Microsoft 365 roadmap roundup – 23rd May 2022

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (4)
  • Rolling out (0)
  • In development (23)

🍾 LAUNCHED

  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Integration with Teams and Power Automate – Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID: 83955
  • Microsoft 365 compliance center: Microsoft Purview | HR 1.2 Connector for Government clouds – You can set up a connector in the Microsoft Purview compliance portal to import human resources (HR) related events such as a user’s resignation or a change in a user’s job level. This information can be used by the Insider Risk Management solution to bring users under scope of data theft/leak policies and enrich risk insights. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID: 85589
  • Microsoft Information Protection: Microsoft Purview | Auditing and Analytics in Outlook for iOS, Android, and Mac (DoD) – Outlook for iOS, Android, and Mac will send user label activity data to the Audit Log and Activity Explorer (depending on licensing configuration) for admins to search and review. Roadmap ID: 93282
  • Microsoft 365 compliance center: Microsoft Purview | Compliance Manager – Out-of-the-box assessments for non-Microsoft 365 assets (US Government clouds) – Introducing pre-configured templates that extend Compliance Manager capabilities beyond Microsoft 365 assets. Roadmap ID: 88969

🚂 ROLLING OUT

N/A

⌛ IN DEVELOPMENT

Release – May 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management integration with Power Automate – Insider Risk Management integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID: 93306
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Microsoft Defender for Endpoint alerts – Enables you to import indicators from Microsoft Defender for Endpoint related to unapproved or malicious software installation or bypassing security controls. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID: 83965

Release – June 2022

  • 🆕 Microsoft Defender for Office 365: Password protected download of quarantined messages – With this change we are giving the ability to password protects items they download from quarantine. We want users to be confident that the items they are downloading to their systems will not execute involuntarily without their consent, and this capability will allow them to safely transport the items to external analysis tools. Roadmap ID: 93305
  • 🆕 Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Sequence detection – The chronological order of risky activities is an important aspect of risk investigation and identifying these related activities can help to better identify which activities pose a bigger risk.  In Insider Risk Management, you can detect these activities with a sequence detection. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 93319
  • 🆕 Microsoft Defender for Office 365: Configurable impersonation protection sender and domain lists and scoping in Preset Security policy – We’re adding capabilities within preset security policies (Strict and Standard) to configure custom users and custom domains for impersonation protection. Additionally, within the preset security policy, you will also be able to apply the policy to all recipients instead of selected users, groups, and domains. You will still be able to exclude selected recipients. Roadmap ID: 93262
  • 🆕 Microsoft Defender for Office 365: Expansion for URL Click Alert policy – We are expanding coverage of the malicious URL click alert. The alert will now include any clicks in the past 48 hours (for emails) from the time the malicious URL verdict is identified. Roadmap ID: 93300
  • 🆕 Microsoft Defender for Office 365: Actions from the email entity page – We are adding the ability to take actions from the email entity page. You can take email purge actions, create submissions, tenant level block actions (block sender/domain/file/URLs), investigative actions from email entity page. Roadmap ID: 93295
  • 🆕 Microsoft Defender for Office 365: Alert policies – we are enhancing the existing Microsoft Defender for Office 365 alert policy (A potentially malicious URL click was detected). Roadmap ID: 93211
  • Microsoft Information Protection: Microsoft Purview | SIT Feedback Loop for Content explorer and DLP alerts – Admins can provide feedback for sensitive information type (SIT) False Positives via Content explorer and DLP Alerts. This feedback can be provided in a compliant manner and users can see a summary view of the feedback in the SIT overview page. The feedback will be used to make systematic fixes to SITs for improved accuracy. Roadmap ID: 93210
  • Microsoft Defender for Office 365: Anti-malware policy notifications – The anti-malware policy can be configured with recipient and sender notifications when a message is quarantined. We are redesigning this notifications option and delivery. Roadmap ID: 93212

Release – July 2022

  • 🆕 Microsoft Defender for Office 365: Custom organization branding for quarantine notification (custom sender address and Custom subject) – We are adding capabilities to making it possible for SecOps to customize end user quarantine notifications with their respective organization sender address and custom subject. Doing so helps ensure that users have safe and secure access to their quarantined messages and trains them to recognize legitimate notifications. Roadmap ID: 93301
  • 🆕 Microsoft Defender for Office 365: Hourly option for notifications – We are adding a new hourly option to end user notifications, allowing users to be able to rely on prompt notification about quarantined items when appropriate. With this feature users can be rest assured that they will be updated frequently once new items lands on their quarantine folder. Roadmap ID: 93304
  • Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Apply retention label action at end of retention period – When an item reaches the end of its retention period a new label can be automatically applied. This feature is useful for multi-stage retention when there are different retention settings in each phase of a file’s lifecycle. Roadmap ID: 88827
  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Support Teams reactions – Discover Teams reactions (heart, thumbs up, thumbs down, laugh, surprised, angry) in eDiscovery (Premium). Roadmap ID: 65130

Release – August 2022

  • 🆕 Microsoft Defender for Office 365: Attack Simulation Training APIs – We’re onboarding Attack Simulation Training Read APIs to the Microsoft Graph, providing a unified interface and schema to integrate with security solutions from Microsoft, as well as integrate with downstream systems and ecosystem partners. Roadmap ID: 93143
  • 🆕 Microsoft Defender for Office 365: Quarantine asynchronous update [stage one] – Microsoft Defender for Office 365 is working to enable additional quarantine enhancements, like partial string search functionality and 1,000 message bulk operation support in quarantine. As a result, we’ll be making adjustments to the release process through an asynchronous approach. the first stage will be the introduction of the asynchronous updates and the second stage will the introduction of enhancement features such as partial string search and 1,000 message bulk support. Roadmap ID: 93303
  • Microsoft 365 compliance center: Microsoft Purview | New cmdlet for exporting Activity Explorer logs – Export feature of Activity Explorer has limitation of 10,000 rows. Our new feature will allow users to use cmdlet and export all the rows for all the data up to 30 days. Roadmap ID: 93281

Release – September 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | Communication Compliance – Reduce detection to investigation time from 24 hours to 1 hour (U.S. Government clouds) – This feature will reduce the detection to investigation time to under an hour, allowing your organization to respond promptly to policy violations. The alert will be reviewed by a policy investigator, who is explicitly granted permission to review policy alerts by the Communication Compliance admin role. Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Roadmap ID: 93324
  • Microsoft 365 Compliance center: Microsoft Purview | Communication Compliance – Unauthorized disclosure classifier – The unauthorized disclosure classifier detects sharing of information containing content that is explicitly designated as confidential or internal to certain roles or individuals in an organization. Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Roadmap ID: 93257

Release – October 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | New cmdlet for exporting Activity Explorer logs (U.S. Government clouds) – Export feature of Activity Explorer has limitation of 10,000 rows. Our new feature will allow users to use cmdlet and export all the rows for all the data up to 30 days. Roadmap ID: 93316

Release – December 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management integration with Power Automate – Insider Risk Management integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 93307
  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Expanded support to search and export items in SharePoint and OneDrive for Business Recycle Bin – Traditionally, when a site is on hold, the files in the Recycle Bin would be stored in the Preservation Hold library. In cases when a site is not on hold, there is no way to search or export items in the Recycle Bin. The eDiscovery and SharePoint Online teams are making architectural changes that will make the Recycle Bin (both first stage and second stage Recycle Bins) in SharePoint Online and OneDrive for Business searchable and exportable by eDiscovery Managers. That means organizations can search and export items in the Recycle Bin regardless of whether a site is on hold or not. Roadmap ID: 67092

Release – March 2023

  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Expanded support to search and export items in SharePoint and OneDrive for Business Recycle Bin (US Government clouds) – Traditionally, when a site is on hold, the files in the Recycle Bin would be stored in the Preservation Hold library. In cases when a site is not on hold, there is no way to search or export items in the Recycle Bin. The eDiscovery and SharePoint Online teams are making architectural changes that will make the Recycle Bin (both first stage and second stage Recycle Bins) in SharePoint Online and OneDrive for Business searchable and exportable by eDiscovery Managers. That means organizations can search and export items in the Recycle Bin regardless of whether a site is on hold or not.  Roadmap ID: 93188

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s