Windows Autopatch, a service to automatically keep Windows and Microsoft 365 up to date in enterprise organisations, has now reached public preview. When officially released (GA), it will be included Microsoft commercial customers with a Windows Enterprise E3 license or higher.
In short, Windows Autopatch automatically allows organisation to shift the management and deployment of Windows 10, Windows 11 and Microsoft 365 Apps including quality and feature updates, drivers, firmware to Microsoft.
What’s the purpose?
Essentially this aims to take the nightmare out of the age-old “patch Tuesday” and promises to be a great time saver for IT admins. With Autopatch, IT can continue to use their existing tools and processes for managing and deploying updates to devices OR can look to phase in or replace this in entirety and with this new “hands off” approach and let Windows Autopatch take care of security, driver and firmware updates.
“Changing the way things get done, even when that change makes things easier, gives pause to most people who run large IT organisations. By joining the public preview, you’ll be able to get comfortable with Windows Autopatch and ready your organisation to take advantage of the service at scale”.
Lior Bela | Senior Product Marketing Manager | Microsoft
The main purpose of Windows Autopatch is moving the update orchestration burden from the IT department to Microsoft. Once deployed, configured and tested, Autopatch should allow the entire effort around planning and managing the Windows Update process (sequencing and rollout) to be taken away from IT freeing up time and resources.
“Whenever issues arise with any Autopatch update, the remediation gets incorporated and applied to future deployments, affording a level of proactive service that no IT admin team could easily replicate,” Bela added.
“Whenever issues arise with any Autopatch update, the remediation gets incorporated and applied to future deployments, affording a level of proactive service that no IT admin team could easily replicate.”
Lior Bela | Senior Product Marketing Manager | Microsoft
How to enable Autopatch
Windows Autopatch devices must be managed by Microsoft Intune for this to work and Intune must be set as the Mobile Device Management (MDM) authority or co-management must be turned on and enabled on the target devices.
As you’d expect, there are a handful of steps needed to enable the preview and to enrol your Microsoft 365 tenant into the Windows Autopatch public preview:
Log on to Endpoint Manager as a Global Admin and navigate to the Windows Autopatch blade which is under the Tenant Administration menu – this will only be visible if you have the right licenses deployed.
Using an InPrivate browser window, redeem your Autopatch preview code
Run the readiness assessment, add the required admin contact, and add the devices you want to enrol in the service.
Tick the box, to allow Microsoft to manage updates on behalf of your organisation.
Allowing Microsoft to manage updates for your organisation
Microsoft also provides detailed instructions(and video) on how to add devices to your test ring and how to resolve the status of “tenant not ready,” or a status of “device not ready” or “device not registered.”
Microsoft YouTube video on enabling Windows Autopatch
How Autopatch works
The Windows Autopatch service automatically splits your organisation’s device estate into four groups of devices described by Microsoft as “testing rings”.
Test Ring: Contains a minimum number of devices for test purposes
First Ring: Contains ~1% of all endpoints (think of this like the early adopter ring)
Fast Ring: Contains ~9% of devices
Broad Ring: Contains the rest of the devices.
The updates are deployed progressively, starting with the test ring and moving to the larger sets of devices following a validation period in which the system and IT can monitor device performance and compare it to pre-update metrics through End Point Analytics.
Autopatch rings. Image (c) Microsoft
Autopatch also features a nifty, feature called “Halt and Rollback” that block updates from being applied to higher test rings or rolled back automatically. This is key for critical dates or projects which may be impacted by updates or where quality errors are detected in the Test Ring updates.
What about Patch Tuesday and Critical Updates?
Microsoft will continue to deliver monthly security and quality updates for supported versions of the Windows on the second Tuesday of the month (commonly referred to Patch Tuesday or Update Tuesday) as they have been to date. These will be delivered by Autopatch also.
For normal updates, Autopatch uses a regular release cadence starting with devices in the test ring and completing with general rollout to broad ring.
Any updates addressing a critical vulnerability, such as Zero Day threats, will be expedited by Windows Autopatch with a aim to patch all devices immediately.
Microsoft provides further info in the Windows Autopatch support documentation, including details on service eligibility, prerequisites, licensing and features.
Microsoft has just announced “Entra“, which is the latest “family of products” and joins their other suites alongside Priva and Viva.
Entra brings together all of Microsoft’s identity and access products and services and includes Microsoft Azure Active Directory (Azure AD), as well as their Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity services.
Identity is one of the biggest cornerstones for cybersecurity.
Microsoft Entra. Image (c) Microsoft
Microsoft Entra aims to help simply the way organisations approach and accomplish attack surface reduction in the multicloud, hyperconnected world by filling the biggest and most critical gaps. It does this by:
Protecting access to any application or resource for each and every user
Secure and verify every identity across hybrid and multicloud environments
Discovering and governing permissions in multicloud environments
Simplying the user experience with real-time intelligent access decisions.
Microsoft Entra embodies our vision for what modern secure access should be. Identity should be an entryway into a world of new possibilities, not a blockade restricting access, creating friction, and holding back innovation. We want people to explore, to collaborate, to experiment – not because they are reckless, but because they are fearless.
Microsoft.
Entra works with the majority of all cloud platforms, including Azure, AWS, Google Cloud, as well as other Microsoft apps and websites.
To find out more, visit the Microsoft Entra website to learn more about how Azure AD, Microsoft Entra Permissions Management, and Microsoft Entra Verified ID deliver secure access for our connected world.
Microsoft’s security business is growing faster than any of their other mainstream products and services, and today they announced they will be adding three new services designed to help organisations spot and respond to cybersecurity incidents.
Here’s the TL;DR version.
Microsoft are bolstering their security services offerings to go along with its technology products and partners.
Security is the fastest-growing broad product category for Microsoft.
Microsoft are increasing annual research and development spend in cybersecurity from $1 billion to $4 billion (more than any other security vendor anywhere).
The new services will see Microsoft’s own cyber security experts providing hands-on, proactive threat hunting for organisations unable to fully build out their own SOC due to the global security skills shortage and cost.
Keep reading to learn more…
This new announced investment comes as we see increasing reports from industry analysts on the continued increase in cyber security budgets globally as organisation continue to invest in protecting against the ever-increasing threat of ransomware attacks, identity theft and network hacks.
Attacks are getting smarter and more targeted
Cybercrime attacks are continuing to rise and get increasing sophisticated, costing the world’s businesses $6 trillion USD last year, with that number expected to rise to $10.6 trillion in 2025.
According to Microsoft, “most human-operated ransomware attacks share some common traits, as attackers take advantage of an organization’s reliance on legacy software configurations or poor “credential hygiene” to gain entry into systems, and once in to find privilege escalation points to move through systems and carry out attacks.“.
Whilst identity hygiene is improving many organisations still do not get the basics right with poor identity protection, lax controls, no (or patchy) MFA and a disjointed and fragmented approach to security rather than a Zero Trust ‘defence in depth mindset’
“Guarding single points of entry is not enough anymore, and a system or systems of managed extended detection and response (MXDR) is helping to help companies take a step back and look to guarding overall systems rather than focusing on locking down network ports or domains etc. “, Microsoft said in their latest security blog.
What is Microsoft Security Experts?
Microsoft Security Experts is a newly announced set of human, AI and software led services they will offer to organisations which will provide managed security services without them needing to build everything in house.
Microsoft Security Expert Services
Whilst just the start, the three new security managed services include Defender Experts for Hunting, Defender Experts for XDR, and Security Services for Enterprise.
Microsoft Defender Experts for Hunting.
This involves Microsoft Security engineers hunting and altering organisations of issues they proactive hunt in clients’ devices, Office 365 productivity software installations, cloud apps and identity platforms programs.
This will put Microsoft into a more direct competition with pure-play security software companies such as CrowdStrike.
Cost is circa $3 pupm.
Microsoft Defender Experts for XDR.
This is a more people intense service that will see Microsoft Security Experts helping organisations act on threats. Microsoft say that this type of work is typically done by a variety of different organisations today, including the big four accounting firms.
Cost is $14 pupm.
Microsoft Security Services for Enterprise
This service includes an even broader set of people-driven services.
It aims to be more specific and customised to the needs of large enterprise organisations.
It’s set to help elevate the global security skills and people challenge which affecting almost every organisation.
Costs are bespoke to each organisation.
Microsoft and Security
Security is already a $15 billion annual business for Microsoft, and in 2021/22 it has increased faster than any other significant product or service that Microsoft sold – up 45% YoY.
Microsoft is of course no new kid on the block when it comes to cyber defence, and last year blocked over 9.6 billion malware threats and 35.7 billion malicious emails as well taking down several huge state nation attacks.
Microsoft believe that they are uniquely positioned to help their customers and partners do more to meet today’s security challenges. “We secure devices, identities, apps, and clouds—the fundamental fabric of our customers’ lives – with the full scale of our comprehensive multicloud, multiplatform solutions. At Microsoft, we understand today’s security challenges because we live this fight ourselves every single day“.
Microsoft’s CEO Satya Nadella had already announced last year that their annual cyber security research and development spending is increasing to a staggering $4 billion, up from an already huge $1 billion.
What about the role of the Microsoft Partner?
Details are still emerging about how partners that sell security consultancy, enablement, training and of course managed extended detections and response (XDR) will be able to leverage these and build on their services.
Microsoft has said in their Yammer partner community site that they will be making a whole new set of investments in partners to help advance (or build) their managed extended detection and response (XDR) services business.
Growth and demand for Managed Security Services
According to Gartner, demand is on a fast growth trajectory, and more than 50 percent of organizations will be using managed detection and response (MDR) services for threat monitoring, detection, and response functions that offer threat containment and mitigation capabilities by 2025.
Microsoft say that their Partners will play a critical role in addressing this incredible customer demand.
Today (May 3rd 2022) Microsoft formally announced the general availability of the standalone version of Microsoft Defender for Business.
Why should I care?
Well firstly, it’s a myth that smaller organisations are not targeted and attacked. Security continues to be an increasing challenge for small and medium businesses with a more than 300% increase in ransomware attacks alone in the past year alone, leading to increase cost in time and money, whilst pulling you away from doing what matters most – running your business and making money.
300% Increase in ransomware attacks 2021
As an example, the solicitor I was personally using last year for a house purchase was victim of a cyber-attack in September last year and it took them almost 3 months to get back on their feet which cost them loads of business – including mine!
In addition, according to a report commission by Microsoft – over 90% SMB organisations admit to buying “bad” endpoint security (which means it is below par, nor is it integrated into their wider security portfolio).
What is Defender for Business
Microsoft Defender for Business brings enterprise-grade security to smaller and medium sizes businesses (SMBs), including world-class endpoint detection and response capabilities.
Microsoft position this as “the solution for the new Hybrid Workforce”. As employees increasingly work across a mix of different devices and locations, Defender for Business delivers end-to-end security and moves beyond traditional end-point anti-virus, with their cloud connected, AI-powered service that is backed by trillions of daily signals, bringing enterprise grade, real time detection of known or trending threats including zero-day attacks and ransomware.
Microsoft Defender for business is part of the wider Microsoft 365 Defender family – a unified pre- and post-breach enterprise defence suite which natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
Key Benefits
Reduce your vulnerability with Defender’s risk-based management approach
Help eliminate risks by reducing the surface area of attack
Protect against cyberthreats like ransomware and malware
Detect and investigate advanced persistent attacks
Automatically investigate alerts and helps respond to complex threats
Here’s how it works
If you think of your business as like you might think about your own house, we can use this simple by effective analogy:
Threat and Vulnerability Management is like a proactive police/crime assessment – looking at your doors and windows for potential weaknesses. It’s a risk prevention approach to vulnerability management that reduces threats before they grow into serious problems.
Attack surface reduction works by making sure the windows are locked, and only the right people have keys to the front door. This helps minimise risk by reducing the attack surfaces open across your devices.
Next Generation Protection acts as the lock for your front door. It helps to stop the things you don’t want to enter, from file-based and fileless malware, to spyware.
Endpoint Detection and Response is like a security camera system, helping you see and record an intruder in the building. Defender’s advanced tools then sets off the alarms, allowing you to respond directly to the problem, device, or file.
Auto Investigation and Remediation is like your smart alarm system, calling the authorities and taking the intruder away. Defender for Business automatically investigates alerts and helps remediate complex threats, acting as your personal security analyst, working 24/7 to protect your business.
In short, Microsoft Defender for Business looks across your environment, multiple activities, devices, and users and then aggregates your alerts into a single incident making it easier for you (or your IT Services partner) to manage and respond to threats before they impact your business.
How does it compare to Defender for Enterprise?
Defender for Business provides the same premium protection at endpoint level for SMBs as it does for Enterprise organisations – the only difference is the price point and simplified management. The table below, shows the main differences.
Microsoft Defender Product Comparison (c) Microsoft.
How do I get it?
All these features and more are available as part of Microsoft 365 business premium plan or can be purchased (if you are not a Microsoft 365 subscriber) as a standalone application.
Microsoft Defender for Business Options
Speak to your Microsoft Partner or CSP license provider in the first instance. They can probably also help you quickly get started and set it up..
Defender for Business is already included as part of Microsoft 365 Business Premium – Microsoft’s comprehensive security and productivity solution for businesses with up to 300 employees (or as part of a blended licensing approach). Microsoft Business Premium costs just £16.50 per user per month.
You can (from today) also purchase Defender for Business as a standalone solution for just £2.75 per user, per month and what’s more support for On-Premises and Cloud Hosted Servers for SMB is also coming later this year.
Microsoft has launched their first Cyber Signals, a new quarterly cyber intelligence brief that highlights the latest cyber security threats, tactics, and strategies and is aimed at Chief Information Security Officers, Chief Information Officers, Chief Privacy Officers and other senior security opps teams.
Microsoft Cyber Signals Report
The brief is built using Microsoft’s extensive threat and data and research which leverages insights from more than 24 million security signals as well as intelligence data mined from the monitoring of 40 nation-state groups and over 140 threat groups. Microsoft has focused the first edition specifically on identity, which they believes is “the battleground for security” and the biggest weakest link in most organisations security posture.
In the briefing, Microsoft state that “Our identities are made up of everything we say and do in our lives, recorded as data that spans across a sea of apps and services. While this delivers great utility, if we don’t maintain good security hygiene our identities are at risk. And over the last year, we have seen identity become the battleground for security.“
Perhaps the biggest point raised in this Cyber Signals report is the worrying low adoption of strong identity authentication across organisations. This includes multifactor authentication (MFA) which are proven to reduce the risk of compromised identity by 99.9%.
Here are they key highlights from the report.
Only 22% of customers using Microsoft Azure Active Directory (Azure AD), Microsoft’s Cloud Identity Solution, have implemented strong identity authentication protection as of December 2021.
Microsoft Defender for Endpoint blocked more than 9.6 billion malware threats targetting enterprise and consumer customer devices
From January 2021 through December 2021, Microsoft blocked more than 25.6 billion Azure AD brute force authentication attacks and intercepted 35.7 billion phishing emails with Microsoft Defender for Office 365.
The full brief also examines how nation-states are using spear phishing attacks and targeted social engineering to obtain passwords and other sensitive data. It also details the latest Ransomware attack trends and how they are being along with guidance and recommendations for how to stop the attacks.
“Microsoft ended 2021 with 71 billion cyberattacks blocked.”
Microsoft Cyber Signals
Much of the research explained by leading security chiefs including Christopher Glyer – the principal threat intelligence lead at the Microsoft Threat Intelligence Center which employs nearly 4,000 security experts and threat hunters.
As of today (14th Jan 2022) Microsoft Defender for Endpoint Plan 1 is now included within Microsoft 365 E3/A3 licenses.
Microsoft Defender for Endpoint (Plan 1) extends Microsoft 365 security by including world class threat and attack prevention capabilities to help you deliver against your Zero Trust strategy, reduce cost (by negating the need for additional products) and simplifies security management.
Defender for Endpoint Plan 1 includes the following key features (among others).
Next generation, born in the cloud, antivirus, anti malware and anti ransomware protection that leverages all the intelligence of the Intelligent Security Graph to help keep users endpoints secure and protected.
World class attack surface reduction capabilities that harden the device, prevent zero day attacks, and provide granular control over access.
Device based conditional access which leverages Azure AD and the Intelligent Security Graph to provide additional layers of protection and breach protection and forms a key part of your Zero Trust Security architecture.
Microsoft Defender is a Top right Magic Quadrant leader for Endpoint Protection.
Gartner Magic Quadrant for Endpoint Protection
What’s included in Defender for Endpoint Plan 1
The following diagram from Microsoft illustrates the key services and features included within both Plan 1 (now part of Microsoft 365 E3 and A3) and Plan 2 (part of Microsoft 365 E5 and A5 or available as an add-on).
Defender for End Point Plan 1 vs Plan 2.
Microsoft Defender for Endpoint Plan 1 supports client endpoints running Windows 7 with Extended Security Updates, 8.1, 10, 11, macOS, Android, and iOS.
What about Plan 2?
Microsoft say that Plan one provides a strong baseline and leading edge protection against modern day, zero day and every advancing threats.
For the complete set of endpoint security capabilities, as shown above, Microsoft advise that organisations strongly consider Microsoft Defender for Endpoint Plan 2.
“Plan 2 builds on Plan 1 and provides a best in class EDR solution including automated investigation and remediation tools, advanced threat prevention and threat and vulnerability management (TVM), and hunting capabilities which which combined with the wider Microsoft Defender suite provides seemless, integrated and cross architecture protection”.
To find out more, please refer to the official Microsoft documentation.
As a continuation of Microsoft’s standardisation and integration of their security products across Microsoft 365 and Azure, several other products have now “completed” the name change branding to “Defender” in line with others which moved across earlier this year.
This is the currently “Defender” line up as of Dec 2021.
Previous Name
New Name
Microsoft Cloud App Security (MCAS)
Microsoft Defender for Cloud Apps
Microsoft Threat Protection
Microsoft 365 Defender
Microsoft Defender Advanced Threat Protection
Microsoft Defender for Endpoint
Office 365 Advanced Threat Protection
Microsoft Defender for Office 365
Azure Advanced Threat Protection
Microsoft Defender for Identity
Azure Defender for IoT
Microsoft Defender for IoT
Azure Sentinel
Microsoft Sentinel
Azure Security Center + Azure Defender
Microsoft Defender for Cloud
Azure Defender for Storage
Microsoft Defender for Storage
Name changes for Microsoft Security Products – Dec 2021
Microsoft’s comprehensive and extensive range of security products and suites are designed to protect organisations from threats across devices, identities, apps, email, data, and cloud workloads.
Microsoft Sentinel is a cloud-native SIEM tool; Microsoft 365 Defender provides XDR capabilities for end-user environments (email, documents, identity, apps, and endpoint); and Microsoft Defender for Cloud provides XDR capabilities for infrastructure and multi-cloud platforms including virtual machines, databases, containers, and IoT.
I feel I must congratulate Cisco on the annoucement of their new partner and customer centric Enterprise Agreement.
Simple and Inclusive
This looks and feels like one of the simplest yet powerful subscription based licensing programmes in the channel… at a time when “other” major vendors seem to be struggling to get a model right that is fair and offers value to both customer and partners regardless of size.
Consistent across their solution portfolio
When fully available in early 2022, Cisco will make their full portfolio of services available through a single agreement rather than the current multiple EAs with different terms, rules and portals they have today. Instead the EA will cover all five of Cisco’s solution areas – application infrastructure, networking infrastructure, collaboration, security and services.
Helps make it easy for customer to buy solutions across the stack
This new EA will dramatically simplify purchasing and selling as it creates one program and one experience for everything Cisco do and aligned to their product portfolio.
For example, Cisco has been beating the drum hard with the concept of “full stack observability”, which is growing in importance in this multi-cloud centric, highly mobile and hybrid world.
To make this a reality, customers, need to buy products across multiple technology and solution stacks, including services like AppDynamnics, ThousandEyes, Intersight etc., but this new should make it much easier for partners to sell and for customers to buy.
Microsoft has made a giant leap forward in making your online world more secure by making passwords optional for personal MSA accounts like your personal Office 365 account/Hotmail etc.
It’s no secret, that Microsoft is actively striving to make passwords a thing of the past by supporting passwordless accounts. Microsoft already have support for passwordless sign in for commercial Microsoft 365 users as well as personal (MSA) accounts, but is taking this a step further by allowing the password to be totally removed!!!
Beginning today, you can now completely remove the password from your Microsoft consumer account. Use Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your favourite apps and services, such as Outlook, OneDrive, FamilySafety, and more.
Vasu Jakkal | CVP of Microsoft Security
How is passwordless more secure than MFA?
Firstly, Microsoft isn’t alone in their view here with both Facebook and Google also starting to actively champion the “death of the password” which is typically the weakest link in online account security since it’s often compromised stolen or phished. Lets face it, nobody likes passwords as we have to create evermore complex and unique passwords, remember them, and change them frequently (and of course use different ones across different sites).
In a blog on the topic today, Microsoft said that they “have heard great feedback from our enterprise customers who have been on the passwordless journey with us. In fact, Microsoft itself is a great test case — nearly 100% of our employees use passwordless options to log in to their corporate account.”.
Going Passwordless
In order to make your MSA account totally passwordless, you need to ensure you have and are using the Microsoft Authenticator app on your phone and ensure it’s set-up to use Muti-Factor Authentication.
Once this is working, you can then go to https://account.microsoft.com , sign in, and then navigate to “Advanced Security Options”. Once here, you should now see a subsection called “Additional Security Options” where there will be a “Passwordless Account” option, which you can turn on.
Enabling Passwordless
Enable Passwordless
Passwordless Enabled
It is unknown if or when Microsoft will remove passwords all together and at the moment, you can still re-add a password for your Microsoft account if you want/need to.
Microsoft have announced that real-time co-authoring support for encrypted documents (which has been in preview for a while) is now generally available. Co-authoring is a feature that allows users to collaborate on documents across Word, Excel, and PowerPoint for example, but it only worked on files that weren’t protected with encrypted….. until now.
Image (C) Microsoft
“With Microsoft 365, when sensitivity labels are used to encrypt Word, Excel, or PowerPoint documents, multiple users can now edit these documents in real-time with AutoSave, empowering teams to do their best work while maintaining protection across the document lifecycle,” Paras Kapadia, Principal Program Manager for Office 365 explained.
Co-authoring support for protected files is supported now on the Web, Windows and Apple Mac clients and willbe coming to iOS and Android “soon“.
You must “enable it” to enable it!!
It’s worth noting that unlike many Microsoft 365 features which are “on by default”, organisations who want to use co-authoring on protected documents need to enable this in the Microsoft 365 Compliance Center.
Microsoft 365 Compliance Centre
Microsoft also provide full guidance for admins on how to do this here. Please note: once enabled, you need to contact Microsoft support should you want/need to turn this off for any reason.
Microsoft have announced a more cost effective endpoint protection plan for Microsoft 365 and Windows customers. Named Microsoft Defender for Endpoint P1 this provides comprehensive threat prevention and protection for any endpoints including those running Windows, macOS, Android, and iOS and will be included for free in Microsoft 365 E3/A5 SKUs.
The existing Microsoft Defender for Endpoints SKU will become Defender for Endpoints Plan 2 and is the version currently included in Windows E5 and Microsoft 365 E5.
Microsoft say that this new solution “will make it easier for more security teams across the globe to buy and adopt the best of breed fundamentals of Microsoft Defender for Endpoint” and will provide generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI are some of the capabilities of this new plan.
Why now?
The endpoint remains one of the most targeted attack surfaces as new and sophisticated malware and ransomware continue to be prevalent threats and it’s not slowing down. Ransomware in particular continues to persist and evolve, financial damage continues to increase, and the impact is felt across numerous industries.
Over the last year, Microsoft have seen more than a 120% increase in organisations who have encountered some form of ransomware attack as shown in the graphic provided by Microsoft.
Image from Microsoft Security
Microsoft are keen to ensure they provide “security for all” and this comes just days after a commitment with Biden to invest more than $20billion in security over the next 5 years.
Microsoft claims they already provide best of breed, multi-platform, and multi-cloud security for all organisations across the globe and their integrated suite of security and threat protection and remediation services provides simplified, comprehensive protection that prevents breaches and enables our customers to innovate and grow.
Microsoft say that “as part of that commitment, we’re excited to offer a foundational set of our market leading endpoint security capabilities for Windows, macOS, Android, and iOS at a lower price in a new solution to be named Microsoft Defender for Endpoint Plan 1 (P1) which will also be included in Microsoft 365 E3 for free.
Licensing and Pricing
The great news is that “Plan 1” will be included in Microsoft 365 E3 /A3 at no addition cost and will be a made available as a low cost add-on for other SKUs. Microsoft 365 E5/A5 will continue to include Defender for Endpoint “Plan 2”.
This is currently in public preview, meaning you can sign-up for it for free for 90 days now. After the 90 days is up, you can buy this from your friendly Microsoft CSP or licensing partner. Customers already of Microsoft 365 E3/A5 will get this for free once released for General Availability (within the next 90 days) and will then be able to enable/user the service.
How to buy Defender for Endpoints Plan 1
Plan and Plan 2 compared
The diagram below shows the extent of the threat protection and remediation services offered by Microsoft Defender for Endpoints.
Microsoft Defender for Endpoint (C) Microsoft.
Plan 1 is aimed at organisations looking for mainly endpoint protection (EPP) where you get best of breed fundamentals in prevention and protection for all your client endpoints. It includes next generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI. Finally, it includes access to the Microsoft 365 Defender security experience to view alerts and incidents, security dashboards, device inventory, and perform investigations and manual response actions on next generation protection events.
Plan 2 is aimed at most larger enterprises who need full endpoint detection and response (EDR). This builds on Plan 1 and provides full EDR capabilities to further prevent security breaches, reduce time to remediation, and minimise the scope of attacks with vulnerability management, endpoint detection and response, fully automated remediation, advanced hunting, sandboxing, managed hunting services, and in-depth threat intelligence and analysis about the latest malware campaigns and nation state threats.
The below table offers a comparison of capabilities are offered in Plan 1 versus Plan 2.
Image (c) Microsoft.
Getting Started
You can sign up for the preview using the link here, and Microsoft have provided a detailed blog which goes into more detail than have shared above also provide a simple walk-through for admins and sec ops.
You can also read the latest Gartner report which details Industry leading security capabilities.
MICROSOFT and Rubrik (a US-based, Gartner leading data backup and protection company) have announced a new strategic partnership which will see them working together to providing Zero Trust data protection to help organisations protect and mitigate against the rising threat and risks of ransomware attacks across cloud and hybrid cloud environments, including or course Azure and Microsoft 365.
This work will address the rising customer needs to protect against surging ransomware attacks, which are growing 150% year on year.
As part of the partnership, Microsoft has also made an equity investment in Rubrik.
Who are Rubrik?
Rubrik work with enterprise customers, helping them protect and recover from ransomware attacks, automate data security operations, and transition data from on premises data centres to the cloud.
Like Microsoft, Rubrik takes a Zero Trust approach to data management, which follows the NIST principles of Zero Trust. Zero Trust is based on the concept of “never trust, always verify.” In practice, this means that access to any resource within the network must be subject to specified trust dimensions, or parameters. Failure to meet these parameters results in denial or revocation of access. This is in complete contrast to previous security models thatassumed implicit trust within the network perimeter.
Rubrik said in an annoucement that;
“As the pioneer of Zero Trust Data Management, Rubrik is helping the world’s leading organizations manage their data and recover from ransomware. Together with Microsoft, we are delivering tightly integrated data protection while accelerating and simplifying our customer’s journey to the cloud.”
Bipul Sinha | Co-founder and CEO |Rubrik
The better together story
Rubrik and Microsoft are already partners and according to Microsoft in their press statement, have been working together with over 2,000 mutual customers using Azure across six continents. In a press release announcing this new strategic partnership, Microsoft said that “the two companies will be providing Zero Trust data protection for hybrid cloud environments, including Microsoft 365“.
“End-to-end application and data management is critical to business success, and we believe that integrating Rubrik’s Zero Trust Data Management solutions with Microsoft Azure and Microsoft 365 will make it easy for customers to advance their Zero Trust journey and increase their digital resilience. ”
Nick Parker, Microsoft CVP Global Partner Solutions.
Summary and Thoughts
The data backup and recovery market is a big and crowded marketplace with leading companies like Veeam, Acronis, Veritas, ArcSerce, Commvault etc, making data backup and recovery their market and currency.
Magic Quadrant for Enterprise Backup & Recovery
Microsoft uses a “shared responsibility” model for data and availability in that they take responsibility for the services being available, online and resilient, but it’s up to the customer delivered online to govern, secure, backup, and maintain their data and content which has been where the traditional backup and recovery vendors have stepped in.
This investment could signal a new longer term area of focus and growth for Microsoft which could put pressure on the other vendors in this space especially if Microsoft now have a vetted interest to have a “preferred” partner / vendor for data protection and recovery.
What do you think?
Do you work with or use Rubrik for data protection? How do you see this playing out. Good or bad for the market?
Microsoft 365 now has “Safe Links” protections across Microsoft Teams for any organisation that uses Microsoft Defender for Office 365 (formally Office 365 ATP).
Defender for Office 365
What is Safe Links?
Safe Links is a feature of Defender for Office 365 that scans URLs clicked by end users to check for malware and malicious or phishing sites in real time.
Safe Links was first introduced in 2015 (for just Exchange Online at the time) and was originally used to “detonate” links in e-mails to detect malicious payloads. Safe Links was subsequently added to Microsoft 365 applications, as well, such as PowerPoint and Word.
With the latest update and expansion across Microsoft 365, Safe Links now provides transparent, integrative and native intelligent protections against malicious links in conversations, group chats and channels chat across Microsoft Teams.
Enabling the feature
This can be configured in the Microsoft 365 Defender portal. Detailed instructions can be found here
As with SafeLinks across the other Office services, admins can add exclusions and trusted sites if needed.
After their acquisition RiskIQ just last week and ReFirm the month before, Microsoft have just annouced they are now aquiring CloudKnox, a leader in Cloud Infrastructure Entitlement Management (CIEM).
Who are CloudKnox?
Founded in 2015, CloudKnox, are the only multi-cloud, hybrid cloud permissions management platform that provide granular visibility, automated remediation and continuous monitoring consistently enforcing least-privilege principles to reduce risk. CloudKnox works with Azure, as well as the AWS and Google public clouds as well with leading virtualisation and hybrid cloud vendors including VMware.
CloudKnox
CloudKnox are the leaders in Cloud Infrastructure Entitlement Management (CIEM) space and offers complete visibility into privileged access within cloud services.
What Microsoft plans to do with the CloudKnox acquisition.
In Microsoft’s most recent security blog, Joy Chik (VP of Identity at Microsoft) said:
“Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments….Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.”
Joy Chik, Corporate VP of Microsoft Identity
The post (which can be read here) summarises how Microsoft will leverage the CloudKnox technology to help Security Admins with tasks such as managing privileged access in multi-cloud and hybrid cloud environment through a set of comprehensive yet simple threat assessments and prevention methods as well as ensuring security enforcement and governance.
Finally Microsoft said that the acquisition of CloudKnox will allow Microsoft to further harden Azure Active Directory with more granular visibility, continuous monitoring and automated remediation for their hybrid and multi-cloud identities, access and permissions further solidifying their market leading position in Identity and Access Management.
Extended Security Updates were made available (at a cost) by Microsoft for both SQL Server and Windows Server versions 2008 and 2008 R2 since “official support” ended but these extended support update are also now coming to an end on:
SQL Server 2008: July 9th, 2022
Windows Server 2008/2008 R”: Jan 14th, 2023 respectively.
If your organisation is still running any of these older server products in Azure then you will be currently entitled to (and receiving) 3 years of free Extended Security Updates, and Microsoft have recently announced that one more year of Extended Security Updates will be available BUT ONLY if these workloads are running in Azure.
SQL Server and Windows 2012
Support for SQL Server 2012 and Windows Server 2012 / 2012 R2 is also coming to an end:
SQL Server 2012: July 12th, 2022
Windows Server 2012/2012 R2 on October 23rd 2023
As with version 2008, Microsoft will be making (again at a cost) 3 years of Extended Security Updates available from your licensing partner or Cloud Solution Provider (CSP) and, as before these will be free if these workloads are running (or moved into) Azure.
If you are no planning on moving these into Azure, then you’ll need to buy licences for each server instance you need to cover.
Cost for ESU are
Year 1: 75% of the licence cost
Year 2: 100% of the licence cost
Year 3: 125% of the licence cost
What are my options?
If you are still on Windows Server 2008 or SQL 2008, you have 3 options:
Migrate the VMs/Servers into Azure for ONE MORE YEAR of free support
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
If you are Windows or SQL Server 2012, you have 4 options:
Pay for Extended Support for up to 3 years
Upgrade the Servers to a supported version of SQL and Windows
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
Further Reading and References
You can find the formal announcement here, along with the data sheet which does into more detail, as well as a FAQ from Microsoft.
Windows365 is a new service that will let users access their corporate ‘cloud’ PC from anywhere by streaming a version of Windows 10 (or Windows 11 when released) in a web browser. At initial launch, (2nd August 2021), organisations have two edition options – Windows 365 Business and Windows 365 Enterprise – with multiple Cloud PC configurations in each edition based on performance needs.
Designed for the disparate and agile workforce
Windows 365 allows organisations to equip distributed workforces, temporary and seasonal employees, contractors, and employees who have a need for specialised workloads in a flexible and highly secure manner – regardless of their location or device. Windows 365 will allow organisations to add and remove users with secure managed Cloud PCs according to the changing needs of the business and of the individual user, allowing them to scale for busy periods without the logistical challenges of issuing new hardware. Cloud PCs can be scoped, and scales based on the specification/power that best meets the user need and is paid for on a simple per user per month price.
Built on Azure Virtual Desktop – runs on anything
Windows 365 is built on Azure Virtual Desktop but simplifies the virtualization experience and licensing. Organisations that require greater customization and flexibility can of course still opt for Azure Virtual Desktop to modernize their VDI (Virtual Desktop Infrastructure) in the cloud or use a combination of both.
Windows 365 offers a consistent Windows experience, across any device/operating system including Windows, Mac, Linux, iOS, or Android. It promises to support all your business apps such as Microsoft 365, Dynamics 365, Power Platform, line of business apps, and more as well as the Office 365 suite.
It provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device and allow them to pick up right where they left off. The state of a user’s Cloud PC remains the same, even when they switch devices.
Windows 365 Device Support (July 2021)
Consistent Device Management
Microsoft Endpoint Manager is used to procure, deploy, and manage Cloud PCs for their organisation, since Windows 365 is consistent with how they manage physical devices with Microsoft End Point Manager. Cloud PCs are managed alongside physical devices and can apply management and security policies to them in the same way as they do on physical devices. There is extensive monitoring too and IT can change on the fly the specification (processor, RAM, and disk) to adjust the performance of the Cloud PC to make sure the users are getting the best experience. There’s also built-in analytics and performance metrics to look at connection health across network to make sure the Cloud PC users can reach everything they need.
Build on Zero Trust Foundation
Windows 365 is built with a focus on a Zero Trust architecture. It stores information in the cloud, not on the device, and encryption is used everywhere as you’d expect with an Azure service. All managed disks running Cloud PCs are encrypted, stored data is encrypted at rest, and all network traffic to and from the Cloud PCs is also encrypted.
Licensing Information
Unlike other virtualisation services, Windows 365 is priced on a per-user price and are allocated via the Microsoft 365 admin centre portal in the same way as other Microsoft 365 E3/E5 licenses.
Windows 365 will initially come in two flavours – Business and Enterprise, and Microsoft will offer 12 different configurations for both the editions. The Cloud PCs can be configured with a single CPU, 2GB of RAM, and 64GB of storage at the low-end, all the way up to eight CPUs, 32GB of RAM, and 512GB of storage.
A full range of available configuration and example scenarios is available here.
Windows 365 will be officially available on August 2, 2021, and pricing will be announced on the same day, though rumours say we expect pricing to start from ~£25pupm
Microsoft has just announced that they are to acquire cyber security company RiskIQ ina $500m deal.
RiskIQ provide cloud-based software as a service (SaaS) for businesses to identity various phishing, fraud, malware and other online threats.
Risk IQ
Microsoft’s Eric Doerr (VP of Cloud Security) explained in their annoucement how RiskIQ’s expertise and global threat intelligence platform will help their customers to better apprehend online threats in their digital transformation journey with the technology to become part of their integrated Security and Threat protection suite(s).
“The combination of RiskIQ’s attack surface management and threat intelligence empowers security teams to assemble, graph, and identify connections between their digital attack surface and attacker infrastructure and activities to help provide increased protection and faster response”.
Eric Doerr (Microsoft VP of Cloud Security)
Microsoft have a growing and comprehensive industry leading portfolio of integrated security and threat protection solutions for addressing the needs of hybrid and multi-cloud environments. The acquisition of RiskIQ’s expertise follows an ongoing list of acquisitions in the cybersecurity area.
“Our (Risk IQs) technology and amazing people will be a powerful addition to Microsoft solutions. Together, we’ll empower CISOs and security operations teams to proactively detect and defend their enterprise against all threats, both on-premise and across multi-cloud. “
Statement from RiskIQ
You can read the full annoucement in the Microsoft Security Blog here.
Microsoft has opened registrations for this years Inspire 2021 virtual conference, which will be held on July 14th and 15th.
Microsoft Inspire is Microsoft’s largest (and global) annual partner event and as usual features several high-profile global execs including CEO Satya Nadella and EVP of Worldwide Commercial Business Judson Althoff.
What might we hear about?
Last year, there was huge news and updates around Azure, Microsoft Teams, Microsoft Edge as you’d expect with also a focus on new services such as Microsoft Lists, and Power Automate Desktop.
This year we can expect to hear some new enhancements and updates and I expect to see a focus around the recently(ish) announced Microsoft Viva along with more updates around Windows (following the event on the 24th June) and probably some new things none of us are expecting… .
You can register for Microsoft Inspire 2021 on this page with your Microsoft account, Office 365, LinkedIn, or GitHub account.
Data Loss Prevention (DLP) is used by organisations to define and enforce data protection policies that identify and prevent risky or inappropriate sharing, transfer or use of sensitive information across cloud, on-premise and endpoints within an organisation or establishment.
Until now it was possible to configure alerts, as a part of the DLP policy authoring experience which provide an effective way for admins or compliance officers to get notified whenever a DLP policy is breached.
Microsoft has now announced the General Availability (GA) of their Data Loss Prevention “Alerts Dashboard” . This latest enhancement provides organisations with the ability to easily and holistically visualise and then investigate DLP policy violations across their entire infrastructure including:
New Alerts Dashboard enhances DLP experience
On-premises file shares
Exchange / Exchange Online
Teams
OneDrive
Other non msft cloud apps and SaaS apps
Devices (where endpoint DLP is used).
The alerts dashboard provides a list view of all of the DLP alerts. The relevant details can then be investigated by simply clicking on an alert. APIs of course exist to allow you to call these alerts from other event management platforms and SEIM products like Azure Sentinel for example.
Microsoft DLP dashboard (April 2021)
Microsoft DLP is of course just part of the comprehensive set of Gartner Magic Quadrant leading Information Protection, Compliance and Governance solutions that are part of the Microsoft 365 E5 (and Microsoft 365 Compliance stack).
Customers can easily sign up for a trial of Microsoft 365 E5 via the admin centre, or by speaking to your Microsoft Partner (like the company I work for at https://www.cisilion.com/microsoft) to get more information, arrange a demo or run a PoC.
More information on this with can be found on the Microsoft 365 blogs here.
So, it wouldn’t be a Microsoft event (#MSIgnite) without a handful of “wow” demos, updates, and new products announcement both in preview and GA across Teams, the wider Microsoft 365 platform, Azure, Windows 10 and Power Platform, but without doubt the biggest “thing” to happen at Ignite this year was Mcirosoft Mesh. Anyway, here’s my
As in previous years), Microsoft have published their “encyclopaedia” if you like, of Ignite (the #BookOfIgnite ) which covers all the announcements in detail along with links to blogs and tech articles.
This post, on the other hand is a summary of my personal “top 3” announcements across each of the core solution areas. Of course, depending on your role, line of business and priorities, and interests, you will have your own favourites so feel free to let me know yours in the comments.
Microsoft Mesh
This stole the show from the moment the keynote started and was without question the biggest news of Ignite 2021. Much of the keynote and later sessions were available to watch live AltSpace VR in both Mixed and Virtual Reality. Mesh is Microsoft’s new Mixed Reality Platform which is designed to allow people who are in physically various locations to join collaborative and shared holographic experiences across many kinds of devices.
The business case for Mesh builds upon the success of HoloLens 2 and is designed (and was highlighted) for organisations to let their teams joined shared virtual spaces for collaborative meetings, where everyone will appear as virtual avatars (reminds me of the holograms in the StarWars). Microsoft say that their target audience is both enterprise and commercial customers. Microsoft Mesh can be accessed through an updated version of AltSpace VR, which is Microsoft’s VR platform. Microsoft Mesh will be coming to HoloLens via a dedicated app and solutions built through Mesh by developers will also be able to be tailored/supported to Windows Mixed Reality, PCs, Macs, Smart Phones, and headsets like Oculus.
Microsoft Teams
Highlight of new Teams Meeting Features
Always needing its very own category, my top 3 in this category are:
1. Improvements for Teams Meetings and Live Events.
Teams can now be used to create and run fully interactive webinars for up to 1,000 attendees and will also support webinars with up to 20,000 attendees from later this month. This will also be included for any customer with Office 365 E3 and more without any additional licenses or cost.
Dynamic View for Teams meetings will be released next month and is all about ensuring more inclusive and natural meetings for remote/hybrid meetings making them more engaging. Dynamic view uses AI to adjust elements of the meeting to allow for display different modes such as charts, chats, etc next to video feeds as well as an overlay of presenter video and presentation space.
Improved privacy and security in meetings – with meeting-only meeting controls and end-to-end encryption in one-to-one calls.
PowerPoint Live in Teams is available now. The much-requested feature combines slides, notes, and meeting chat in a single view to help make presentations easier for speakers and presenters and to make them more engaging for attendees.
2. Teams Connect
A new channel-sharing feature coming to Teams “later” this calendar year. This will enable users to share channels with anyone, internal or external. Unlike guest access, the shared channel will appear within a user’s primary Teams tenant, alongside other Teams channels meaning that “multiple organisations can share a single channel” that all members can then access from their own Teams environments. Channel sharing seems is great for scenarios where multiple organisations are collaborating on a specific project for example. Guest Access isn’t going anywhere and is still relevant as this is more suited to situations where an external organisation or person needs broad access to data, meetings, and information, beyond just a specific channel. This is currently in “private preview”.
3. Teams Calling Updates
Direct Routing and Survivable Brach Appliances: With the explosion of customers enabling and migrating to PSTN calling in Teams from traditional IP PBXs, the use of Direct Routing grown 8-fold, Microsoft announced several new certified Session Border Controllers (SBC) for Direct Routing, with 6 new SBCs completing certification in just the past 3 months. Additionally, to add resiliency to the most critical locations, Survivable Branch Appliance (SBAs) are now generally available, enabling PSTN calling in the event an outage does not allow the Teams client to directly connect to Microsoft 365 global services.
Operator Connect Conferencing brings an “operator-managed service” that provides “bring your own operator” for conferencing, meaning customers can keep their preferred operator contracts in place as they migrate their PSTN infrastructure to the cloud. This also allows additional geographic dial-in coverage, enhanced support, and reliability with locally agreed technical support and SLAs. This enters private preview from June, with the initial wave of qualified partners, including BT, Deutsche Telekom, Intrado, NTT, Orange Business Services, and Telenor.
New CloudCalling Plan Countries were also announced, with Microsoft native calling plans coming to 8 new markets from April 2021 including New Zealand, Singapore, Romania, Czech Republic, Hungary, Finland, Norway, and Slovakia, bringing native Microsoft Teams Calling Plans to 26 markets across the globe.
Identity, Security & Compliance
1. Identity
Focusing on helping organisations deliver on their Zero Trust strategy including,
Password-less authentication which is now “generally available” for cloud and hybrid environments meaning customers can move towards a truly password-less world leveraging multi-factor authentication and risk based conditional access to provide just in time, assume breach, challenge everything approach to identify and access management without the need for passwords.
Azure AD Conditional Access now uses authentication context to enforce more granular policies based on user actions across the applications they are using or the sensitivity of data they’re trying to access.
Azure AD verifiable credentials will be in public preview later this month. Verifiable credentials allow organisations to confirm information without collecting or storing personal data, improving security and privacy.
2. Security announcements
A wealth of announcements here as well, all of which will further strengthen, Microsoft’s commitment to deliver the absolute best security protection, detection, and response for all clouds and all platforms:
Azure Sentinel now seamlessly integrates with Microsoft 365 Defender with shared incidents, schema, and user experiences to simplify investigations for a totally aligned view and remediation surface.
Endpoint and Office 365 defender capabilities are now also integrated into the Microsoft 365 Defender portal.
New Threat Analytics experience within the Microsoft 365 Defender portal provides a set of reports from expert Microsoft security researchers designed to help customers understand, prevent, and mitigate active threats, like the recent Solorigate / SolarWinds attacks.
The Secure-core services that are now build into Surface devices (and other leading Windows 10 devices) is also coming to Windows Server and Azure edge devices to help minimise risk from firmware vulnerabilities, attacks, and advanced malware in IoT and hybrid cloud environments.
3. Compliance announcements
Co-authoring of Microsoft Information Protection-protected documents will be available in “public preview” from this week. This in my experience the number one blocker of being able to properly deploy organisational wide information protect across SharePoint sites, Teams, and individual documents since currently (well, prior to this announcement) it was not possible to co-author docs that were encrypted which makes most of the power of Modern Office 365 and co-authoring useless. This feature helps significantly close the gap between security and productivity.
Microsoft Azure Purview was announced in more detail. Purview provides new cross-platform support and deeper insight into data classification and protection across structured and un-structured data across on-premises, data bases, Microsoft Cloud and third-party services including Google and AWS – it’s Azure Information Protection on steroids!
Microsoft 365 data loss prevention (DLP) now supports Google Chrome browsers and on-premises file shares and SharePoint Server as well as SharePoint Online and of course Microsoft’s Edge (Chromium based) browser.
Microsoft 365 Insider Risk Management Analytics was released into public preview.
Power Platform
1. Power Automate Desktop was made free!
This is really really big news for any organisation that is looking, using, or intending to use Robotic Process Automation (RPA). Power Automate Desktop is a an “attended Robotic Process Automation” solution which is a macro recorder on steroids. You can download it now if you want to try it. It will be available first for #WindowsInsiders to try (built into Windows 10), however it will eventually be rolled out to Windows 10 as a core product (most likely as an optional feature). Until now, a per user for month for the tool would cost about £12 a month. Power Automate currently has circa 400 actions to help build flows across different applications and the best part is that it enables you to build your own scripts to automate time consuming repetitive tasks which saves time and money. Microsoft’s goal here is to “democratise the development for everybody with Power Platform” by making no-code/low-code accessible to everyone not just developers.
2. PowerFX (a new low code programming language) was announced.
PowerFx is a low code programming language that is based on the foundation of the Microsoft Power Apps canvas. What’s great is that since Power Fx is based on Microsoft Excel, it will naturally be a great fit for a wide range of people since it will leverage skills, they “many” already know and becomes a common ground for business users and professional developers alike to express logic and solve problems. Microsoft also said they were planning make Power Fx, open source, making the language available for open contribution by the broader community on GitHub.
3. Dynamics 365 now seamlessly integrates with Microsoft Teams
This ensures conversations, calls, meetings, and chat will be available across dynamics 365 – within opportunities, sales, marketing, finance, and operations.
Windows 10
Windows 10 usually gets a backseat at Microsoft Ignite (as it typically focusses on cloud services and new things), but this year, there were some things which resonated.
1. Power Automate Desktop
As discussed above, Power Automate Desktop was announced and will be free for all Windows 10 users including Windows 10 Home and Pro and not just to Enterprise users. You can read more about this above.
2. Windows 10 in Cloud
Simply put, cloud configuration is a Microsoft-recommended device configuration for Windows 10, cloud-optimised for users with specific workflow needs. IT admins use Microsoft Endpoint Manager to apply a standard, cloud-based, easy-to-manage configuration of Windows 10 to a selected set of new or existing devices. The configuration works on devices running Windows 10 Pro or Windows 10 Enterprise and may be appropriate for workers who only need a limited number of IT-curated and approved applications to meet their targeted workflow needs. User accounts are registered in Azure Active Directory and devices are enrolled for cloud management in Intune, so they are automatically updated with continuous product and security updates.
Microsoft announced that the newly announced Windows 10 in Cloud has now been integrated into Microsoft Endpoint Manager, which will make it even easier to provide a secure device configuration regardless of the type of worker. Microsoft also made a full “Windows 10 in cloud configuration overview and setup guide” available which is designed to help solution integrators, partners, and internal IT teams to apply a uniform, secure and easy-to-manage cloud-based configuration of Windows 10 Professional or Enterprise devices.
3. New version of Windows 10 Perhaps?
Well maybe! During a Fireside chat session at Ignite, Surface and Windows Lead, Panos Panay “teased” of some major updates and design changes coming to Windows. These were very much hints and teases than any firm commitments but talked a lot about the fact that Microsoft has not “talked about the next generation of Windows for a while” and that he was “so pumped” for it – ending with “it’s going to be a massive year for Windows.”
These were very much hints and teases than any firm commitments but talked a lot about the fact that Microsoft has not “talked about the next generation of Windows for a while” and that he was “so pumped” for it – ending with “it’s going to be a massive year for Windows.”