Microsoft 365 roadmap roundup – 29 March 2021

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (4)
  • Rolling out (1)
  • In development (19)


  • Microsoft Information Protection: Exact Data Match to support notifications for data upload status through alert policies – Exact Data Match (EDM) customers will be able to configure alert policies in the security and compliance center for EDM Upload Agent notifications, enabling admins to receive alerts both via email and through the UI regarding EDM data upload status. Roadmap ID: 68882
  • Microsoft Defender for Identity: Detection improvement – Netlogon – An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller using the Netlogon Remote Protocol, also known as Netlogon Elevation of Privilege Vulnerability. Defender for Identity already has a detection for this, but this improvement adds capabilities to determine potential encryption and null source account logic detection to the alert, improving accuracy and potential for false positives. Roadmap ID: 68890
  • Microsoft Information Protection: OneDrive for Business location picker supports security groups and distribution lists – Data loss prevention (DLP) for OneDrive for Business will soon support user accounts and groups as part of the policy scoping location picker, enabling more granular control of DLP policy scope (i.e. to include/exclude particular departments, business units, geo-specific security groups, etc.). Roadmap ID: 70708
  • Microsoft Information Protection: Exact Data Match to support Customer Managed Key (Public Preview) – Customers will be able to encrypt Exact Data Match (EDM) data using their own Customer Managed Key (CMK), further enhancing EDM data security. EDM content that is encrypted using the CMK includes the data file schemas, rule packages, and the salts, which are used in hashing the sensitive data being protected. Roadmap ID: 70722


  • Microsoft Information Protection: Exact Data Match to support improved auditability – Customers who have configured Exact Data Match (EDM) will be able to view a complete audit trail of who created or modified and when each EDM component (i.e., Data schema, rule package and hashed / salted data uploaded). Roadmap ID: 68876


Release – March 2021

  • 🆕 Microsoft Information Protection: Outlook support for DisableMandatoryInOutlook and OutlookDefaultLabel settings – Outlook clients will now support the advanced Azure Information Protection (AIP) settings DisableMandatoryInOutlook and OutlookDefaultLabel. Roadmap ID: 72172

Release – April 2021

  • Microsoft Information Protection: Auto-classification with sensitivity labels in SPO, EXO, OneDrive for DoD – Auto-classification with sensitivity labels in OneDrive, SharePoint Online, and Exchange Online will soon be available in DoD environments. Roadmap ID: 72192
  • Microsoft Defender for Office 365: Safe Links Protection for Microsoft Teams – The power of Safe Links will now be available to protect users from malicious links sent via Microsoft Teams. Roadmap ID: 34298
  • Microsoft Information Protection: Data-at-Rest Encryption for Microsoft 365 in WWMT and GCC – Data at rest encryption for Microsoft 365 provides customer key based encryption across multiple M365 workloads. Tenant administrators can configure a single data encryption policy using customer managed keys and assign it to the tenant. Roadmap ID: 68869
  • Microsoft 365 compliance center: Information governance – Multi-stage disposition review – This update allows organizations to use a multi-stage disposition process, including multiple stakeholders and reviews before deleting the content. Roadmap ID: 70579
  • Microsoft Information Protection: Granular conditional access policies via “Sensitivity Labels” for SharePoint Online sites – Admins will have the ability to use Azure AD conditional access policies to trigger multi-factor authentication (MFA), device and location policies on a specific SharePoint site collection based by simply attaching CA policies to a label. Then these labels can be applied to Sites and now users access these sites will have to go through the CA policies in order to gain access. Roadmap ID: 70594

Release – May 2021

  • 🆕 Microsoft 365 Compliance Center: Microsoft Information Protection & Governance now supports 7 languages for the Threat, Targeted Harassment and Profanities classifiers – Trainable classifiers in Information Protection & Governance can now detect threat, targeted harassment, and profanities in the following languages: English, French, Spanish, German, Portuguese, Italian, Japanese, and Chinese. Roadmap ID: 70798
  • 🆕 Microsoft Compliance Center: Communication Compliance for DoD – Communication Compliance is an insider risk solution in Microsoft 365 that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Roadmap ID: 72204
  • Microsoft Defender for Identity: Full alert experience in Microsoft 365 security center – Defender for Identity will offer it’s full alert and investigation experiences natively within the Microsoft 365 security center. Roadmap ID: 68887
  • Microsoft 365 compliance center: Third-party data connectors – Use data connectors to import and archive third-party data from social media platforms, instant messaging platforms, document collaboration platforms and more, to mailboxes in your Microsoft 365 organization where you can then apply various Microsoft 365 compliance solutions to the imported data. Roadmap ID: 68896

Release – June 2021

  • 🆕 Microsoft Compliance Center: Service optimizations for Audit search – This update provides various service optimizations for Audit search, including speed and workflow improvements. For example, you can track status of the searches. Roadmap ID: 72202
  • Microsoft Defender for Identity: Administrative functions in Microsoft 365 security center – Defender for Identity’s administrative functions will be available to view and edit within the Microsoft 365 security center. Roadmap ID: 68886
  • Microsoft Defender for Identity: New Detection – Golden ticket using AES encryption – An alert already exists to detect instances where an attacker downgrades the encryption level of the ticket-granting ticket (TGT) field, but this new alert introduces detection capabilities for when an attacker uses the KRBTGT AES hash to generate the ticket. Roadmap ID: 68888

Release – July 2021

  • 🆕 Microsoft Defender for Identity: Alert exclusion in Microsoft 365 security center – One of the most widely used features relating to alerting in Defender for Identity is being able to tune them and make sure you are only alerted on what should be getting your attention. Roadmap ID: 72203
  • Microsoft Defender for Identity: Detection improvement – Suspicious additions to sensitive groups – New logs are being added to the detection logic for what is “normal” in a particular environment. This will remove an initial dependency on establishing a baseline so that detection is available to use immediately for known sensitive groups. Roadmap ID: 68891

Release – August 2021

  • Microsoft Defender for Identity: Auditing capabilities – Defender for Identity will offer audit logs for most activity types, allowing administrators to track changes to administrative settings and configurations. Roadmap ID: 68885


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s