Menu
Summary of Announcements from Microsoft
A flurry of pricing info, new product innovations, and name changes have been announced in the past two weeks. Here’s a summary and some resources for your research and planning.
Microsoft 365 Copilot
Commercial pricing for Microsoft 365 Copilot was announced at $30/user/month. No release date information yet. Microsoft joined us for a webinar covering topics on how to prepare for Copilot, which you can read about or watch here.
Microsoft Sales Copilot, a role-based copilot designed for sellers, empowers sellers to increase productivity and personalize every customer interaction so they can close more deals. It ties together info from apps where sellers work, whether that is Outlook, Teams, or Dynamics 365 Sales, and connects to other CRM systems like Salesforce. Think email drafts and email thread summaries, coaching tips during meetings, and meeting summaries with action items that are automatically converted to tasks in CRM. These capabilities from Viva Sales are now part of Sales Copilot and available within D365 Sales.
Bing Chat for Enterprise
This LLM-enhanced version of Bing can search through content in an organization’s tenant (and the web), interacting via natural language but keeping company data within the tenant. It’s available @ no charge to M365 E3 and E5 customers, $5/user/month for others. Chat data is not saved, no one can view your data, and your data is not used to train the models.
Microsoft Entra
Entra is a new family (not a bundle) of products covering various identity-related capabilities.
Entra ID (Formerly Known As Azure AD)
Microsoft Entra ID is the new name for Azure Active Directory (Azure AD). No action is required from you. The name change to Microsoft Entra ID brings it under the umbrella of the Microsoft Entra product family. No changes to capabilities, licensing, bundling, or pricing. Features and capabilities of Azure AD will continue to be available in Microsoft Entra ID.
Starting in September, users will be prompted to move away from less secure MFA methods (SMS and phone call). MSFT is introducing changes to the Microsoft managed state of the registration campaign (aka Nudge) feature in Microsoft Entra.
Entra Internet and Private Access
Microsoft is entering the Secure Service Edge (SSE) space. SSE is a subset of SASE (Secure Access Secure Edge). It provides similar functionality, minus the SD-WAN equipment/services. This is a sensible expansion upon Entra ID’s many Conditional Access controls and their CASB’s (Defender for Cloud Apps) active controls on access and data in SaaS.
They’re adding two “products” (services, really) – Microsoft Entra Internet Access and Microsoft Entra Private Access. You all have seen the Microsoft Zero Trust picture, showing IDs and devices on the left, and data, apps, infra, and networks on the left. The ‘network’ was a vague spot up until now, as they round out the Zero Trust Network Access story.
Edge for Business
Microsoft Edge for Business can be the standard browser experience for organizations and be activated by Entra ID (fka Azure AD) login, so users who log in with their Entra ID account will get Edge for Business as opposed to the current Edge experience. Microsoft expects Edge for Business to be turned on by default beginning with Microsoft Edge version 116 (Scheduled for August 17, 2023). Preview is currently available in Microsoft Edge version 115 or later.
The Microsoft Edge management service, a new, dedicated, and simplified management experience for Microsoft Edge in the Microsoft 365 admin center, is rolling out now for general availability. This tool allows IT admins to manage group policies and extensions with a simplified UI. Read more here.
There’s a new option for teams to work together, especially relevant for organizations that work via their browsers as a primary UX. With Microsoft Edge Workspaces, teams can view the same project websites and latest working files in one place as a shared set of browser tabs to help them stay in sync.
Microsoft 365 Backup
Microsoft’s first-party 365 Backup and Microsoft 365 Archive will be in public preview late in 2023. One of the reasons customers need backup is because of SharePoint limits. Others simply follow MSFT’s guidance of Why to Back Up Microsoft 365 – eGroup | Enabling Technologies (egroup-us.com) You can apply for the Microsoft 365 Backup public preview, the Microsoft 365 Archive public preview, or both to be the first to experience these new capabilities. Also, partner APIs are available for resiliency/backup experts to use. One of those is Rubrik, a strategic partner of eGroup | Enabling Technologies which already has a robust M365 backup service. You can review a case study for Rubrik backup where our customer experienced a 90% reduction in IT pro admin time. Ask us for a brief on the pros / cons of the options.
We’ll look forward to assisting you with these and other innovations that suit your needs.
Teams
Teams Channels will get a new look by mid-August, for users in the standard release ring. Among other changes, new chats will appear at the top instead of at the bottom. This is an improvement in capabilities to option #2 (B2B Collab with Guest Access), described in our recent blog Easily Collaborate with External M365 Users.
Soon, Teams channel limits are increasing to 1000 channels per team, inc. up to 30 private channels.
Starting in September 2023, MSFT will include the new Microsoft Teams app as part of the new and existing installations of Microsoft 365 apps for Windows depending on the schedule provided in this post. Currently, users can install the new Teams by using the Try the new Teams toggle switch in classic Teams or having administrators bulk deploy directly to the computers in their organization. Admins can exclude installing new Teams from their Microsoft 365 apps deployment if you don’t wish to have new Teams included in the installation.
Teams Cross Cloud Guest Access extends the existing Guest Access functionality to allow a user coming from another Microsoft cloud to participate in rich collaboration experiences across Microsoft Clouds including joining teams, channels, documents, 1:1 and group chat as well as Teams meetings with audio/video, screen share and file share.
If users attempt to add an external user when B2B cross-tenant trust isn’t mutually configured, they will be shown an error message saying “Here’s what you can do.” When users click on the link, they will be taken to the page specified in Microsoft Teams admin center where they can learn more about external collaboration or make a request for external collaboration. If you plan to enable this feature, you should build a web page (i.e. a SharePoint or Microsoft Forms page) to capture all the information that is required for your organization to decide on the collaboration request. Coming by mid-August.
Microsoft is enabling Dynamic Emergency calling support for Teams Web. This will allow Teams Phone users to manually add an address on the web client before dialing the 911 call.
By mid-August, only three concurrent join instances can be present in a webinar using the same registration join link. This means that attendees can now use only up to three devices to participate in a webinar. This may occur when an attendee forwards their registration link to others who have not registered. Microsoft recommends informing your organization on this update and encouraging public webinar participants to keep their join links safe and not to share or forward them.
Copilot in Teams Phone will quickly generate summaries of phone conversations, capture action items, and answer your questions about their phone calls. When summarizing calls, Copilot will highlight key points, such as names, dates, and numbers, and can also recommend next steps based on the discussion.
Ignore this message if your Teams Phone service is not using Direct Routing. On September 5th, Microsoft will perform a 24h test where all Microsoft SIP endpoints will be switched over to use certificates where the certificate chain will roll up to “DigiCert Global Root G2” Certificate Authority (CA). If your SBC doesn’t trust this CA you might not be able to connect to Teams SIP endpoints. The test might produce false positives if your SBC doesn’t accept all inbound connections and SIP OPTIONS probes from all IPs in the Teams SIP IP ranges (52.112.0.0/14 and 52.122.0.0/15), contrary to the requirements in our public documentation. To test and confirm your SBCs certificate configuration prior to the change, Microsoft has prepared a testing endpoint. If your SBC can establish a TLS connection to this endpoint, then your connectivity to Teams services should not be affected by the change. Test endpoint FQDN: sip.mspki.pstnhub.microsoft.com Port: 5061
Outlook
Ignore this news if your organization already uses classic Outlook for Windows The Mail and Calendar apps for Windows are being replaced with the new Outlook for Windows at the end of 2024. Expect features such as Microsoft Loop, message reminders, as well as file and people suggestions while composing an email. Mail\Calendar app users may start to notice a new alert: “In 2024, Windows Mail and Calendar are becoming Outlook.”
Viva
Microsoft rolled out a new Viva Connections usage analytics experience, including a full page dashboard to help organizations visually understand user engagement.
Viva Pulse is a new employee feedback experience that is available for use with your Viva Suite subscription. Viva Pulse empowers managers and project team leaders to request and receive feedback from their teams at any time, choosing from research-based templates to quickly create a survey and send it to select individuals or groups, then tracking feedback to understand sentiment over time.
SharePoint
By mid-August, Microsoft will make changes to Microsoft Search. This update will allow Microsoft Search administrators to change result layouts for select SharePoint content using adaptive cards with Result Type feature in Microsoft Search administration. The changes can be made for Organization level search applicable to Office.com and SharePoint home and requires admins to make a change.
If you use self-service site creation in your organization, additional / updated site templates will be available, based on scenarios to get started creating sites. When choosing a template you can see its capabilities and a preview. This change will help site owners through the process of creating the site.
OneDrive for Business
You know how hard it can be to remember the name of a file or exactly when it was shared, but you know who shared it with you? MSFT has created a new way to find your shared files both internal and external – organized by the people you work with. This view presents the people you have recently collaborated with, along with all the files that have been shared with you. Coming in September!
By October, users in your organization will be able to see a new view called Meetings under the ‘Browse files by’ section in the left nav in their OneDrive. Users can get to latest file associated with recurring meetings by searching for the ‘meeting title’.
Defender for Office 365
In order to better protect customers from exact domain spoofing attacks and improve deliverability of email, MSFT is making changes to help Security Administrators be able to choose how DMARC policy-based reject and quarantine can be applied within their organization. Rollout began on July 13th, 2023, and policies will take effect by August 10, 2023. Customers have 25 days to opt out.
For Microsoft for Defender Plan 2 customers or Microsoft E5/ Office E5 users, the ability for users to report internal chats, channels and meeting conversations within Teams as a security risk will be turned ON by default in August.
Power Platform
A new capability, AI Powered “Process Mining” in Power Automate maps and allows optimization of existing processes to drive efficiencies with low-code automation. Think RPA, task mining and process mining, identifying inefficiencies in workflows across multiple IT systems, highlighting where to improve.
New pricing is announced, combining the tools in Power Automate Premium, for $15/mo/user. This package had been $40, and includes unlimited attended Power Automate Desktop flows (RPA), unlimited Power Automate cloud flows (DPA), premium connectors and triggers, and 5000 AI Builder credits.
For Microsoft for Defender Plan 2 customers or Microsoft E5/ Office E5 users, the ability for users to report internal chats, channels and meeting conversations within Teams as a security risk will be turned ON by default in August.
Intune
Beginning in October 2023, devices enrolled in Intune will require certain OS versions (to ensure certificate renewal continues) to work as expected. If devices do not meet these requirements, users will lose access to your organization’s resources. Users would then need to re-enroll. So update to:
Purview Information Protection
If your org wants to declare a specific ‘template’ (i.e. patent filing or health info form) as sensitive, you can upload a blank copy of it, then have any such file that is filled out auto-classified as sensitive. Learn more here.
By end of October, Optical character recognition (OCR) support will be in place, to extract text from images and discover and protect sensitive data in images being shared across various services and devices. OCR support will be provided for images shared and stored in SharePoint Online and OneDrive, Exchange Online, Teams, and Windows endpoints.
In Purview Communication Compliance (a higher-end license), you can expand the scanning to support detection of inappropriate sharing of the following sensitive information types: named entities (full names/physical addresses/medical terms), credentials (login credentials/passwords), and exact data match. These new sensitive information types will be accessible to designated administrators during policy configuration, and will be available by mid-August.
Custom-branding of encrypted emails will move into Purview by late August. Administrators can choose to now configure new DLP policy in the Microsoft 365 compliance center to apply customized branding templates to encrypted mail instead of configuring mail flow rules in Exchange Admin Center. There is no impact to existing mail flow rule in Exchange online that are already setup in Exchange Admin Center. DLP policy will have higher preference and therefore override mail flow rule.
By November, SharePoint and OneDrive will support discovery and coauthoring of sensitive files labeled with user-defined permissions.
By late September, Microsoft Purview Insider Risk Management will be rolling out multiple features including an enhanced alert experience, cumulative exfiltration anomaly detection, sequence detection enhancement, trainable classifier support, and new noise management capabilities.
Windows 11
On October 10, 2023, Home and Pro editions of Windows 11, version 21H2 will reach end of servicing. The upcoming October (10th), 2023 security update, will be the last update available for this version. After this date, devices running this version will no longer receive monthly security and preview updates containing protections from the latest security threats. You’ll be able to update Windows 11, version 22H2 to version 23H2 via an enablement package, so you can continue (or begin) your Win11 rollout with version 22H2 now, without worrying about app or device compatibility in the Q4 of 2023.
There is an important bootup vulnerability that requires several phases to remediate. There are manual steps to verify your environment is ready for the changes and steps to enable the security hardening changes to protect against vulnerabilities tracked by CVE-2023-24932. July 11th updates for Windows start the Second Deployment Phase in KB5025885.
Windows Server
Windows server 2012/R2 is approaching the end of support in October: You can keep things in place if you leverage Azure Arc for extended security updates.
As of July 11, Domain Controllers will have signatures added to the Kerberos PAC Buffer to address CVE-2022-38023 and CVE-2022-37967. The ability to disable PAC signature addition will no longer be available and verification of signature cannot be prevented. Connections for missing or invalid signatures will continue to be allowed with an “Audit mode” setting. However, they will be denied authentication beginning October 2023.
CTO & VP of Strategy - eGroup | Enabling Technologies
Contact us today to set up some time with our Microsoft experts to discuss how to maximize your Microsoft investments.
Last updated on October 30th, 2023 at 03:10 pm
