My 2024 year in Blogs Recap

This blog takes a stroll back down the 2024 memory lane and looks at some of the highlights I have seen through 2024 from a technology (I fo.cus here mainly on Cisco and Microsoft) and what we achived at Cisilion – where I’m the CTO. We are sarting with January and working thriugh to December 2024.

January 2024

February 2024

  • Cisilion opened our new corporate brand and also opened our new Client Experience Centre. Technological Innovation and Personalised Engagement in the Era of Digital Collaboration – News & Blog – Cisilion. This included new logo, new corporate values and a new website https://www.cisilion.com. We reimaged our values of Trust, Excellence and Agility and are embedding these across all we do.
  • Cisilion were also crowned one of 17 partners in the UK as Microsoft Cyber Security Investment Partner due to our exemplar work in helping organisations leverage the best of Microsoft Threat Protection, Identity and Access Control and Data Protection.
  • Cisco Live 2024 saw over 16,000 people – the largest in person attendance in more than 6 years. The theme was very much aligned with the industry buzz and innovation around AI with Cisco emphatic statement “there is no AI without a network”. This was very much the theme and focussed on Cisco’s innovations and vision around the network and Data Centre fabric for the AI era that is among us. 

Mar 2024

  • Cisco completed the acquisition of Splunk which they acquired in November 2023 for $28billion.Cisco say that the combination of Cisco and Splunk will provide truly comprehensive visibility and insights across an organization’s entire digital footprint, delivering an unprecedented level of resilience through the most extensive and powerful security and observability product portfolio on the market.
  • Microsoft Security Copilot goes Generally Available: and is priced on PAYG basis. Microsoft’s Copilot for Security available April 1st – Modern Work and AI Blog
Cisco and Splunk

April 2024

  • Cloud Security: Cisco Announces Cisco Hypershield . Not planned for release until sometime in 2025, Hypershield is different to traditional security products and is integrated directly into the network’s fabric, offering a revolutionary approach to protecting digital infrastructure services in data centres, protecting applications, devices, and data across public and private data centers, clouds, and physical locations.Cisco Hypershield: New Era of Distributed, AI-Native Security

May 2024

  • The AI Powered PC: Microsoft announce the next generation of Computing with the Copilot+ PC, built in partnership with Qualcomm. At the heart of the Copilot+ PCs lies groundbreaking ARM CPU and NPU technology, capable of over 45 trillion operations per second, powering a new era of AI experiences on Windows PCs. They are designed to run AI workloads with unprecedented efficiency and speed, outperforming competitors and enabling features like Recall, Cocreator, and Live Captions. These will power the next wave of edge AI. https://robquickenden.blog/2024/05/sufacepro11-laptop7/
Copilot+ PC

June 2024

July 2024

News: Global Outage

  • CrowdStrike update bug causes global IT outages as update bricks Windows devices and costs the economy big time with flights grounded and huge disruption everywhere.

How did CrowdStrike causes Windows Screen Recovery loop on millions of Windows devices

Cyber Security

Fun and creativity

August 2024

September 2024

News: Cyber Security

Security:

Customer Success:

October 2024

Work

November 2024

December 2024

Accreditations:

Happy and prosperous 2025

I’d finally like to thank all my followers and subscribers a very happy new year!

Windows 11: Using your camera in multiple apps simultaneously

Windows 11 is set to make a huge change to how we use cameras and webcams on Windows 11 PCs with the introduction of advanced camera features. These new functionalities, currently available in the Windows 11 Insider Preview Build in the Dev Channel, promise to enhance accessibility and usability for a wide range of users.

Previously, Windows allowed camera access to only one application at a time, which caused conflicts and limited multitasking capabilities. With this new feature, multiple applications can now access and utilise the camera feed simultaneously.

Key Features and Benefits

  • Multi-App Camera Support: One of the standout features is the ability for multiple applications to be able to access your devices camera/webcam at the same time. This is particularly beneficial for people who need to stream video to different platforms at the same time. For instance, remote workers can now participate in multiple virtual meetings without needing to switch between applications (and turn off their cameras), and in the consumer space, gamers can stream their gameplay on various platforms concurrently.
  • Basic Camera Function: Designed to improve stability of “older” webcams and deices and to help with debugging, Microsoft are introducing a feature limiting the webcam’s features to the essentials. This ensures that the camera can operate at its most basic level, which is useful if other features are causing issues.
  • Enhanced Accessibility: Developed in conjunction with accessibility and hard-of-hearing community, the multi-app support feature also enables video streaming to both a sign language interpreter and the end audience simultaneously. This could be a significant step forward in making technology more inclusive and accessible.

Use Cases

  • Remote Work and Collaboration: With the multi-app camera support, professionals working from home can join multiple video conferences at once, making it easier to manage different meetings and collaborations without the hassle of switching between apps.
  • Content Creation and Streaming: Gamers and content creators will find the new features particularly useful. They can now stream their content on multiple platforms simultaneously, reaching a broader audience and enhancing their streaming capabilities.
  • Educational Purposes: Teachers and educators can leverage these features to conduct virtual classes more effectively. For example, they can stream their lessons to different platforms or groups of students at the same time, ensuring that everyone has access to the content.

Enabling and using the Feature

You need to be running Windows Insider Build 26120.2702 or later.

To activate the feature, users need to head over to settings and enable the “Multi-App Camera” setting by toggling it on as shown in the screenshot below.

Advanced Camera Controls in Windows 11

Once enabled you’ll be able to use your camera(s) in multiple apps. The shot below shows the camera app and a Teams video call using the same camera simultenuously.

Still more to come

Microsoft has also said that more options are coming in the advanced camera settings, including the ability to choose and customise things like resolution and frame rate for the webcam/Camera(s).

These enhancements (also fed by user feedback from the Windows Feedback Hub), will provide users with greater control over their camera settings, allowing for a more customised and optimised experience.

Microsoft Surface Laptop 7  Review

In this review I look at the Surface Laptop 7 which I’ve been using daily for the past 3 weeks. We look at asterics, performance, battery life and more. It’s the first Copilot+PC from Microsoft which is set to yet again set the standards on the future of AI powered Windows devices!

I first got my hands on one of these devices last month at Microsoft Ignite 2024 in Chicago, where I had the pleasure to spend time with the global Surface Team in the community hub in the middle of the Ignite Expo Hall.

On show were the very latest Surface Copilot + PCs which feature the Qualcomm Snapdragon X powered devices that deliver over 45 Trillion Operations per Second (TOPS) of NPU power.

As part of the demo showcase, the devices were running the latest “insider” builds of Windows 11 where new innovative AI features within Windows, such as Recall and Click-To-Do, as well as updates to apps from leading developers including Adobe who were showcasing the next wave of innovation that is possible by harnessing the power of local NPUs on these new Copilot + PCs.

My History with Surface

I’ve been a fan of Surface many years, having owned, borrowed, or used numerous models since we transitioned to Surface around the Surface Pro 4 era. I even had a Surface Pro v1 and a Surface RT with Arm chipset running Windows 8 back in 2012 – devices I still have today in my “museum”.

As a Microsoft MVP, I’m also lucky to get access to demo and trial devices through the year which has given me some great perspectives of the continual evolution, advancements and innovation that Surface brings, not only to end user compute, but to the development and innovation of Windows.

Until recently, my daily device has been the Surface Pro 9 5G. This is a Qualcomm powered ARM device running Windows on Arm (WoA). I also have a smaller (Intel powered) Laptop Go, which I use when traveling light!

My latest laptop, and the focus of todays’ blog is the 13.8″ Surface Laptop 7. This is the latest generation of Copilot+ PCs. It is powered by the latest Qualcomm Snapdragon X Elite Arm processor and it truly a thing of beauty!

Not only does Surface Laptop 7 look absolutely gorgeous, with its premium sleek black finish, but the ‘instant on’ feature and Windows Hello ESS (which stands for Enhanced Sign-in Security) means that I am signed in instantly – no delay, and no “looking for you”. You click the button; the device wakes up and you are in.

Windows Hello ESS uses specialized hardware and software components, including Virtualization Based Security (VBS) and Trusted Platform Module 2.0 (TPM 2.0), to isolate and protect biometric data. This ensures that biometric data, like facial recognition or fingerprint information, is securely stored and processed

What are Copilot+ PCs?

The Qualcomm Snapdragon powered Copilot+ PC is designed to deliver an unparalleled user experience, combining cutting-edge technology with seamless performance and truly all day battery life combined with whisper quiet operation. These are powered by Qualcomm Snapdragon Plus and Elite processors (Arm processors) and run Windows on ARM as the core Windows Operating System.

Windows has traditionally run on machines that are powered by x86 / x64 processors, but more recently, also runs on devices powered by Arm processors. That is the case for the current generation of Copilot+PCs like Laptop 7 and Surface Pro 11.

Arm-powered devices are particularly interesting because the power-frugal nature of the Arm architecture enables these devices to offer longer battery life while delivering great performance. Arm Systems on Chip (SoC) often include other key features such as a powerful CPU, GPU, Wi-Fi & mobile data networks, as well as Neural Processor Units (NPUs) for accelerating AI workloads.

For most users, the differences between Windows on Arm and Windows running in x86/x64 are invisible other than the performance and efficiency improvements Arm based devices can bring to Windows.

The Laptop 7 I have been using is the 13.8 inch device with 32GB RAM and 1TB SSD.

Surface Laptop 7: The Out of Box Experience

From the moment I unboxed the device it gleamed with the high quality, premium elegance that is Surface. People often ask me what it is about Surface that I love compared to “other” brands.

Surface Laptop 7 Copilot+ PC

You only have to hold and feel a Surface to fall in love with it. It is truly elegant and premium device in every way, but more importantly, Surface is designed to showcase the very best of the Windows and is always the innovator and leader upon which other OEMs are “inspired” to copy. From touch screen, 2-in-1,to pen and ink and Windows Hello, these features were all born with Surface. Copilot+ PCs are no different. The stage is set for the future of AI powered devices.

Next there is the sustainability factor. Surface is built from more recycled materials with the enclosure being constructed of >67.2% recycled materials, including 100% recycled aluminum. Surface Laptop is another step toward Microsoft’s goal to be carbon negative, water positive, and achieve zero waste by 2030.

Surface Laptop 7: What’s under the hood?

This is a Surface through and through. High Quality, premium finish, and fantastically put together with the all the best hardware to make Windows shine.

  • Horse Power – Unlike the Surface Laptop 1-6, Laptop 7 is powered by ARM processors. Microsoft offer a choice of Snapdragon X Plus (10-core) or Snapdragon X Elite (12-core). The 15-inch version by comparison only offers the Snapdragon X Elite.
  • Connectivity: Surface Laptop 7 ships with the latest Wi-Fi 7 and Bluetooth 5.4, along with two USB-C Thunderbolt 4 ports, and and “old-skool” USB-A. There’s also a 3.5mm headset jack, a microSDXC card slot, and the standard Surface-Connect Port too! The device can be charged via the Surface Port and/or USB-C.
  • Cameras and Video: The “web-cam2 is a 1080p Full HD camera for your Teams or Webex calls and also incorporates the Windows Hello Biometric / Facial security. Video and images are enhanced by Windows Studio Effects powered by the Surface Laptop 7’s local NPU.
  • Audio: On board we get the usual Dual Studio Mics with AI powered voice focus, OmniSonic stereo speakers with Dolby Atmos® and support for Bluetooth LE Audio
  • Display – The screen on the 13.8″ Surface Laptop 7 supports a resolution of 2304 x 1536 with contrast ratio of 1400:1 and refresh rate of 120Hz. The screen is fully multi-point touch enabled and is finished with a coating of Corning’s Gorilla Glass 5. The is no Surface Pen support (but to be honest, the form factor doesn’t really lend itself to pen and ink).
  • Keyboard: Surface Laptop gives you a full size keyboard. The is plenty of travel in the keys and decent traction. The keys also have back-lighting with different levels of brightness. You also get a sizeable trackpad. You even get the Copilot Key 🙂

Surface Laptop 7: Secure from Chip to Cloud

Surface Laptop 7 (along with Surface Pro 11), powered by Qualcomm Snapdragon, are also examples of Microsoft’s commitment to robust security through their chip-to-cloud approach.

Central to this security architecture is the Microsoft Pluton TPM 2.0, which provides a hardware-based root of trust, ensuring that sensitive data, such as encryption keys and user credentials, are securely stored and protected from tampering. This is complemented by Windows 11’s Secured-Core PC capabilities, which integrate hardware, firmware, and software protections to defend against sophisticated cyber threats and attacks.

Additionally, these devices feature Windows Hello face authentication with Enhanced Sign-in Security, offering seamless and secure biometric authentication. This leverages advanced facial recognition algorithms and hardware-level security to provide a fast and secure login experience.

Finally, Microsoft Defender is fully integrated at hardware and Operating System level to provide comprehensive enterprise protection against malware, viruses, and other cyber threats, further enhancing identity and privacy protection.

These features make Surface Laptop 7 and Surface Pro 11 secure, reliable choices for users and organisations who need the highest levels of protection for their data and privacy.

App Support – Will my Apps Work with ARM?

In short yes (almost certainly).

Application compatibility with Windows on Arm has always been a concern and I have seen many people, and organisations avoid “non Intel” Windows devices for fear their app will not work.

Outside the original Surface RT, I have been using ARM based Surface devices since the Surface Pro X. Today, I am yet to encountered any apps that do not work on my ARM powered devices. Every applications I use (including some from Adobe) now have native ARM versions of their apps.

Prism Emulation works as a software simulator, just-in-time compiling blocks of x86 instructions into Arm64 instructions with optimisations to improve performance of the emitted Arm64 code.

For any app you encounter for where there is not an ARM-native app, Windows 11 leverages Microsoft’s PRISM emulator. This provides x86 and x64 emulation to run non-ARM native apps in emulation mode, which the Surface Laptop 7 runs perfectly well. The benefit of using (and having) native ARM applications however is to allow users to fully benefit from the power and battery efficiency that these devices offer over the intel variants.

Microsoft App Assure is a service designed to help organisations ensure their applications run smoothly on Windows 11, including those on ARM-based devices. With App Assure, Microsoft offers expert support to resolve any compatibility issues, providing peace of mind when transitioning or updating applications to run on ARM architecture. This support is crucial for organisations embracing the efficiency and performance benefits of Windows on ARM.

Printers and Peripherals – will they work on ARM?

In short – most will.

When considering a transition to Windows on ARM devices, one of the primary concerns is whether printers and other peripherals will work seamlessly. Personally I have no issues at all. I use a Surface Dock, blue tooth keyboard and mouse, USB external webcam and an Epson Ink Jet Printer. Most modern peripherals will work without issues.

Printers (well older ones) can be a little more challenging due to lack of driver support, but Microsoft is actively working to improve this by developing more ‘Class drivers’ for legacy hardware.

Whilst the situation is improving, organisations with older or specialised hardware (we see a lot in education and manufacturing) may find they need to still with Intel variants for now, or at least check compatibility before moving to Windows on ARM.

Microsoft's approach of replacing legacy drivers with "class drivers" is part of their broader strategy to simplify and standardise driver support across Windows devices, including ARM-based systems. Class drivers are intermediate drivers that provide a simple interface between a vendor-written "minidriver" and the Windows operating system. This means that instead of each hardware manufacturer creating and maintaining their own drivers, they can use a standardised class driver provided by Microsoft.

Better Together – Windows 11 and Copilot+PCs

Windows 24H2 (along with some new Windows features that are currently in Preview) are set to revolutionise the user experience with a suite of new AI-powered tools designed to enhance productivity and streamline tasks.

Among the most anticipated features is Windows Recall, which allows users to search for files, emails, and web pages by describing what they remember, rather than relying on keywords. This feature, powered by multiple AI models running locally on the device, aims to significantly reduce the time spent searching for information.

Windows Recall (Preview)

Click to Do enables quick actions with text or images found in Recall’s snapshots (or from any screen), making it easier to copy text or share images. This is similar to Google Circle-To-Do feature you might have on your smart phone!

Another exciting addition is the Windows Copilot Runtime, which integrates over 40 different AI models, including a Small Language Model (SLM) and an Optical Character Recogniser. These enable the new tools like Click-To-Do along with new Windows features such as Live Captions, Auto Super Resolution, Generative Fill and Windows Studio Effects.

These all work locally (using the NPU) without sending data to the cloud. These tools not only enhance accessibility and visual quality but also provide a seamless and efficient user experience.

This prevents the CPU getting overloaded and slowing down your device, making things like Teams call with video filters applied, much less processor intensive and better quality.

Surface Laptop 7: Value for Money

Pricing of course varies by region and also your sector. It also varies if you are a consumer or corporate, so if buying for work, speak to you Microsoft Surface Partner.

On Microsoft’s official website, pricing for Surface Laptop 7 starts at £944 (inc VAT).

The model I am using is the 13.8″, Snagdragon X Elite with 32GB RAM and 1TB SSD which took the price up to just over £1,500.

In comparison (everyone always compares to Apple), the cost of the Mac Book Pro 14″ of close to equivalent spec is just shy of £2,000

Surface Laptop 7 – Summing it up

In the past few weeks, using Surface Laptop 7 has really enforced my love and passion for Surface and Windows on Arm powered devices and the future potential of Copilot+PCs.

Compared to a Intel Powered Surface Laptop 6, everything about this device feels faster and more responsive compared to any previous device (even my ARM powered Surface Pro 9) that I have used.

The device is lightening fast, silent (like it makes no noise at all) as it has no fans, and battery life averages over 17 hours of actual use between charges (and that is connected to an external screen too). I never take power supply when I go out.

The device wakes up and signs me in instantly when I lift the lid, thanks to Windows Hello ESS and when working, the device doesnt even apprear to get warm.

Video and Audfio Quality is enhanced by the new Windows Studio Effects in Windows 11, which leverages the NPU for superior audio quality and voice isolation and features like Eye Contact and local background blurring has a huge impact on video calls.

The new and exciting AI features like Microsoft Recall and Click- to-Do (in preview), along with the other Windows 11 enhancements are also great to use (these only run on Copilot+PCs today).

The Windows Copilot app is now a “real” app

If you are not a fan of PWA (progressive web apps), the Microsoft is bringing good news. Windows Insiders are getting a new version of the Copilot app for Windows 10 and 11 which replaces the web-based application with a new native version.

The old app (or current app if you are not a Windows Insider) is a Progressive Web App which limits some of the Windows control such as quick view that is available in native Windows Apps. recently ChatGPT published their Windows App into the Microsoft Store and this latest update from Microsoft now makes the Copilot a real app too!

In the announcement, Microsoft said that

With this update, the previous Copilot progressive web app (PWA) is replaced with a native version. After installing the Copilot app update, when you run Copilot, you will see it appear in your system tray.

Microsoft Windows Insider Team

Whilst it’s hard to notice immediately differences, after installing the updated version (1.24112.123.0) Copilot on Windows is now a “proper” app rather than a WebApp.

This also means that Quick View can be used now with Copilot which lets you move the quick view window and resize it to suit your workflow. By default, the Copilot app in Windows uses the RegisterHotKey function and sets Alt + Space keyboard shortcut to open Copilot in Quick View mode which can be used to open and close Copilot’s quick view whenever you need it.

If you need to switch / flip back to the main Copilot app window, then this can be done by clicking the icon at the top left corner of the quick view window.

Devices with the dedicated Copilot key will open the Copilot app up the main window.

Streamlining Copilot Adoption: Reducing Data Oversharing in Microsoft 365

One of the concerns I often talk to organisations about, is the fear that Copilot might surface sensitive information that it should not have access to due to IT/Compliance teams not really knowing who has access to what. The phrase “Security through obscurity” is often what we heard being used.

The primary cause of this is the over-permissioning and sharing of files, which is a growing concern for organisations and one of the “blockers” often cited in Copilot Adoption.

The over-sharing problem

The ability to reason over employee data and shared organisational data is one of Microsoft 365 Copilot’s strengths over other Gen AI tools (that need feeding). These responses Copilot gives and the content it creates rely on access to data that the user already has access to across their organisation’s Microsoft 365 environment. And here often lies the problem. If an organisation has low levels of data governance, no data classification and labelling, combined with high levels of over-sharing can create real concerns for IT and Data Compliance teams.

One of the reasons that Copilot often has access to data that it “perhaps” shouldn’t have is not due to security flaw or issue across Copilot or Microsoft 365, but because files or sites have been shared too widely and have no (or the wrong) privacy and sensitivity set. Addressing this is no small task since many organisations will have million of files and tens of thousands of SharePoint and Teams sites.

Organisations and even teams within organisations often operate at various levels of maturity in governing SharePoint data. While some orgaanisations strictly monitor permissions and oversharing of content, others do not. The situation is further complicated because many people, teams and organisations have “legitimate” reasons to share “some” data widely within the organisation. This can mean users in your organisation may make choices that result in the oversharing of SharePoint content. As an example

  • Users may save critical files in locations accessible to a wider audience than intended.
  • Users may prefer sharing content with large groups rather than specific individuals.
  • Users might not pay close attention to permissions when uploading files.
  • Users may not understand how to use sensitivity labelling (if enabled) to control access.

Services such as Microsoft SharePoint and Microsoft Copilot for Microsoft 365 utilise all data to which individual users have at least View permissions, which might include broadly shared files that the user is unaware of. As a result, users might see these applications as exposing content that was overshared. Oversharing can lead to sensitive information being exposed to unintended recipients. Users, while well intentioned, might not always grasp the implications of their sharing choices. They might overlook permissions or opt for convenience over security.

As a result, it’s important to use the permission models in SharePoint to ensure the right users or groups have the right access to the right content within your organisation. The following sections describe the key steps that administrators can implement to configure their SharePoint permissions model to help prevent data oversharing.

Dealing with Oversharing

The good news is that Microsoft is adding new features to SharePoint and Purview to make it easier to see, understand and control over sharing across Microsoft 365 with a hope to help adoption efforts and wider roll out of Microsoft 365 Copilot. This includes new Data Security Posture Management (DSPM) and enhancements for Data Loss Prevention policies in Microsoft 365 Copilot, and SharePoint Advanced Management. These can help automate site access reviews at scale and add controls to restrict access to sites if they contain highly sensitive information.

Microsoft have also released a blueprint guide for organisations planning to or deploying Copilot. These are nicely tailored to adjust to those with mainly Microsoft 365 E3 and E5 licenses respectively.

These new tools IMO are going to be vital to help organisation understand and address oversharing so they feel more feel confident in their employees adopting AI tools like Microsoft 365 Copilot.

AI is really good at finding information, and it can surface more information than you would have expected. This is why it’s really important to address oversharing. Typically, these issues are a by-product of good collaboration, particularly across Teams, SharePoint sites and OneDrive.

Alex Pozin | Director of Product Marketing | Microsoft

From early 2025, Microsoft will make access to SharePoint Advanced Management (SAM) available at no extra cost to Microsoft 365 Copilot subscriptions. Outside of this, SharePoint premium (which includes SAM ) will be available at a cost of around $3 per user each month.)

New Capabilities in SharePoint Advanced Management

There are also new features for SAM that Microsoft says will provide greater control over access to SharePoint files. 

  • New permission state reports (available now) can identify “overshared” SharePoint sites. The site access review feature can then provide a easy way to ask site owners to review and address permissions.
  • Restricted Content Discovery – which should start to roll out this month in public preview (December 2024), will allow IT admins to prevent Copilot from searching and processing data in specific sites for content and result generation. This does not prevent direct access to the site meaning that users can access the content directly as normal. This feature builds on the SharePoint Restricted Access Control, which was released last year, and lets IT admins restrict site access to specific sites to just “site owners” only, while also preventing Copilot from indexing and summarising files in these sites.

One of the use cases for this, are for where there are data locations containing information that needs to be contained to a set of people – such as financial reports, M&A planning, amnd other secret stuff. IT need to be confident that these locations and files will not show up in SharePoint searches and will be well out the reach of Copilot or other AI tools, essentially making sure that nobody can accidently or unintentionally be aware of, see or access the content. This is where Restricted Content Discovery comes in – locking down and hiding this information from plain site and from Copilot’s retrieval augmentation and indexing.

New Capabilities in Microsoft Purview

Microsoft are also adding new capabilities in Purview too. Purview is available as standalone or is part of Microsoft 365 E5.

/

Microsoft Purview is a centralised hub within Microsoft 365 that helps organisations meet regulatory and compliance requirements. It helps organisations manage their compliance obligations, protect sensitive data, and mitigate risks within their Microsoft 365 environment. 

Here, there are new tools to help identify “overshared files” that can be accessed by Copilot. These includes oversharing assessments for Microsoft 365 Copilot in the Data Security Posture Management (DPSM) tool which is now in Public Preview (from December 2024) and can be accessed via the newly revamped Purview portal.

DSPM Portal in Microsoft Purview

The oversharing assessments are designed to highlight data that may present exposure risk by scanning files for sensitive data and identifying data repositories such as SharePoint and Teams sites where access permissions appear to be too wide and broad. The tool will also provide recommendations to admins and site owners for ways to mitigate oversharing risk, such as adding sensitivity labels or restricting access from SharePoint.

For example, DSPM can detect and help you deal with controlling ethical behaviour in AI (example demo environment below). For all the recommendation, Microsoft provides a simple step by step “wizard” to help IT and Compliance add policies.


Microsoft Purview Data Loss Prevention for Microsoft 365 Copilot, also in public preview, enables IT and security admins to create data loss prevention (DLP) policies to exclude certain documents from being processed by Copilot based on a the file or sites sensitivity label. This applies to files held in SharePoint and OneDrive, but can be configured at other levels, such as group, site, and user, to provide more flexibility around who can access what.

Insider Risk Management has also been updated to detect “risky AI usage.” This even includes user prompts that contain sensitive information and attempts by users to access unauthorised sensitive information. What’s key to note here is that this feature is not just limited to Microsoft 365 Copilot and also also covers Copilot Studio, and ChatGPT Enterprise.

Oversharing Blue Prints

I really like this. Microsoft’s new blueprint resource pages on Microsoft Learn provide recommended approaches and guidance for organisations to help them understand, mitigate and manage oversharing during what they define as the three main stages of Microsoft 365 Copilot deployment.

  • Pilot [Pilot]
  • Wider Deployment [Deploy at Scale]
  • Organisational Rollout [Operate]

Microsoft provide two blueprint designs. A “foundational path” and what they call an “optimised path” that uses some of the more Microsoft 365 advanced data security and governance tools found in Microsoft 365 E5 subscriptions.

Is there funding available to help?

It depends – but most likely!

Microsoft have a Cyber Security Investment Program open to select/specialist partners like Cisilion. These provide funded workshops, assessments and proof of value deployments across key Security workloads including Microsoft Purview as well as structured Copilot pilot deployments, vision and value

Organisations should speak to their Microsoft Solutions Partner for more information. You can contact Cisilion here should you need to.

Conclusion

In many of the discussions I and my team at Cisilion have with customers, we see that almost all of the organisations we work still have concerns over data governance in the realm of AI access. Of these most expect Microsoft to help them address these whilst some have already invested in third party tools to help them get a “grip” on their data and sharing.

We have seen a plethora of customers invest/upgrade to high-tier Microsoft 365 plans (including E5 Security and Compliance) or full Microsoft 365 E5 in order to gain access to Microsoft Purview. Some argue these tools should be provided as part of their Copilot investment, so it is great to see Microsoft meeting customers in the middle and at least providing some of these tools as part of this license investment.

The issue is not Copilot per-say, but it is that Copilot with it’s ability to access compnay data is causing more organisations to double down and look at the existing issues they have of too many SharePoint Sites, too much over sharing, orphaned data (data with no owner) inadequate data classification and labeling.

By addressing security and data governance and levering the new tools available, this at least should solve one of the blockers to AI adoption.

The second is Adoption and Change Management – more on that in the next blog post!


Useful links.

Microsoft’s Recall hits preview on Qualcomm, Intel and AMD AI and Copilot+ PCs

Microsoft has recently expanded the testing of its innovative Recall AI feature to Intel- and AMD-powered AI and Copilot Plus PCs. Initially available on Qualcomm-powered devices only, this feature is now accessible to a broader range of devices for testing.


What is Recall?

Recall was the keynote Windows feature announced when Microsoft unleashed the Copilot+ PC  when they were released in September this year.

Initially recalled due to privacy concerns this is now in Public Preview for Windows Insiders on the Dev Channel.

Recall works by taking screenshots of almost everything you do on your  Copilot+ PC, (these are devices with dedicated NPUs that run at 45 Trillion Operations per Second (TOPS) or more). Recall makes it easy to search and recall past activities such as “the train route I was looking at on Tuesday” rather then scanning back through Internet search history.

Recall on Copilot+ PCs

This feature is entirely optional to use, but when enabled enabled, helps users find previous work, content or Internet data through natural language search or an interactive scrollable timeline.

As the user, you are completely in control of what snapshots are saved and how long for, and have the ability to delete them as needed, ensuring upmost privacy and security. Snaps shots require TPM, secure boot and Windows Hello to be active on the device and Microsoft has not access to the data which is encrypted on your device.

The power of Edge AI

Unlike services like Copilot, Recall and many of the newer Copilot+ PC features leverage local LLM models on the device as well as the NPU’s present on Copilot+ PC devices like the Surface Laptop 7 and Pro 11 range. As such when you install the #WindowsInsider Dev builds, you’ll also notice that Windows Updates installs a number of processing services as well as the Phi Silica LLM.

Recalls’ enhanced security and privacy

Microsoft has implemented many new security updates and controls to address initial concerns raised by security folk and early testers.

As I mentioned, accessing snapshots now requires Windows Hello for authentication, and the feature mandates the use of BitLocker and Secure Boot. Additionally, Recall can now automatically detects and excludes sensitive information like credit card details and passwords from being saved.

Click-to-Do and more AI features

Alongside Recall, Microsoft is also allowing Insiders on Copilot+ PCs to test out Click to Do feature, which recognise text and images in snapshots and content in screen allowing users to perform actions like copying text, invoking Copilot, saving and editing images and more. This functionality extends beyond Recall, enabling users to take actions on images and text with a simple Windows + Q key or Windows Key + mouse click.

In Paint, the new Cocreator top lets you create art and images by simply typing in text prompts. The Photos app has also been updated with new tools including Image Creator, which lets users make images from text prompts, and Restyle Image, which lets users add different artistic styles to their existing photos. You also get powerful generative erase tools which can be accessed directly from the app or from Click-To-Do.

These tools use local AI and analysis models on the Copilot+ PCs to work efficiently on the device itself through the use of the NPU.

Conclusion

Microsoft initially only made these features available for Snapdragon (ARM based) Copilot+ PCs but with this update they are continuing to u lease the new AI features in Windows 11 to more devices. The expansion of Recall to Intel and AMD Copilot+ PCs marks a step forward in enhancing user experience and productivity on this next generarion of devices.


What do you think of Recall and Click-to-Do?

Windows and Devices – Summary of Ignite Announcements

Introduction

Copilot was very much front and center at Microsoft Ignite last month. However, the Windows ecosystem also had lots of coverage. This includes Windows 11, new devices, Windows 365, and Windows 365 Link. Along with this, Microsoft talked in depth about the importance of the new Windows Security Initiative.

This forms part of the Secure Futures Initiative , a wider efforts to ensure everything access the Microsoft eco-system is secure by design and secure by default.

The Windows Security Intuitive is a comprehensive effort to ensure that Windows remains the most reliable and secure platform on earth. This blog summarise the key Windows and Devices announcements from Ignite 2024.

The Windows Keynote session at Ignite was delivered Pavan Davuluri, Aidan Marcuss, Navjot Virk and David Weston and can be viewed here on demand from Microsoft.

Windows 11 – The Most Secure Windows Ever

Windows 10 is end of life in October 2025, but Windows 11 has been mainstream now since 2021. Windows has always been the platform for innovation, meeting the needs of over a billion customers across enterprise, public sector, education, creators, developers and engineers. With this comes Microsoft’s responsibility to deliver the most reliable and secure platform.



The “CrowdStrike incident” back in July 2024, which impacted 8.5 million devices, was a stark reminder of the need for vigilance and innovation and the need to have better controls in place to protect the core of the Windows OS. “EU policy prevents Microsoft restricting access to its kernel”, but Microsoft have, following the global incident, announced the Windows Resiliency Initiative. This initiative aims at making Windows more reliable and secure for all customers, including those with mission-critical workloads but introducing changes to how both Microsoft and third-parties manage critical workloads and updates within Windows 11.

Changes After the Crowdstrike Incident

In the key note, David Weston shared insights from conversations with hundreds of customers, including CISOs, CIOs, and incident responders. The feedback highlighted the need for easier recovery, stronger resilience of critical security tools, and overall platform security. Microsoft is addressing these needs through the Windows Resilient Security Platform, which allows security product developers to build products outside of kernel mode, reducing complexity and improving recovery.

“In addition to the work we are doing with CISA as part of Microsoft’s Secure Future Initiative, we are heavily investing in safe languages to enhance the safety of our code. This commitment also aligns with CISA’s secure by design pledge. We’re applying this new approach to our security platform and other key areas like Microsoft Surface’s firmware and the Pluton security processor firmware. Part of becoming resilient is also increasing the prevention of attacks, so more security has been built into the operating system and not bolted on later. This reduces complexity and ensures you deploy less software that could become the next failure point. This is why we are targeting the most critical elements of Windows 11.”

David Weston | VP Enterprise and OS Security | Microsoft

Changes in Windows coming…

  • Improving Windows Reliability – with new capabilities to enable security product developers to build their products outside of kernel mode. This is known as the Windows Resilient Security Platform, which provides a flexible security API set and data collection points that can be used to build endpoint security products like detection and response or antivirus outside of the kernel. This change will help end-user protection and antivirus products provide a high level of security and easier recovery, with less impact on Windows in the event of a crash or mistake
  • Quick Machine Recovery – This solution can execute targeted fixes from Windows Update on machines, even when Windows is unable to boot. This will allow for quick deployment of fixes that address files, drivers, or any other operation needed to recover a non-bootable machine.
  • Strengthening Security Tools and Drivers – Microsoft are working with industry-leading security partners and the US Cybersecurity and Infrastructure Security Agency (CISA) to define new ways to increase resilience across the ecosystem. This includes adopting safe deployment practices, conducting additional security and compatibility testing for components like security kernel drivers, and developing strengthened incident response processes for streamlined coordination.
  • Enhancing Identity Protection – To combat the increasing risk and success in cases of sophisticated phishing attacks, Microsoft has hardened Windows Hello, the built-in industry leading multi-factor authentication (MFA) solution. Windows Hello now supports passkeys, which means much of the web can be protected with MFA seamlessly. This enhancement ensures that users no longer need to choose between a simple sign-in and a safe one. This is one step further to help customers remove passwords from their environment.
  • Local Administrator Protection – Microsoft is introducing administrator protection to address the challenge of over-privileged users and applications. With admin protection, everyone (even admins) will have standard user permissions by default and can make Windows system changes, including app installation, only when necessary and after authorising the change using Windows Hello. This reduces the risk of attacks by ensuring that employees, not malware, remain in control of Windows.
  • Deep Collaboration with CISA – Microsoft and the CISA are providing a framework for the IT industry as a whole to ensure that all partners, customers, and organisations can stay ahead of evolving security threats. This collaboration aims to deliver software that is safe, secure, and resilient through secure by design, secure by default, and secure through delivery practices.

These changes and improvements are part of Microsoft’s commitment to making Windows reliable and secure for all customers, including mission-critical workloads. The Windows Resiliency Initiative represents a significant step forward in ensuring that Windows remains the most secure and reliable platform on earth.

Windows 11 – Ease of Migration, Management and Updates

Windows 11 builds on Windows 10 technologies and further simplifies the management and migration process to Windows 11. Windows 11 can be managed with the same tools and processes used for Windows 10, ensuring minimal disruption to the workforce. The compatibility with App Assure guarantees that all apps will work seamlessly on Windows 11.

In contrast, Windows 11 updates are 40% smaller in size, making it easier to stay up to date and reducing impact on users/employees as well as on network bandwidth, disk-space and time.

Windows 10 to Windows 11 – Compatibility with App Assure

App Assure is a key component of the Windows 11 upgrade experience as it was in the Windows 7 to Windows 10 experience. App Assure ensures that all apps are compatible with the new operating system through millions of real life feedback, crash reports and user feedback. This application compatibility is backed by Microsoft’s promise to address any app issues that may arise, providing peace of mind for businesses transitioning to Windows 11. The App Assure portal provides guidance, assurance and clarity of application and application version compatibility.

Updates, Hotfixes, and Autopatch

Windows 11 is introducing several new features to streamline updates and hotfixes.

  • Quick Machine Recovery allows targeted fixes from Windows Update on machines that are unable to boot, ensuring quick recovery during incidents.
  • Windows Hotpatch, available through Autopatch settings in Intune, delivers Patch Tuesday security updates directly to employees seamlessly in the background without requiring a restart, reducing interruptions and speeding up the deployment of security updates.

Windows Hotpatch is one that is super important. By using Windows Hotpatch through Autopatch settings in Intune, Microsoft say that 65% of Patch Tuesday security updates are delivered directly without requiring a restart. This significantly reduces restarts and interruptions, allowing security updates to be deployed 60% faster.

According to Forrester research, moving to Windows 11 delivers an impressive 250% return on investment over three years compared to Windows 10.

Windows Backup for Entra ID

Another exciting new feature announced at Microsoft Ignite is Windows Backup for Entra ID. This feature, available in public preview in early 2025, will help organisations ensure a seamless transition of use settings and preferences when setting up a new PC or performing a traditional reinstall which is typical with OS upgrades in larger enterprises.

With Windows Backup, employees can easily transfer their desktop background, icon size, and other preferences to a new device, ensuring a consistent and familiar experience. This reduces the time spent on setup, allowing employees to be productive faster and significantly reducing IT overhead and help desk calls.

Windows 11 – New devices and un-paralleled performance

Speed and Performance

Windows 11 is designed to deliver superior speed and performance. Bear in mind WIndows 10 is 10 years old and was designed for a pre-pandemic world and a world where AI didn’t touch the end-point.

Newer Windows 11 devices offer double the battery life and more than three times the performance of older Windows 10 devices.

Microsoft’s introduction of Copilot+ PCs and AI-PCs, built for AI workloads, is setting a new new standard for productivity, combining advanced AI inferencing capabilities with top-notch security and performance. Satya said in his key note that all applications will be rebuilt as AI apps and Windows is no different. Microsoft are re-writing their apps and OS for the AI era and simple examples include simple in-box tools like Notepad and Paint that have advanced AI capability.

Leading vendors like Adobe are adding new capabilities in their applications that leverage local NPUs found in new Windows 11 Copillot+ and AI PCs

The New Generation of Devices in Copilot+ PCs

The new generation of devices in Copilot+ PCs is designed to harness the full potential of AI. These devices (again bvery centre stateg at Ignite) come equipped with advanced AI inferencing capabilities, enabling them to handle complex workloads with ease. Their Neural Processors (NPUs) can operate at more than 45 Trillion Operations a Second (TOPS) providing the fastes edge AI processing in the world. The integration of AI into these devices not only enhances productivity but also ensures that security measures are robust and effective.

With features like real-time threat detection and automated responses, Copilot+ PCs provide a secure and efficient environment for businesses and consumers.

The day after Ignite, Microsoft also released Recall and Click-To-Do into public preview for users enrolled on the Windows Insider Programme.

Windows 11 – Sustainability and Windows 365

Modernising isn’t just about cost savings; it’s about the collective responsibility and impact on the global economy, our business and the environment. Microsoft has committed to advancing sustainability, and adopting Windows 11 helps in achieving your company’s sustainability goals.

Microsoft boldly shared that Windows 11 reduces energy use as the “world’s first carbon-aware OS” and offers Energy Saver, increasing energy efficiency by up to 22%.

Microsoft talked about their own devices, Surface which are manufactured using recycled materials and more renewable energy. As an example, Surface enclosures use 100% recycled aluminum alloy and 100% recycled rare earth materials. They also used this time to share existing and new programs to help organisations reduce e-waste with the recycling and refurbishment opportunities available across our ecosystem partners such as Cisilion. There’s a dedicated sustainability site for Surface -> here <-

Microsoft also shared several examples of how organisations can extend the life of (and even breath new life into) older hardware with Windows 365 without sacrificing security protection or experience.

Windows 365 and Windows 365 Link

Microsoft shared how Windows 365 plays can not only play a crucial role in this sustainability effort but also used the opportunity to announce their new dedicated “thin client” device called Windows 365 Link.

Priced at $349 and available from Spring 2025, these dedicated low power, sustainability built devices can provide local compute power but with no IT footprint to securely streams employees full personal Windows 11 desktop with all their apps, content, and settings directly from the Microsoft Cloud.

Windows 365 can run on any device include Web, dedicated devices like Windows 365 Link, and even mobile devices on iOS and Android as well of course as legacy Windows 10 devices and even Windows 11.

The flexibility of Windows 365 allows businesses in any sector and any size to reduce their IT infrastructure and management complexity while providing a consistent and secure experience for employees. Windows 365 is designed to complement your Windows 11 end user computing estate, enabling more endpoints and form factors, and unlocking more value and options for businesses.

Windows 365 is also great for contractors, testing migrations to Windows 11 and also for running secure workloads as well as for education and front line workers.

What have I missed?

There were lots of announcement around Windows and Devices at Ignite. The Windows Security Initiative clearly represents a significant step forward in ensuring that Windows remains the most secure and reliable platform.

With new enhanced security measures, simplified management and migration, seamless compatibility with App Assure, and innovative update mechanisms, Windows 11 is promising to deliver unparalleled speed, performance, security, agility and management.


Links: