Microsoft 365 roadmap roundup – 5 Apr 2021

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (1)
  • Rolling out (3)
  • In development (38)

🍾 LAUNCHED

  • Microsoft 365 Compliance Center | Records management: Increased file plan import limits – This update will allow an unlimited number of characters in the description for file plan imports. Roadmap ID: 70724

🚂 ROLLING OUT

  • Microsoft Information Protection Labels: Classification Driven Policies with Office 365 Groups – Tenant administrators can now better govern groups created in their respective tenants by enforcing policies on those groups using classification labels in a streamlined and proactive manner. Roadmap ID: 50293
  • Microsoft Defender for Office 365: Improvements to Alerts and Hunting – Microsoft are releasing a number of updates to alerts and hunting, including: Extending data retention for Threat Explorer and Real-time detections from 7 days to 30 days for trial tenants, after which you will be able to search for data for 30 days. Roadmap ID: 70544
  • Microsoft 365 Compliance Center: Ability to delete a record label – With the update, you will be able to delete unused record labels within Microsoft 365 Records Management. Roadmap ID: 70723

⌛ IN DEVELOPMENT

Release – April 2021

  • 🆕 Microsoft Compliance center: Data loss prevention (DLP) solution overview page – The DLP solution overview page will appear in the Microsoft 365 compliance center and house policy recommendation widgets and other actions and guidance related to your available DLP solutions. Roadmap ID: 70814
  • 🆕 Microsoft compliance center: New DLP alert management dashboard – A new data loss prevention (DLP) alert management experience within the Microsoft 365 compliance center will enable admins to review, investigate, and manage DLP policy match events. Roadmap ID: 72206
  • Microsoft Defender for Office 365: Detonation details – Microsoft are working to reveal more of the details that led to a malicious verdict when URLs or files are detonated in Microsoft Defender for Office 365. Roadmap ID: 64570
  • Microsoft Defender for Office 365 Auto-remediation with enhanced playbooks – Auto-remediation of threats with additional playbooks and deeper integration with Microsoft Cloud App Security and Azure Active Directory. Roadmap ID: 34296
  • Microsoft Information Protection: Data loss prevention for Microsoft Teams in GCC-High – If your organization has DLP, you can now define policies that prevent people from sharing sensitive information in a Microsoft Teams channel or chat session. Roadmap ID: 67098
  • Azure Information Protection: Microsoft 365 Groups: support for Sensitivity Labels in Government Community Clouds – Microsoft 365 Groups will soon support Sensitivity Labels to help you manage privacy and external access. Roadmap ID: 67158
  • Microsoft Information Protection: Automatic and recommended sensitivity labeling available in Office apps for Mac for Government clouds – Automatic and recommended sensitivity labeling, based on content inspection, is natively built into Office apps within Outlook and Word/Excel/PowerPoint applications on Mac. Roadmap ID: 68849
  • Microsoft Defender for Endpoint: Web Content Filtering – Web content filtering is a feature in Microsoft Defender for Endpoint that enables security administrators to track and regulate access to websites based on specified content categories. Roadmap ID: 68851
  • Microsoft 365 Compliance center: Information governance – Yammer retention – This update enables organizations to apply retention policies on Yammer messages. Roadmap ID: 70581
  • Microsoft Defender for Office 365: Enhancements to Spoof Intelligence – Spoof intelligence experience for Security Admins will introduce enhancements so that Admins can setup spoof configurations, manage spoof allow/block lists for a tenant, review insights provided by spoof intelligence and view/export detailed spoof detections report. Roadmap ID: 70590
  • Microsoft Information Protection: AIP client and scanner data available in Audit and Activity explorer – Azure Information Protection (AIP) customers can now access data in Microsoft 365 compliance center Audit logs and Activity explorer, in addition to the AIP Analytics portal. This means that all data logged via AIP client and AIP scanner can be witnessed along with the rest of the Microsoft Information Protection (MIP) and Data Loss Prevention (DLP) data sets from native Office apps and other cloud resources. Roadmap ID: 70600
  • Microsoft Cloud App Security: MFA step-up auth – This feature enables enforcing of conditional access policies during a user session. Roadmap ID: 70603
  • Microsoft Defender for Office 365: Updates to post-delivery detections and investigations – Microsoft are rolling out updates to alerts and investigations including new alert policies and post-delivery detections related to Zero-hour auto purge (ZAP). Roadmap ID: 70614
  • Microsoft 365 compliance center: Enhanced support for domains in Insider Risk Management – Insider Risk Management now support enhanced classification of unallowed, allowed, and third-party domains leveraging wildcards. Roadmap ID: 70631
  • Microsoft 365 compliance center: Content explorer enhancements for Insider Risk Management – The Microsoft 365 Insider Risk Management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. Roadmap ID: 70632
  • Microsoft Information Protection: Configure external sharing for sensitivity labels in Teams and SharePoint sites – With this update, you can set controls on external sharing while configuring a Team or site protection policy. For example you can set a very restrictive one for a Team or site labeled ‘confidential’—restricting sharing with people outside the organization or set a very relaxed one for a Team or site labeled ‘general’—allowing anyone with a link to access without requiring sign-in. Roadmap ID: 70735
  • Microsoft Information Protection: Mandatory labeling in Office apps for gov clouds – Office apps (Word, Excel, PowerPoint, Outlook) will now respect the Admin policy setting to require users to apply a label to documents and emails on Windows, Mac, iOS, and Android (for the Office 365 subscription version of the apps). Roadmap ID: 70789
  • Microsoft Information Protection: Outlook support for DisableMandatoryInOutlook and OutlookDefaultLabel settings – Outlook clients will now support the advanced Azure Information Protection (AIP) settings DisableMandatoryInOutlook and OutlookDefaultLabel. Roadmap ID: 72172
  • Microsoft Information Protection: Exact Data Match to support Auto-labeling – Organizations will be able to configure new or existing Auto-labeling policies using Exact Data Match (EDM) Sensitive Information Types (SITs), enabling more fine-grained control over which sensitive content gets labeled. Roadmap ID: 68881
  • Microsoft 365 compliance center: Third-party data connectors – Use data connectors to import and archive third-party data from social media platforms, instant messaging platforms, document collaboration platforms and more, to mailboxes in your Microsoft 365 organization where you can then apply various Microsoft 365 compliance solutions to the imported data. Roadmap ID: 68896
  • Microsoft 365 compliance center: “Watch-the-watchers” audit trail for Insider Risk Management – Audit and review activities of IRM Analyst, IRM Investigator, and IRM Admin roles within the Microsoft 365 Insider Risk Management solution. Roadmap ID: 68921
  • Microsoft 365 compliance center: Increased set of first-party indicators for Insider Risk Management – The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. Roadmap ID: 68924
  • Microsoft Information Protection: Changes in display of hierarchical sensitivity labels for Microsoft Teams – For hierarchical sensitivity labels, channel headers will only display the parent label instead of showing the child label. For example, for a sensitivity label such as Confidential\Finance, Teams will only show “Confidential” in the channel header. Roadmap ID: 70566
  • Microsoft 365 compliance center: Insider Risk Management analytics – The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. Roadmap ID: 70633
  • Microsoft Information Protection: Data classification analytics for GCC-High and DoD – Data classification capabilities in Microsoft 365 compliance center help you get a holistic understanding of the sensitive data in your digital estate and related user activities. Roadmap ID: 70666
  • Microsoft 365 Compliance Center: Insider Risk Management supports fine-grained role-based access control – Insider Risk Management will now limit visibility of alerts and cases related to priority users to specific IRM Analysts or IRM Investigators. Roadmap ID: 70711
  • Microsoft 365 Compliance Center: Insider Risk Management supports native triggers – The Microsoft 365 Insider Risk Management solution will now leverage native triggers for Data Leak or Departing Employee Data Theft policy templates. Roadmap ID: 70712
  • Microsoft 365 Compliance Center: Insider Risk Management supports sequencing – Insider Risk Management will improve fidelity of detections by looking for sequences of events over time. Roadmap ID: 70713
  • Microsoft 365 Compliance Center: Policy health check for Insider Risk Management – Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. Roadmap ID: 70714
  • Microsoft 365 Compliance Center: Enhanced user management in Insider Risk Management solution – We’re improving the experience around manually adding or removing users from Insider Risk Management policy scoring scope. Roadmap ID: 70715
  • Microsoft 365 Compliance Center: Enhanced policy creation wizard for Insider Risk Management – We’re improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration. Roadmap ID: 70716
  • Microsoft 365 Compliance Center: ServiceNow template for PowerAutomate available within Insider Risk Management – A ServiceNow PowerAutomate template will be provided to integrate Insider Risk Management with ServiceNow. Roadmap ID: 70717
  • Microsoft 365 Compliance Center: Data loss prevention (DLP) data surfaced in Activity Explorer – DLP-related data sets which currently flow into Microsoft 365 Audit logs will now also surface within Activity Explorer under an activity called ‘DLP rule matched’. Roadmap ID: 70730
  • Microsoft 365 Compliance Center: Recommendation widget for Teams DLP – A new recommendation widget will appear within the Microsoft 365 compliance center to guide admins in creating a packaged Teams DLP policy if they currently have no policy related to Teams DLP in their policy portfolio. Roadmap ID: 70731
  • Microsoft Information Protection: Configure sensitivity labels for encrypt-only protection on Outlook messages – You can now create labels that enforce the encrypt-only restriction (available within Office 365 Message Encryption) when applied to Outlook email messages. With encrypt-only, users can send encrypted email to any recipient, whether they are inside or outside the organization, and the protection follows the lifecycle of the email. Roadmap ID: 72171
  • Microsoft Information Protection: Data loss prevention for Microsoft Teams in GCC-High – Data loss prevention (DLP) capabilities in Microsoft 365 government clouds will be extended to include Microsoft Teams chat and channel messages, including private channel messages. Roadmap ID: 80374

Release – May 2021

  • 🆕 Microsoft 365 compliance center: Collection of Teams conversation as transcript in Advanced eDiscovery – eDiscovery managers will soon have the flexibility to collect Teams messages as transcript items. Transcripts will aggregate and thread messages in the same Teams conversations into a single HTML file that is available for review and export. Roadmap ID: 70812

Release – June 2021

  • Microsoft Defender for Office 365: Request Release workflow – We’ve added a way for end users to triage quarantined phish messages. Roadmap ID:62449

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s