September 2024 Newsletter

Table of Contents

What’s the Buzz at eGroup Enabling Technologies?

➡️ eGroup Enabling Technologies Recognized on the 2024 Inc. 5000

“We are extremely excited to be named one of the Inc. 5000 fastest-growing private companies. This honor results from our team’s incredible work and the solutions we provide for our valued customers. Our dedication to bringing outcomes to our customers that allow technology to work for them, and make them better, is what continues to drive us forward. We are excited for what the future holds and how we’ll continue to grow together.” – Ben Gaddy, Principal, Operations

➡️Teams Phone Major Updates

This year, Microsoft has made two major changes to Teams Native phones: 1. The operating system on the phones will be upgraded to Android 12, and, 2. Management of Native Teams phones in Intune will switch to the Android Open Source Project (AOSP) from the Android Device Administrator. The solution? Check out this article on configuring Intune and AOSP to support these updated phones, and view our recent webinar, What’s New in Microsoft Teams?

➡️ThreatHunter Prevents a “Save Your Bacon” Client Incident

Daryl Breneman, CISO of Becket & Lee, shares a specific incident where ThreatHunter saved the firm from a potential breach. A work-from-home device was misconfigured and did not have Windows Firewall turned on. The device was also plugged directly into the ISP modem, exposing it to the internet. Read more HERE to find out how ThreatHunter and eGroup Enabling Technologies saved the day! 

What’s New in the Hybrid Data Center?

Cisco

  • Cisco announced the Nexus HyperFabric AI Clusters in partnership with NVIDIA. This AI-driven data center solution combines Cisco’s networking expertise with NVIDIA’s AI software and hardware to provide simplified cloud management for AI deployments across data centers and edge sites. 
  • Cisco continues to enhance its Intersight platform for hybrid cloud management. New features allow seamless integration with public cloud services, enabling customers to manage both on-premises and cloud-based workloads through a single interface. Intersight also offers AI-driven predictive analytics and anomaly detection for proactive issue resolution. 
  • Cisco has expanded its UCS X-Series hybrid-cloud systems with accelerated computing capabilities and high-performance networking, including GPU integration for AI and machine learning workloads. This system now supports hybrid and multi-cloud environments, simplifying hybrid data center operations. 

Cohesity

  • To ensure future supportability, Cohesity has transitioned to the host operating system from CentOS to Red Hat Enterprise Linux (RHEL) 7.9 in response to the end of maintenance support for CentOS 7.9. Cohesity maintains a Red Hat Enterprise Linux Extended Life Cycle Support Subscription for RHEL 7.9, which permits support to be extended until June 30, 2028. 
  • Cohesity Data Protect-as-a-Service adds support for protecting virtual machines (VMs) that reside on Azure VMware Solution (AVS). Check out this documentation for more information on configuring AVS backup.

Nutanix

  • Nutanix and Dell announced the latest OEM platform refresh, XC Plus. 
  • Have you wanted to try out Nutanix without buying new hardware? Nutanix released Community Edition 2.1, which is based on the latest AOS/AHV release. Whether it’s for a lab or your garage, Nutanix is giving you that hands on! 
  • Nutanix Kubernetes Platform (NKP) has gone GA!  If you’re struggling with managing a Kubernetes deployment, NKP can help simplify and manage that lifecycle! 

Rubrik

VMware

Windows Server

  • DNS glue records must be validated after installing the Windows update released on or after August 13, 2024. Make sure glue records registered on a parent domain match the data that is provided by the authoritative name servers. Remove or update stale glue records (outdated, inactive, or invalid IP addresses) to prevent unexpected results, starting with external domains then internal domains. 

What’s New with Microsoft?

Azure

  • Microsoft will enforce mandatory MFA for all Azure sign-in attempts on October 15th. Prepare today! 
  • Remove any outstanding dependencies on TLS 1.0 and 1.1 before October 31st. 
  • Vaulted backup for Azure Blob Storage is now generally available to help protect against data loss. Also, lifecycle management rules in Azure Blob Storage and Azure Data Lake Storage now provide more control over returning rehydrated objects back to archive tier. 
  • Developers and IT pros can preview ways to optimize the carbon footprint from cloud usage. 
  • The development process is simplified with Dev Container templates for Azure SQL Database, now generally available. 
  • Azure Backup now supports performing Cross-Region Restore of SQL and HANA backups from a vault which has Private Endpoints enabled. 
  • Many PostGreSQL announcements were made, as were updates about NetApp Files on Azure. 
  • The ability to attach and detach Virtual Machines on Virtual Machine Scale Sets with a fault domain count of 1 is now generally available. 

Microsoft 365 Copilot

  • The Microsoft Copilot Dashboard will be available to all Microsoft 365 Copilot customers without extra cost, accessible via the Viva Insights app in Teams or a web app. 
  • Copilot in OneDrive allows users to ask questions, summarize files, and create FAQs without opening the source file. 
  • Microsoft 365 Copilot in PowerPoint and Word is now able to search, download, and insert brand-approved images, logos, icons, and illustrations directly from the chat experience. This enables a new creative content source beyond the licensed stock images already available today. 
  • The Microsoft 365 Usage report will include a ‘Suggested Candidate for Copilot’ column to aid admins in licensing decisions. This feature identifies users likely to benefit from Copilot based on their app usage. 

Defender for Office 365

  • Microsoft is making improvements to email remediation capabilities with new “sender’s copy clean-up” features. Before this rollout, admins did not have a way to remove harmful emails from a sender’s Sent items. This will streamline the process for admins who use Soft delete and Move to Inbox  actions. 
  • Look for Bulk Senders Insight, a tool to optimize bulk email management. It helps admins fine-tune bulk email policies by simulating the optimal bulk complaint level and identifying potential issues.  

Defender XDR

  • Microsoft Defender XDR will soon enable SecOps to restore quarantined emails directly from various interfaces, including Threat Explorer and Microsoft Graph API. 

Entra ID

  • Enable MFA by October 15th to access the Azure portal, Entra admin center, and Intune admin center. Set up MFA or apply to postpone the enforcement date. Without MFA, admin access will be restricted. 
  • The Attacker in the Middle detection feature is generally available in Entra ID Protection (P2), enhancing security by identifying compromised user accounts. Such users are elevated to High risk. 
  • Entra ID is previewing FIDO2 provisioning via API, allowing organizations to pre-provision security keys (passkeys) for users. These new APIs can simplify user onboarding, and provide seamless phishing-resistant authentication on day one for employees.  
  • Four Entra ID Governance workflow capabilities went GA. 

Fabric

  • Microsoft Fabric introduces new settings for short-lived user-delegated Shared Access Signature tokens, enhancing security for applications using Microsoft OneLake. 

Intune

  • Users on Red Hat Enterprise Linux 8.x and 9.x (LTS) can now register their devices with Entra ID, enroll into Intune, and securely access corporate resources using device-based Conditional Access policies. 
  • Windows Autopatch is unifying with Windows Update for Business deployment service in mid-September, simplifying update management within Intune. This change organizes update capabilities into three categories and maintains existing licensing rights for customers.  
  • Intune will soon require iOS/iPadOS 16 or higher after the release of iOS/iPadOS 18. If managing iOS/iPadOS devices, check Intune reports for affected devices and users, and use Intune to update OS.  
  • With Apple’s release of macOS 15 Sequoia, Intune, the Company Portal app, and the Intune MDM agent will now require macOS 13 (Ventura) and later. 
  • Intune now supports account-driven Apple User Enrollment, the new, and improved version of Apple User Enrollment, for devices running iOS/iPadOS 15 and later. This new enrollment method utilizes just-in-time registration, removing the Company Portal app for iOS as an enrollment requirement.  
  • Managed Home Screen (MHS) is now supported on Android Enterprise Fully Managed devices. It’s an Intune app that allows you to configure the home screen on the device. It only shows the apps that users access and the device settings that admins need to manage. 
  • Managing Intune-enrolled devices with Android Enterprise management options previously required you to connect your Intune tenant to your managed Google Play account using an enterprise Gmail account. Now you can use a corporate Microsoft Entra account to establish the connection. This change is happening in new tenants, and doesn’t affect tenants that have already established a connection. 

Microsoft 365 Apps Admin Center

  • ActiveX will be disabled by default, affecting Word, Excel, PowerPoint, and Visio. This change occurs in October 2024 for Office 2024 and begins in April 2025 for Microsoft 365 apps. Users can re-enable ActiveX by adjusting Trust Center Settings, the registry, or group policy settings. 
  • User and License admins will soon manage self-service license requests in the Microsoft 365 admin center, a role previously limited to global admins.  
  • The Microsoft 365 admin center will implement continuous access evaluation (CAE) this month, enabling near real-time session termination or reauthentication and enforcing policy changes without waiting for token expiration. 

OneDrive

  • OneDrive users will now access shared folders via the People view in their own OneDrive, organized by the sharer. There’s no admin action, but users should be informed. 

Outlook (Classic)

  • While you have until 2029 to use it, admins can start using an ‘Admin-Controlled Migration to New Outlook’ policy, involving three steps, with prompts and messages guiding users through the process. The policy includes settings for re-initiating migration if users revert to classic Outlook. 

Outlook (New)

  • Outlook and Teams are introducing a new meeting response called ‘Follow’ for attendees who can’t attend but want to stay informed. It’s initially in the new Outlook (Windows) and web, not Mac or mobile. Organizers are notified of ‘Follow’ responses, and users are marked as “free” but get updates. 
  • The new Outlook for Windows update allows users to open attachments directly in desktop apps by double-clicking. Rollout begins early September 2024, completing early October 2024. The feature streamlines opening attachments, and no admin action is required for the update. 
  • Outlook for Windows will soon allow sharing of Word, Excel, and PowerPoint files stored locally on devices via email. Users can right-click a file and select new Outlook to share it. 

Outlook Mobile

  • Outlook for iOS and Android has a new setting for automatically advancing to the next email after actions like delete or archive, instead of going back to the message list. Users must enable this feature in Settings/Mail/Email Auto-Advance. 
  • Admins can alter which browser pops up on mobile devices when the “OpenLinks” app configuration keys on Android/iOS are updated.  

Power Automate

  • The create and edit expressions with Copilot feature for Power Automate allow makers to create, edit, and fix their Power Automate expressions by invoking natural language prompts using Copilot.  

Purview 

  • Microsoft is separating policy tips and email notification for Data Loss Prevention for SharePoint and OneDrive. General Availability is in late December. Admins can use PowerShell or Purview to configure. 
  • Purview Information Protection will enhance default sensitivity labels and policies to include files, email, and meetings for eligible customers. Rollout will compete by late October. No admin action required, but updating documentation is advised.  
  • By late October, when users select a PDF with Purview Information Protection sensitivity labels in Outlook for iOS or Android, they will be presented with a button suggesting they open the file in the Microsoft 365 app if it is installed, or to install the Microsoft 365 app from the store if it is not installed. 
  • Purview Information Protection will soon integrate Advanced Message Encryption with Message Recall for emails in Outlook, enabling licensed users to recall encrypted emails. 
  • M365 E5 Compliance features:
    • New message popups are coming in Outlook Win32, introducing ‘Message contains’ and ‘Attachment contains’ warnings.  
    • Insider Risk Management will soon support bulk upload for priority user groups. The Public Preview is set for mid-August 2024, with General Availability in early February. This update allows admins to upload multiple UPNs via CSV, simplifying user group management. 
    • Purview Insider Risk Management has a new feature to detect exfiltration of sensitive data to free public domain emails. The update enhances email insight alerts and adds new domain detection for better security incident prevention. 
    • Purview Communication Compliance introduces advanced classifiers for detecting workplace safety violations in over 100 languages. 
    • Purview Endpoint DLP will scan, classify, and protect sensitive content on Windows endpoint devices for ~100 supported file types, bringing Endpoint DLP into parity with M365 apps. November’s update will detect labels from protected files (pfiles), identify sensitive content within file metadata, recognize information in PDF form fields, and in files embedded inside office files (i.e., a .txt file inside .pptx file).53.
    • The Purview AI Hub will display prompts and responses from Copilot for Microsoft 365 in Activity explorer, with full rollout in November. Users need the Content Explorer Content Viewer role to access this feature. Preparation involves role assignment and reviewing documentation. 

SharePoint

  • SharePoint introduces custom fonts and themes for sites and experiences, through the SharePoint Brand center, allowing organizations to express their brand creatively on sites and pages.  
  • SharePoint will allow approvals in any list. Users can configure approvals via the Automate dropdown and action them in Teams. 

Teams Chat and Channels

  • Teams will soon allow in-tenant users to request to join a shared channel using a link. 
  • Teams has now expanded search options for 1:1 chats allowing users to search content related to a person across Teams. This feature is available on Windows, Mac, and the Web. 

Teams Meetings

  • Teams introduces a new meeting option allowing organizers to control who can admit participants from the lobby. This update provides two choices: only organizers and co-organizers or including presenters. The feature will roll out in September, with no specific action required for implementation. 
  • Teams will soon allow meeting participants to select their own breakout rooms. 
  • Users can now control how they receive notifications in meeting chats. Declining a meeting will result in no notifications, while accepting a meeting will result in notifications for all new messages. It will be available on Desktop, Mobile, and Web. Users can select which meetings to receive updates from. 
  • Teams is introducing CAPTCHA verification for anonymous participants, rolling out in October 2024. This feature is off by default and enabled by Tenant Admins in the TAC to provide additional security. 
  • After a town hall ends, organizers can download the Q&A questions as a .CSV file. 

Teams Phone

  • Common area Teams 911 calls will go straight to the relevant Public Safety Access Point (PSAP) without being screened by a national call center first. No admin action is needed. 
  • Teams phone devices will soon allow non-touch phone users to customize speed dial using line keys and sidecars by late December. 

Teams Admin

  • Administrators will now need Microsoft 365 admin roles with user creation permissions to create and manage Teams Phone Resource Accounts.  
  • Shadow IT alert! Teams will soon allow the purchase of third-party app subscriptions directly from the Teams Admin Center and Teams app store, aiming to simplify the subscription process. 

Teams Premium

  • The Queues app is rolling out in early October for Teams Premium users. It offers real-time statistics, historical reporting, agent opt-in/out, collaborative call handling, outbound calls, and management tools. Preparation steps include reviewing app setup policies and configuring users. 
  • Premium users will soon be able to set sensitivity labels for town halls and webinars. 

Windows

  • On October 8th, Windows 11, version 21H2 (Enterprise, Education, and IoT Enterprise editions) and Windows 11, version 22H2 (Home and Pro editions) will reach end of servicing. October 8th’s security update will be the last update available, and devices running these editions vulnerable. 
  • The August 2024 security update is now available for all supported versions of Windows. Microsoft recommends that you install these updates promptly. 

Conclusion

If any of these updates or changes pose as a challenge for your team, please don’t hesitate to reach out to us! We will be happy to work with you to navigate these changes. Feel free to fill out the form below to get in contact with our team.

We Want to Hear From You!

Like any good partner, we’re listening! Since the latest advancements and announcements are coming in quickly, we’ve separated the list into subcategories below. Let us know what you’d like to see more of! 

Need Assistance with These Updates?

Contact our team today to get help with any of the updates mentioned above!

Last updated on September 24th, 2024 at 05:22 pm