Microsoft made over 100 updates and announcements in the month of October 2024 for the Microsoft 365 platform. Don’t have time to read them all? We’ve gone through all of them and put together what we feel are the most important updates for you to be aware of.
The Copilot experience for Windows is updated to include enterprise data protection at no extra cost and will be accessed via the Microsoft 365 app. Changes begin with a preview release on September 24, 2024, and a security update on October 8, 2024, for Windows 11, followed by Windows 10. Organizations should prepare by adjusting their settings and pinning the Microsoft 365 app if needed.
Beginning mid-January 2025, after the General Availability of passkeys in the Microsoft Authenticator app, organizations with the passkey (FIDO2) authentication methods policy enabled with no key restrictions will be enabled for passkeys in the Microsoft Authenticator app in addition to FIDO2 security keys. This update aligns with the broader availability of passkeys in Entra ID, extending from device-bound passkeys on security keys to device-bound passkeys also on user devices.
Users who navigate to aka.ms/MySecurityInfo will see "Passkey in Microsoft Authenticator" as an authentication method they can add. Additionally, when Conditional Access (CA) authentication strengths policy is used to enforce passkey authentication, users who don't yet have any passkey will be prompted inline to register passkeys in Authenticator to meet the CA requirements. If an organization prefers not to enable this change for their users, they can work around it by enabling key restrictions in the passkey (FIDO2) policy. This change will not impact organizations with existing key restrictions or organizations that have not enabled the passkey (FIDO2) policy.
This month, the PnP PowerShell community made enhancements to authentication requirements when connecting to a tenant. Many organizations may have run into, or will run into issues when trying to authenticate to Microsoft 365 when using the PnP PowerShell modules.
The new authentication requirements entail registering an application with assigned permissions, to ensure a valid user with a valid client ID can connect to your tenant with PnP PowerShell.
If your organization needs support with your tenant scripting and automation, AdaptivEdge can help develop, modernize, or fix broken automation using PowerShell, Power Automate, and more.
Microsoft shared in https://aka.ms/sharepoint/Copilotagents last month that SharePoint would have a new capability for creating and using Copilot agents. Users with M365 Copilot licenses will see a new Copilot action in the Suite Navigation bar where they will see the built-in Copilot scoped to the site they are on. They will also see entry points from the New menu on home and in their document libraries to create Copilot agents. These capabilities are available only if they already have create and edit permissions on the site or document library. They can also share a link to the Copilot agent with other users, and those users (with a Microsoft 365 Copilot license) will be able to chat with it.
This release does not include interacting with the Copilot agent in a Teams chat or meeting chat. It does not include the extension to Copilot Studio for advanced customizations or the Site owner abilities to approve agents and set a default agent for a specific site. These capabilities will be available later this year.
If you aren't already aware, admins can deploy dynamically managed teams through Frontline Teams in the Teams Admin Center. Admins will soon have the ability to deploy location-based frontline teams with automatic membership management. This means that team membership will be dynamically updated as members join and leave the organization, while team owners will still have the autonomy to manually add or remove frontline workers from their teams.
Key updates include:
- Dynamic Team Management: Admins can create location-based frontline teams where membership is automatically managed using dynamic rules. This ensures that teams are always up-to-date with the latest members.
- Enhanced Team Ownership: Team owners will now have the ability to manage membership at the team level, adding or removing frontline workers as needed.
- Multiple Team Owners: Admins can assign multiple individuals as team owners, providing greater flexibility and management capabilities.
This feature will be enabled by default, making it easier for organizations to manage their frontline teams efficiently.
If your organization is interested in learning more about how you can adopt frontline teams and streamline your organization's team management, contact AdaptivEdge for a free initial consultation.
Microsoft previously announced that Windows 10 will reach its end of life on October 14, 2025, at which point users will not receive any more security updates. Moving forward, Microsoft encourages all users to upgrade to Windows 11 and released a blog post to help prepare for this change before the deadline.
For organizations needing more time to upgrade, Microsoft also announced an annual Extended Security Updates (ESU) program that will provide (only) critical security updates for enrolled Windows 10 devices.
7. Additional Support for Adobe Acrobat Sign and Docusign in SharePoint
By mid-November, organizations will be able to directly enable Adobe Acrobat Sign and Docusign within SharePoint sites and libraries, without enabling Microsoft’s pay-as-you-go SharePoint eSignature feature. If your organization already pays for one of these other e-signature products, you may want to consider leveraging this new SharePoint integration option.
Adding e-signature support to SharePoint can streamline document management and approval processes by reducing the number of steps and apps involved. You’ll get the benefits provided by these designated e-signature products but without having to leave Microsoft 365, where you’re already working. Note that the related settings are housed within the Syntex area of the admin center (Org settings > Services > Syntex).
8. Microsoft Exchange improved bulk detection and updated bulk complaint-level recommendations
As part of ongoing improvements to bulk email filtering in Microsoft Defender for Office | Exchange Online Protection, Microsoft is refining detection capabilities by recalibrating and redistributing bulk senders across different bulk complaint levels (BCL). This would automatically make the current bulk thresholds slightly more aggressive. As a consequence, Microsoft is updating bulk threshold for standard preset policy to 7 from current value of 6. In response to general customer feedback around receiving more bulk email, Microsoft is keeping current default BCL threshold of 7 in default policy as is.
Here’s what’s changing:- Redistribution for aggressive filtering: The new BCL distribution makes higher levels as aggressive as lower levels in previous version, enabling more precise targeting of unwanted bulk emails.
- Updated BCL recommendations: The new recommended settings are 7 for default and standard, and 5 for strict to improve control over bulk filtering (replacing the previous levels of 7, 6, and 5).
9. Power Automate - Cloud flows are automatically defined in Dataverse solutions
Microsoft is releasing a new feature that will enable the automatic definition of cloud flows for Dataverse solutions. This feature will be available starting November 30, 2024.
Cloud flows are now automatically stored in Dataverse solutions, simplifying deployment across environments with features like environment variables and solutions for better organization. This integration also enables new functionalities such as drafts and versioning.
10. Microsoft Purview | Data Loss Prevention: Turning on Data Loss Prevention analytics
Microsoft Purview's Data Loss Prevention analytics feature will be available mid-October 2024. This feature provides weekly recommendations to enhance data protection. Users can turn on analytics, which generates recommendations after 7 days, spotlighting risks and fine-tuning policies. Recommendations stay in the queue for 4 weeks, and analytics can be disabled if needed.
Turn on Analytics
Step 1:
In Purview, go to Data Loss Prevention on the left navigation and select Overview.
The task pane shows an option to Turn on analytics.
After turning on analytics, it takes up to 7 days to generate recommendations. This feature leverages Purview’s capabilities to understand logs and telemetry like classification, activity, user profile, policy configuration, alerts, and incident information to generate recommendations.
Step 2:
Seven days after turning on analytics, recommendations will be generated.
The two categories of recommendations include:
- Risk spotlighting: Reveals top risks that need mitigation through a new policy.
- Policy finetuning: Provides policy improvement opportunities.
When you select View detection details, a side card opens that provides more details on found risks.
Step 3:
View all recommendations and take actions. Recommendations are generated weekly and will remain in the queue for 4 weeks unless admin actions are taken. For policy improvement recommendations that require an update to policies, a copy of the policy is created when the admin takes action.
