Microsoft 365 roadmap roundup – 18th October 2021

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (15)
  • Rolling out (7)
  • In development (17)

🍾 LAUNCHED

  • 🆕 Azure Active Directory: New reviewer experience for Access Review – We are introducing the public preview of this updated experience for reviewers who currently use Azure Active Directory Access Review. Roadmap ID: 63573
  • 🆕 Azure Active Directory: [Preview] AAD Application Proxy now supports the Remote Desktop Services web client – Azure AD Application Proxy now supports Remote Desktop Web Client. The Remote Desktop web client allows users to access Remote Desktop infrastructure through any HTLM5-capable browser such as Microsoft Edge, Internet Explorer 11, Google Chrome, Safari, etc. Users can interact with remote apps or desktops like they would with a local device from anywhere. By using Azure AD Application Proxy you can increase the security of your RDS deployment by enforcing pre-authentication and Conditional Access policies for all types of rich client apps. Roadmap ID: 66461
  • Microsoft Information Protection: UI for configuring Exact Data Match –Admins will be able to configure and edit Exact Data Match (EDM) from within the Microsoft 365 Compliance Center, providing an alternative to configuring EDM from PowerShell. Roadmap ID: 67100
  • Microsoft Information Protection: AIP client and scanner data available in Audit and Activity explorer – Azure Information Protection (AIP) customers can now access data in Microsoft 365 compliance center Audit logs and Activity explorer, in addition to the AIP Analytics portal. This means that all data logged via AIP client and AIP scanner can be witnessed along with the rest of the Microsoft Information Protection (MIP) and Data Loss Prevention (DLP) data sets from native Office apps and other cloud resources. Roadmap ID: 70600
  • Microsoft 365 compliance center: Content explorer enhancements for Insider Risk Management – The Microsoft 365 Insider Risk Management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. Roadmap ID: 70632
  • Microsoft 365 compliance center: Insider Risk Management analytics – The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. Roadmap ID: 70633
  • Microsoft 365 Compliance Center: Policy health check for Insider Risk Management – Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. Roadmap ID: 70714
  • Microsoft 365 Compliance Center: Enhanced user management in Insider Risk Management solution – We’re improving the experience around manually adding or removing users from Insider Risk Management policy scoring scope. Roadmap ID: 70715
  • Microsoft 365 Compliance Center: Enhanced policy creation wizard for Insider Risk Management – We’re improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration. Roadmap ID: 70716
  • Microsoft 365 Compliance Center: ServiceNow template for PowerAutomate available within Insider Risk Management – A ServiceNow PowerAutomate template will be provided to integrate Insider Risk Management with ServiceNow. Roadmap ID: 70717
  • Microsoft 365 compliance center: Communication Compliance Sensitive information types per location report – Review and export the sensitive information types detected in all your Microsoft 365 and non-Microsoft communication channels currently scoped into your Communication Compliance policies. Roadmap ID: 83699
  • Microsoft 365 compliance center: Communication Compliance policy health check and ability to pause policy – Provide guidance during Communication Compliance policy creation on the settings used and the potential volume of items that will be captured. Pausing a policy will enable an administrator to manually suspend evaluations of communications. Roadmap ID: 83700
  • Microsoft 365 compliance center: Communication Compliance policy cloning and consumption visibility (Government clouds) – New policy cloning feature helps you easily create similar policies for different audiences but with the same conditions for instance. Roadmap ID: 85585
  • Microsoft 365 compliance center: Physical badging Connector for Government clouds – You can set up a connector in the Microsoft 365 compliance center to import physical badging data, such as employee’s raw physical access events or any physical access alarms generated by your organization’s badging system. Roadmap ID: 85588
  • Microsoft Information Protection: Automatic labeling using trainable classifiers in Office apps for Windows and Web – Within Microsoft Information Protection, you can create sensitivity labels and corresponding automatic or recommended labeling policies in Office apps for Windows and Office Online apps using the following built-in classifiers: Resume, Source code, Threat, Harassment, Profanity. Roadmap ID: 82119

🚂 ROLLING OUT

  • Microsoft Defender for Endpoint: Threat and vulnerability management for Windows 8.1 – Threat and vulnerability management capabilities, both software vulnerability assessment for the OS and applications, as well as secure configuration assessment will now support Windows 8.1 devices. Roadmap ID: 70690
  • Microsoft Information Protection: Migrate legacy exchange DLP policies to the M365 compliance center – The Exchange DLP migration wizard will enable you to seamlessly migrate the exchange DLP policies managed in the exchange admin center to the compliance center. M365 compliance center provides access to advanced classification capabilities like EDM, ML etc. along with rich alerts, incident management features and more. Roadmap ID: 70790
  • Azure Active Directory: Temporary Access Pass – Temporary Access Pass (TAP) is a time-limited passcode that can be used to registration Passwordless FIDO2 and Phone Sign-in. TAP also makes recovery easier when a user has lost or forgotten their strong authentication methods and needs to sign in to register new authentication methods. Roadmap ID: 72242
  • Azure Active Directory: Application Proxy traffic optimization – You now can now designate which region your Application Proxy service connector group should use.  By choosing the closest region to your applications and connectors, you can improve performance and reduce the latency to the App Proxy service. Roadmap ID: 72248
  • Azure Active Directory: B2C Identity Protection & Conditional Access – You can enhance the security of Azure AD B2C implementation with Azure AD’s Identity Protection and Conditional Access capabilities. Identity Protection allows organizations to automate the detection and remediation of identity-based risks, investigate risks, and export risk detection data to third-party utilities for further analysis. Conditional Access is the policy engine that brings signals together to make decisions and enforce organizational policies. Roadmap ID: 72251
  • Azure Active Directory: Conditional Access authentication context – Conditional Access authentication context lets you target policies for data and actions within an app so you can refine your Zero Trust policies for least privileged access while minimizing user friction. Roadmap ID: 72253

⌛ IN DEVELOPMENT

Release – November 2021

  • 🆕 Microsoft Information Protection: Extend sensitivity labels to assets in Azure with Microsoft Azure Purview – With Azure Purview, you can now extend the reach of your Microsoft Information Protection (MIP) sensitivity labels and the value from built-in sensitive information types to a much broader set of data locations and data types. Use existing sensitivity labels or create new sensitivity labels via the Microsoft 365 compliance center to extend security and compliance intent to data assets in Azure. Roadmap ID: 85666
  • 🆕 Microsoft Information Protection: Data loss prevention (DLP) integration with Microsoft Cloud App Security (MCAS) – Extend data loss prevention (DLP) policies to non-Microsoft cloud apps to monitor and detect when sensitive items are used and shared via non-Microsoft cloud apps. Roadmap ID: 85687
  • Microsoft 365 compliance center: Records Management – Disable unlocking of records – Records Management admins can disable the ability for users to unlock a record tenant wide. Currently, items marked as a record in SharePoint can be “unlocked” for editing by end users. Roadmap ID: 85663
  • Microsoft Information Protection: Enhanced simulations and location support for auto-labeling in SharePoint Online and OneDrive for Business (Government Clouds) – Auto-labeling in SharePoint Online and OneDrive for Business has been updated with improved performance and ability to configure more locations. The configuration limit of 10 locations in a policy has been removed. Any new simulation will run more efficiently, with results greatly sped up from days to hours. Roadmap ID: 85560
  • Microsoft Information Protection: New conditions for auto-labeling in Exchange Online (Gov clouds) – An auto-labeling policy can now apply a label to Exchange Online email based on sender, recipient, subject, or header matches without requiring a scan for sensitive content. Roadmap ID: 85557
  • Microsoft Compliance center: Insider Risk Management: Microsoft Defender for Endpoint alerts – Enables you to import indicators from Microsoft Defender for Endpoint related to unapproved or malicious software installation or bypassing security controls. Roadmap ID: 83965
  • Microsoft Information Protection: Microsoft 365 Endpoint data loss prevention (DLP) for GCC – Endpoint DLP extends the activity monitoring and protection capabilities of DLP to sensitive items that are on Windows 10 devices. Once devices are onboarded into device management, the information about what users are doing with sensitive items is made visible in activity explorer and you can enforce protective actions on those items via DLP policies. Roadmap ID: 81973
  • Microsoft Information Protection: Microsoft 365 Endpoint data loss prevention (DLP) for GCC-H and DoD – Endpoint DLP extends the activity monitoring and protection capabilities of DLP to sensitive items that are on Windows 10 devices. Roadmap ID: 81974
  • Microsoft 365 Compliance center: Information governance – Auto-labeling of cloud attachments – This update enables organizations to automatically apply retention labels to the version of files shared as cloud attachments, which are live links of SharePoint or OneDrive content that can be shared via emails or Teams messages. Roadmap ID: 70580

Release – December 2021

  • Microsoft Compliance center: Insider Risk Management: Data leaks by disgruntled users – Detects data leaks by users near a stressor event. Roadmap ID: 83959
  • Microsoft Compliance center: Insider Risk Management integration with Teams and Power Automate – Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Roadmap ID: 83960
  • Microsoft Compliance center: Insider Risk Management: Security policy violations by disgruntled users – Detects security violations by users near a stressor event. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. Roadmap ID: 83964
  • Microsoft Compliance center: Increased set of first-party indicators for Insider Risk Management – The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. Roadmap ID: 83966

Release – January 2022

  • Microsoft Information Protection: Configure Teams DLP policies to automatically protect files shared in Teams messages – New and existing Teams DLP policies can be configured to automatically protect files shared in Teams private chats and channel messages. Roadmap ID: 85667
  • Microsoft 365 Compliance center: Advanced eDiscovery: Collections queue – The new Collections queue experience in Advanced eDiscovery helps organizations who are executing a high volume of Collections across and within cases at one time to manage pending Collections. Roadmap ID: 85583

Release – March 2022

  • 🆕 Microsoft Defender for Office 365: Exchange Online Protection- Customizable Authenticated Received Chain (ARC) configuration – Email senders use authentication mechanisms like SPF, DKIM, DMARC to authenticate emails, but some legitimate intermediate services may potentially make changes to the email, which might cause the email to fail authentication at subsequent hop. Authenticated Received Chain (ARC) is an authentication mechanism that helps preserve authentication results across intermediaries. With this change, admins will be able to add trusted intermediaries in the Microsoft 365 Defender portal to allow Microsoft to honor these ARC signatures, thereby allowing legitimate messages. Roadmap ID: 85684
  • Microsoft Information Protection: Granular conditional access policies via “Sensitivity Labels” for SharePoint Online sites for GCC -High and DoD – Admins will have the ability to use Azure AD conditional access policies to trigger multi-factor authentication (MFA), device and location policies on a specific SharePoint site collection based by simply attaching CA policies to a label. Roadmap ID: 85979
  •  Microsoft Information Protection: Granular conditional access policies via “Sensitivity Labels” for SharePoint Online sites – Admins will have the ability to use Azure AD conditional access policies to trigger multi-factor authentication (MFA), device and location policies on a specific SharePoint site collection based by simply attaching CA policies to a label. Roadmap ID: 82115

Release – June 2022

  • Microsoft Defender for Identity: Auditing capabilities – Defender for Identity will offer audit logs for most activity types, allowing administrators to track changes to administrative settings and configurations. Roadmap ID: 68885

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s