Microsoft Roadmap, messagecenter en blogs updates van 14-09-2024

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Soon, on Windows and macOS devices running the OneDrive sync app, we will enable a new feature called “Offline mode” that will allow you to continue working with the OneDrive web app in your browser, OneDrive PWA (Progressive Web App) or Microsoft Teams even when you are offline. This feature will be on by default and will give your users the ability to view, rename, move, copy their files, and create new folders when offline. Users will be able to open their files that are available offline on users’ device in a native app directly from inside OneDrive on the web. All of the metadata changes users make offline to their files in the browser will be automatically synced back to OneDrive when Internet connection is restored, and users can resolve conflicts, if there are any. As an administrator, you’ll be able to control various aspects of Offline mode using the Group Policies outlined in here.

When this feature becomes enabled for users in your organization and the user then visits OneDrive for web, Offline mode will be set up for the first time. A copy of user’s file metadata that powers OneDrive for web is securely stored locally on user’s device. These data on user’s device are only available and accessible by that user. If someone else were to sign in on your device, these local data on the device wouldn’t be available to them.

A secure local web server on user’s device will handle the operations that users perform on their files in OneDrive for web, such as viewing, sorting, renaming, moving, and copying where traditionally these operations would need to be handled by the OneDrive cloud service. This allows to eliminate network as the bottleneck when loading and working with OneDrive for web resulting in fast and smooth interactions with users’ files like loading your files and folders, sorting, renaming, moving, renaming, and more. And all of these operations will continue to work even when users are offline, lose internet connection, or run into a service disruption.

• OneDrive Offline mode lets you work on OneDrive when offline in the browser, OneDrive PWA (Progressive Web App) and in Microsoft Teams, improves performance on all kinds of networks, and helps alleviate throttling related to working with large file collections.
• OneDrive Offline mode is currently supported on Windows devices (Windows 10 or later) and macOS devices (macOS 12 Monterey or later) that have the OneDrive sync app installed and on Chromium-based browsers (Microsoft Edge, Google Chrome)
  
• Offline mode will be on by default for user’s OneDrive on the web and both users and administrators will have the option to disable Offline mode for their OneDrive.
  
• Offline mode is a per-device setting (configured separately for every device users use to access OneDrive on the web.
  
• The data is securely stored in a local database under the user’s profile directory and requests are handled through a secure localhost HTTP server. Offline mode is powered by a separate background process (Microsoft.SharePoint.exe).
  
• When Offline mode is on, users will see a new icon in the top navigation bar in OneDrive on the web.
  

This message is associated with Microsoft 365 Roadmap ID 168618

[When this will happen:]

Worldwide: We will begin gradually rolling out in late February 2024 (previously mid-February) and expect to complete in late October 2024 (previously late August).

[How this will affect your organization]

When this feature becomes enabled for users in your organization and the user then visits OneDrive for web, Offline mode will be set up for the first time. A copy of user’s file metadata that powers OneDrive for web will be downloaded and securely stored locally on user’s device. The actual contents of users’ files will not be downloaded. After Offline mode is set up, only changes to users’ file metadata will result in upload or download activity over the network. Users can continue working with OneDrive on the web as before and they can choose to turn off Offline mode if they desire to do so. As an administrator, you’ll be able to control various aspects of Offline mode using the Group Policies.

[What you need to do to prepare]

Evaluate the new functionality and available controls as outlined in the help article, prepare your users on how to take advantage of this new functionality. Leverage the group policies provided to control how this feature gets enabled in your organization.

More information:

• Help article.
• Admin controls.
  
  

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Users may have been unable to download files from various web apps using any web browser. We have disabled this feature temporarily. 

With this new feature for Microsoft Purview Data Loss Prevention (DLP), we’re introducing support for two new conditions that you can use in your policies for endpoint devices.

This message is associated with Microsoft 365 Roadmap ID 181623

[When this will happen:]

Rollout will begin in late April 2024 (previously early April) and is expected to be complete by late September 2024 (previously late August).

[How this will affect your organization:]

With this capability, your Microsoft Purview Data Loss Prevention (DLP) policies will be able to detect and monitor egress actions for documents that match defined custom properties, and document names that match configured words or phrases on Windows endpoint devices.

The two new predicates are:

• Document Property is: Detects documents with custom properties matching the specified values.
• Document Name contains words or phrases: Detects documents where the file name contains any of the words or phrases you specify.

As part of your DLP Policy definition, you can leverage these conditions across supported/applicable workloads. For e.g. You can extend the above-mentioned two conditions which are already available in DLP for Exchange and scope it to your endpoint devices as part of your policies and rules, thereby enhancing your protection across your digital estate.

[What you need to do to prepare:]

Get started with Data Loss Prevention in the Microsoft Purview compliance portal.

Learn more: Using Endpoint DLP

 Updated September 11, 2024: We have updated the rollout timeline below. Thank you for your patience.

Through Microsoft Purview | Information Protection, and for greater consistency and reliability, Microsoft Word, Excel, and PowerPoint for Windows will soon display the same Data Loss Prevention policy tips that admins have set in their tenants for files on Microsoft SharePoint Online and Microsoft OneDrive sites.

This message is associated with Microsoft 365 Roadmap ID 383018.

[When this will happen:]

Public Preview: We will begin rolling out early June 2024 and expect to complete by mid-June 2024.

General Availability (Worldwide): We will begin rolling out mid-July 2024 and expect to complete by late October (previously mid-September).

[How this will affect your organization:]

DLP policy tips will no longer be shown when a user is offline.

[What you need to do to prepare:]

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to update any relevant documentation as appropriate

We will update this comm before rollout with revised documentation.

You can access the Information Protection solution in the Microsoft Purview compliance portal.

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Microsoft Purview: The feature to configure HR resignation date as a condition for risk level in Adaptive Protection will be rolling out to General Availability. We communicated the preview for this feature in MC681240 Adaptive Protection in Microsoft Purview: Public preview of HR resignation date as a condition for risk level (November 2023).

This message is associated with Microsoft 365 Roadmap ID 124972 and 171748

[When this will happen:]

General Availability: We will begin rolling out late June 2024 and expect to complete by late September 2024 (previously late August).

[How this will affect your organization:]

When the HR connector has been configured, admins with appropriate permissions can now select the HR resignation date as a condition to assign a minor, moderate, or elevated risk level. For example, an admin can configure the elevated risk level to be assigned when an HR resignation date is sent via the HR connector.

[What you need to do to prepare:]

No action is required for this update. To configure user’s risk level for Adaptive Protection, admins can visit Insider Risk Management > Adaptive Protection (preview) > risk levels for Adaptive Protection.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Additional Resources:

You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.

• Home – Microsoft Purview 

Learn more about adaptive risk mitigation:

• Help dynamically mitigate risks with Adaptive Protection (preview) | Microsoft Learn

Updated September 13, 2024: We have updated the rollout timeline below. Thank you for your patience.

Coming soon for Microsoft Teams: App centric management for admin app installation introduces new admin settings to control who in the tenant has specific Teams apps preinstalled. Similar to app centric management for app availability, as communicated in MC688930 (Updated) Teams admin center: App centric management and changes to app permission policies (November 2023), admins will be able to install apps for users, groups, or everyone in the organization.

After rollout, app centric management will replace Installed apps in the Teams admin center and give admins the ability to install apps individually. The Installed apps in your app setup policies will be migrated to app centric management based on your current user and group assignments for each policy. The rest of your settings in app setup policies will remain unchanged and will continue to work based on app setup policies, including Pinned apps. After this rollout, you can install Teams apps for selected sets of users, groups, or all users in the organization, and Installed apps in app setup policies will no longer be available.

This message is associated with Microsoft 365 Roadmap ID 394274.

[When this will happen:]

App centric management will roll out in four General Availability phases.

• Phase 1 | General Availability (Worldwide): We will begin rolling out late July 2024 (previously mid-July) and expect to complete early November 2024 (previously early September). This phase applies to tenants who meet both conditions: 1) tenants with no Installed apps in the Global app setup policy and 2) tenants with no custom app setup policies created in the Teams admin center. After rollout, these tenants will have app centric management enabled for their app installs. Admins may see the Manage apps page in read-only mode for a short time.
• Phase 2 | More details coming soon as a follow up MC post. This phase applies to tenants who meet both conditions: 1) tenants with apps added to Installed apps in the Global app setup policy and 2) tenants with no custom app setup policies created in the Teams admin center. This phase will migrate apps installed in the Global app setup policy to app centric management.
• Phase 3 | More details coming soon as a follow up MC post. This phase applies to tenants with both the Global app setup policy and custom app setup policies. This phase will migrate apps installed for users and groups through Installed apps in app setup policies to app centric management.
• Phase 4 | More details coming soon as a follow up MC post. This phase applies to all remaining tenants.

[How this will affect your organization:]

Before the rollout: If you install an app to a user, the user cannot actually use an admin preinstalled app if you did not take the additional step to allow the user to use it. After the rollout, if you install an app through app centric management, the user will immediately be able to use the app.

Before the roll out, a user will only have apps installed from a single app setup policy, following the policy resolution precedence rules. After the rollout, if you have multiple custom app setup policies assigned to users or groups, apps from every policy will be installed to the user or group assigned to that policy, regardless of the policy resolution precedence rules.

 [What you need to do to prepare:]

No action needed for Phase 1 tenants. We will update this message with more information before the rollouts for Phases 2-4 tenants.

You may want to update any relevant documentation as appropriate.

Before rollout, we will update this post with revised documentation.

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

This feature update provides improvements to how you can protect your domains from spoofing with DKIM (DomainKeys Identified Mail). 

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out mid-June 2024 and expect to complete by late September 2024 (previously late August).

[How this will affect your organization:]

There are two major updates, as shown below.

Easier DKIM activation during domain registration

Now, you can directly enable DKIM from the domain page in the admin portal during the domain registration process. Click to select the DomainKeys Identified Mail (DKIM) box below, and the wizard will guide you through the steps to publish and enable DKIM.

Revamped DKIM page

The DKIM page has been redesigned to provide more information at a glance. You can now easily see the status of DKIM and enable it by selecting the toggle, as shown below.

[What you need to do to prepare:]

This rollout will happen automatically. You may want to notify your security or email admin about this change and update any relevant documentation as appropriate.

If your organization does not support iOS devices, you can ignore this message.

Coming soon for Microsoft Outlook for iOS: We will add the ability for users to search Settings to quickly find the desired setting.

This message is associated with Microsoft 365 Roadmap ID 398982.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early August 2024 (previously early July) and expect to complete by late September 2024 (previously late August). 

[How this will affect your organization:]

Before the rollout: Users are unable to search Settings.

After the rollout: This change is additive. All other Settings will remain the same. This feature is on by default and accessible to all Outlook iOS users.

[What you need to do to prepare:]

This rollout will happen automatically by the specified dates with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.

Updated September 12, 2024: We have updated this message with additional information regarding the experience with the Files and Insights tab. Thank you for your patience.

We will be retiring the Files page from Microsoft Defender for Cloud Apps starting October 28, 2024. 

Information Protection policies can be created, modified and explored via the Policy Management page.

You can explore malware files on the Policy Management page.

Additionally, as part of this retirement, we will also be removing the Files and Insights tabs under Settings > Cloud apps > App connectors. 

You are receiving this message because our reporting indicates one or more users in your organization are using the Files page in Defender for Cloud Apps.

Learn more: File filters – Microsoft Defender for Cloud Apps | Microsoft Learn

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Introducing four new Microsoft Purview Data Loss Prevention (DLP) Microsoft Exchange (EXO) predicates:

• Message is not labeled: Detects if message body has no label.
• Attachment is not labeled: Detects if there is any attachment without a label.
• Message contains: Detects if the message body contains specified sensitive information types (SITs) or labels. Note that there is no trainable classifiers or non-advanced rule support yet.
• Attachment contains: Detects if an attachment contains specified SITs or labels. Note that there is no trainable classifiers or non-advanced rule support yet.

This message is associated with Microsoft 365 Roadmap ID 377000.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late September (previously late August) 2024 and expect to complete by late October 2024 (previously late September).

[How this will affect your organization:]

You can now create new DLP policies or edit existing policies to include predicates to target specific email components like email body or attachments only.

This feature is available by default.

[What you need to do to prepare:]

For information about how to prepare, visit Create and deploy a data loss prevention policy | Microsoft Learn.

Updated September 12, 2024: We have updated the rollout timeline below. Thank you for your patience.

Microsoft Outlook on the web and new Outlook for Windows are enhancing users’ experience by automatically hiding contacts that are exact duplicates or proper subsets of other contacts. This means that if you have multiple entries for the same person, Outlook will consolidate them, keeping only the most complete contact visible. This update aims to declutter your contact list, making it easier to navigate and manage.

[When this will happen:]

Public Preview: We will begin rolling out late August 2024 and expect to complete by late September 2024.

General Availability (Worldwide): We will begin rolling out early September 2024 (late September) and expect to complete by mid-October 2024 (late September).

[How this will affect your organization:]

Impact on different Outlook clients: Cleanup will affect the Outlook web app and new Outlook for Windows, while classic Outlook for Windows, Outlook on Mac, and Outlook mobile will remain unchanged, showing all contacts.

Synchronization Across Platforms: Updates made to any contact will be synchronized across all Outlook clients.

How to access hidden duplicate contacts: Exact or proper subset duplicate contacts are automatically hidden to streamline your view. They remain accessible via classic Outlook for Windows, Outlook on Mac, and Outlook mobile. Users can also export contacts from any Outlook app to view them. 

How users can determine which contacts are subsets/hidden versus supersets: This is currently a manual process that can only be completed by reviewing contacts from within classic Outlook for Windows, Outlook on Mac, or Outlook mobile. There is no method for admins to automate this process at this time.

Exporting Contacts: If users need to export their contacts for review in another tool, including the hidden ones, you can export contacts in all Outlook clients. 

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.

Coming soon for Microsoft OneDrive Sync: When users are about to delete shared items, a new prompt will ask users to confirm the deletion. When users are about to mass delete local items, an updated prompt will ask users to confirm the deletion. This message applies to OneDrive on Windows desktop.

This message is associated with Microsoft 365 Roadmap ID 415705.

[When this will happen:]

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out mid-September 2024 and expect to complete by early October 2024.

[How this will affect your organization:]

Before this rollout, users are able to delete shared items in File Explorer without being asked to confirm the deletion. Users are prompted to confirm deletion before they mass delete local items, which might have included shared items.

After this rollout, when users are running OneDrive and OneDrive is not paused, and users are about to delete shared items or mass delete local items (more than 200 items by default) in File Explorer, users will be asked to confirm the deletion of shared items in a new prompt or the deletion of mass items in an updated prompt in File Explorer:

Prompt to confirm the mass deletion of local items:

In the Microsoft admin center, admins can set a value for the Group policies (SharedContentDeleteConfirmation and LocalMassDeleteFileDeleteThreshold) to prevent users from opting out of seeing the confirmation prompts. Admins can also set the threshold for mass delete (the default is 200 items). If admins do not set a value for the Group policies, users will be able to opt out of the confirmation messages.

This feature is on by default.

[What you need to do to prepare:]

This rollout will be applicable in builds later than One Drive 24.091.0505.0001. No admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation.

Admins who set a value for the Group policies should be aware of these features in case internal support is needed for users who are not able to opt out of the confirmation dialogs.

To simplify our communications for ‘Azure Information Protection’ events in Service health and Message center, we’re consolidating communications under the existing ‘Microsoft Purview’ service listing. Once the change is in place, you’ll see ‘Azure Information Protection’ events communicated under ‘Microsoft Purview’.

[When this will happen:]

This will be rolled out to Service health and Message center by the end of September 2024. 

[How this will affect your organization:]

Communications related to ‘Azure Information Protection’ will be communicated under ‘Microsoft Purview’ in Service health and Message center.

[What you need to do to prepare:]

You might consider updating your administrator training and documentation as needed. If you would like to receive email notifications for events related to ‘Azure Information Protection’ after this change, please configure your email preferences to include ‘Microsoft Purview’, within Service health and Message center pages respectively.

The availability of the delete API (removeallaccessforuser API) does not stop a malicious user from resending a Microsoft Teams message to the same victim. To help prevent that, a block user feature will allow the admin to block the malicious user from reaching out again. To make this possible, we will use a similar feature as the allow/block list in federation identity credentials to block the malicious user from the entire organization.   

This message is associated with Microsoft 365 Roadmap ID 411138.

[When this will happen:]

General Availability (Worldwide): We will begin rolling out late October 2024 and expect to complete by early November 2024.

[How this will affect your organization:]

Admins can now set up a list of users that are blocked from collaborating with their organization. If a user is added to the block list, your organization will not be able to have 1:1 and group chats with these users. If chats already exist before a user is added to the block list, the blocked user will be removed from the chat.

This feature is turned off by default. 

[What you need to do to prepare:]

If you wish to use this feature, navigate to external access organization settings to turn this feature on and add users to the block list.

We’ve added new capabilities to the Text web part in Microsoft SharePoint Online, which include: 

• Ability to set custom font colors.
• New paragraph style option to select normal text with or without spacing between paragraphs.
• Option to add/remove spacing before/after paragraphs and headings.
• Ability to set custom line spacing. 
• New quote style options.
• Ability to highlight the number of columns and rows to insert in a new table.

[When this will happen:]

General Availability (Worldwide, GCC, GCCH, and DoD): We will begin rolling out early September 2024 and expect to complete by late September 2024.

[How this will affect your organization:]

All SharePoint Online page authors will have these new capabilities. 

This new feature is available by default.

[What you need to do to prepare:]

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.