabilities of your Office suite. Today, we have over 2000 add-ins from various service providers to meet your specific needs, ranging from translation, bibliography, templates, graphing tools, multi-media contents, interactive components, and even professional finance and legal tools.
Soon, you will be able to access all of these powerful add-ins via the File Menu and Home Tab. The new location is accompanied by a new icon. The hexagon icon has been replaced with a unified square icon, which is consistent with other extensibility experiences across M365 services.
After clicking, you will see the flyout before entering the store, where you can explore the suggested add-ins, and if you have previously installed some add-ins, you can also have quick access from the flyout.
When this will happen:
Preview: This started rolling out and is expected to complete by August 2023.
Standard Release: We will begin rolling it out in late August 2023 and expect to complete it by late January 2024.
How this will affect your organization:
This change will have no effect on the tenants or administrators. All previous store disabling settings will be respected and maintained. End-users using Word, Excel, or PowerPoint on Online, Win32, or Mac endpoints must now access the add-in store via the Home Tab rather than the previous Insert Tab.
What you need to do to prepare:
There would be no need for preparation.
MC661829 — Upgrade to the Forms Start Page Experience on Office.com
<30 Days
Forms has been improving get-started experiences since last year, we are now bringing the latest portal page experiences to all customers on all hosts, including upgrading the launch page experience in office.com. Users will be directed to Forms web and access all new functionalities released recently.
When this will happen:
Targeted Release: We will begin rolling out in late July and expect to complete rollout by early August.
Standard Release: We will begin rolling out in early August and expect to complete rollout by late August.
How this will affect your organization:
Removing the confusion between Office.com and Forms' hosted home-page, end users have access to more features and are able to keep items in sync with new incoming features. The new portal page with richer capabilities will helps Forms users get started easily and will provide a seamless and consistent user experience across both platforms.
What you need to do to prepare:
There is nothing you need to do to prepare for this feature. You may want to notify users and update any relevant training documentation as appropriate.
MC649927 — Microsoft Forms: Allow Respondents to Edit Their Responses
>60 Days
Microsoft 365 Roadmap ID 124934
We are releasing a new feature that will allow Microsoft Forms creators the capability to allow form/quiz respondents to edit their responses after submission. Once enabled, form/quiz respondents can edit their responses if the form/quiz is open to fill. The answers cannot be accessed if the form/quiz is closed or removed.
When this will happen:
GCC: Rollout will begin in late July 2023 and is expected to be complete by late August 2023.
GCCH and DoD: Rollout will begin in late July 2023 and is expected to be complete by late October 2023.
How this will affect your organization:
Admins have the option to enable this feature for your organization. If enabled, this feature is an option for form owners to choose from and the default will be OFF for form owners if form owners do not want respondents to edit their responses after submission.
What you need to do to prepare:
Admins may want to notify their users of this update if they choose to enable it for their organization. For additional information, please visit this documentation.
MC644072 — Manage File Access in Microsoft Search in Bing, Office.com, SharePoint, and Feed
<30 Days
Our new "Who can see this?" option in the file action menu will allow users to view and/or manage who has access to a file result. Users can only manage file permissions if they are the owner of the file or have permissions to update the file and its permissions. The aim of this feature is to help users understand why they are seeing a file in their search results and adjust its permissions as needed more easily on the search page. This will appear on file results in Microsoft Search in Bing, Office.com, SharePoint, and Feed.
Note: This will not appear on Microsoft Search in Bing for DoD or Gallatin tenants as Microsoft Search in Bing is not fully supported there yet.
When this will happen:
We will begin rolling out in Microsoft Search in Bing, Office.com, SharePoint, and Feed in mid-July and expect to complete by late August.
How this will affect your organization:
Users in your organization will be able to view and manage who has access to a file result. It will not affect any existing workflows.
What you need to do to prepare:
You may want to notify your users about this change and update your training and documentation as appropriate.
MC642267 — Microsoft Edge for Business
<30 Days
Microsoft 365 Roadmap ID 144362
Microsoft Edge for Business, the new, dedicated work experience for Microsoft Edge, is coming soon. As announced at Build, Microsoft Edge for Business is currently in preview.
Microsoft Edge for Business aims to address the needs of both end users and IT Pros. It is designed to help meet the needs of the evolving security landscape while empowering users to be more productive. In addition to the rich set of native enterprise controls you're already familiar with in Microsoft Edge, Microsoft Edge for Business includes new visual elements such as an adjusted icon and company branding, automatic switching between work browser windows (activated by AAD login) and personal browser windows (activated by Microsoft account [MSA] login), and support for Unmanaged Bring Your Own Personal Computer (BYOPC).
Microsoft Edge for Business will be the standard browser experience for organizations and will get activated by Azure Active Directory (Azure AD) login, so users who log in with their Azure AD account will get Edge for Business as opposed to the current Edge experience. The new Edge for Business window for work will allow users with both Azure AD and MSA profiles set up to have a separate, differentiated experience as work sites will be routed to Edge for Business and personal sites to Microsoft Edge. There is no impact to users' default browser settings.
When this will happen:
Preview is currently available in Microsoft Edge version 115 or later.
We expect Microsoft Edge for Business to be turned on by default beginning with Microsoft Edge version 116 (Scheduled for the week of August 17, 2023).
How this will affect your organization:
When logging in with AAD, users will receive Edge for Business, a visually distinct work browser with rich enterprise controls for secure data access and leak prevention. Edge for Business will automatically separate work and personal browsing into dedicated browser windows with their own separate caches and storage locations, so information stays separate.
There will also be support for company branding, allowing admins to customize company branding in the work browser window to increase familiarity and trust with end users. Additionally, there is support for unmanaged BYOPC, allowing secure and compliant access to work resources on personal computers with DLP controls.
This feature does not create any link between the user's Azure AD account and their MSA account and the organization settings related to linking work and personal accounts are unaffected.
What you need to do to prepare:
To experience the Microsoft Edge for Business features like the differing visual treatments and automatic switching, end users should sign-in to at least 1 Azure AD profile (work email) and 1 MSA profile (personal email) on the Edge browser.
Additional information
See our article on Microsoft Learn (content to be updated closer to GA)
We always value feedback and questions from our customers.
MC617059 — (Updated) Introducing New Feature in Project Online
<30 Days
Updated July 5, 2023: We have updated the rollout timeline below. Thank you for your patience.
In 2019, we introduced Project for the Web, a versatile project service designed to streamline project management and collaboration. Since then, we have been continuously improving and expanding the capabilities of this product. We are excited to share that we have recently added several new features that will further enhance your project management experience. To encourage users to explore Project for the Web, we have added a few promotional elements within Project Online, enabling users to access the service using their existing project licenses.
When this will happen:
Standard Release: We will begin rolling out late July (previously early July) and expect to complete by late August (previously early August).
How this will affect your organization:
End users of your organization using project online will see banners promoting project for the web. No other functionality will be affected.
We understand that some SharePoint site admins may prefer not to display promotional elements related to Project for the Web to their users. To address this, we have provided an option for admins to disable these elements. Simply uncheck the "Turn on exploration" setting located by clicking the settings icon (gear icon) and then choosing PWA settings > Additional Server settings > Project for the web Discovery on or before August 24th. This will ensure that your users will not be prompted to try Project for the Web. You may turn this On/Off at any time you prefer.
Please be aware that if the Project for the Web service is already disabled for your tenant, this new feature will have no impact on your existing setup. You can continue using Project Online as you have been doing without any interruptions.
What you need to do to prepare:
You need not do anything for this change. We have provided an option for admins to disable these elements. Simply uncheck the "Turn on exploration" setting located in Settings > Additional Server settings > Project for the web Discovery. This will ensure that your users will not be prompted to try Project for the Web.
MC609884 — (Updated) Microsoft Graph Connectors in GCCH
>60 Days
Microsoft 365 Roadmap ID 124991
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Search indexes all your Microsoft 365 data to make it searchable for users. With Microsoft Graph connectors, your organization can index third-party data so that it appears in Microsoft Search results. This feature expands the types of content sources that are searchable in your Microsoft 365 productivity apps and the broader Microsoft ecosystem. The third-party data can be hosted on-premises or in the public or private clouds. To ensure you have access to this capability, our engineering team will conduct a service plan backfill.
When this will happen:
Rollout of the Graph Connectors Search with Index service plan will begin in late July and is expected to be complete by late August.
The Graph Connectors Search with Index feature will be rolling out beginning in early September and complete by early October.
How this will affect your organization:
As a tenant administrator, you can navigate to Search & intelligence in Microsoft 365 admin center and configure connections to third party data sources you want to index using Microsoft Graph Connectors. Once indexed, you can create verticals and result types to customize Search experience in Microsoft Search surfaces like Microsoft Bing, Office.com and SharePoint Online. After that, end users in your organization can try searching for the enabled third-party content from their devices.
Licenses being updated with this service plan backfill:
Microsoft 365 GCC G5
E5 Graph Connector
Topics Graph Connector
What you need to do to prepare:
Explore our documentation: Microsoft Graph connectors overview for Microsoft Search
Watch the video: Microsoft Graph Connector setup overview
MC604883 — (Updated) Important features soon enabled for your tenant to support health and security
TBD
Updated July 20, 2023: Government tenants that received the MC604883 message were included due to an error in our system. Please disregard the notice. Government accounts will not automatically be onboarded to the Inventory and Apps Health features within the Apps admin center.
The source of the error was identified, and corrective measures have been taken to prevent this type of miscommunication in the future.
Starting in July, you will be one step closer to modernizing your update management and improving your security posture with a servicing profile. Both Inventory and Apps health within the Apps admin center will be enabled. Inventory gives you insights on devices that are behind on updates and are more likely to have increased security vulnerabilities. Apps health insights give you visibility into issues your end users might be running into.
Upcoming Changes:
To provide you with the option to use a servicing profile in the future, the Inventory and Apps health features will be enabled. Use these features to explore the following:
Update currency insights (what devices are out of support)
Add-ins that your users have installed in your environment
Version spread (fewer is better)
App performance and reliability
App currency and advisories
…and much more!
Learn about these insights at Inventory in the Microsoft 365 Apps admin center and Apps health in Microsoft 365 Apps admin center or through video here.
When this will happen:
We will begin rolling this out beginning in late July and expect to complete by early August.
How this will affect your organization:
While these new insights require no changes to your current Microsoft 365 Apps configuration, it equips you with the prerequisites to leverage the Microsoft 365 Apps admin center to its fullest potential and stay secure.
It is critical for all companies, large and small, to maximize their protection against cyber threats. One required step to achieving this is to ensure your devices have the latest updates for Microsoft 365 Apps at the earliest. That is why we continuously work with IT admins like you to help streamline Microsoft 365 Apps update management with automation while still maintaining complete control. Automation delivers consistent and predictable updates of Microsoft 365 Apps for all your users. You can enable this automation and customize it via our servicing profile experience in Microsoft 365 Apps admin center.
What you can do to prepare:
You can use the following resources to learn more:
Videos:
Articles:
Overview of update channels for Microsoft 365 Apps
Overview of servicing profile in the Microsoft 365 Apps admin center
MC586564 — (Updated) Present a Local File From PowerPoint app to PowerPoint Live in Teams
<30 Days
Microsoft 365 Roadmap ID 117477
Updated July 5, 2023: We have updated the rollout timeline below. Thank you for your patience.
The "Present in Teams" button in the PowerPoint app has been extended to the PowerPoint files that are not stored in Microsoft 365 Clouds.
You can now use the "Present in Teams" button in the PowerPoint for Window app to present via PowerPoint Live in your Teams meetings, even if your file is not stored in Microsoft 365 Clouds. This is a new PowerPoint Live entry point for those files, in addition to the "Browse my computer" button in Teams Share tray. Clicking the "Present in Teams" button first leads you to the Save As dialog to store the file to the Microsoft 365 Cloud. Once the file is saved, we'll automatically trigger PowerPoint Live to present your file in your current Teams meeting.
This update is only available currently to the PowerPoint app for Windows and is not available in the Mac app yet.
When this will happen:
Standard Release: We will begin rollout in mid-July (previously early July) in Current Channel and expect the rollout to be complete by mid-August (previously late July).
All other channels will see this feature once they catch up on the update.
How this will affect your organization:
The user in your organization can use the “Present in Teams” button in PowerPoint, even when they are working on a file that is not stored in Microsoft 365 clouds, to present the deck to the current Teams meeting. After selecting Present in Teams, the user will be asked to save the file to Microsoft Cloud before being able to present the file in Teams.
What you need to do to prepare:
There is no action required from you at this time. Please inform your users about this extension.
MC560724 — (Updated) Text Predictions for OneNote on Windows
>60 Days
Microsoft 365 Roadmap ID 124909
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
When this update rolls out, users will see text predictions when writing documents in English in OneNote on Windows. When they see the suggested text, users can accept with the tab or right arrow key or simply keep typing to ignore.
When this will happen:
We will begin rolling out in mid-July 2023 (previously late June) and expect to complete rollout by mid-October 2023 (previously mid-August).
How this will affect your organization:
Text predictions are ON by default and users can disable them as needed. To disable in OneNote on Windows, go to File -> Option -> Advanced -> Editing and switch off Show text predictions while typing.
Disabling this feature in OneNote will not affect other Microsoft apps, such as Word or Outlook.
What you need to do to prepare:
Text predictions is considered a Microsoft 365 connected experience. This feature can be managed through admin policy.
You may want to notify your users about this new capability and update your training and documentation as appropriate.
For more information, please visit this page.
MC560720 — (Updated) Ink Color Picker for Microsoft Whiteboard
<30 Days
Microsoft 365 Roadmap ID 124899
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
Users will soon be able to enjoy a wide range of colors for inking using the latest color picker feature. In addition to color picker, a slider will also be provided to change opacity level of pens. This functionality will be rolled out automatically to Whiteboard for the web, Microsoft Teams, Windows App & Surface Hubs/MTR experiences as well as Annotations in Teams meetings.
When this will happen:
Rollout will begin in early June 2023 and is expected to be complete by mid-August 2023 (previously late June).
How this will affect your organization:
Users can add new colors to the palette and enjoy more color options for inking in Whiteboard. In addition to the color picker feature, we have also added a slider to change opacity level of pens. Recent colors used will also be available on the color palette and the color picker feature, to further enhance user experience with inking in Whiteboard.
What you need to do to prepare:
There is no action required at this time. You may want to notify your users of this update.
MC559929 — (Updated) App User Interface update for Microsoft Whiteboard
<30 Days
Microsoft 365 Roadmap ID 124900
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
This update will visually refresh the Microsoft Whiteboard app user interface for laptops, desktops and tablets while simultaneously making whiteboarding tools upfront and toolbar at the bottom of the screen to improve engagement, discoverability & ease of whiteboarding.
When this will happen:
The rollout for the Microsoft Whiteboard App User Interface update has been started & is expected to be fully complete by late August 2023 (previously late July).
How this will affect your organization:
The Whiteboard chrome will undergo a visual refresh making key content creation tools such as notes, reactions, comments, text & shapes surface more prominently, empowering users to easily discover and engage with the same to expedite content creation. Additionally, the toolbar will be repositioned to the bottom of the screen, improving usability & affording more space to view and use the whiteboard especially on smaller screen devices (such as tablets).
This change will hopefully stimulate flexible visual collaboration through Whiteboard among users, allowing them to better express their ideas, whenever & wherever inspiration strikes them next.
What you need to do to prepare:
The feature will be rolled out automatically on Whiteboard web, Teams and the Windows app to all customers.
MC295027 — (Updated) Rich text and images in Planner task notes
<30 Days
Microsoft 365 Roadmap ID 85688
Updated July 25, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are adding support for rich text (bold, italics, underline, etc.) in the Planner task notes field. Support for images is coming in the future.
NOTE: We will update this post once we have Microsoft Graph documentation for the new rich text task notes field available.
When this will happen:
We expect to begin rolling out the new rich text task notes field in mid-June (previously late March) and we expect to complete the rollout by late August 2023 (previously late July).
How this will affect your organization:
To support this capability, we are introducing a new rich text enabled task notes field in the Planner Microsoft Graph API. This will result in two task notes fields in our API – the new “rich text task notes field” and the existing “plain text task notes field.” When this feature launches, Planner for the Web and for Teams (Tasks app) will support rich text in task notes. Other Planner experiences in iOS, Android, SharePoint, and Power Automate will only support plain text task notes, but we plan to update these apps to support rich text at a later date.
When this feature update is deployed, all existing task notes content will be preserved in the new rich text enabled task notes field, so users will be able to continue viewing and editing notes without interruption.
We will maintain compatibility between the rich text task notes field and plain text task notes field by ensuring both fields’ contents stay in sync.
If a user edits the rich text task notes field, all content is synced to the plain text task notes field automatically. Any rich content is converted to plain text and synced to the plain text task notes field.
If a user edits the plain text task notes field via the Microsoft Graph API or via a client which only supports the plain text field, the contents in the plain text task notes field is synced to the rich text task notes field without modification. Therefore edits to the plain text task notes field will result in the removal of any pre-existing rich text, or text formatting in the rich text notes field.
What you need to do to prepare:
If your organization has custom applications interacting with our Microsoft Graph Planner API, make sure to update the apps to support the rich text task notes field as soon as it is available to take advantage of the new notes capabilities. We will maintain support for the existing plain text task notes field in our Microsoft Graph Planner API for at least 36 months.
If your organization has applications or workflows which parse the task notes to trigger logic based off contents in the notes field, we recommend users continue to input only plain text in task notes and not apply text formatting into task notes. Such apps should also be updated to avoid parsing task notes or applying logic to contents in the task notes as these are not recommended uses of the task notes field in our API.
Microsoft 365 IP and URL Endpoint Updates |
Documentation - Office 365 IP Address and URL web service