Microsoft 365 roadmap roundup – 3rd October 2021

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (9)
  • Rolling out (1)
  • In development (42)

🍾 LAUNCHED

  • Microsoft Defender for Endpoint: Web Content Filtering – Web content filtering is a feature in Microsoft Defender for Endpoint that enables security administrators to track and regulate access to websites based on specified content categories. Roadmap ID: 68851
  • Microsoft Information Protection: OneDrive for Business location picker supports security groups and distribution lists – Data loss prevention (DLP) for OneDrive for Business will soon support user accounts and groups as part of the policy scoping location picker, enabling more granular control of DLP policy scope (i.e. to include/exclude particular departments, business units, geo-specific security groups, etc.). Roadmap ID: 70708
  • Microsoft 365 Compliance Center: Data loss prevention (DLP) data surfaced in Activity Explorer – DLP-related data sets which currently flow into Microsoft 365 Audit logs will now also surface within Activity Explorer under an activity called ‘DLP rule matched’. Roadmap ID: 70730
  • Microsoft Defender for Endpoint: Endpoint discovery for Microsoft Defender for Endpoint in GCC – Endpoint for Microsoft Defender for Endpoint enables organizations to discover and secure unmanaged endpoints. Once discovered integrated workflows can be used to secure the devices using Defender for Endpoint’s threat and vulnerability management, threat detection and automated incident responses capabilities. Roadmap ID: 85569
  • Microsoft 365 Compliance center: Insider risk management – Enhanced alert review experience – Enhancements to the alert overview experience to improve explanation of why an alert was created and improve ability to review the riskiest activity in an alert. Roadmap ID: 85578
  • Microsoft 365 Compliance center: Insider risk management – Enhancements to Cumulative exfiltration activities – Enhancements to the cumulative exfiltration activity presentation to update how we explain the user’s activity compared to the organization. Roadmap ID: 85579
  • Microsoft 365 Compliance center: Insider risk management – Enhancements to User Activity experience – Within the user activity tab in a case, we have made enhancements to improve the activity review experience. Roadmap ID: 85580
  • Microsoft 365 Compliance center: Insider risk management – Enhancements to Export Alerts – For the Export alerts feature, we have increased the frequency in which alerts are sent to the Office 365 Management Activity API to every hour (previously every 12 hours) so you can have more updated alert information available. Roadmap ID: 85581
  • Microsoft Compliance center: Core eDiscovery and Advanced eDiscovery – Legal hold for Teams private channel – Legal Hold for Teams will now support Private Channel Messages. Roadmap ID: 82114

🚂 ROLLING OUT

  • Microsoft Compliance center: Insider Risk Management integration with Teams and Power Automate – Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Roadmap ID: 83955

⌛ IN DEVELOPMENT

Release – October 2021

  • 🆕 Microsoft Defender for Office 365: The Attack Simulation Training landing page is now customizable – Microsoft are pleased to announce the availability of a new landing page experience that allows customers to easily tailor the landing page to suit the requirements of their enterprise and include their own branding. Roadmap ID: 85642
  • Microsoft Defender for Office 365: Request Release workflow – We’ve added a way for end users to triage quarantined phish messages. Roadmap ID:62449
  • Microsoft Defender for Office 365: Quarantine – Custom Policy and Folder – Previously, quarantine behaviour was configured through each individual filtering policy. To reduce complexity, we’ve moved new and existing quarantine parameters into a standalone Quarantine policy. Roadmap ID: 62450
  • Expanded support to search and export items in SharePoint and OneDrive for Business Recycle Bin in Core eDiscovery & Advanced eDiscovery – The eDiscovery and SharePoint Online teams are making architectural changes that will make the Recycle Bin (both first-stage and second-stage Recycle Bins) in SharePoint Online and OneDrive for Business searchable and exportable by eDiscovery Managers. That means organizations can search and export items in the Recycle Bin regardless of whether a site is on hold or not. Roadmap ID: 67092
  • Office 365: Cross-Tenant People Search (Limited Availability) – This feature is for customers with multiple tenants. It allows users to use People search to search across multiple tenants. Roadmap ID: 67129
  • Microsoft Defender for Identity: Administrative functions in Microsoft 365 security center – Defender for Identity’s administrative functions will be available to view and edit within the Microsoft 365 security center. Roadmap ID: 68886
  • Microsoft 365 compliance center: Advanced eDiscovery – Hold optimizations – This update provides various service optimizations for Advanced eDiscovery, including hold reliability and limits increase. Roadmap ID: 70586
  • Azure Active Directory: Authenticator Code Match for MFA – Admins will be able to turn on code match for MFA notifications in Authenticator and apply the behavior by user/group. Roadmap ID: 70617
  • Microsoft 365 Compliance Center: Information barriers for GCCH and DoD – Information barriers is a compliance feature to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. Roadmap ID: 70729
  • Microsoft Information Protection: Configure external sharing for sensitivity labels in Teams and SharePoint sites – With this update, you can set controls on external sharing while configuring a Team or site protection policy. For example you can set a very restrictive one for a Team or site labeled ‘confidential’—restricting sharing with people outside the organization or set a very relaxed one for a Team or site labeled ‘general’—allowing anyone with a link to access without requiring sign-in. Roadmap ID: 70735
  • Microsoft 365 Compliance Center: Microsoft Information Protection & Governance now supports 7 languages for the Threat, Targeted Harassment and Profanities classifiers – Trainable classifiers in Information Protection & Governance can now detect threat, targeted harassment, and profanities in the following languages: English, French, Spanish, German, Portuguese, Italian, Japanese, and Chinese. Roadmap ID: 70798
  • Azure Active Directory: Access Tokens issued by Azure AD will have lifetime of 60-90 minutes – Access Tokens issued by Azure AD will have default lifetime between 60-90 minutes. Roadmap ID: 72190
  • Microsoft Compliance center: New named entities SITs and enhanced unified policy authoring templates (Public Preview) – Named entities are sensitive information types (SITs) that can’t easily be identified by a regular expression or a function; these include person names, physical addresses, and medical terms & conditions. This update adds 52 new SITs representing named entities, and 10 enhanced policy templates that can be used in solutions such as DLP and auto-labeling, and cover important regulations, such as US HIPAA and EU GDPR. Roadmap ID: 72194
  • Azure Active Directory: Password Protection Enforced for all Changes – Currently password updates made through Graph do not have banned password enforcement, along with B2C users and Service Principals. This change will enforce Password Protection for all password creations and changes. Roadmap ID: 72197
  • Microsoft Defender for Identity: Alert exclusion in Microsoft 365 security center – One of the most widely used features relating to alerting in Defender for Identity is being able to tune them and make sure you are only alerted on what should be getting your attention. Roadmap ID: 72203
  • Azure Active Directory: Location Based Access Control Public Preview – You are now able to create Conditional Access policies to allow/deny access using a new type of Named Location known as GPS. For these policies, the user will need to share their GPS location from the mobile device on which Microsoft Authenticator is installed. Roadmap ID: 72205
  • Microsoft Information Protection: New named entities SITs and enhanced unified policy authoring templates – Named entities are sensitive information types (SITs) that can’t easily be identified by a regular expression or a function; these include person names, physical addresses, and medical terms & conditions. This update adds 52 new SITs representing named entities, and 10 enhanced policy templates that can be used in solutions such as DLP and auto-labeling, and cover important regulations, such as US HIPAA and EU GDPR. Roadmap ID: 72221
  • Azure Active Directory: GPS based named locations public preview – Now, admins will have the ability to create Conditional Access policies to allow/deny access using a new type of Named Location based off GPS data. When the policy is enabled, end users will need to share their GPS location from the mobile device on which Microsoft Authenticator is installed. Roadmap ID: 72238
  • Microsoft 365 compliance center: Communication Compliance Sensitive information types per location report – Review and export the sensitive information types detected in all your Microsoft 365 and non-Microsoft communication channels currently scoped into your Communication Compliance policies. Roadmap ID: 83699
  • Microsoft 365 compliance center: Communication Compliance policy health check and ability to pause policy – Provide guidance during Communication Compliance policy creation on the settings used and the potential volume of items that will be captured. Pausing a policy will enable an administrator to manually suspend evaluations of communications. Roadmap ID: 83700
  • Microsoft 365 Compliance Center: Communication Compliance tagging improvements – Microsoft are adding column that will display the current tag applied, and we’ll provide the ability to unresolve a message so it can be triaged again by an investigator. Roadmap ID: 85556
  • Microsoft Defender for Office 365: Updates to spam reporting – A new Spam detections report view will now be available in the Threat Protection Status report. Roadmap ID: 85561
  • Microsoft Defender for Office 365: Localization of end user spam notifications – Instead of Admins choosing the specific language for quarantine notifications, spam notifications will be sent by default in the language assigned to the user’s mailbox. Roadmap ID: 85562
  • Microsoft Defender for Office 365: Priority account filtering for quarantine – Microsoft are including the priority account tag in the quarantine experience, allowing admins to prioritize their focus on the organization’s most targeted and most visible users. Roadmap ID: 85563
  •  Microsoft Information Protection: Data loss prevention (DLP) integration with Microsoft Cloud App Security (MCAS) – Extend data loss prevention (DLP) policies to non-Microsoft cloud apps to monitor and detect when sensitive items are used and shared via non-Microsoft cloud apps. Roadmap ID: 85565
  • Microsoft 365 Compliance center: Insider risk management – Guided onboarding experience: recommended actions – Recommended actions that an admin should take for a complete onboarding experience. In-product guided walkthrough on how to complete onboarding actions such as selecting indictors, setting up a policy, and how to investigate an alert. Roadmap ID: 85576
  • Microsoft 365 Compliance center: Insider risk management – Admin email notifications – An admin email notification will be sent when the first alert is generated after a new policy is created. This email will be deployed to all admins within the Insider Risk Management, Analyst, and Investigator role groups. Roadmap ID: 85577
  • Microsoft 365 compliance center: Communication Compliance policy cloning and consumption visibility (Government clouds) – New policy cloning feature helps you easily create similar policies for different audiences but with the same conditions for instance. Roadmap ID: 85585
  • Microsoft 365 compliance center: Physical badging Connector for Government clouds – You can set up a connector in the Microsoft 365 compliance center to import physical badging data, such as employee’s raw physical access events or any physical access alarms generated by your organization’s badging system. Roadmap ID: 85588
  • Microsoft 365 compliance center: Records management multi-stage disposition review – This update allows organizations to use a multi-stage disposition process, including multiple stakeholders and reviews before deleting the content. Roadmap ID: 85591
  • Microsoft 365 compliance center: Data loss prevention (DLP) for Microsoft Teams data surfaced in Activity Explorer – DLP-related data sets which currently flow into Microsoft 365 Audit logs (i.e., Exchange Online, SharePoint Online, OneDrive, and Teams DLP) will now also surface within Activity Explorer and will now be available for Teams DLP under an activity called ‘DLP rule matched’. Roadmap ID: 85594
  • Microsoft 365 compliance center: Communication Compliance integration with Power Automate – Communication Compliance integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Communication Compliance cases and users. Roadmap ID: 85604
  • Microsoft Compliance center: Additional third-party data connectors (Veritas) – Use data connectors to import and archive third-party data from social media platforms, instant messaging platforms, document collaboration platforms and more, to mailboxes in your Microsoft 365 organization where you can then apply various Microsoft 365 compliance solutions to the imported data. This helps you ensure that your organization’s non-Microsoft data is in compliance with the regulations and standards that affect your organization. There are more additional connectors to come from Veritas (formerly Globanet). Roadmap ID: 82038
  • Microsoft Compliance center: Information governance – Retention policies for Yammer – This update enables organizations to apply retention policies on Yammer messages. Roadmap ID: 82055
  • Microsoft Information Protection: Exact Data Match to support Auto-labeling (client-side) – Organizations will be able to configure new or existing client-side Auto-labeling policies using Exact Data Match (EDM) Sensitive Information Types (SITs), enabling more fine-grained control over which sensitive content gets labeled. Roadmap ID: 82072
  • Microsoft Compliance center: Communication Compliance analyze linked content from OneDrive and SharePoint online (modern attachments) – Communication compliance policies that detect violations in Microsoft Teams will now analyze the content of documents shared in chat for potential policy match. Roadmap ID: 82084
  • Microsoft Defender for Office 365: Quarantine integration for user and admin submissions – With this change we’re giving admins the ability to allow senders for a specified period of time, right from the quarantine workflow. Roadmap ID: 82097
  • Microsoft Defender for Office 365: Enhancements to quarantine message preview – With this change some components in quarantined messages will be distorted and not displayed by default. To see the full contents of the message, users can choose to reveal the full message. Roadmap ID: 82098
  • Microsoft Defender for Office 365: Redirecting users to Microsoft 365 Defender – Microsoft will begin automatically redirecting users accessing the security-related capabilities in the Office 365 Security and Compliance center (protection.office.com), to Microsoft 365 Defender (https://security.microsoft.com). Roadmap ID: 82107

Release – November 2021

  • Microsoft Compliance center: Insider Risk Management integration with Teams and Power Automate – Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Roadmap ID: 83960
  • Microsoft Compliance center: Information Governance: Optimized behavior of deleted files with multiple versions in SharePoint – SharePoint Online items with multiple versions and a retention label now move to the Preservation Hold Library as a single file containing all versions when deleted. Roadmap ID: 82062

Release – December 2021

  • Microsoft Compliance Center: Service optimizations for Audit search – This update provides various service optimizations for Audit search, including speed and workflow improvements. For example, you can track status of the searches. Roadmap ID: 72202

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s