Microsoft 365 roadmap roundup – 20th June 2022

Use these buttons to switch between each product’s roadmap updates.

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, 365 compliance center, Information Protection, Office 365 Advanced Threat Protection, Microsoft Defender, Microsoft Intune, Office 365 Data Loss Prevention and Security and Compliance center.

  • Launched (4)
  • Rolling out (4)
  • In development (28)

🍾 LAUNCHED

  • Microsoft 365 compliance center: Microsoft Purview | Endpoint data loss prevention – App groups and granular app restriction policies – This feature enables admins to define endpoint DLP policies to lock specific apps for different activities and enables more granular restrictions for individual apps. Roadmap ID: 93180
  • Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Multi-stage disposition review (US Government clouds) – This update allows organizations to use a multi-stage disposition process, including multiple stakeholders and reviews before deleting the content. Roadmap ID: 82110
  • Microsoft 365 compliance center: Microsoft Purview | Default classification for content matching trainable classifiers – Admins can view items that match trainable classifiers in Content explorer without first needing to create a policy. Roadmap ID: 88936
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management integration with Power Automate – Insider Risk Management integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 93306

🚂 ROLLING OUT

  • Microsoft Defender for Office 365: Exchange Online Protection- Customizable Authenticated Received Chain (ARC) configuration – Email senders use authentication mechanisms like SPF, DKIM, DMARC to authenticate emails, but some legitimate intermediate services may potentially make changes to the email, which might cause the email to fail authentication at subsequent hop. Authenticated Received Chain (ARC) is an authentication mechanism that helps preserve authentication results across intermediaries. With this change, admins will be able to add trusted intermediaries in the Microsoft 365 Defender portal to allow Microsoft to honor these ARC signatures, thereby allowing legitimate messages.  Roadmap ID: 85684
  • Microsoft Defender for Office 365: Updates to quarantine folder storage – Microsoft Defender for Office 365 is making some changes to quarantine folder storage. The experience for users will remain the same and users can leverage the delete action to maintain the storage folder for their quarantined messages. Roadmap ID: 93302
  • Microsoft Compliance center: Self-service automation wizards for Compliance Manager, eDiscovery, and Audit – New self-service automation wizards for Compliance Manager, eDiscovery, and Audit in the Advanced Deployment Guides. Roadmap ID: 93323
  • Microsoft Defender for Office 365: Automatically allow Spoofing and Impersonation related messages directly using Admin Submissions – Today security administrators can use the Submissions page in the Microsoft 365 Defender portal to submit email messages, URLs, and attachments to Microsoft for scanning. We are enhancing this capability with an option to automatically allow Spoofing and Impersonation related emails from senders/infrastructure that were classified as legitimate by the admin, despite being initially blocked by the system. This will help mitigate false positives while the system continues to learn. Roadmap ID: 93366

⌛ IN DEVELOPMENT

Release – June 2022

  • 🆕 Microsoft Defender for Office 365: Security Threat Submission API – The current Information Protection/Threat Assessment API does not support setting up end user reporting experiences and triaging samples reported by a user.  The new Security Threat Submission API will address these scenarios and further improve existing capabilities. It was created using the Microsoft Graph Platform. The current API will continue to exist for several years to ensure existing processes are not affected, with eventual deprecation. Roadmap ID: 93364

Release – July 2022

  • 🆕 Microsoft Defender for Office 365: Support DKIM Domain as Sending Infrastructure for Spoof intelligence management – For Microsoft Defender for Office 365 and Exchange Online Protection, we are adding support for providing “DKIM verified domain” as the “Sending Infrastructure” within Tenant allow-block lists-Spoofing, so that Security Administrators can better manage Anti-Spoofing activity and override it based on Spoof Intelligence. Currently, what is supported in this field is either the domain from DNS PTR record or /24 IP Subnet. Additionally, being able to specify a ‘DKIM verified domain’ will help serve scenarios where shared infrastructure provider services are used for sending emails. Since the DKIM domain is unique to each tenant and if it passes verification even when other authentication signals fail, if desired for legitimate business reasons, a spoofed message can still be allowed instead of being blocked.  Roadmap ID: 93359
  • Microsoft Defender for Office 365: Password protected download of quarantined messages – With this change we are giving the ability to password protects items they download from quarantine. We want users to be confident that the items they are downloading to their systems will not execute involuntarily without their consent, and this capability will allow them to safely transport the items to external analysis tools. Roadmap ID: 93305
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management integration with Power Automate – Insider Risk Management integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID: 93307
  • Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Allow record label to start “unlocked” for manual records declaration – Organizations sometimes need the ability to declare a file as a record after a period of collaboration. This update allows records managers to apply a record label to content but allow collaboration. Users can then toggle a switch when ready to lock the file and prevent edits.   Roadmap ID: 88509
  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Jobs limit update – We’ve revised the scope of this jobs queue feature update to focus on jobs limit. The eDiscovery (Standard and Premium) jobs limit will be updated to provide users with better clarity on operational limit across the tenant. With simplified fewer jobs related limit, users will have better flexibility in managing these limits and how they are shared among different job types across the eDiscovery workflow. Roadmap ID: 85583
  • Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Optimized behavior of deleted files with multiple versions in SharePoint – SharePoint Online items with multiple versions and a retention label now move to the Preservation Hold Library as a single file containing all versions when deleted. Roadmap ID: 82062
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – General Security Policy Violations – Detects general security violations by users. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 83961
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Security policy violations by priority users – Detects security violations by users included in a priority user group. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 83962
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Security policy violations by departing users – Detects security violations by departing users near their resignation or termination date. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 83963
  • Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Microsoft Defender for Endpoint alerts – Enables you to import indicators from Microsoft Defender for Endpoint related to unapproved or malicious software installation or bypassing security controls. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Roadmap ID: 83965

Release – August 2022

  • 🆕 Microsoft Information Protection: Advanced Message Encryption – Office 365 Message Encryption portal access logs (U.S. Government clouds)  – This feature will enable logging of external user activities accessing the Office 365 Message Encryption Portal to retrieve encrypted mail. The logs can be retrieved using the Audit Logs functionality in the Microsoft Purview compliance portal. Roadmap ID: 93372
  • Microsoft 365 compliance center: Microsoft Purview | Communication Compliance detects customer complaints – Detect customer complaints made on your organization’s products or services with Communication Compliance’s new machine learning classifier, customer complaints. This new feature can help organizations meet regulations that mandate detection and triage of complaints, such as the Consumer Financial Protection Bureau and the Food and Drug Administrator requirements. Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Roadmap ID: 88996
  • Microsoft Information Protection: Microsoft Purview | New Credential SITs – The addition of new Credential Sensitive Information Types (SITs) will allow your company to detect individual credential patterns (access keys, tokens, general passwords, etc.). Additionally, we will be offering a SIT which bundles all individual credential types for more holistic detection. Roadmap ID: 88941
  • Microsoft 365 compliance center: Microsoft Purview | Communication Compliance – Detect customer complaints – Detect customer complaints made on your organization’s products or services with Communication Compliance’s new machine learning classifier, customer complaints. This new feature can help organizations meet regulations that mandate detection and triage of complaints, such as the Consumer Financial Protection Bureau and the Food and Drug Administrator requirements. Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Roadmap ID: 88872

Release – September 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Jobs limit update (U.S. Government clouds) – The eDiscovery (Standard and Premium) jobs limit will be updated to provide users with better clarity on operational limit across the tenant. With simplified fewer jobs related limit, users will have better flexibility in managing these limits and how they are shared among different job types across the eDiscovery workflow. Roadmap ID: 93365
  • Microsoft 365 compliance center: Microsoft Priva for U.S. Government clouds  – Microsoft Priva will be generally available to GCC, GCC High, and DoD customers. Currently, Microsoft Priva provides two products: Priva Privacy Risk Management helps organizations build a privacy-resilient workplace by identifying personal data and critical privacy risks around it, automating risk mitigation to prevent privacy incidents, and empowering employees to make smart data handling decisions. Priva Subject Rights Requests helps organizations manage requests at scale with the ability to automate data discovery and conflict detection, collaborate in a secure and efficient way, review and redact files in their native views, and integrate with in-house or partner-built privacy solutions. Roadmap ID: 93263
  • Microsoft Information Protection: Microsoft Purview | Extend sensitivity labels to assets in Azure – With Microsoft Purview, you can now extend the reach of your Information Protection sensitivity labels and the value from built-in sensitive information types to a much broader set of data locations and data types. Use existing sensitivity labels or create new sensitivity labels via the Microsoft Purview compliance portal to extend security and compliance intent to data assets in Azure.   Roadmap ID: 85666
  • Microsoft Information Protection: Microsoft Purview | Application of a “default label” to an unlabeled file uploaded to a SharePoint Online document library – With this update, all newly uploaded documents to a document library can “inherit” the configured label for the document library (if not already labeled). Roadmap ID: 85621
  • Microsoft Information Protection: Microsoft Purview | Named entities sensitive information types (SITs) and policy authoring templates – Named entities are sensitive information types (SITs) that can’t easily be identified by a regular expression or a function; these include person names, physical addresses, and medical terms & conditions. This update adds 52 new SITs representing named entities and 10 enhanced policy templates that can be used in solutions such as Data Loss Prevention (DLP) and auto-labeling, and cover important regulations, such as US Health Insurance Portability and Accountability Act (HIPAA) and European Union (EU) General Data Protection Regulation (GDPR). Roadmap ID: 82116

Release – October 2022

  • 🆕 Microsoft Information Protection: Microsoft Purview | Information Protection – Manually apply and edit sensitivity labels on PDFs in Adobe Acrobat – Microsoft Purview Information Protection sensitivity labels are natively integrated into Adobe Acrobat, enabling users to manually label files in Acrobat on the desktop (Windows and macOS). Roadmap ID: 93331
  • Microsoft 365 compliance center: Microsoft Purview | Data Loss Prevention – Deep link to Content Viewer from DLP alert – This feature allows admins to easily open Content Viewer and view the content of the document that has triggered a DLP alert. Admins can pass the event ID and the creation time of the DLP rule match alert to the deep link to open and view the related document in the Content Viewer. Roadmap ID: 93344
  • Microsoft 365 compliance center: Microsoft Purview | Data purge capabilities for Microsoft Teams content (US Government clouds) – Extend data purge functionality to Microsoft Teams content to facilitate purge of sensitive or misplaced data. To track feature availability in other U.S. Government clouds, roadmap item 93368 added to the public roadmap. Roadmap ID: 88975
  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Support Teams reactions (US Government clouds) – Discover Teams reactions (heart, thumbs up, thumbs down, laugh, surprised, angry) in eDiscovery (Premium). Roadmap ID: 88922
  • Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Discover only the document version that has been shared – Many customers often consider shared documents or cloud attachments as a form of communication, and therefore are required to preserve and make that content discoverable. While end users benefit from quickly sharing files for visibility and collaboration, this practice has been challenging for eDiscovery and legal professionals. To help customers efficiently meet their regulatory obligations for discovery, eDiscovery (Premium) plans to support the ability to discover the version of the document at the time that it was shared. This helps ensure that the correct document information is available to eDiscovery processes. Roadmap ID: 70718
  • Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Auto-labeling of cloud attachments – This update enables organizations to automatically apply retention labels to the version of files shared as cloud attachments, which are live links of SharePoint or OneDrive content that can be shared via emails or Teams messages. Roadmap ID: 70580

Release – December 2022

  • 🆕 Microsoft 365 compliance center: Microsoft Purview | Data purge capabilities for Microsoft Teams content (GCC and DoD) – Extend data purge functionality to Microsoft Teams content to facilitate purge of sensitive or misplaced data. To track feature availability in GCC-High, see roadmap item 88975.  Roadmap ID: 93368
  • Microsoft 365 compliance center: Microsoft Purview | Data purge capabilities for Microsoft Teams content – Extend data purge functionality to Microsoft Teams content to facilitate purge of sensitive or misplaced data. This feature is now available in public preview; we are updating this roadmap item to more accurately reflect estimated timeline for general availability. Roadmap ID: 82125

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s