InTune Archives - Microsoft 365 Blog http://approjects.co.za/?big=en-za/microsoft-365/blog/product/intune/ Tue, 28 Jun 2022 17:52:12 +0000 en-ZA hourly 1 https://wordpress.org/?v=6.6.2 Research: A concrete way to measure IT’s impact on an employee’s at-work experience http://approjects.co.za/?big=en-za/microsoft-365/blog/2019/12/03/quantifying-impact-technology-it-process-employee-experience/ Tue, 03 Dec 2019 17:00:15 +0000 There’s been a lot written about how Microsoft’s huge turnaround under Satya Nadella is the result of a culture change. When we analyze the things that drive culture and look for ways we can support other organizations who are making changes of their own, we consistently find that IT has an outsized number of opportunities

The post Research: A concrete way to measure IT’s impact on an employee’s at-work experience appeared first on Microsoft 365 Blog.

]]>
There’s been a lot written about how Microsoft’s huge turnaround under Satya Nadella is the result of a culture change. When we analyze the things that drive culture and look for ways we can support other organizations who are making changes of their own, we consistently find that IT has an outsized number of opportunities to positively impact employee sentiment and loyalty—both of which are critical parts of any organization’s cultural transformation.

Improving employee sentiment and employee loyalty is also a critical way for an organization to attract winning talent. When workers have a modern workplace experience that is connected, flexible, and empowering, it sends a clear signal that they’re valued and they work for a forward-leaning organization.

Cultivating and positively reinforcing these attributes within your workforce is obviously valuable, but to make these changes replicable and actionable among our customers worldwide, we needed to study and quantify how this happens. We worked closely with leading experience management company, Qualtrics, as they’ve exhaustively studied how to do this.

Here’s what we learned.

Modernize the workplace experience

It’s not particularly revolutionary to say that some of the most advanced tools for productivity and user experience are found in Microsoft 365. This platform empowers users to work anywhere across their devices—and it has been built to meet and exceed the needs and expectations of users, IT, and security, so that it is valuable to every stakeholder in your organization. I like to refer to Microsoft 365 as loved by users, loved by IT, and trusted by all.

To really make the most of Microsoft 365 value, we worked with organizations to help them modernize their workplace experiences by deploying Microsoft 365 through our Microsoft Managed Desktop service. With Microsoft Managed Desktop, we manage these PCs on behalf of the customers, and they use Microsoft 365 as the foundation for their productivity/management/security. This setup is something I call “Microsoft 365 native.”

A Microsoft 365 native PC:

  • Is a modern device with touch capabilities.
  • Runs the Office 365 ProPlus cloud-attached apps.
  • Is managed and secured with Microsoft 365.
  • Provides a fast, responsive work experience that isn’t bogged down by extra agents that slow down the way you work.

The result can be seen in something I like to call “the most boring demo in the world,” which I think will blow you away.

For these customers, we deployed the Microsoft Managed Desktop baseline and set of policies to manage and secure the environment. The Microsoft Managed Desktop service leverages the built-in capabilities of Microsoft 365. We consider it the gold standard when it comes to the architectural approach, the required policies needed to secure devices, and the ways we believe PCs should be deployed, managed, and operated to exceed the expectations both users and IT.

As these initial organizations were moving into the Microsoft Managed Desktop service, we had an interesting opportunity to work with a few organizations to measure and concretely quantify the difference in employee sentiment between the users with a modern workplace and the Microsoft 365 native experience delivered by Microsoft Managed Desktop. Accounting for dozens of variables, the impact and results of this study were impressive.

Adopt what works at work for workers

One of the biggest things we learned had to do with the reaction to changes in the technology experience. Comparing the two control groups, the Microsoft 365 native devices (managed by the Microsoft Managed Desktop service) had a boot time that was 85 percent faster, an immediate resume experience, 2x the battery life, and 85 percent fewer crashes. Users of these Microsoft Managed Desktop-based Microsoft 365 native devices definitely noticed these improvements:

Infographic showing employee impact of Microsoft 365 native. 38% are more likely to feel that their PC experience helps them best serve customers/stakeholders. +75 increase in net promotor score. 121% more likely to feel valued by their company.

The real question, however, is how this kind of change in technology impacts employee sentiment and loyalty. This question is an area where Qualtrics’ expertise in measuring, analyzing, and understanding employee experiences discovered some fascinating data on just how significant the impact was.

Below is a page I took directly from the report they delivered to us:

Key takeaways infographic. 15% increase in employee engagement. 31% improvement in employee effectiveness. 59% accelerated employee impact. 121% increase in employer ratings and brand image. 74 point increase in PC experience recommendation rates. 80% increase in PC experience recommendation rates.

The measurement I found most impactful deals with how much more valued these employees feel by their company when they have that Microsoft 365 native work environment. This increase in employee sentiment translates into happier and more fulfilled employees. Having happier employees directly impacts the customer experience your organization delivers, which in turn increases long-term employee loyalty.

The data from the couple of organizations in which we deployed the survey indicates that loyal employees stay with an organization longer, and this results in less employee churn, which results in the entire organization operating at a higher and more productive level. One of the most rewarding things we’ve done with this research is to show the results to the senior leaders of these companies and emphasize to them the impact of their IT organization.

Make it real for your organization

These insights from Qualtrics really illustrate the impact of modern management. When you deploy modern technology and manage it in a modern way, you can extend this same experience to your users. The Microsoft Managed Desktop service uses System Center Configuration Manager (ConfigMgr) and Microsoft Intune—what we now call Microsoft Endpoint Manager—to simplify management and ensure your users are having a great experience.

Announcing Microsoft Endpoint Manager

Learn how we’re integrating Microsoft Intune, Configuration Manager, and more into a single solution called Microsoft Endpoint Manager.

Watch the video

Through Microsoft Endpoint Manager, we’re also making it easier for you to manage Office 365 ProPlus across devices to ensure your employees are secure and productive no matter how they need to work. In addition to providing device health insights that let you monitor the upgrade readiness of your devices to the latest feature update of Office 365 ProPlus, we also announced deeper integration for managing Office 365 using Jamf Pro. Our integration with the new Application and Custom Settings experience (demonstrated at the Jamf Nation User Conference (JUNC) 2109 a few weeks ago) allows you to easily set Office 365 policies using a familiar forms-based interface.

If you’re administering Mac devices, you centrally configure security, privacy, and update policies to deliver the very best Office 365 experience on a Mac to your users. We’re committed to helping you to provide a great employee experience, no matter the device.

Next steps

The question you’re likely asking right now is, “How do I get this kind of experience into the hands of my users?” First, if you want to take advantage of the Microsoft Managed Desktop service and offload this work to the experts at Microsoft, you can easily learn more.

Microsoft Managed Desktop

Delight users, protect devices, and focus on your core business by modernizing your workplace with Microsoft Managed Desktop.

Learn more

The new Productivity Score, announced last month, is being built to help guide you use the insights from both Employee Experience and Technology Experience to quantify the cultural impact of technology on your users. It also helps you understand the specific actions you can take to improve the management of each device to ensure your users are having a great experience.

To take advantage of Productivity Score, make sure you have enabled co-management by connecting ConfigMgr and Intune—now known as Microsoft Endpoint Manager. If you’re curious how to do this, check out my Mechanics video to learn how. In the meantime, work you can be doing is to take a hard look at three things, which are the most common causes of poor performance on your PCs:

  • Take a deep look at all the agents you are deploying. The single largest cause of poor boot, resume, and battery life is loading the PC with too many agents. Do you really need what you have? Does what is built-in and part of Microsoft 365 meet your needs?
  • Look at how many Group Policies are you applying. This has an impact the boot-to-productive time.
  • Are you giving good hardware to your user? For example, if your devices have HDD drives instead of SSDs the performance impact is significant.

You can also benefit from your own research from Qualtrics. Like what we did with our Microsoft Managed Desktop service, you can gather a group of users to test the Microsoft 365 native deployment and then use Qualtrics to help you to measure the impact this native experience can have in your organization.

Learn more

To learn more about the Qualtrics data and Microsoft Managed Desktop, visit the Tech Community blog.

The post Research: A concrete way to measure IT’s impact on an employee’s at-work experience appeared first on Microsoft 365 Blog.

]]>
New to Microsoft 365 in September—updates to Microsoft To Do, PowerPoint, OneNote, and more http://approjects.co.za/?big=en-za/microsoft-365/blog/2019/09/30/new-to-microsoft-365-in-september-microsoft-to-do-powerpoint-onenote/ Mon, 30 Sep 2019 16:15:39 +0000 Every update we make to Microsoft 365 is about helping our customers transform the way they work. And this month, we’re introducing updates and features designed to help you collaborate more effectively, work more efficiently, and protect your data more proactively. We updated the conversation experience for Yammer mobile, so it’s easier to discover and

The post New to Microsoft 365 in September—updates to Microsoft To Do, PowerPoint, OneNote, and more appeared first on Microsoft 365 Blog.

]]>
Every update we make to Microsoft 365 is about helping our customers transform the way they work. And this month, we’re introducing updates and features designed to help you collaborate more effectively, work more efficiently, and protect your data more proactively.

We updated the conversation experience for Yammer mobile, so it’s easier to discover and share the content that matters most, and a new PowerPoint for iPad feature makes it (finally!) easy to share a single slide. The updated Microsoft To Do app keeps you productive on the go, and now you can export Visio workflows to Microsoft Flow—a great way to streamline business processes and save your organization money and time. Also new in September: automated incident response with Office 365 Advanced Threat Protection (ATP) for more effective, efficient security.

Collaborate, save time, and improve productivity with app updates

App updates streamline your mobile experience and help you conquer your to-do list across devices.

Join the conversation with beautiful new experiences for the Yammer mobile app—We updated the conversation experience for Yammer mobile, so you can connect, discover, and share in a way that’s easy on the thumbs and on the eyes. Highlights include a new card-based design that sharpens content, easy-to-read formatting and styling, a new grid layout for docs and images that makes it easier to preview and engage with multiple images or files, and link previews and inline videos right in the feed. To experience these improvements, simply update your Yammer app to the latest version.

Image of three phones side by side displaying a Group Conversation in Yammer.

Get more done with the new version of Microsoft To Do—This month, we unveiled a new version of To Do with a fresh design, access from anywhere, and better integration with Microsoft apps and services. You can choose from customization options and backgrounds (including dark mode) to tailor your experience and suit your lists. You can also sync To Do across all platforms to take your lists with you wherever you go. In addition, you integrate To Do with Microsoft 365 apps and services or have one centralized view of your tasks. Think of To Do as your new task aggregator—from Outlook to Planner and Cortana and the Microsoft Launcher on Android, you can now see your whole list in one place.

To get started, download the To Do app. And if you’re coming from Wunderlist, you can import your existing lists in just a few clicks.

Animated image of Microsoft To Do displaying a My Day to-do list.

Share, communicate, and collect feedback more efficiently and effectively

New app features let you share individual PowerPoint slides, stay on top of your notes in OneNote, and conduct more effective surveys.

Share individual slides and overcome public speaking jitters with new PowerPoint features—Sometimes you only need to share that one specific slide, and sending it via email or creating a separate file can be cumbersome. Now, exclusively in PowerPoint for the web, you can share a deck with a link to a specific slide. Just right-click the slide thumbnail, select Link to this slide, and copy the link.

Image of an individual slide about to be copied in PowerPoint.

We also released Presenter Coach in PowerPoint for the web in public preview. Presenter Coach uses the power of artificial intelligence (AI) to give users real-time, on-screen feedback to improve public speaking skills. Rehearse your presentation and get helpful tips on pacing and using inclusive language, as well as avoiding filler words like “basically” or “um,” or developing a rote presentation style.

Stay on top of your most recent notes and adjust your color schemes in OneNote—Updates to OneNote allow you to take your notes with you on the go and personalize your experience. Recent Notes is now also available on Mac, helping you easily pick up where you left off on any device with a chronological list of pages you recently viewed or edited.

On iPad, we integrated OneNote with Sticky Notes, so you can surface your notes there and avoid toggling between apps. Finally, you can now switch to a darker canvas with the new dark mode in OneNote for Mac. All these new features are available now.

Animated image of a recipe being shared in OneNote.

Overcome language barriers in your surveysMicrosoft Forms now offers the option to create surveys in multiple languages without having to merge separate documents. Multilingual support enables users to reach a broader audience and helps respondents provide richer feedback by displaying questions in their preferred language. Beginning next month, you’ll be able to access multilingual support by clicking on the ellipsis in the top right corner and selecting Multilingual from the dropdown menu.

Animated image of a multilingual survey in Microsoft Forms.

Export Visio workflows to Microsoft Flow to quickly automate business processes—Designing processes quickly and automating workflows can help accelerate productivity, but it’s often easier said than done. Now you can easily create new automation flows in the familiar diagramming experience of Visio and seamlessly export them as a fully functioning workflow to Microsoft Flow. Built-in Business Process Model and Notation (BPMN) stencils have sharing and commenting capabilities, simplifying development and collaboration. Once the workflow’s complete, you can publish it to Microsoft Flow with a single click. This capability is now generally available to all Visio Plan 2 users through the Visio desktop app.

Streamline IT management and security

New features simplify the management of corporate Android devices, making it easy to add Microsoft 365 customers and ensure endpoints and devices are secure.

Manage corporate-owned Android devices with Microsoft Intune—With support for Android Enterprise fully managed devices, Microsoft 365 customers can deliver a high-quality and feature-rich productivity scenario for employees on corporate-owned devices, while maintaining an extended set of policy controls over those devices. Intune support for Android Enterprise work phone management is now available.

To get started, check out our Intune documentation.

Image of three phones side by side setting up a device as a work phone in Microsoft Intune.

Save time when adding new employees to Microsoft 365—Adding and configuring new employees or freelancers to Microsoft 365 just got easier. Beginning this month, you can create and use a template to save time and standardize settings when adding people in the Microsoft 365 admin center. Templates are particularly useful if you have employees who share many attributes, like those who work in the same role and the same location.

Beginning this month, head to the Microsoft 365 admin center and select Users > Active Users > User Templates > Add Template.

Animated image of a user being added to an engineers list in the Microsoft 365 admin center.

Automate incident response with Office 365 ATP—We’re excited to announce the general availability of Automated Incident Response in Office 365 ATP, which applies powerful automation capabilities to investigation and response workflows, dramatically improving the effectiveness and efficiency of your business’s security teams. These capabilities are available to organizations with the Office 365 ATP Plan 2, Office 365 E5, and Microsoft 365 E5 Security SKUs.

Evaluate security products with ease—The new evaluation lab in Microsoft Defender Advanced Threat Protection removes the challenges of machine installation and configuration. Security experts can verify a potential platform, familiarize themselves with the product, learn about new features, or use the lab environment for attack simulations.

The new evaluation lab is now generally available. To access it, select Evaluation and tutorials > Evaluation lab directly from the navigation menu.

Image of the evaluation lab dashboard in Microsoft Defender Advanced Threat Protection.

Also new this month

  • The redesigned Outlook on the web is now generally available. The redesigned experience features a modern design, new and smarter features, and a faster framework.
  • Now generally available, Security Policy Advisor—introduced in public preview this spring—can examine your policies and provide recommendations to improve security.
  • Windows Virtual Desktop is now generally available, delivering a virtual, multi-session Windows 10 experience. Windows Virtual Desktop enables you to deploy and scale your Windows desktops and apps on Azure in minutes.

As always, every Microsoft 365 update reflects our commitment to improving the experience for you—so if you have feedback or ideas on how we can improve, don’t hesitate to let us know.

The post New to Microsoft 365 in September—updates to Microsoft To Do, PowerPoint, OneNote, and more appeared first on Microsoft 365 Blog.

]]>
Adobe Acrobat chooses Microsoft 365 for built-in app protection http://approjects.co.za/?big=en-za/microsoft-365/blog/2019/09/05/adobe-acrobat-ios-android-microsoft-365-app-protection/ Thu, 05 Sep 2019 16:00:37 +0000 My team has worked very closely with our counterparts at Adobe for years, and this collaboration has created a long list of functionalities that have positively impacted users, as well as the people managing this software in the IT department. Today marks another big milestone in this relationship: On behalf of the Microsoft 365 engineering

The post Adobe Acrobat chooses Microsoft 365 for built-in app protection appeared first on Microsoft 365 Blog.

]]>
My team has worked very closely with our counterparts at Adobe for years, and this collaboration has created a long list of functionalities that have positively impacted users, as well as the people managing this software in the IT department.

Today marks another big milestone in this relationship: On behalf of the Microsoft 365 engineering team, I’m excited to announce Adobe has integrated Microsoft Intune application protection directly into the Adobe Acrobat Reader mobile app for iOS and Android.

The Adobe Acrobat Reader mobile app is the trusted global leader for reliably working with PDFs from anywhere. Hundreds of millions of users rely on the Acrobat Reader mobile app to edit, fill, sign, create, or convert PDFs on the go—and now this functionality is natively supported in Microsoft 365 management and security policies. Anyone using the latest version of the standard Acrobat Reader app will now have the industry-leading protection of Intune when handling their corporate documents and forms on mobile devices. Now, the “Acrobat Reader for Intune” app is no longer required and will reach end-of-service on both Android and iOS by December 1, 2019.

How does this help users?

This change aligns Adobe mobile app management with the same management built into the Office 365 mobile apps. This brings unprecedented simplification and security to millions of users and organizations. Adobe is one of the most common third-party mobile device apps used by Microsoft 365 customers, and these new Intune app protection policies will protect your company data at the app level. This type of protection is critically important because it allows you to protect company data on both managed and unmanaged devices. Because mobile app management (MAM) is based on user identity, the requirement for mobile device management (MDM) is removed. Both users and IT love this because it allows them to use the same app for both work and personal use, while maintaining the most productive experience possible.

Intune can determine whether you are working on a personal or work document and only applies the company security policies when it senses you are in a work-related document. This gives you the ability to respect personal privacy and secure company data without touching personal data—on a BYOD personal phone for example. The Adobe app on iOS now supports this multi-identity functionality.

Making it easy for IT admins to deploy

If you happen to already use the Adobe Acrobat Reader for Intune app with the Intune policies applied, you can make this change with minimum disruption. Our engineering team has made sure that any existing app protection policies targeted to Adobe Acrobat Reader for Intune will automatically target the Adobe Acrobat Reader app in the backend. All your users need to do is be on the latest versions of their app:

Please look for support notices with more details shortly if your tenant includes such configurations, and you can check out Adobe’s announcement regarding this change.

How to get Microsoft 365 app protection for your own apps

There is now a strong ecosystem of apps that serve the widest enterprise use cases, having made the decision to embed the Intune app protection capabilities directly into their mainline apps. The most commonly used mobile and cloud business apps (Microsoft Office apps, Adobe, Citrix, and more) have embraced the security and manageability of Microsoft 365 across various app stores. This delivers a unique value to modernizing your business.

If you’re an independent software vendor (ISV) or create your own line-of-business apps, you can also get Microsoft’s industry-leading app protection built right into your mobile apps. Based on your needs and resources, the Microsoft engineering team provides several methods to get app protection policies enabled for your app.

For apps that have more complex scenarios, such as editing or sharing corporate documents, we suggest the Intune SDK that Adobe has used. This approach is typically recommended when you have app developers to help you. For simpler line-of-business applications, such as time absence reporting apps, the wrapping tool is ideal for you and is meant to be used by IT admins.

In addition to Adobe, several other third-party apps have adopted Intune app protection for corporate data on mobile devices. You can check out our protected mobile app ecosystem, and you can follow that link to find even more resources to help you get started:

As always, we want to hear from you! If you have any suggestions, questions, or comments, please visit us on our Tech Community page.

The post Adobe Acrobat chooses Microsoft 365 for built-in app protection appeared first on Microsoft 365 Blog.

]]>
Helping IT reduce costs, increase security, and boost employee productivity http://approjects.co.za/?big=en-za/microsoft-365/blog/2019/03/21/helping-it-reduce-costs-increase-security-boost-employee-productivity/ Thu, 21 Mar 2019 07:00:00 +0000 Todaen-y, we’re announcing several new Microsoft 365 enhancements to help IT reduce costs, increase security, and boost employee productivity. Here’s a quick summary: Windows Virtual Desktop is now in public preview, providing the best virtualized Microsoft 365 experience across devices. Microsoft Defender Advanced Threat Protection (ATP) now supports Mac, extending Microsoft 365 advanced endpoint security

The post Helping IT reduce costs, increase security, and boost employee productivity appeared first on Microsoft 365 Blog.

]]>
Todaen-y, we’re announcing several new Microsoft 365 enhancements to help IT reduce costs, increase security, and boost employee productivity.

Here’s a quick summary:

  • Windows Virtual Desktop is now in public preview, providing the best virtualized Microsoft 365 experience across devices.
  • Microsoft Defender Advanced Threat Protection (ATP) now supports Mac, extending Microsoft 365 advanced endpoint security across platforms.
  • The new Microsoft Threat and Vulnerability Management (TVM) capability in Microsoft Defender ATP will help detect, assess, and prioritize threats across endpoints.
  • Office 365 ProPlus will now include the Microsoft Teams app, enabling a new way to work.
  • We’re reducing the time it takes to apply Windows 10 feature updates, making it easier to deploy and service Windows 10.
  • We’re enhancing Configuration Manager and Microsoft Intune with new insights and deployment options to make it easier to manage your devices across platforms.
  • Microsoft 365 admin center is now generally available.

Virtualize Windows 10 and Office 365 on Azure with Windows Virtual Desktop—now in public preview

Today, we’re happy to announce the public preview of Windows Virtual Desktop. Windows Virtual Desktop is the only service that delivers simplified management, multi-session Windows 10, optimizations for Office 365 ProPlus, and support for Remote Desktop Services (RDS) environments in a shared public cloud. With Windows Virtual Desktop, you can deploy and scale your Windows desktops and apps on Azure in minutes, with built-in security and compliance.

For more information about Windows Virtual Desktop or how to get started with the public preview, read the full announcement and watch the new Mechanics video.

Address risks and protect more of your Microsoft 365 devices and endpoints with Microsoft Defender ATP—now in public preview

New today, we’re extending support for our Microsoft Defender threat protection platform to Mac. And because we’re extending support beyond the Windows ecosystem, we’re renaming the platform from Windows Defender Advanced Threat Protection (ATP) to Microsoft Defender Advanced Threat Protection (ATP). Starting today, Microsoft Defender ATP customers can sign up for a public preview. For more information, visit our Tech Community blog.

We’re also announcing Threat and Vulnerability Management (TVM), a new capability within Microsoft Defender ATP, designed to empower security teams to discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by threat actors. Using TVM, customers can evaluate the risk-level of threats and vulnerabilities and prioritize remediation based on signals from Microsoft Defender ATP. TVM will be available as a public preview for Microsoft Defender ATP customers within the next month. Learn more about it in our Tech Community blog.

Today’s security announcements are an important milestone in our Microsoft 365 endpoint security journey. For more details, check out Rob Lefferts’s post on the Microsoft Security blog.

Enable a new way to work with Office 365 ProPlus and Teams—starting in March

Starting in March, new installs of Office 365 ProPlus will include the Teams app by default. As a “hub for teamwork,” Teams combines chat, voice, video, files, meetings, and calls into a single, integrated experience.

In addition, the default installation for ProPlus will now be 64 bit, enabling better reliability and more effective use of newer PC hardware. If you have earlier 32-bit installs, a soon-to-be-released in-place upgrade from 32-bit to 64-bit Office 365 ProPlus will allow you to upgrade the Office apps without uninstalling and reinstalling.

Reducing the time required for Windows 10 feature updates—starting with version 1709

We made important changes to the Windows update process. Starting with Windows 10 version 1709, devices are updating up to 63 percent faster. Additionally, with the release of Windows 10 version 1703, we’ve seen a 20 percent reduction in operating system and driver stability issues.

Simplify and modernize management with Configuration Manager and Intune

Configuration Manager current branch offers CMPivot for real-time queries and updates to management insights that help with co-management readiness. What’s more, you can now take advantage of new deployment options, including phased deployments and configuring known-folder mapping to OneDrive.

Mobile Device Management (MDM) Security Baselines are now in preview in Intune. These baselines are a group of Microsoft-recommended configuration settings that increase your security posture and operational efficiency and reduce costs. We’re also announcing several new Intune capabilities for unified endpoint management across devices and platforms.

Check out What’s new in Microsoft Intune and Configuration Manager for more detailed information on our broad unified endpoint management investments.

Manage Microsoft 365 with a new admin center—rolling out now

We’re also announcing the that the new Microsoft 365 admin center, previously in preview, will become the default experience for all Microsoft 365 and Office 365 admins. Admin.microsoft.com is your single entry point for managing your Microsoft 365 services and includes new features like guided setup experiences, improved groups management, Multi-Factor Authentication (MFA) for admins, and more.

For more information on this new release, check out the detailed post on the Microsoft 365 Tech Community blog.

More at Microsoft Ignite: The Tour in Amsterdam

We’re sharing more on each of these announcements this week at Microsoft Ignite: The Tour in Amsterdam. I’ll be there to co-present a session with Jeremy Chapman on “Simplifying IT with Windows 10 and Office 365 ProPlus.” You’ll have a chance to learn more from many of my colleagues in the teamwork, modern desktop, and security sessions. I hope to see you there!

Editor’s note 3/21/2019:
Blog post was updated to correct information regarding Configuration Manager current branch.

The post Helping IT reduce costs, increase security, and boost employee productivity appeared first on Microsoft 365 Blog.

]]>
Helping customers shift to a modern desktop http://approjects.co.za/?big=en-za/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop/ Thu, 06 Sep 2018 15:00:06 +0000 IT is complex. And that means it can be difficult to keep up with the day-to-day demands of your organization, let alone deliver technological innovation that drives the business forward. In desktop management, this is especially true: the process of creating standard images, deploying devices, testing updates, and providing end user support hasn’t changed much

The post Helping customers shift to a modern desktop appeared first on Microsoft 365 Blog.

]]>
IT is complex. And that means it can be difficult to keep up with the day-to-day demands of your organization, let alone deliver technological innovation that drives the business forward. In desktop management, this is especially true: the process of creating standard images, deploying devices, testing updates, and providing end user support hasn’t changed much in years. It can be tedious, manual, and time consuming. We’re determined to change that with our vision for a modern desktop powered by Windows 10 and Office 365 ProPlus. A modern desktop not only offers end users the most productive, most secure computing experience—it also saves IT time and money so you can focus on driving business results.

Today, we’re pleased to make three announcements that help you make the shift to a modern desktop:

  • Cloud-based analytics tools to make modern desktop deployment even easier.
  • A program to ensure app compatibility for upgrades and updates of Windows and Office.
  • Servicing and support changes to give you additional deployment flexibility.

Analytics to make modern desktop deployment easier

Collectively, you’ve told us that one of your biggest upgrade and update challenges is application testing. A critical part of any desktop deployment plan is analysis of existing applications—and the process of testing apps and remediating issues has historically been very manual and very time consuming. Microsoft 365 offers incredible tools today to help customers shift to a modern desktop, including System Center Configuration Manager, Microsoft Intune, Windows Analytics, and Office Readiness Toolkit. But we’ve felt like there’s even more we could do.

Today, we’re announcing that Windows Analytics is being expanded to Desktop Analytics—a new cloud-based service integrated with ConfigMgr and designed to create an inventory of apps running in the organization, assess app compatibility with the latest feature updates of Windows 10 and Office 365 ProPlus, and create pilot groups that represent the entire application and driver estate across a minimal set of devices.

The new Desktop Analytics service will provide insight and intelligence for you to make more informed decisions about the update readiness of your Windows and Office clients. You can then optimize pilot and production deployments with ConfigMgr. Combining data from your own organization with data aggregated from millions of devices connected to our cloud services, you can take the guess work out of testing and focus your attention on key blockers. We’ll share more information about Desktop Analytics and other modern desktop deployment tools at Ignite.

Standing behind our app compatibility promise

We’re also pleased to announce Desktop App Assure—a new service from Microsoft FastTrack designed to address issues with Windows 10 and Office 365 ProPlus app compatibility. Windows 10 is the most compatible Windows operating system ever, and using millions of data points from customer diagnostic data and the Windows Insider validation process, we’ve found that 99 percent of apps are compatible with new Windows updates. So you should generally expect that apps that work on Windows 7 will continue to work on Windows 10 and subsequent feature updates. But if you find any app compatibility issues after a Windows 10 or Office 365 ProPlus update, Desktop App Assure is designed to help you get a fix. Simply let us know by filing a ticket through FastTrack, and a Microsoft engineer will follow up to work with you until the issue is resolved. In short, Desktop App Assure operationalizes our Windows 10 and Office 365 ProPlus compatibility promise: We’ve got your back on app compatibility and are committed to removing it entirely as a blocker.

Desktop App Assure will be offered at no additional cost to Windows 10 Enterprise and Windows 10 Education customers. We’ll share more details on this new service at Ignite and will begin to preview this service in North America on October 1, 2018, with worldwide availability by February 1, 2019.

Servicing and support flexibility

Longer Windows 10 servicing for enterprises and educational institutions
In April 2017, we aligned the Windows 10 and Office 365 ProPlus update cadence to a predictable semi-annual schedule, targeting September and March. While many customers—including Mars and Accenture—have shifted to a modern desktop and are using the semi-annual channel to take updates regularly with great success, we’ve also heard feedback from some of you that you need more time and flexibility in the Windows 10 update cycle.

Based on that feedback, we’re announcing four changes:

  • All currently supported feature updates of Windows 10 Enterprise and Education editions (versions 1607, 1703, 1709, and 1803) will be supported for 30 months from their original release date. This will give customers on those versions more time for change management as they move to a faster update cycle.
  • All future feature updates of Windows 10 Enterprise and Education editions with a targeted release month of September (starting with 1809) will be supported for 30 months from their release date. This will give customers with longer deployment cycles the time they need to plan, test, and deploy.
  • All future feature updates of Windows 10 Enterprise and Education editions with a targeted release month of March (starting with 1903) will continue to be supported for 18 months from their release date. This maintains the semi-annual update cadence as our north star and retains the option for customers that want to update twice a year.
  • All feature releases of Windows 10 Home, Windows 10 Pro, and Office 365 ProPlus will continue to be supported for 18 months (this applies to feature updates targeting both March and September).

In summary, our new modern desktop support policies—starting in September 2018—are:

Windows 7 Extended Security Updates
As previously announced, Windows 7 extended support is ending January 14, 2020. While many of you are already well on your way in deploying Windows 10, we understand that everyone is at a different point in the upgrade process.

With that in mind, today we are announcing that we will offer paid Windows 7 Extended Security Updates (ESU) through January 2023. The Windows 7 ESU will be sold on a per-device basis and the price will increase each year. Windows 7 ESUs will be available to all Windows 7 Professional and Windows 7 Enterprise customers in Volume Licensing, with a discount to customers with Windows software assurance, Windows 10 Enterprise or Windows 10 Education subscriptions. In addition, Office 365 ProPlus will be supported on devices with active Windows 7 Extended Security Updates (ESU) through January 2023. This means that customers who purchase the Windows 7 ESU will be able to continue to run Office 365 ProPlus.

Please reach out to your partner or Microsoft account team for further details.

Support for Office 365 ProPlus on Windows 8.1 and Windows Server 2016
Office 365 ProPlus delivers cloud-connected and always up-to-date versions of the Office desktop apps. To support customers already on Office 365 ProPlus through their operating system transitions, we are updating the Windows system requirements for Office 365 ProPlus and revising some announcements that were made in February. We are pleased to announce the following updates to our Office 365 ProPlus system requirements:

  • Office 365 ProPlus will continue to be supported on Windows 8.1 through January 2023, which is the end of support date for Windows 8.1.
  • Office 365 ProPlus will also continue to be supported on Windows Server 2016 until October 2025.

Office 2016 connectivity support for Office 365 services
In addition, we are modifying the Office 365 services system requirements related to service connectivity. In February, we announced that starting October 13, 2020, customers will need Office 365 ProPlus or Office 2019 clients in mainstream support to connect to Office 365 services. To give you more time to transition fully to the cloud, we are now modifying that policy and will continue to support Office 2016 connections with the Office 365 services through October 2023.

Shift to a modern desktop

You’ve been talking, and we’ve been listening. Specifically, we’ve heard your feedback on desktop deployment, and we’re working hard to introduce new capabilities, services, and policies to help you on your way. The combination of Windows 10 and Office 365 ProPlus delivers the most productive, most secure end user computing experience available. But we recognize that it takes time to both upgrade devices and operationalize new update processes. Today’s announcements are designed to respond to your feedback and make it easier, faster, and cheaper to deploy a modern desktop. We know that there is still a lot of work to do. But we’re committed to working with you and systematically resolving any issues. We’d love to hear your thoughts and look forward to seeing you and discussing in more detail in the keynotes and sessions at Ignite in a few weeks!

The post Helping customers shift to a modern desktop appeared first on Microsoft 365 Blog.

]]>
Password-less sign-in to Windows 10 and Azure AD using FIDO2 is coming soon (plus other cool news)! http://approjects.co.za/?big=en-za/microsoft-365/blog/2018/04/17/password-less-sign-in-to-windows-10-azure-ad-using-fido2-is-coming-soon-plus-other-cool-news/ Tue, 17 Apr 2018 17:00:37 +0000 Howdy folks, Today I want to tell you about some exciting new features we’ve been working on that I think you’ll be pretty excited about. Specifically, today we are announcing that: A limited-preview of Password-less sign-in using a FIDO2 security key will available in the next update to Windows 10 (coming this spring). Azure AD

The post Password-less sign-in to Windows 10 and Azure AD using FIDO2 is coming soon (plus other cool news)! appeared first on Microsoft 365 Blog.

]]>
Howdy folks,

Today I want to tell you about some exciting new features we’ve been working on that I think you’ll be pretty excited about. Specifically, today we are announcing that:

  1. A limited-preview of Password-less sign-in using a FIDO2 security key will available in the next update to Windows 10 (coming this spring).
  2. Azure AD Conditional Access policies can now check device health as reported by Windows Defender Advanced Threat Protection.
  3. Azure AD access reviews, Privileged Identity Management and Terms of Use features are all now Generally Available.
  4. With the addition of domain allow and deny lists, Azure AD B2B Collaboration now gives you the ability to control which partner organizations you work with.

For more details, keep scrolling!

A limited-preview of Password-less sign-in using a FIDO2 security key will available in the next update to Windows 10 (coming this spring).

If you want to significantly improve your security posture, cut the risk of phishing attacks and cut your password management costs, then you are going to love the work we are doing to add FIDO2 support to Windows 10.

With the next Windows 10 update, we’re adding a limited preview of our FIDO2 security key support. This new capability will give your employees the ability to sign in to an Azure Active Directory-joined Windows 10 PC without a username or password. All they will need to do is insert FIDO2 compliant security key into their USB port and tab. They’ll be automatically signed in to the device and they’ll get single-sign-on access to all your Azure AD protected cloud resources, as well.

See how it works in this video:

We’ve got lots more work to do here of course, including adding support for delegated key creation, and support for hybrid environments. But this is going to be a HUGE step in our drive to eliminate passwords for good and we’re really excited about it.

Azure AD Conditional Access policies can now check device health as reported by Windows Defender Advanced Threat Protection.

We’re also announcing some major improvements to Azure AD Conditional Access based on a new integration with Intune and Windows Defender Advanced Threat Protection. You can now create access policies based on the risk level detected at Windows 10 endpoints, which helps you ensure that only trusted users on trusted devices can access your corporate data. With this new integration, Azure AD Conditional Access can now receive intelligence about suspicious activity in domain-joined devices and automatically block those devices from accessing corporate resources.

We have a video you can watch to learn more about how this integration works.

More updates!

We’ve got a few more updates to share that we think you’ll be happy to hear about, too.

At Ignite 2017, we announced the public preview of Azure AD access reviews, Privileged Identity Management (PIM) for Azure and Terms of Use and are now happy to announce the general availability of these three features in Azure AD Premium!

  • Access reviews: We created access reviews to help you manage the drift in access rights over time. With GA, you can schedule access reviews to run on a regular basis. And review results can be automatically applied to help ensure clean compliance reviews.
  • Azure AD PIM for Azure Resources: You can now use Azure AD PIM’s time-bound access and assignment capabilities to secure access to Azure Resources. For example, you can enforce Multi-Factor Authentication or an approval workflow whenever a user requests elevation into the Virtual Machine Contributor role. 
  • Terms of Use: Many customers have told us they need a way to let their employees and partners how they should be using the data they are about to access, especially with the May 25th 2018 GDPR deadline looming. Azure AD Terms of Use is now GA. We’ve recently added support for configuring terms with multiple languages and new detailed reports showing when specific users consented to which set of terms of use.

With the addition of domain allow and deny lists, Azure AD B2B Collaboration now gives you the ability to control which partner organizations you work with.

Last but not least you can now specify which partner organizations you want to share and collaborate with in Azure AD B2B Collaboration. To do this, you can choose to create list of specific allow or deny domains. When a domain is blocked using these capabilities, employees can no longer send invitations to people in that domain.

This helps you control access to your resources, while enabling a smooth experience for approved users.

This B2B Collaboration feature is available for all Azure Active Directory customers and can be used in conjunction with Azure AD Premium features like conditional access and identity protection for more granular control of when and how external business users sign in and gain access.

Go here to learn more.

Wrapping up

We’re excited to be able to bring you new ways to manage passwords, protect identities, and mitigate threats. Password-less sign-in in to Windows with Azure AD feature will soon be in limited preview, so let us know if you’d like to get on the waitlist to try it out.

And as always, if you have any feedback or suggestions, please tell us! We’re looking forward to hearing from you.

Best Regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity DivisionVirtual Machine Contributor

The post Password-less sign-in to Windows 10 and Azure AD using FIDO2 is coming soon (plus other cool news)! appeared first on Microsoft 365 Blog.

]]>
The Intune Managed Browser now supports Azure AD SSO and Conditional Access! http://approjects.co.za/?big=en-za/microsoft-365/blog/2018/03/15/the-intune-managed-browser-now-supports-azure-ad-sso-and-conditional-access/ Thu, 15 Mar 2018 16:00:10 +0000 Howdy folks, If you follow the blog, you know that Azure AD Conditional Access (CA) lets you easily secure access to Office 365 and all the other apps you use with Azure AD. It is our fastest growing feature ever and more than 23M users are now protected by conditional access policies! As it’s taken

The post The Intune Managed Browser now supports Azure AD SSO and Conditional Access! appeared first on Microsoft 365 Blog.

]]>
Howdy folks,

If you follow the blog, you know that Azure AD Conditional Access (CA) lets you easily secure access to Office 365 and all the other apps you use with Azure AD. It is our fastest growing feature ever and more than 23M users are now protected by conditional access policies! As it’s taken off, we’ve listened closely to your feedback about how we could improve Conditional Access and what you’d like to see next.

One of the features customers like you have requested the most is integration with the Intune Managed Browser. So today I am excited to announce two enhancements that are now in public preview:

  • Intune Managed Browser SSO: Your employees can enjoy Single Sign-on across native clients (like Microsoft Outlook) and the Intune Managed Browser for all Azure AD-connected apps.
  • Intune Managed Browser Conditional Access Support: You can now require employees to use the Intune Managed browser using application-based Conditional Access policies.

Read on for more details.

Single Sign-on to Azure AD-connected apps in the Intune Managed Browser

The Intune Managed Browser application on iOS and Android can now take advantage of SSO to all web apps (SaaS and on-premises) that are Azure AD-connected. When the Microsoft Authenticator app is present on iOS or the Intune Company Portal app on Android, users of the Intune Managed Browser will be able to access Azure AD-connected web apps without having to re-enter their credentials.

Let’s see how simple this is to have a better sign-in experience on iOS devices!

  • Install the latest Intune Managed Browser. When using the app for the first time, you can take advantage of Single Sign-on by installing the Microsoft Authenticator app. Complete this step.

  • Sign-in, and navigate to any of your Azure AD-connected applications with Single Sign-on. You will be prompted to register your device to provide Single Sign-on to all applications. That’s it!

    This capability expands on our previously announced integration between Azure AD Application Proxy and the Intune Managed Browser.

Pretty cool right?

Secure mobile browser access using Conditional Access and the Intune Managed Browser

You can also now restrict mobile browser access to Azure AD-connected web apps to the Intune Managed Browser only, blocking access from any other unprotected browsers like Safari or Chrome.

This allows you to secure access and prevent data leakage via unprotected browser applications. This protection can be applied to Office 365 services like Exchange Online and SharePoint Online, the Office portal, and even on-premises sites that you have exposed via the Azure AD Application Proxy.

To secure access, configure application-based Conditional Access policy in Azure AD and an App Protection policy for the Managed Browser in Intune.

Here’s how you do that:

Azure AD

It’s simple to create an Azure AD Conditional Access policy to lock down browser access to Intune Managed Browser. Learn how to setup an app-based conditional access policy on Azure AD. Here’s a screenshot of a policy targeting browser access.

Intune

Only a few more steps now! Create an Intune App Protection policy and target all users with for the Managed Browser application. Learn more on how to setup Intune App Protection policies here. A screenshot here shows how to target the managed browser application.

Your configuration is now ready! Users attempting to use unmanaged browsers such as Safari and Chrome will be prompted to use the Intune Managed Browser. If this is the first time, users will be prompted to install the Microsoft Authenticator on iOS or the Intune Company Portal on Android. Here is a screenshot of a blocked access when using Safari on iOS.

I hope you’ll give these new enhancements are try today. Here’s a set of quick links to get you started:

Quick Links

As always, we’d love to hear any feedback or suggestions you have. Just go here and let us know what you think!

Best regards,

Alex Simons (Twitter: @Alex_A_Simons)

Directory of Program Management

Microsoft Identity Division

The post The Intune Managed Browser now supports Azure AD SSO and Conditional Access! appeared first on Microsoft 365 Blog.

]]>
Conditional access in Azure AD: macOS support plus two more features now generally available! http://approjects.co.za/?big=en-za/microsoft-365/blog/2017/11/14/conditional-access-in-azure-ad-three-new-features-now-generally-available/ Tue, 14 Nov 2017 17:00:03 +0000 Howdy folks! Device-based conditional access is one of the hottest features in Azure AD and is growing at a rapid pace. Today, I’m excited to announce the general availability of a set of capabilities for device- and app-based conditional access that many of you have been eagerly waiting for. Support for macOS device-based conditional access

The post Conditional access in Azure AD: macOS support plus two more features now generally available! appeared first on Microsoft 365 Blog.

]]>
Howdy folks!

Device-based conditional access is one of the hottest features in Azure AD and is growing at a rapid pace. Today, I’m excited to announce the general availability of a set of capabilities for device- and app-based conditional access that many of you have been eagerly waiting for.

  1. Support for macOS device-based conditional access
  2. Application-based conditional access for limiting access to managed apps with in-app controls for iOS and Android
  3. The ‘Devices’ blade in Azure AD in Azure portal

macOS as platform for device-based conditional access

Now you can comprehensively secure access to Office 365 and other Azure AD-connected apps with new support for macOS conditional access. With macOS conditional access you have the ability to:

  • Enroll and manage macOS devices using Intune
  • Ensure macOS devices adhere to your organization’s compliance policies defined in Intune
  • Restrict access to applications in Azure AD to only compliant macOS devices

What’s new in GA

Chrome as a supported browser: In public preview, we started with supporting only the Safari browser. With general availability, we’re extending support for device-based conditional access to Chrome on macOS.

Microsoft Teams: Microsoft Teams is now a supported application, in addition to the applications supported during the public preview of conditional access for macOS.

An improved Intune Company Portal: The Intune Company Portal on macOS has an updated experience, which has been optimized to cleanly display all the information and compliance notifications your users need for all the devices they have enrolled. And, once the Intune Company Portal has been deployed to a device, Microsoft AutoUpdate for macOS will provide updates to it.

You can download the new Intune Company Portal for macOS by logging into the Intune Company Portal website from a macOS device.

Note: Updating from the preview version of the Company Portal will not require users to re-enroll into Intune.

The following OS versions, applications, and browsers are supported on macOS for conditional access:

Operating Systems

  • macOS 10.11+

Applications

  • Microsoft Office 2016 for macOS v15.34 and later
  • Microsoft Teams

Browsers

  • Safari
  • Chrome

Azure AD application-based conditional access for iOS and Android in the Azure portal

With today’s update, you can now restrict access to Office 365 and other Azure AD-connected cloud apps from approved client apps that support Intune App Protection policies using Azure AD app-based conditional access. Intune App Protection policies are used to configure and protect company data on these client applications.

You also get the flexibility to protect data for both personal and company devices by combining app-based conditional access policies with a device-based policy.

What’s in GA

The following conditions and controls are now available for use with app-based conditional access:

Supported platform condition

  • iOS
  • Android

Client apps condition

  • Mobile apps as supported client apps

Access control

  • Require approved client app

Learn how to set up a combined policy on Azure AD for Microsoft Exchange Online and Microsoft SharePoint Online.

‘Devices’ blade in Azure AD in Azure portal

With this last feature, you’re now able to find all your devices and device-related activities in one place: a new blade for management of device identities in the Azure portal. In this new blade, you can:

  1. View all your devices that are available for conditional access in Azure AD
  2. View properties, including your Hybrid Azure AD-joined devices
  3. Find BitLocker keys for your Azure AD-joined devices, manage your device with Intune and more
  4. Manage Azure AD device-related settings

Find the new ‘Devices’ option in the Azure portal under Azure Active Directory.

 

Try these features out today and let us know what you think! We look forward to hearing from you.

Best regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity Division

 

Quick Links

The post Conditional access in Azure AD: macOS support plus two more features now generally available! appeared first on Microsoft 365 Blog.

]]>
All workers welcome with Microsoft 365 http://approjects.co.za/?big=en-za/microsoft-365/blog/2017/09/25/all-workers-welcome-with-microsoft-365/ Mon, 25 Sep 2017 13:00:29 +0000 Today’s post was written by Bryan Goode, general manager for Office 365. Today at Microsoft Ignite, we unveiled a new vision for empowering Firstline Workers in the digital age and introduced Microsoft 365 F1—a new offering that brings together Office 365, Windows 10, and Enterprise Mobility + Security to deliver a complete, intelligent solution to

The post All workers welcome with Microsoft 365 appeared first on Microsoft 365 Blog.

]]>
Today’s post was written by Bryan Goode, general manager for Office 365.

Today at Microsoft Ignite, we unveiled a new vision for empowering Firstline Workers in the digital age and introduced Microsoft 365 F1—a new offering that brings together Office 365, Windows 10, and Enterprise Mobility + Security to deliver a complete, intelligent solution to empower all workers.

The modern workplace requires companies to meet new employee expectations, connect a more distributed workforce, and provide the tools that allow all employees to create, innovate, and work together to solve customer and business problems. A truly modern workplace brings out the best in employee ingenuity, creates a culture of innovation and action, and welcomes and empowers all workers from the executive team to the Firstline Workforce.

Firstline Workers comprise the majority of our global workforce. Numbering two billion people worldwide, they are the people behind the counter, on the phone, in the clinics, on the shop floor, and in the field. They are often the first to engage customers, the first to represent a company’s brand, and the first to see products and services in action. They form the backbone of many of the world’s largest industries, and without them, the ambitions of many organizations could not be brought to life.

We see an opportunity for technology to give Firstline Workers a more intuitive, immersive, and empowering experience. Microsoft is in a unique position to help companies tap into the potential of their Firstline Workforce with our commercial product offerings, spanning Microsoft 365, Dynamics 365, Microsoft IoT, Microsoft AI, and Microsoft HoloLens and the Windows Mixed Reality ecosystem.

The introduction of Microsoft 365 F1 represents a significant next step towards our vision of involving the Firstline Workforce in digital transformation by empowering every worker with technology.

Transforming the Firstline Worker experience

Microsoft 365 F1 includes the capabilities and tools to enable every worker to turn their ideas into action. It fosters culture and community, with Skype Meeting Broadcast for interactive townhall meetings and Yammer to help employees find and share best practices across the company.

Microsoft 365 F1 makes it easy to train and upskill employees, with Microsoft Stream to share dynamic, role-based content and video, and SharePoint to easily distribute onboarding and training materials and manage institutional knowledge in one secure place.

It supports firstline productivity and digitizes business processes, with Microsoft StaffHub, a purpose-built app for Firstline Workers to manage their workday and Microsoft PowerApps and Flow to automate everyday activities. Today, we’re announcing new capabilities coming to StaffHub, including the ability for employees to clock in/out and track tasks. We are also making it easier for employees to stay connected in StaffHub, by integrating messaging with Microsoft Teams, the hub for teamwork, and highlighting corporate announcements made in Yammer. Finally, we’re enabling customers to connect StaffHub to workforce management systems and other tools with the availability of general APIs.

Microsoft 365 F1 streamlines IT management, minimizes cost, and extends security to all employees and endpoints. Azure Active Directory provides management of employee identity and access; Microsoft Intune helps secure devices; and new features in Windows 10 simplify the management of Firstline Workers’ experiences, supporting locked down single purpose devices with Windows Assigned Access and automated deployment with Windows AutoPilot.

Finally, we recognize the importance of providing Firstline Workers streamlined and secure devices that minimize total cost of ownership. Today, we’re announcing new commercial devices with Windows 10 S from our OEM partners HP, Lenovo, and Acer. Starting as low as $275, these devices benefit from cloud-based identity and management and are ideal for firstline environments.

We are incredibly excited about our opportunity to empower Firstline Workers and we are just getting started!

To learn more about our vision, please visit our new Firstline Worker page and see the table below to learn what’s included in Microsoft 365 F1.

—Bryan Goode

The post All workers welcome with Microsoft 365 appeared first on Microsoft 365 Blog.

]]>
Enabling a more strategic role for IT with Microsoft Enterprise Mobility + Security http://approjects.co.za/?big=en-za/microsoft-365/blog/2017/06/29/enabling-a-more-strategic-role-for-it-with-microsoft-enterprise-mobility-security/ Thu, 29 Jun 2017 16:00:18 +0000 Organizations are pushing forward in their digital transformations and we continue to see and hear more about what this shift means for IT. The scope of digital transformation goes beyond moving existing work to the cloud and enabling a more mobile workforce. It brings the opportunity to reimagine business from the ground up – from

The post Enabling a more strategic role for IT with Microsoft Enterprise Mobility + Security appeared first on Microsoft 365 Blog.

]]>
Organizations are pushing forward in their digital transformations and we continue to see and hear more about what this shift means for IT. The scope of digital transformation goes beyond moving existing work to the cloud and enabling a more mobile workforce. It brings the opportunity to reimagine business from the ground up – from product offerings, to customer engagement strategies, to how to drive innovation and differentiate vs. competition. As a result, today more than ever, CIOs are being asked by their boards and other executives to weigh in on a growing number of business decisions. Almost half (46%) of CIOs in the State of the CIO survey report directly to their CEO, 61% have direct interaction with the board, and 76% are interfacing directly with customers.

Making room for a broader IT impact

As CIOs are playing an extended role in the business, the function of IT is also flexing to become more strategic and business focused. To make room for this expanded responsibility, IT organizations are undergoing efforts to optimize traditional IT operations and services—with a focus on increasing agility, reducing costs, and maintaining security. Organizations are also looking to empower employees with a more connected and holistic approach to managing access while protecting corporate resources. This focus on greater agility and better experience for employees, while maintaining security and holding down costs, is one of the key drivers of Enterprise Mobility + Security’s (EMS) market success.

EMS has rapidly become a leading choice because it delivers what customers tell us they need most to transform their businesses – a comprehensive yet flexible born in the cloud service that meets a broad set of mobility and security needs in an integrated way. EMS led on bringing identity and access management together with mobile device and application management. EMS has kept pace with industry shifts and customer feedback by incorporating new security solutions such as advanced threat analytics and cloud access security. EMS has also shown it can reduces overhead by addressing customer needs in one place; avoiding the pain of integrating point solutions from many different vendors.

A new EMS experience delivers increased IT Pro productivity

Over the last few months, we have turned the dial further and introduced new administrator experiences for Azure Active Directory, Microsoft Intune, conditional access, and Azure Information Protection in the new Azure portal. This collective move delivers a unified admin experience for these core EMS services that boosts IT Pro productivity and helps you get more out of EMS. The new console simplifies the configuration and management of powerful cross product workflows, such as conditional access, allowing you to define complex access management policies across Azure AD and Intune within a single interface. It also delivers deep integration with Azure Active Directory groups, which can represent both users and devices as native, dynamically targeted groups that are fully federated with an organization’s on-premises Active Directory.

Identity is at the core of mobility strategies and we often find our customers first workload to deploy is Azure AD. This new environment makes it easy for you to scale your Azure AD groups and policies to protect at deeper levels using Intune and Azure Information Protection. Let’s say you defined a set of Azure AD and conditional access policies to protect your Office mobile apps, you can now easily find your way to Intune to set device and app protection policies to ensure your data remains protected even after it’s been accessed. From there, you click into Azure Information Protection to set encryption policies that protect your data no matter where it travels. You can even create a custom dashboard in Azure that allows you to monitor and control everything at a glance from any device.

Our goal with EMS has always been to empower IT with a holistic and innovative set of tools that protect at the user, device, app and data levels without compromising productivity – streamlining management of mobility and security workflows in the process. This is the driving force behind our move to a unified EMS admin experience, and we are sure that your IT organization will reap the benefits.

Moving forward, we’ll release all new features and enhancements for Azure AD, Intune and Azure Information Protection within the new experience on Azure. You can check out our new admin experience by logging into the Microsoft Azure portal today.

The post Enabling a more strategic role for IT with Microsoft Enterprise Mobility + Security appeared first on Microsoft 365 Blog.

]]>