The AI revolution is here, so what are you going to do about it?

This question is for IT leaders, IT practitioners, and others out there who need to decide how your companies will respond to the onslaught of AI products and solutions that are coming your way!

We had the same question here at Microsoft, and to make sure we responded in the right way, we—Microsoft Digital, the company’s IT organization—created an AI Center of Excellence (CoE) to guide us.

Here’s the story of how we did that and how our CoE is now helping us navigate the AI revolution and figure out how to deploy it internally across Microsoft.  

Evaluating AI for Microsoft

For us, it started with evaluating what our people want from AI.

Next-generation AI is transformative, and as it does for all enterprises, it presents a huge opportunity for us at Microsoft. One of the fundamental steps our CoE is taking is to accept this and not get in the way. We’re encouraging a culture of disruption while also living up to our obligation to do so responsibly.

We know that integrating AI into everything we do will never be a matter of stitching AI features or capabilities into our existing systems and processes, but rather a process of reexamining how we do things. We want it to do three important things—amplify human ingenuity, deliver transformative experiences, and safeguard our people, business, and data.

Our CoE encourages our teams to think about how AI can help their work and to rethink their work with AI in mind. To respond adequately to this AI revolution, we took a holistic view of how each of our employees can achieve their full potential and how each team, department, and the entire organization can benefit from AI.

“Getting AI right is about empowering your people to do their best work,” says Rajamma Krishnamurthy, a principal program manager architect in Microsoft Digital and one of the leaders of our CoE. “We’re off to a good start—now that we’re underway, we’re laser focused on making sure everything that we do empowers our employees be their best, most creative, selves while also protecting them and the company as well.”

Meeting needs and answering important questions

We’re using feedback from our employees and leaders to guide how we invest in AI.

Our employees are telling us they want to simplify and offload mundane tasks and focus on productive, creative work. They view AI as a tool to find information and answers, summarize meetings and action items, perform administrative tasks, and plan their day. However, their focus is on more than administration and tedium. Employees also want to use AI to improve and inform their creative work and enable them to produce deeper and more insightful analytical work.

Drilling down, we asked our employees for specifics on what they want out of AI to improve the experience they have at work.

What employees want from AI

Our leaders want AI to empower employees, not replace them.

Leaders want AI to create an environment for employees that increases their productivity, improves their well-being, decreases the time they spend on low-value activities, and improves their skills.

“We want to empower employees to find time for more innovative and rewarding work,” Krishnamurthy says.

What leaders want from AI

Transforming Microsoft with the AI Center of Excellence

Now that we’ve shared how our CoE is listening to our employees and leaders, we’ll share more detail on the CoE itself.

Our AI CoE team is comprised of experts across Microsoft in various fields, including data science, machine learning, business intelligence development, product development, experience design and research, accessibility, and program management.

Working under the AI 4 ALL (Accelerate, Learn, and Land) tagline, the team is responsible for planning, designing, implementing, and championing how we use AI internally at Microsoft.

Our CoE uses these pillars to guide their work:

• Strategy. They work with product and feature teams to determine what we want to achieve with AI. They define business goals and prioritize the most important implementations and investments.
• Architecture. They enable infrastructure, data, services, security, privacy, scalability, accessibility, and interoperability for all our AI use cases.
• Roadmap. They build and manage implementation plans for all our AI projects, including tools, technologies, responsibilities, targets, and performance measurement.
• Culture. They foster collaboration, innovation, education, and responsible AI among our stakeholders.

“These pillars are helping us stay focused on the right things,” Krishnamurthy says. “It’s about using AI to grow and nourish a culture of innovation and excellence across the company.”

Strategy

Our CoE Strategy team evaluates what we’re doing with AI at Microsoft. The most fundamental perspective for the strategy pillar is examining AI as a catalyst for transforming our tools and processes, not as an addition or augmentation to existing tools and processes. While AI is designed to augment and improve human capabilities, it can’t be approached as only an augmentation or improvement to the tools and processes we use. We must be willing to start over if that achieves the best outcome for our employees and business.

From the beginning, the strategy team examined the projects and business goals through positive disruption—a willingness to refine each idea to its core. To capture the full value of AI in our organization, we knocked down boundaries. We examined every one of our business processes, reimagining them and how AI could improve them, often in revolutionary ways.

Our strategy is driven from the organization’s top level, and executive sponsorship is crucial to executing our implementation well. When our transformation mandate comes from the organization’s leader, it resonates in every corner of the organization, every piece of work, and every task that could be changed.  Simultaneously, we have encouraged and welcomed ideas from every level of the organization, empowering individuals from across our organization to contribute their AI insights.

We’re moving quickly, thanks to our digital transformation. David Finney, director of IT Service Management, is excited about the rapid progress the CoE is making.

“The pace of AI technology is incredibly fast,” Finney says. “We’re moving into implementations quickly to capture value and stay relevant to developments in AI technology. Our digital transformation has made this possible in many ways.  At the same time, governance and control have to be at the forefront of our strategy and consider and respect responsible AI tenets in everything we do.”

Capturing strategy with an idea pipeline

The strategy pillar captures all the ideas and all the ongoing work that’s happening within AI at Microsoft. Idea capture involves the entire organization, and every employee is invited to contribute ideas for how AI can transform how we work, from the most straightforward task to the broadest organizational policies and processes. No element of our business processes is off-limits. Our pipeline contains ideas for the next year or so range from AI-powered career planning, to intelligent helpdesk and troubleshooting tools, to fully automated issue detection and remediation, to AI-powered codebase migration.

One of the CoE Strategy team’s most significant responsibilities is prioritizing the idea pipeline for AI solutions. All employees can feed the pipeline through a form that records important pipeline details. The strategy team evaluates each idea in the pipeline, analyzing two primary metrics: business value and implementation effort.

• Business value. How important is the solution to our business? Potential cost reduction, market opportunity, and user impact all factor into business value. As our business value increases, so does the idea’s position in the pipeline priority queue.
• Implementation effort. How much effort is required to implement the idea? We evaluate the implementation effort based on data gaps for modeling, the complexity of the solution, and the resources required. Low-effort ideas can result in quick wins, while ideas requiring more significant effort must be further evaluated.

Activating AI here at Microsoft

Business value and implementation effort supply the two axes for the simple four-quadrant matrix we use to determine the overall priority for the ideas and their order in the pipeline. High-value, low-effort ideas are at the start of the pipeline and our highest priority. Low-value, high-effort projects are sent to the back of the pipeline. High-value ideas are all essential and deserve focus, and our strategy team used this evaluation matrix to determine which projects should be started and when.

Architecture

Our architecture pillar focuses on the readiness and design of the infrastructure and services that support AI at Microsoft. It also encompasses data readiness and the reusability of enterprise assets used for AI capabilities.

The CoE’s Architecture team manages these systems’ supporting infrastructure and ensures that our environment adheres to best practices for standards and governance. Architecture dependencies and interactions are critical to establishing sound architecture practices.

When a product team is developing a service within the architecture, like storage, compute, or an API, decisions about design and architecture are influenced by the dependencies across these services.

The architecture we build is focused on open and liberal architecture standards. We know that if our engineers and developers use the tools they’re most comfortable and fluent with, they’ll be able to create quickly with competency and confidence. With more than hundreds of potential projects in the pipeline, rapid iteration and agility are critical.

We’ve made our teams aware of AI playgrounds and aggregators that they can use to explore supported AI tools and machine-learning models to test their scenarios and validate data-handling practices. Standardizing these playgrounds and aggregators provides freedom for our developers to experiment and innovate while staying within the bounds of our AI best practices and approved technologies.

We’re also enabling our architecture communities to collaborate and share ideas about developing the most optimal microservice architecture, cloud service-based architecture, or hybrid infrastructure architecture. We have presentations, on-demand engagements, and groups that use Microsoft Viva and Microsoft Teams to encourage and facilitate collaboration. This enables our architecture teams to move quickly and in concert with each other, which is necessary with the rapid pace of AI technology advancement.

A comprehensive architectural view involves understanding the nuances of the infrastructure and how new infrastructure will affect the current architectural state. We achieve this view by gathering data on systems and dependencies across the existing architecture and super-imposing new ideas or new architecture on top of it.

“We ask questions,” says Faisal Nasir, a principal architect on the CoE Architecture team. He stresses the importance of continual self-examination. “What are the touch points? What is the impact? How do we achieve cost and performance balance? Where are we going to invest? Which of these services is going to get the capabilities? How are we organizing services? What platform-level capability will all services use, and what will be native to a particular area or service within a smaller group?”

The answers help us make sure we take the right approach.

“Determining dependencies and working through the implications has to be done, and it has to be continually evaluated,” Nasir says.

Roadmap

The CoE Roadmap team examines our employee experience in the context of our AI solutions and governs how we achieve the optimal experience in and throughout AI projects. One of the most critical aspects of implementing AI is how our employees will interact with it. Getting the roadmap right ensures these user experiences are cohesive and align with our broader employee experience goals.

The Roadmap team leans heavily on research to confirm and test capabilities and the potential for AI-based services and processes. The user experience involves many considerations, including how employees interact with a service, ordinary use case scenarios, accessibility needs, etc.

We’ve recognized AI’s potential to impact how our employees get their work done and what level of satisfaction and positive experience comes from the interactions with AI services and tools. The roadmap pillar is designed to encourage experiences across all these services and tools that are complementary and cohesive.

“AI isn’t a traditional product, so there isn’t a traditional path for user experience,” says Aria Fredman, a senior user experience researcher on the CoE Roadmap team. “We’re using AI to level the playing field for all Microsoft employees.”

AI is an excellent tool for leveling the playing field for everyone.

“We’re using next-generation AI to transform how everyone interacts with the products we’re building,” Fredman says. “Natural language interfaces and predictive interactions remove the barriers of traditional input and user interface design. Accessibility becomes not something that we build into a user interface but something that the interface natively is. Our goal is universal accessibility, to use AI to empower and include everyone.”

We’re focusing on the open nature of AI interaction. We’re surfacing AI capabilities and information when the user needs them, according to their context. It makes the user experience and user interface for an AI service less important than how the service allows other applications or user interfaces to interact with it and harness its power.

“We’re moving away from the legacy models of interaction and navigation of static product topologies,” says Yannis Paniaras, a principal designer at the Microsoft Digital Studio who collaborates with other designers to create entirely new user experiences with AI and ML. “We’re transforming the user experience through AI and copilot-based experiences and creating new paradigms of interaction and navigation across a complex topology of services and products.”

Meet the Microsoft Digital AI Center of Excellence team

It’s about design that simplifies employee workflows for speed and efficiency.

“Our goal is to enable instant point-to-point access to all employee services with minimal or no navigation,” Paniaras says. “It’s like experiencing UX-teleportation, where accessing a service becomes instantaneous.”

This concept is what we call “Just-In-Time UX.” Furthermore, we use AI to facilitate continuous relationships between our employees and the various services that they use, which ensures that the experiences are always on and available to them.

“In our studio, the designers are also reinventing how we design for the era of AI,” Paniaras says. “We are transforming our discipline as much as the experiences and products we create for everyone at Microsoft.”

Culture

Our long-running focus on fostering a culture of innovation within our organization is now helping us embrace this new opportunity with AI. It’s enabling us to empower our employees to learn the skills they need to lead us through this transformation and to help us build a vision for what we can do with it as a group.

Our CoE Culture team focuses on two key areas of our AI implementation: responsibility and education. Culture moves into and influences the other pillars more than any other pillar. Culture underpins everything we do in the AI space. Ensuring our employees can increase their AI skillsets and access guidance for using AI responsibly are critical to AI at Microsoft.

AI’s opportunities are immense, and our implementation must be carried out with a growth mindset and responsible approach.

The Culture team has published training, recommended practices, and our shared learnings on next-generation AI capabilities and worked with individual business groups at Microsoft to determine the needs of all the disciplines across the organization, including groups as diverse as engineering, facilities and real estate, human resources, legal, sales, and marketing, among many. A telling example of how we’re rallying around AI is how quickly we created a Data and AI curriculum that everyone in our larger organization can take—employees of all roles are using it learn about and roll AI into their individual work.

We’re weaving responsible AI into the fabric of everything we do with AI, so our employees understand the importance and implications of responsible AI for their work, their teams, and the organization. We’re continually asking questions about our AI practices and evaluating the answers through diverse lenses to ensure our AI capabilities are fair and unbiased.

Urvi Sengar is a leading voice on the cultural team. She highlights the critical role responsible AI plays in developing AI at Microsoft.

“AI provides so many potential capabilities, but we must always ask, ‘are we using it in the right way?’” says Sengar, a software engineer on the CoE and in Microsoft Digital. “We’re building governance and guardrails around our systems to ensure we don’t misuse it. Our mandate to use AI responsibly underpins everything we do in this space.”

Our aim is to weave AI and education together in ways that enhance but don’t overrun our company culture. Our aim is to show our employees how they can transform the work they do while also making sure they protect the social and cultural considerations of the rest of our employees, our partners, our customers, and our larger organization. To do this important work, we’re implementing listening systems throughout our organization that are enabling us to adjust and adapt our approach to make sure we stay focused on the right things.

Moving forward

We’re at the beginning of our journey toward harnessing the transformative power of AI at Microsoft. Our AI CoE will provide the guidance and governance we need to foster innovation and encourage positive disruption in all lines of business. We’re ushering in a new vision for creativity, productivity, and personal growth for each of our employees, and we’re excited to capture those benefits within our organization and share them with our customers.

“Whatever applications we produce, whatever experiences we create, whatever productivity and efficiency we want to bring to our employees, we always ask the question: ‘How will this contribute to their engagement and involvement and enable them to thrive within the company,’” Krishnamurthy says. “The answer to this question is found in the moments that matter to our employees, in which they meaningfully contribute to the teams around them and move forward toward our collective vision, from the beginning of their time with Microsoft and all the way through their journey.”

Here are some tips for getting started with a AI Center of Excellence at your company:

• Use AI to fuel organizational transformation and to improve your employee experience.
• Approach AI as a tool that can help your employees boost their creativity, enhance their productivity, and grow their skills.
• Provide personalized and contextualized information to increase employee satisfaction and productivity.
• Use AI to improve both the on-site and remote experiences for your employees—it can help you get hybrid work right.
• Use AI to improve your infrastructure management, compliance monitoring, governance, and real estate and space planning.
• Give your employees good guardrails—take a responsible and responsive approach in each area where you use AI.
• Encourage your employees to contribute ideas on how AI can improve their work processes and evaluate ideas that are most valuable and feasible.
• Foster a culture of continuous learning and adaptability around AI and data, where failures become steppingstones, and cross-functional collaboration drives innovation.

Learn about the Microsoft 365 Copilot Early Access program and new capabilities in Copilot.

• Explore ChatGPT & AI: 6 Tips for Managing Support Content.
• Unpack a foundation for modern collaboration: Microsoft 365 bolsters teamwork.
• Discover transforming modern engineering at Microsoft.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post The AI Revolution: How Microsoft Digital (IT) is responding with an AI Center of Excellence appeared first on Inside Track Blog.

If you’re on a sales team, you know that there are all kinds of distracting tasks that eat away at your time and get in the way of what you do best—building relationships with and solving problems for customers.

There’s no doubt that modern salespeople need to rely on too many tools and services to get their jobs done. We in Microsoft Digital, the company’s IT organization, see firsthand the stress this puts on our sales teams.

“We wanted to alleviate as much of that pain as we could,” says Nathalie D’Hers, corporate vice president of Microsoft Digital. “We realized that the AI and automation that comes baked into Copilot for Sales could make the lives of our sellers much better.”

Microsoft is Customer Zero for our own products, which means we typically try them first, put them through their paces, and send our feedback to the product group. Usage has steadily increased since we adopted Microsoft 365 Copilot for Sales internally.

“We’ve had a great Customer Zero experience with Copilot for Sales,” D’Hers says. “We’ve been very pleased with how much it has simplified the lives of our sellers and enabled them to focus more on selling.”

{Check out our full content suite on how we use Microsoft Viva internally at Microsoft. See how we’re evolving our culture with Microsoft Viva. Learn about our journey as the company’s Customer Zero.}

Unlocking human potential with AI and automation

It’s hard to overstate how complicated selling is—there seems to be no end to the countless small tasks that sellers need to accomplish to keep their day-to-day moving. From managing communications to pulling in relevant stakeholders to inputting information into customer relationship management (CRM) software, sales professionals are constantly allocating and reallocating their attention across different apps and work modes.

During internal simplification research at Microsoft, we discovered that our sellers were using as many as 40 tools per day. Flipping back and forth between those different workspaces results in a lot of wasted time.

“Sixty-eight percent of sellers’ time gets spent on critical but tedious sales tasks,” says Cory Newton-Smith, head of product management for Microsoft 365 Copilot for Sales. “If we can identify what they’re doing in this non-selling space and recover time from that, they can spend more of their day where humans excel.”

We wanted to design a way for salespeople to keep essential tasks within the flow of work, then introduce powerful features to speed up their efforts. It’s especially important to minimize the time they spend in CRM programs like Microsoft Dynamics 365 or Salesforce. Although those solutions are essential to modern sales and contain many powerful features, they add steps into a seller’s workflow.

“You have the CRM space and then you have the productivity space,” says Smita Shrivastava, product strategy and growth lead for Microsoft 365 Copilot for Sales. “Sellers mostly work in Microsoft Outlook and Teams, so juggling apps to work within the CRM is a constant drain on productivity.”

Microsoft 365 Copilot for Sales maximizes sales teams’ productivity with AI-assisted content creation and meeting summaries across Microsoft 365 apps. It seamlessly connects data to Microsoft Dynamics 365 and Salesforce CRMs from the apps where salespeople get their work done—within Microsoft Outlook and Teams.

Microsoft 365 Copilot for Sales saves sellers time through three main functionalities:

• Automating and simplifying tasks with AI-generated emails, meeting summaries, data collection, and data entry
• Getting actionable insights in the flow of work by bringing together data from Microsoft 365 apps and CRM systems
• Maintaining momentum with AI-powered analytics that provide recommendations and reminders

“It’s really all about seller productivity,” says Peter Macy, technical specialist within our SaaS organization and pilot program participant for Microsoft 365 Copilot for Sales. “It helps maintain that focus and streamlines your work so you don’t have to jump back and forth and lose attention.”

Deploying Microsoft 365 Copilot for Sales

To deploy Microsoft 365 Copilot for Sales thoughtfully internally here at Microsoft, we engaged our team of change management professionals, product specialists, and internal early adopters to make sure the tool landed just right. Fortunately, we’ve built out a robust deployment and adoption framework that we’ve iterated over several large-scale product rollouts.

“We have a repeatable process for landing changes,” says Alexandra Jones, senior business program and change manager in Microsoft Digital. “We can take advantage of a framework that’s already in place, including local adoption teams in each subsidiary and well-structured pilot programs.”

Deploying Microsoft 365 Copilot for Sales

We built a five-step plan to deploy Microsoft 365 Copilot for Sales to around 60,000 employees worldwide.

01

Build a change management plan

02

Provide landing toolkit

03

Build a change management plan

04

Build a change management plan

05

Build a change management plan

We’ve developed a tried and tested method for deployment that was instrumental in our Microsoft 365 Copilot for Sales deployment.

Through conversations with salespeople across Microsoft, our change management team focused on identifying how the tool would interact with different roles, then built communications around value propositions for each of those use cases. That helped produce readiness toolkits that demonstrated Microsoft 365 Copilot for Sales’ value.

From there, it was time to begin a phased deployment—starting with a pilot. Generative AI drove a lot of uptake thanks to its popularity in the public imagination.

“The second I put out a post asking who wanted to be involved in a pilot, I had virtual hands up all over the world,” Jones says.

Real-world usage by our early adopters in the pilot helped guide our wider deployment of Microsoft 365 Copilot for Sales. One thing we determined was that as a companion app designed to function intuitively, the training burden for Microsoft 365 Copilot for Sales was much lower than for standalone programs. As a result, change managers simply dropped into existing monthly team trainings and town halls to get the message out.

The value of Microsoft 365 Copilot for Sales was immediately apparent. That helped drive adoption across Microsoft.

“The moment sellers launch Copilot for Sales, they see CRM data infused into emails and Teams conversations,” Shrivastava says. “They can see the power of Copilot for Sales very quickly.”

Clearly, Microsoft 365 Copilot for Sales has struck a chord with our sellers. Since general availability in October 2022, we deployed it to nearly all of the company.

We have since moved on to listening and gathering customer feedback. That feedback helps inform both our future deployment efforts and the month-over-month rollouts for new Microsoft 365 Copilot for Sales features. In the meantime, sellers are saving time every day.

Putting time back in salespeople’s days

For sellers like Macy, the most substantial benefit of Microsoft 365 Copilot for Sales is the newfound efficiency that comes from automation. It’s the result of powerful features like the sales pane in Microsoft Outlook, Microsoft 365 Copilot responses, and automated data connections that pull information out of CRMs and prompt you to input new contacts and opportunities.

Research has shown that sellers spend upwards of 60 percent of their time managing their inbox. Microsoft 365 Copilot for Sales helps lighten some of this burden through AI-generated email summaries and responses. According to Macy, this tool can help sellers recapture 20% to 30% of their time.

But it’s more than just time savings. Those Copilot features help sellers reclaim cognitive space that’s better spent on building relationships.

“What I find is that it frees you up to be present in the conversation,” Macy says. “There’s no more going silent or pausing to take hurried notes in the midst of a chat because the technology captures that value for you.”

And perhaps most powerfully, there’s no more broken focus or juggling apps from jumping between Microsoft Outlook, Microsoft Teams, and CRM systems. Contact and opportunity management happen within the flow of work, where sellers spend their time.

As Microsoft 365 Copilot for Sales continues to evolve, our product team has its eye on features that extend its value even further across the Microsoft 365 productivity suite. Those features include intelligent contract authoring in Microsoft Word and automated collaboration space creation with partner channels in Microsoft Teams.

“Our productivity suite is so powerful, but up until now it’s remained relatively generic to suit many different tasks,” Newton-Smith says. “Our new concept is that apps like Copilot for Sales can show up and make these tools more powerful because they’re more contextually relevant to specific jobs.”

For our sellers, the bottom line is that Microsoft 365 Copilot for Sales is saving time and cognitive effort to help them be their fullest selves at work.

“The tool isn’t there to do your job,” Macy says. “It’s there to learn how to work alongside you and accelerate your productivity.”

Here are some tips for getting started with Microsoft 365 Copilot for Sales at your company.

• Leverage the easiest-to-use features first: email summary and conversation intelligence.
• Start with adding new contacts from Outlook to gain easy wins as you familiarize your team with the app.
• Use Microsoft 365 Copilot for Sales as an introduction to generative AI and intelligent co-pilots.
• Get your CRM admins, senior decision makers, and core IT onboard by demonstrating the most useful features.
• Pilot with your all-stars to gain insights and build groundswell for your deployment.
• Connect with your users to see where they’re finding value, then promote those features.
• Sellers like to hear from their peers. Be sure to leverage the champions that develop out of your pilots.

Click here to try or learn more about Microsoft 365 Copilot for Sales.

• Check out our full content suite on how we use Microsoft Viva internally at Microsoft.
• See how we’re evolving our culture with Microsoft Viva.
• Learn about our journey as Microsoft’s Customer Zero.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post See how we’re simplifying our sales with AI-powered Microsoft 365 Copilot for Sales appeared first on Inside Track Blog.

Since generative AI exploded onto the scene, it’s been unleashing our employees’ creativity, unlocking their productivity, and up-leveling their skills.

But we can fly into risky territory if we’re not careful. The key to protecting the company and our employees from the risks associated with AI is adopting proper governance measures based on rigorous data hygiene.

Technical professionals working within Microsoft Digital, our internal IT organization, have taken up this challenge. They include the AI Center of Excellence (AI CoE) team and the Microsoft Tenant Trust team that governs our Microsoft 365 tenant.

Since the widespread emergence of generative AI technologies over the last year, our governance experts have been busy ensuring our employees are set up for success. Their collaboration helps us ensure we’re governing AI through both guidance from our AI CoE and a governance model for our Microsoft 365 tenant itself.

{Learn how Microsoft is responding to the AI revolution with a Center of Excellence. Discover transforming data governance at Microsoft with Purview and Fabric. Explore how we use Microsoft 365 to bolster our teamwork.}

Generative AI presents limitless opportunities—and some tough challenges

Next-generation AI’s benefits are becoming more evident by the day. Employees are finding ways to simplify and offload mundane tasks and focus on productive, creative, collaborative efforts. They’re also using AI to produce deeper and more insightful analytical work.

“The endgame here is acceleration,” says David Johnson, a tenant and compliance architect with Microsoft Digital. “AI accelerates employees’ ability to get questions answered, create things based on dispersed information, summarize key learnings, and make connections that otherwise wouldn’t be there.”

There’s a real urgency for organizations to empower their employees with advanced AI tools—but they need to do so safely. Johnson and others in our organization are balancing the desire to move quickly against the need for caution with technology that hasn’t yet revealed all the potential risks it creates.

“With all innovations—even the most important ones—it’s our journey and our responsibility to make sure we’re doing things in the most ethical way,” says Faisal Nasir, an engineering leader on the AI CoE team. “If we get it right, AI gives us the power to provide the most high-quality data to the right people.”

But in a world where AI copilots can comb through enormous masses of enterprise data in the blink of an eye, security through obscurity doesn’t cut it. We need to ensure we maintain control over where data flows throughout our tenant. It’s about providing information to the people and apps that have proper access and insulating it against ones that don’t.

To this end, our AI CoE team is introducing guardrails that ensure our data stays safe.

Tackling good AI governance

The AI CoE brings together experts from all over Microsoft who work across several disciplines, from data science and machine learning to product development and experience design. They use an AI 4 ALL (Accelerate, Learn, Land) model to guide our adoption of generative AI through enablement initiatives, employee education, and a healthy dose of rationality.

“We’re going to be one of the first organizations to really get our hands on the whole breadth of AI capabilities,” says Matt Hempey, a program manager lead on the AI CoE team. “It will be our job to ensure we have good, sensible policies for eliminating unnecessary risks and compliance issues.”

As Customer Zero for these technologies, we have a responsibility for caution—but not at the expense of enablement.

“We’re not the most risk-averse customer,” Johnson says. “We’re simply the most risk-aware customer.”

The AI CoE has four pillars of AI adoption: strategy, architecture, roadmap, and culture. As an issue of AI governance, establishing compliance guardrails falls under architecture. This pillar focuses on the readiness and design of infrastructure and services supporting AI at Microsoft, as well as interoperability and reusability for enterprise assets in the context of generative AI.

Operational pillars of the AI Center of Excellence

Strategy

Working
with feature crews to determine what we want to achieve with AI at the Microsoft
Digital level and prioritize those AI investments.

Architecture

Enabling infrastructure data, services, access, security, privacy, scalability, accessibility, and interoperability for AI for cases.

Roadmap

Building implementation plans for AI projects, including tools, technologies, responsibilities, targets, and KPIs.

Culture

Fostering collaboration, innovation, education, and ethics among stakeholders.

We’ve created four pillars to guide our internal implementation of generative AI across Microsoft: Strategy, architecture, roadmap, and culture. Our AI certifications program falls under culture.

Building a secure and compliant data foundation

Fortunately, Microsoft’s existing data hygiene practices provide an excellent baseline for AI governance.

There are three key pieces of internal data hygiene at Microsoft:

1. Employees can create new workspaces like Sites, Teams, Groups, Communities, and more. Each workspace features accountability mechanisms for its owner, policies, and lifecycle management.
2. Workspaces and data get delineated based on labeling.
3. That labeling enforces policies and provides user awareness of how to handle the object in question.

With AI, the primary concern is ensuring that we properly label the enterprise data contained in places like SharePoint sites and OneDrive files. AI will then leverage the label, respect policies, and ensure any downstream content-surfacing will drive user awareness of the item’s sensitivity.

AI will always respect user permissions to content, but that assumes source content isn’t overshared. Several different mechanisms help us limit oversharing within the Microsoft tenant:

1. Using site labeling where the default is private and controlled.
2. Ensuring every site with a “confidential” or “highly confidential” label sets the default library label to derive from its container. For example, a highly confidential site will mean all new and changed files will also be highly confidential.
3. Enabling company sharable links (CSLs) like “Share with People in <name of organization>” on every label other than those marked highly confidential. That means default links will only show up to the direct recipient in search and in results employees get from using Copilots.  
4. All Teams and sites have lifecycle management in place where the owner attests that the contents are properly labeled and protected. This also removes stale data from AI.
5. Watching and addressing oversharing based on site and file reports from Microsoft Graph Data Connect.

Microsoft 365 Copilot respects labels and displays them to keep users informed of the sensitivity of the response. It also respects any rights management service (RMS) protections that block content extraction on file labels.

If the steps above are in place, search disablement becomes unnecessary, and overall security improves. “It isn’t just about AI,” Johnson says. “It’s about understanding where your information sits and where it’s flowing.”

From there, Copilot and other AI tools in question can then safely build a composite label and attach it to its results based on the foundational labels it used to create them. That provides the context it needs to decide whether to share its results with a user or extend them to a third-party app.

“To make the copilot platform as successful and securely extensible as possible, we need to ensure we can control data egress from the tenant,” says Keith Bunge, a software engineering architect for employee productivity solutions within Microsoft Digital.

We can also use composite labels to trigger confidential information warnings to users. That transparency provides our people with both agency and accountability, further cementing responsible AI use within our culture of trust.

Ultimately, AI governance is similar to guardrails for other tools and features that have come online within our tenant. As an organization, we know the areas we need to review because we already have a robust set of criteria for managing data.

But since this is a new technology with new functionality, the AI CoE is spending time conducting research and partnering with stakeholders across Microsoft to identify potential concerns. As time goes on, we’ll inevitably adjust our AI governance practices to ensure we’re meeting our commitment to responsible AI.

“Process, people, and technology are all part of this effort,” Nasir says. “The framework our team is developing helps us look at data standards from a technical perspective, as well as overall architecture for AI applications as extensions on top of cloud and hybrid application architecture.”

As part of getting generative AI governance right, we’re conducting extensive user experience and accessibility research. That helps us understand how these tools land throughout our enterprise and keep abreast of new scenarios as they emerge—along with the extensibilities they need and any data implications. We’re also investing time and resources to catch and rectify any mislabeled data, ensuring we seal off any existing vulnerabilities within our AI ecosystem.

Not only does this customer zero engagement model support our AI governance work, but it also helps build trust among employees through transparency. That trust is a key component of the employee empowerment that drives adoption.

Realizing generative AI’s potential

As our teams navigate AI governance and drive adoption among employees, it’s important to keep in mind that these guardrails aren’t there to hinder progress. They’re in place to protect and ultimately inspire confidence in new tools.

“In its best form, governance is a way to educate and inform our organization to move forward as quickly as possible,” Hempey says. “We see safeguards as accelerators.”

We know our customers also want to empower their employees with generative AI. As a result, we’re discovering ways to leverage or extend these services in exciting new ways for the organizations using our products.

“As we’re on this journey, we’re learning alongside our industry peers,” Nasir says. “By working through these important questions and challenges, we’re positioned to empower progress for our customers in this space.”

Consider these tips as you think about governing the deployment of generative AI at your company:

• Understand that IT organizations have inherently cautious habits.
• Leverage what industry leaders like the Responsible AI Initiative are sharing.
• Recognize that employees will adopt these tools on their own, so it’s best to prepare the way beforehand.
• Consider your existing data hygiene and how it needs to extend to accommodate AI.
• Make sure you have an enterprise plan for ensuring labeling and security, because AI tools will provide the most complete access by default.

Get started on your own next-generation AI revolution—try Microsoft 365 Copilot today.

• Learn how Microsoft is responding to the AI revolution with a Center of Excellence.
• Discover transforming data governance at Microsoft with Purview and Fabric.
• Explore how we use Microsoft 365 to bolster our teamwork.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Getting the most out of generative AI at Microsoft with good governance appeared first on Inside Track Blog.

Since we launched the tool internally here at Microsoft, we’ve learned a few best practices for deploying it easily and making full use of its features. This post shares some of our learnings so you can take advantage of our experience when you activate Copilot for Sales at your organization.

[See how we’re simplifying our sales with AI-powered Microsoft 365 Copilot for Sales. Get insights from our Lori Lamkin and Nathalie D’Hers on the power of Microsoft 365 Copilot for Sales. Explore getting the most out of generative AI at Microsoft with good governance.]

Taking the tedium out of sales tasks

Copilot for Sales maximizes productivity with an AI assistant specifically designed for sellers. Like our other AI-powered tools, it increases productivity and efficiency by providing intelligent digital assistance within Microsoft Teams and Outlook.

The added value of Copilot for Sales is working with Dynamics 365 or Salesforce to access, use, and input customer relationship management (CRM) data. As a result, it eliminates distracting tasks that eat away at their time and get in the way of what they do best—building relationships and solving problems.

“Everything we’ve done in terms of our Dynamics 365 sales platform aims to give time back to sellers so they can invest it into customers,” says Alexandra Jones, senior business program and change manager in Microsoft Digital, the company’s IT organization. “With AI and copilots, our technology is doing even more to help us reach that goal.”

The sweet spot exists at the intersection of AI-enabled intelligence and CRM integration into the spaces where salespeople operate every day. Within Microsoft Teams, Copilot for Sales delivers real-time call insights, AI-generated meeting summaries, post-call analyses and action items, and more. In Microsoft Outlook, its abilities include crafting contextual email responses, summarizing lengthy threads, and creating Teams Collaboration Spaces associated with accounts and opportunities.

Across both workspaces, Copilot for Sales makes it easier to create, update, or view CRM contacts, opportunities, and other data associated with sales accounts. That mitigates the need for sellers to migrate to a different tool as they conduct the essential business of using or updating their CRM.

“For sellers trying to do their jobs, it’s all about that flow of information within the flow of action,” says Kerry Barrass, director of business programs within Microsoft Customer and Partner Solutions. “While the conversation is fresh, the tool distills information down into consumable chunks and actionable items.”

Those features come in handy because sales are complex and require strong coordination across large teams. One of our typical sales accounts involves anywhere from 20 to 50 individual employees, each with a vital role to play. As a result, it’s extremely difficult to get everyone on a call or piece together the narrative underlying email threads.

“When I get copied into an email thread, I used to need a knowledge transfer meeting to get up to speed,” says Emilio Reyes Le Blanc, a technology specialist in Microsoft Sales. “This technology means I can just open an email thread, have Copilot generate a summary, and contextualize my existing relationships from the integrated pane within Outlook.”

Taken together, these features deliver greater contextual understanding, more efficient workflows, and higher data fidelity within our CRM systems.

Our top seven tips for adopting and using Copilot for Sales

Our deployment experience and  of Copilot for Sales have provided some helpful insights. These seven tips should help with your adoption and everyday work with this AI-powered tool.

Seven tips for deploying and using Microsoft 365 Copilot for Sales

01

Ride the wave of excitement

02

Align enablement with your employees’ needs

03

Leverage leadership at every level

04

Ensure our underlying data policies are secure

05

Start simple and work up from there

06

Prioritize CRM data resilience

07

Practice effective prompting

Deploying and using Microsoft 365 Copilot for Sales internally at Microsoft has taught us important lessons that we hope will help you deploy it at your company.

Ride the wave of excitement

Sellers have an eye for value, and when they saw what Copilot for Sales could do, it generated a lot of excitement. The tool’s intuitive features mean that, from a user perspective, it isn’t a complicated solution. As a result, we’ve experienced a substantial organic boost to adoption.

“One day, a magic button popped up in my Outlook and I got a prompt to try Sales Copilot, so I taught myself to use it,” Reyes Le Blanc says. “One of the beautiful things about this tool is that its time to value is extraordinary.”

When you’re deploying Copilot for Sales to your own sellers, focus on visibility first. When the excitement takes hold, it will boost adoption among your self-motivated salespeople. Encourage that uptake to score some early champions.

Align enablement with your employees’ needs

Not everyone is a self-driven early adopter—and that’s perfectly alright! Effective change management starts with understanding your audience and the complexities of your sales environment.

We recommend building hero scenarios for each user persona by taking a granular look at their challenges, sales processes, and day-to-day work. Dig into their role descriptions and documentation and ask what they’re trying to accomplish. From there, you can piece together your enablement materials based on what provides value.

Using video For video enablement content, we’ve discovered that the ideal length is 30 seconds to one minute.

Consider different learning formats and modalities as well.

“You want to make readiness consumable and provide options,” Jones says. “Some people want to show up to a demo session, and some people want to watch a video on their own time, so it’s important to offer a variety of pathways to adoption.”

Multimodality that includes courses, demos, written documentation, and more will help your readiness efforts reach the most people with the most impact.

Engage leadership at every level

It’s always important to engage your leaders. That includes both organizational leadership and product champions.

“Advocates and champions are always important, not just for leading from the front,” Barrass says. “You also get more candid feedback by empowering these people to be part of pilot groups.”

Naturally, enthusiastic executive sponsorship is essential, especially with new technology. Not only do leaders provide direction and encouragement for their organizations, but they can also choose to give people space to allocate time and prioritize learning. Cultivate those sponsorships early and actively.

The same goes for employee champions. By running internal pilots targeting key user scenarios, you’ll ensure you receive early feedback to guide product development and a core of users who can help lead adoption across your organization.

Ensure your underlying data policies are secure

Your organization might be cautious about how AI tools interact with their data repositories, so deploying Copilot for Sales is a good opportunity to review your data-loss prevention setup. By ensuring your policies are up to date, you can prevent accidental data loss or exposure.

“Copilot for Sales sits on top of our existing data repositories, so it engages with that data in the same way as any other connected tool,” Jones says. “It’s less about the solution and more about having a robust infrastructure of administrative policies and technologies safeguarding your organization.”

It will be essential to initiate reviews within several key disciplines. Those include HR, legal, security, and the IT team responsible for maintaining and protecting your data estate. Within your sales teams themselves, administrators may have concerns about access. If that’s the case, encourage them to conduct a thorough security and role review.

Guide those conversations using Copilot for Sales’ extensive product documentation.

Start simple and work up from there

For sellers themselves, building trust in a new technology takes time. People might need to work up the confidence to try more intensive or involved features, especially if they’re reticent about AI technology.

“Just start with two or three features that are really going to appeal to people,” Jones says. “Encourage sellers to ask what works best for their role.”

We suggest salespeople start small with meeting and email summarization capabilities. They might not be ready to trust email drafting tools just yet, but when they see how the intelligence works through summarization, they’ll understand how Copilot for Sales engages with information.

After sellers have built up their understanding and confidence around how this tool engages with data, they can experiment with different features that apply to their work.

Prioritize CRM data resilience

Anyone in sales operations will tell you that high data fidelity in your CRM is crucial. Leadership needs to know their institutional data is resilient. Accuracy and completeness ensure up-to-date contact data along with a comprehensive view of relationships across internal and external teams.

All this information helps sales managers make effective decisions, generate accurate forecasts, and properly understand attrition. In other words, the business value of CRM data management is enormous. It’s also prone to disarray because it formerly required salespeople to switch over to the CRM and input information. Copilot for Sales changes all that.

“Historically, the way for this to work is you would write the email, then go to a different window, find the account record, go to the contacts list, create a new one, put in all of the contact’s information, and save it,” Reyes Le Blanc says. “But here, I can do all that in one fell swoop.”

If you’re a seller, get used to creating and updating CRM contacts from within Microsoft Teams and Outlook using Copilot for Sales. This feature eliminates the need to re-enter information directly into the CRM and builds healthy habits around data fidelity.

That flow of information works the other way as well. Be sure to use the contact card feature to view summaries of customer information from within Microsoft Outlook and Teams. That ensures you’re working with the most up-to-date data directly from your CRM.

Practice effective prompting

Prompt creation will become increasingly important as AI tools mature, so it’s worth honing those skills using Copilot for Sales’ email drafting feature. A simple rule to remember is that the more you put in, the more you get out.

“If you have specifics off the bat, like you know you want to schedule a meeting or there are a few key points to express, include those in your prompt,” Jones says. “Be succinct and save your own time, because that’s what the technology is for.”

Prompting is just like any other practice. The more you work at it, the easier it becomes.

The expanding possibilities of AI assistance

Microsoft salespeople have already seen amazing success, and we’re just getting started. Within our sales organization, 12.5K out of 35K sales roles are Copilot for Sales monthly active users—more than a third of the workforce. For a technology in its first year, that’s remarkable progress.

Reyes Le Blanc estimates that he’s saving two hours each month creating contacts in Dynamics 365 and five hours a month reviewing emails. With over 6 million seller emails sent in our first quarter of this fiscal year, the potential for email time savings alone is enormous.

He also finds his meeting notes much more accurate now that Copilot for Sales has his back, especially when it comes to long lists of technologies or technical requirements. It’s the ideal tool for gathering details via the meeting review feature and performing keyword or conversational analyses.

“This is a way to do more with less,” Reyes Le Blanc says. “As a seller, I can’t imagine working without artificial intelligence.”

Considering our average salesperson participates in 17 meetings per week, those efficiencies really add up. As new features and integrations come into play, Copilot for Sales’ horizons will only widen.

Start using AI to streamline your selling experience with Microsoft 365 Copilot for Sales.

• See how we’re simplifying our sales with AI-powered Microsoft 365 Copilot for Sales.
• Get insights from our Lori Lamkin and Nathalie D’Hers on the power of Microsoft 365 Copilot for Sales.
• Explore getting the most out of generative AI at Microsoft with good governance.
• Discover how we’re using Microsoft 365 to bolster our teamwork.
• Learn more about Microsoft 365 Copilot for Sales on Microsoft Learn.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Seven things we learned deploying Microsoft 365 Copilot for Sales at Microsoft appeared first on Inside Track Blog.

That’s exactly what we designed Microsoft Viva Engage to do.

To capture those benefits, we rolled out Microsoft Viva Engage’s newest features to our hundreds of thousands of employees here at Microsoft. Making this happen required a cross-disciplinary team of product specialists, change management practitioners, communicators, and executive sponsors.

We’re creating an environment where deep, meaningful human connection is ambient. If we solve for that, we won’t have this perceived dichotomy between flexible or hybrid work and employees who feel connected.

—Chris Owen, Microsoft Viva program manager, Human Resources

[Learn about all the ways Microsoft Viva is making work life better at Microsoft. See how we’re redefining the digitally assisted workday. Find out about Microsoft’s employee-centric experience.]

Keeping connected in the modern work world

Microsoft Viva Engage is the next evolution of our enterprise social platform Yammer, giving our employees a place to connect, express themselves, and find belonging that builds meaningful relationships at work. We’re using it to transform the way we do corporate communications. And while Viva Engage helps all employees connect, its latest features unlock especially powerful ways for our senior leaders to connect with people across their organizations and people with each other across organizations and networks.

We wanted to make sure we were telling the right story and reaching the right people. So we started thinking about how we could best help leaders understand how Viva Engage could make their jobs easier.

—Melissa Cafiero, communications and readiness lead, Microsoft Digital

“We’re creating an environment where deep, meaningful human connection is ambient,” says Chris Owen, Microsoft Viva program manager with Microsoft Human Resources. “If we solve for that, we won’t have this perceived dichotomy between flexible or hybrid work and employees who feel connected.”

We started using Microsoft Viva in helpful new ways starting in in Fall 2022:

• Leadership Corner is a dedicated space for communications and connecting with leaders.
• AMA (Ask Me Anything) events give leaders and employees the chance to make direct connections through Q&As with their colleagues.
• Employee Resource Group brings together employees who can support each other, share ideas, and build community.
• Storyline announcements deliver messaging directly to a leader’s most appropriate audience.
• Social campaigns rally people around shared initiatives through common social media behaviors.
• Analytics demonstrate value and guide behaviors through testing and learning.
• Answers, the latest feature, provides a crowdsourcing forum where employees can get their questions answered.

These features perfectly position Microsoft Viva Engage for a leadership-driven approach to adoption.

Building a strategy for success

The adoption team’s first challenge was finding a way to earn buy-in from our senior leaders. Microsoft Viva Engage is an enterprise social app, and executives are our biggest influencers.

“We wanted to make sure we were telling the right story and reaching the right people,” says Melissa Cafiero, communications and readiness lead in our Microsoft Digital (MSD) organization. “So, we started thinking about how we could best help leaders understand how Viva Engage could make their jobs easier.”

Cafiero’s team partnered with a wide range of collaborators across HR, change management, and product to build a strategy for reaching the executive community.

“We started digging into the size of this audience and the breadth of communication roles at Microsoft,” Cafiero says.

One group stood out: Global Employee and Executive Communications, a team known as GEEC. These professionals work with executives to craft internal communications, so they’re perfectly positioned to influence the influencers.

The adoption team started recruiting GEEC members into a new Early Adopter Program (EAP) for Microsoft Viva Engage. The program had three requirements:

• Become a superuser – Members were encouraged to set aside 30 minutes per week to learn about Microsoft Viva Engage.
• Collect insightful feedback – We asked them to share their insights with the adoption team to help us shape the features and direction of Viva Engage.
• Generate best-use scenarios – We encouraged them to actively use Viva Engage to find ways to promote adoption.

They also had the opportunity to join regular workshops, pop-up focus groups, a bespoke Microsoft Viva community within the app, and 1:1 follow-ups. As a result of this high-touch engagement, they had the comfort and confidence to use the tool in their everyday work and explain its value to executives.

“We started to see what they needed as corporate communicators to best leverage Viva Engage,” Owen says. “An important learning was that we shouldn’t be feature-focused but problem-focused. We asked what challenges these communicators face and began to co-create solutions for how they can best use this app to solve them.”

Viva Engage lets employees see you as someone approachable, someone who cares about them, and by using these features, you can build a culture of involvement that you couldn’t before.

—Paula Bohn, senior business program manager, change and adoption, MSD

Thanks to the adoption team’s work, we had buy-in from key members within the corporate communications discipline. They grew into an engaged group of superusers who were excited to apply Microsoft Viva Engage to their work with executives.

Building groundswell for Microsoft Viva Engage

With the release of leadership-focused features, we were in an excellent position to capture executive buy-in for the rollout.

“We talked to leaders about how employees often see executives as these unreachable entities,” says Paula Bohn, senior business program manager for change and adoption with MSD. “Viva Engage lets employees see you as someone approachable who cares about them, and by using these features, you can build a culture of involvement that you couldn’t before.”

Supported by the communications professionals in the EAP program, our leaders came to the table with a full understanding of Microsoft Viva Engage’s value and how it works. As a result, we had strong buy-in from our internal influencers.

One of the most successful activations came at the end of 2022, when we launched a Microsoft Viva Engage social campaign asking employees to look back over the last year: #2022Reflections. When Microsoft CEO Satya Nadella contributed his own reflection, it received over 200,000 impressions. That gave the adoption a massive boost.

“My change management team can jump through plenty of hoops to make adoption readiness happen, but a tool doesn’t actually land until employees see their leaders modeling the behavior,” Bohn says.

Microsoft Viva Engage shines through top-down deployment driven by senior leadership. But as it reached a critical mass of usage and engagement, the team took steps to reinforce adoption for all employees.

“Once we began to see leaders posting to their organizations in ways that weren’t possible before, the number of questions and requests for enablement quickly exceeded our capacity for white-glove treatment,” says Frank Delia, senior program manager for Office 365 services management and adoption with MSD. “That’s when we realized we needed to scale this information to meet demand.”

It’s not just about enabling leaders—everyone can take advantage of Microsoft Viva Engage’s capabilities. The best way to fuel Viva Engage usage is to drive interest in solving challenges that teams have and not on trying to get them to deploy a particular feature.

Company-wide adoption efforts included an extensive communication strategy featuring product documentation, in-tool directional supports, internal blogs, and all-employee emails, all while sourcing feedback from GEEC members and employees alike.

Paired with the excitement and engagement of connecting more closely with our top leaders, the groundswell of Microsoft Viva Engage usage continues to surge. As of March 2023, monthly active usage (MAU) for the Viva Engage app in Microsoft Teams stood at 71 percent of Microsoft employees. That’s nearly double its 38 percent MAU before we launched the new features in November, and much higher than our adoption target of 50 percent.

A roadmap for adoption success

At this point, Microsoft Viva Engage usage is high, and the feature sets are fully in place. The next steps are all about scale.

Now that this adoption is firmly established, Microsoft employees’ experience and feedback provide valuable insights for future deployments. Both the approach to communications and the EAP will feature heavily in our next big rollout.

“To me, adoption means users fully understand the product and its value, and they wouldn’t want to do without it.” Bohn says. “That’s the real measure of a successful adoption.”

The specific technology and key players may be different, but the core adoption process will remain our north star. It’s all about communicating value, capturing your key players, and making sure your technology meets your customers’ needs.

• Different approaches are valid for different tools, so select a top-down or bottom-up approach based on your use case.
• Be problem-focused—not feature-focused—to capture value for your key stakeholders.
• Be diligent about building a usage framework and differentiating use cases.
• Identify who your influencers are and who’s influencing them.
• Thoroughly research your target roles and their work.
• Train your early adopters and influencers extensively because other employees will follow their lead.

• Learn about all the ways Viva is making work life better at Microsoft.
• See how we’re redefining the digitally assisted workday.
• Find out how Microsoft is building an employee-centric experience.

The post Transforming employee engagement at Microsoft with Microsoft Viva Engage appeared first on Inside Track Blog.

“For any adoption strategy, the first thing we look at is the behavioral change we’re really trying to drive,” says David Laves, a director of business programs in Microsoft Digital, the company’s IT organization. “We’re looking for the key messages and value-added scenarios that will really stoke excitement for our users.”

From there, we strategize the vectors that will be most effective.

It starts with an assessment that identifies the key parameters of the change. That includes several questions. Who’s impacted? How extensive is the change? What are the barriers? What are the benefits? And most importantly, what’s in it for the individual user?

“It can be a challenge to get access to our entire user base because of competing priorities,” says Kevin Wooldridge, a senior director of Experiences and Devices in Microsoft Digital. “Everyone has their own business goals and metrics they need to hit, and they need to know how Copilot will specifically improve their lives.”

The sheer size of our Copilot adoption efforts—early this year we completed a company-wide rollout stretching across all 300,000 Microsoft employees and vendors—meant that any change management efforts needed to operate at a massive scale while accounting for a phased approach that included pilot programs and organization-by-organization activations.

“Take the Greater China region as an example,” says Kai Cheng, business program manager for Microsoft 365 Copilot in Microsoft Digital. “We have around 19,000 employees and vendors in our region, working across thirteen different organizations, so communication is always a big challenge for us.”

Driving Microsoft 365 Copilot adoption using Microsoft Viva

Our approach to deploying Microsoft 365 Copilot focuses on three main objectives:

• Raise awareness and educate: We’re helping our employees build critical AI skills, learn about Copilot capabilities, and inform them about the elements of AI and other Copilot experiences they can start using today.
• Drive excitement and user engagement: We’re building excitement and confidence in employees’ ability to use Copilot by offering specific scenarios to help them understand responsible and effective AI use.
• Encourage feedback and track adoption: We’re gathering feedback and monitoring progress through both self-reporting and monitoring tools to understand opportunities for further growth.

Microsoft Viva provides ample opportunities to approach these goals across multiple apps. Two different aspects of the suite deliver a powerful advantage for change management at scale. First, Viva’s multimodality accommodates a diverse range of employee preferences for communication and engagement. Second, it offers opportunities for decentralized sponsorship and peer-to-peer support, giving organizational leaders and employee champions the chance to drive role-specific value for their colleagues.

“Copilot is a very new technology,” Cheng says. “As an employee, all the people you work with are experimenting at the same time, so it’s very easy for us to use Viva to build a social learning culture where people can grow together.”

We execute against our adoption goals by working according to Prosci’s ADKAR method, which breaks down into the five iterative stages of awareness, desire, knowledge, ability, and reinforcement. Different Viva apps have different roles in that model.

Accelerating Microsoft 365 Copilot with Viva

Viva Connections

Sharing key news related to deployment and enablement, generating “buzz,” and tying Copilot to Microsoft culture.

Viva Amplify

Producing and efficiently distributing employee communications to build awareness and excitement.

Viva Learning

Courses and training for our employees on how to maximize value from Copilot, inclusive of building effective prompts.

Viva Goals

Establishing and tracking Objectives and Key Results (OKRs) focused on employee Copilot usage and productivity gains.

Viva Engage

Actively engaging employees, providing leader updates, listening to feedback, and enabling Champs community.

Viva Insights

Using the Microsoft Copilot Dashboard beta to identity actionable insights and usage trends.

Viva Pulse

Instant feedback from employees on their Copilot experience to fine-tune our landing and adoption approach.

Viva Glint

Understanding employee sentiment and gauging the overall effectiveness of our Copilot deployment effort.

Viva Amplify

A robust communication strategy includes both centralized, company-wide messaging and executive sponsorship. Leadership from within individual business groups, regional subsidiaries, and teams offers employees a familiar, trusted voice and tailors adoption efforts to specific organizational priorities and ways of working.

Viva Amplify is the ideal tool for these kinds of communications. Internally, we use it to distribute turnkey assets executive sponsors can use to promote awareness and desire.

“With Viva Amplify, we can run campaigns using templates,” Wooldridge says. “So, we save lots of productivity time for executives and their managers because we’ve created pre-packaged communications they can adapt to their organizations’ needs.”

This approach has been so effective internally that we’ve created a Copilot Deployment Kit for our customers to use in Viva Amplify. It provides a pre-built campaign, a brief to outline of the overall strategy, and tools for reporting and measuring success.

Viva Learning

Building knowledge and ability are crucial, and Viva Learning is our workhorse app for equipping employees with Copilot know-how. It’s especially useful for employees who prefer self-directed, asynchronous, or gamified learning over facilitated training. It was an essential inclusion in our initial readiness communications, giving employees an early look at Copilot capabilities and providing preliminary skilling opportunities.

“Viva Learning made it possible to pick and choose the most frequently viewed or used learning assets across several different categories,” says Ju Bu, business program manager for Microsoft Digital in our Greater China Region. “For example, you can pull together pieces about working with content in Word, PowerPoint, or Outlook, and package that material into a unified learning path.”

The ability in Viva Learning to both create instructional modules and pull them in from different sources made assembling a Copilot learning path straightforward and easy to adapt as the technology grew. Out of that internal experience, we constructed the Microsoft Copilot Academy, now available to our customers.

Viva Engage

Of all the apps in the suite, Viva Engage has been the most impactful by far. It taps into the peer-to-peer support and role-based specificity that employees need for Copilot to drive value in their individual work. Like Viva Learning, it enhances employees’ knowledge and ability, just with a more relational, community-driven touch. It also ignites desire by showcasing how power users are saving time and maximizing productivity through AI.

For our Copilot adoption efforts, we leaned on our Copilot Champs Community—a dedicated group of 3,000 early adopters, AI enthusiasts, and peer leaders. Through community posts, ongoing conversations, and self-driven knowledge sharing in Viva Engage, their efforts turned into a powerful organic groundswell, with employees sharing prompts and advice on their own.

Viva Engage also gets to the heart of role-specific value. It enables peers who understand their colleagues’ work to share specific content with them that will help them do their jobs. It also eliminates bottlenecks associated with more broad-based communication models—for example, deploying centralized adoption communications to change cohorts containing thousands of employees and receiving overwhelming email responses.

“Between Viva Amplify and Viva Engage, these multiple touchpoints help employees tailor adoption content to their preferences,” Bu says. “It puts them at the center of our efforts because they can pick and choose the vectors that are most applicable to them.”

Viva Glint and Viva Pulse

Keeping our finger on the pulse of the user experience helps us reinforce usage and address any issues. Viva Glint and Viva Pulse help us uncover qualitative insights from employees through questionnaires and surveys.

Viva Glint provides change leaders with organization-wide, dashboard-based insights and analytics rooted in people science. Meanwhile, Viva Pulse provides opportunities for more rapid and localized feedback at the manager level.

“Any business transformation is a process of experimentation,” Laves says. “Glint and Pulse are our most powerful tools for capturing feedback to see how those experiments are progressing.”

Throughout our Copilot adoption process, we discovered which kinds of data are most valuable for transformation specialists and managers. Through those efforts, we assembled the Microsoft 365 Copilot Impact survey templates for both Viva Pulse and Viva Glint.

These templates helped our internal teams gather user insights, opportunities for employee empowerment, the impact of Copilot on day-to-day work, and success stories. If you’re unsure of which qualitative data is most important or how to gather it, they’re a fantastic place to start.

Viva Insights

Effective adoption relies on robust measurement. When you combine qualitative and quantitative data, you get powerful results.

“What we try to do is marry what the user says through qualitative feedback with what they do through usage data and other metrics,” Laves says. “If users say they’re having pain, we want to see how that affects usage.”

Viva Insights enables this kind of visibility for both company-wide change leaders and more localized managers. At Microsoft, we’ve mostly used this tool to track usage across different apps like Word or Outlook. From there, we can return to Glint and Pulse to dig deeper into what’s happening.

Our internal efforts helped inform the Microsoft 365 Copilot Dashboard powered by Viva Insights. This out-of-the-box feature provides privacy-protected data throughout every stage of your Copilot transformation journey and can help you understand its impact across meetings, email, chat, documents, search, and more.

Viva Goals

Our intent with Microsoft Viva Goals is to enhance the experience of both individual users and entire departments by providing a clear, structured approach to goal management, encouraging individuals to understand how their daily work accrues to organizational objectives. 

Viva Goals also helps with cross-department alignment, ensuring everyone is working towards the same objectives. This alignment fosters better collaboration and reduces silos. Managers can use dashboards to monitor team progress, identify bottlenecks, make informed decisions, and celebrate achievements by their team.

“As part of our strategic approach to drive adoption, we agreed on clear Objectives and Key Results (OKRs) that we used to measure Copilot adoption,” Woolridge says. “For example, we set a target for the specific percentage of active users that we were looking for within a quarter. We aligned these success measures with specific business objectives we have in specific geos and regions.”

Our OKRs are regularly tracked—we use them to report our progress and to adjust our adoption strategies based on feedback and performance data.

Getting meta: Using Copilot to help us use Viva to drive Copilot adoption

Bringing Microsoft Viva and Microsoft 365 Copilot together has been a potent combination for us.

“Microsoft Viva is a powerful tool for fueling Microsoft 365 Copilot adoption,” says Kirk Koenigsbauer, chief operating officer of the Microsoft Experiences and Devices Group. “It gets to the core of AI adoption: enhancing people’s ability to work in new ways through genuine digital transformation that ensures you’re getting the return on investment you want.”

Getting a little meta with our Copilot adoption efforts, our change management professionals have been able to use Copilot in Viva to boost their Copilot adoption efforts.

Our team frequently leans on Copilot for help writing Viva Amplify and Viva Engage posts. Its translation abilities also make it much easier to disseminate communications to different disciplines or regions on a global scale.

Writing support is just the beginning.

The skill of Copilot as an assistant with intelligent access to company data and repositories makes searching and summarization a breeze. In Viva Learning, change leaders can ask Copilot for tailored content suggestions. And when reviewing Viva Glint and Viva Pulse results, Copilot can pick out common themes or trends to help researchers understand usage and feedback more easily.

“Utilizing Copilot within Viva Engage helps employees uplevel their communications and increase their reach and impact. It encourages those who are more reluctant to post as now they have Copilot to help,” says Tanya Roberts, a PM in Microsoft Digital. “Some people don’t gravitate toward engagement forums, so bringing Copilot in to brainstorm different ways of activating employees is a real help.”

As a result, the engagement level within our Viva Engage Copilot Community has increased, and as such, is subsequently increasing the adoption of Copilot by embracing Copilot throughout Microsoft 365.

Different aspects of Microsoft Viva will be best suited for different employees, but the most important lesson has been that it isn’t just an HR or employee engagement suite. It’s a way to meet people where they work to drive organizational goals in the modality that works best for them.

The results for our Copilot adoption have been incredibly powerful. During a one-month Microsoft Viva campaign in the Greater China Region, we saw usage expand by as much as 20%. And that’s just one portion of our global workforce.

“If you’re really serious about Copilot usage in your company and environment, Viva is a powerful tool for accelerating adoption,” Koenigsbauer says. “It gets to the core of AI adoption: enhancing people’s ability to work in new ways through genuine digital transformation that ensures you’re getting the return on investment you want.”

Here are some tips on how to get started with using Microsoft Viva to help you deploy and drive adoption of Microsoft 365 Copilot:

• If you’re rolling Copilot out to your audience, consider the hero scenarios that will work best for their roles, then provide thought starters.
• This is as much a cultural change as it is a technical change. It’s important to work in partnership with HR and organizational leaders who understand their team culture, what they value, and their best communication channels.
• Be sure you have readiness material prepared. When people start getting their licenses, they’ll be able to access learning opportunities and informational content so they can hit the ground running.
• Take the opportunity to connect with employees genuinely by capturing two-way feedback around where the value is, where the opportunities are, and what blockers people are experiencing.
• Take advantage of a diversified channel communication strategy as much as possible. It provides multiple touchpoints for employees to help land your change.

Ready to experience Microsoft 365 Copilot? Get started here.

• Check out our Microsoft 365 Copilot deployment and adoption guide.
• Explore how we’re enabling internal collaboration at Microsoft with Microsoft Viva.
• Discover how we’re deploying Microsoft 365 Copilot with the help of—you guessed it—Copilot.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Driving Microsoft 365 Copilot adoption with an assist from Microsoft Viva appeared first on Inside Track Blog.

When elements of IT infrastructure are shrouded in mystery, it can lead to security vulnerabilities, non-compliance, and poor budget management. That’s the trouble with shadow IT—a term for any technical infrastructure that conventional IT teams and engineers don’t govern.

At Microsoft, we’re on a journey to increase our shadow IT maturity, resulting in fewer vulnerabilities and increased efficiencies. To get there, we’re leveraging tools and techniques we’ve developed through our core discipline of Microsoft Azure optimization.

[See how we’re doing more with less internally at Microsoft with Microsoft Azure. Learn how we’re transforming our internal Microsoft Azure spend forecasting.]

The challenges of shadow IT

Shadow IT is the set of applications, services, and infrastructure that teams develop and manage outside of defined company standards.

It typically crops up when engineering teams are unable to support their non-engineering partners. That situation may arise from a lack of available engineering capacity or the need for specialized domain solutions. On top of those circumstances, modern tools enable citizen developers to stand up low-code/no-code solutions that enable businesses to reduce their dependency on traditional engineering organizations.

Six corporate function teams have been involved in creating shadow IT environments: business development, legal, finance, human resources, and our consumer and commercial marketing and sales organizations.

Many of the solutions they’ve developed make strong business sense—as long as they’re secure and efficient. That’s where our Microsoft Digital (MSD) team comes in.

Three years ago, our biggest driver was getting visibility into the shadow IT estate and finding ways to secure it. Now we’re at a point where we’re looking for cost savings—that’s a natural progression.

—Myron Wan, principal product manager, Infrastructure and Engineering Services team

Over the last few years, our IT experts have been working with the shadow IT divisions to increase the maturity of the solutions they’ve developed, taking them from unsanctioned toolsets lurking in the shadows to well-governed, compliant, and secure assets they can safely use to advance our business goals.

Now that these shadow IT solutions are more secure and compliant, we’ve turned our attention to efficiency and optimization to ensure we’re able to do as much as possible with the least necessary budget expenditure.

“Three years ago, our biggest driver was getting visibility into the shadow IT estate and finding ways to secure it,” says Myron Wan, principal product manager within the Infrastructure and Engineering Services (IES) team. “Now we’re at a point where we’re looking for cost savings—that’s a natural progression.”

Because many of our shadow IT solutions leverage Microsoft Azure subscriptions, that was a natural place to start the optimization work.

Azure best practices, shadow IT efficiency

Fortunately, we have robust discipline around optimizing Microsoft Azure spend in conventional IT and engineering settings. Microsoft Azure Advisor, available through the Microsoft Azure Portal, has been providing optimization recommendations and identifying overspend for subscribers both within Microsoft and in our customers’ organizations for years.

The plan was to take applicable recommendations that we use in our core engineering organizations and distribute them to the shadow IT divisions.

—Trey Morgan, principal product manager, MSD FinOps

Internally, we’ve added layers that help streamline the optimization process. One, called CloudFit, draws from a library of optimization recommendations, which are tailored to the specific needs of the teams we support. Then we use Service 360, our internal notification center that flags actions in need of addressing for our engineering teams, to route those recommendations to subscription owners within MSD, product groups, and business groups.

Optimization tickets then enter their queue and progress through open, active, and resolved statuses. It’s a standard method for creating and prioritizing engineering tasks, and Microsoft customers could accomplish a similar result by building a bridge between Microsoft Azure Advisor and their own ticketing tool, whether that’s Jira, ServiceNow, or others.

“We have an existing set of cost optimization recommendations that we use for a variety of different technologies like Azure Cosmos DB and SQL,” says Trey Morgan, principal product manager for MSD FinOps. “The plan was to take applicable recommendations that we use in our core engineering organizations and distribute them to the shadow IT divisions.”

Getting there was a matter of establishing visibility and building culture.

Shining a light on shadow IT spend

Many of the optimization issues within shadow IT divisions came about because of non-engineers’ and non-developers’ unfamiliarity or lack of training with subscription-based software. They might not have the background or expertise to set them up or even ensure that their subscriptions would terminate after they had served their purpose.

In some cases, vendors or contractors may have set up processes and then moved on once their engagement was complete. Each of these scenarios had the potential for suboptimal Azure spend.

Providing visibility into these issues was relatively simple. Because all Microsoft Azure subscriptions across our organization are searchable through our company-wide inventory management system and sortable by department, engineers were able to locate all the subscriptions belonging to shadow IT divisions. From there, they simply had to apply CloudFit recommendations to those subscriptions and loop them through Service 360.

Our people now have the information they need to act—our organizational leaders can visit their Service 360 dashboard or can review their action summary report to see what they can do to cut their costs. That’s where culture and education came into the equation.

“Culture is always the number-one challenge when items aren’t actually owned by a core engineering team,” Wan says. “When you have teams that are more about generating revenue or managing corporate processes, a lot of what we have to deal with is education.”

It wasn’t just educating teams about Microsoft Azure optimization techniques. CloudFit and Service 360 provided a lot of the guidance those teams would need to get the job done. To a great degree, non-engineering employees needed to build the discipline of receiving and resolving tickets like a developer or engineer would.

But through direct communications from FinOps tools and support from Wan’s colleagues in engineering, we’ve been meeting our goal of optimizing Azure spend in shadow IT divisions. In the first six months of this solution’s availability, we’ve saved $1 million thanks to various optimizations.

Microsoft Azure savings and organizational discipline

Shadow IT will always exist in some form or another, so this journey isn’t just about remedying past inefficiencies. It’s also about building a culture of optimization and best practices across shadow IT divisions as they use their Microsoft Azure subscriptions moving forward.

With these solutions and practices in place, we’ve moved on from a “get clean” and “stay clean” culture to one where we “start clean.”

—Qingsu Wu, principal program manager, IES

“As we get more mature and divisions build up their muscles, we’re actually getting to an ongoing state of optimization,” says Feng Liu, principal product manager with IES. “As we build up that culture and that practice, folks are becoming more aware and taking more ownership and accountability.”

Some shadow IT divisions are even going beyond FinOps recommendations. For example, our commercial sales and marketing organization uses shadow IT solutions so extensively and is so keen to optimize their budget that they’ve automated the implementation of recommendations and created their own internal FinOps team.

“The whole vision of our shadow IT program is helping business teams to be self-accountable and sustainable,” says Qingsu Wu, principal program manager for the Infrastructure and Engineering Services (IES) team. “With these solutions and practices in place, we’ve moved on from a ‘get clean’ and ‘stay clean’ culture to one where we ‘start clean.’”

It’s all part of building a more effective culture and practice to do more with less.

• Understand your inventory. Spend time linking your organizational hierarchy to your Azure resources.
• Get to a confident view of your estate and your data. It’s crucial.
• Don’t be overly prescriptive. Be open to how you’re going to approach the situation.
• Build sustainability into your efforts by getting non-engineering teams more comfortable with regular engineering practices and learning from each other.
• Don’t overlook small wins. When they scale out across an entire organization, they can produce substantial savings.

• See how we’re doing more with less internally at Microsoft with Microsoft Azure.
• Learn how we’re transforming our internal Microsoft Azure spend forecasting.
• See how we’re enabling launch optimization at Microsoft.
• Find out how SAP and Azure combine to forge a trusted path to innovation in the cloud.
• Discover how we’re optimizing network performance for Microsoft Office 365.

The post Doing more with less: Optimizing shadow IT through Microsoft Azure best practices appeared first on Inside Track Blog.

Layered on top of that, our need for device security exists within a complex matrix of software, hardware, and user interfaces. If our employees are running out-of-date software, they’re leaving their device and our network unsecured and vulnerable.

Every leader understands the extreme importance of keeping their data secure. No enterprise wants to be the next company that gets exposed by one of these hacks that has happened in the past and to lose sensitive business or customer data.

—Biswa Jaysingh, principal product manager, Microsoft Digital Employee Experience

This is especially true when developers use powerful first-party tools like Microsoft Visual Studio and developer platforms like .NET to build new software. With developer platforms like .NET, this becomes even more critical because .NET is not just deployed to developer machines, it is also installed on the computers where the developed application will run.

Here at Microsoft Digital Employee Experience, the organization that powers, protects, and transforms the company, we are committed to holistically improving patching compliance rates across the company. To ensure we are improving security at every level of Microsoft’s infrastructure, from software and devices to the networks themselves, we are utilizing new technology and new approaches that we develop internally within our organization and within our product group partners.

“Every leader understands the extreme importance of keeping their data secure,” says Biswa Jaysingh, a principal product manager with Microsoft Digital Employee Experience. “No enterprise wants to be the next company that gets exposed by one of these hacks that has happened in the past and to lose sensitive business or customer data.”

Recent innovations in first-party patching technology at Microsoft, including in Windows Update for Business, Microsoft Endpoint Manager, and Microsoft Defender for Endpoints, are allowing us to unlock unprecedented levels of security across our network while at the same time reducing costs and speeding the timeline of deployment. From consolidating multiple deployments to reducing the impact of reboots on users, our changes are producing efficiencies across the business.

Within the matrix of network security at Microsoft, there are several critical arenas for security admins to monitor, patch, and secure. Malicious actors are looking at the full tech stack for vulnerabilities, which means our teams must monitor, patch, and secure devices at every level from the operating system and first-party software to hardware and third-party software.

[Discover boosting Windows internally at Microsoft with a transformed approach to patching.]

Reacting to the growing threat to first-party software

In the modern cloud-connected world there is more surface area that we need our IT professionals to protect. With more and more devices, from Internet of Things devices to peripherals having internet access, there is much larger potential for bad actors to break in. It’s more important than ever to stay secure, which means update compliance must be as close to 100 percent as possible across all levels of a device.

“The last thing we want is for Microsoft to ship a fix for a vulnerability, but an enterprise isn’t able to adopt the update. That would leave them insecure,” says Christina Ruana, principal program manager for Microsoft Visual Studio who is responsible for enterprise deployments and updates of Visual Studio.

This passion for effectively securing networks led Microsoft leaders like Ruana to ensure they’re doing everything possible to ease the burden of patching on our teams here at Microsoft and for our external customers. “Visual Studio’s recent Administrator update solution makes it much easier for enterprises to deploy updates through Microsoft Endpoint Manager,” Ruana says.

At the start of the .NET journey we were seeing unacceptable compliance rates as developers were using the software in ways that we hadn’t anticipated. This increased the complexity for maintaining patching compliance. We had to create paths for updating both current builds of .NET through Visual Studio and for keeping older builds compliant through Microsoft Update. This has improved compliance rates considerably.

—Jamshed Damkewala, principal PM manager, Platforms and Languages team

We’re using Microsoft Defender for Endpoints to manage the health of our devices, which is helping us improve the security of our network while also improving the user experience for our employees and our admins. Every efficiency gained along the way makes it more likely for compliance rates to grow. Teams are working around the clock to identify and patch vulnerabilities, but this work is only as effective as the compliance rate is strong.

A better experience for admins and users alike

We in the Microsoft Digital Employee Experience organization began our journey to transform the way we do patching by making it easier for our IT admins to deploy patches across our network.

Until recently, the first-party patching regime at Microsoft required a slew of software solutions to be manually managed, including important software applications like Visual Studio and .NET. But in November 2022, we were able to migrate numerous critical patch deployments to Windows Update for Business, dramatically increasing the timeliness and accuracy of device patching.

“At the start of the .NET journey we were seeing unacceptable compliance rates as developers were using the software in ways that we hadn’t anticipated,” says Jamshed Damkewala, principal PM manager on the Platforms and Languages team responsible for .NET. “This increased the complexity for maintaining patching compliance. We had to create paths for updating both current builds of .NET through Visual Studio and for keeping older builds compliant through Microsoft Update. This has improved compliance rates considerably.”

We gain significant efficiencies as we eliminate manual deployments through automation and streamline the rollout of patches through Windows Update and Windows Update for Business. With these universal sources for patches, we simultaneously reduce time for testing while reducing errors in the deployments.

With more accurate updates meeting user devices more quickly and hitting all builds of first-party software that require patching, our networks are more secure than ever. The ease of patches deploying on devices also reduces the impact on users, so they are more likely to remain compliant while experiencing minimal disruption.

These innovations are not custom built for Microsoft. We are effectively leveraging technology that we already had to make it more efficient and effective for teams to patch their software.

—Harshitha Digumarthi, senior product manager responsible, Microsoft Digital Employee Experience

Furthermore, the technology within Microsoft Defender for Endpoints allows for thorough device scanning to provide effective telemetry for admins to react to, giving them better knowledge to engineer future patches and policies for Windows Update for Business, which further grows compliance rates. We use it to scan and report vulnerabilities, which empowers our admins to respond faster. Microsoft Endpoint Manager also allows our admins to better manage Windows Update for Business policies.

Providing the tools for teams to succeed

Internally here at Microsoft, our updated technology allows us to monitor our networks more efficiently, providing detailed telemetry about device health that we’ve never had before. This visibility allows us to develop new protocols for our networks, including complicated cases of end-of-life devices and end-of-service software.

But the true unlock-for-efficiency comes in how these systems were designed, constructed, and automated.

“These innovations are not custom built for Microsoft,” says Harshitha Digumarthi, a senior product manager responsible for improving the patching experience at Microsoft Digital Employee Experience. “We are effectively leveraging technology that we already had to make it more efficient and effective for teams to patch their software.”

This approach reduces cost, increases the speed of development, and fundamentally improves the efficiencies of teams deploying mission-critical patches for their software. Potential errors caused by manual deployment are eliminated and the single update source on a single day per month improves the user experience considerably. The result is a more secure network through increased device compliance.

These benefits are compounded when it comes to first-party software like Visual Studio and .NET. We’ve seen a rise in patching compliance for internal customers developing new solutions with these products, all attributable to improvements in Visual Studio and .NET. As a result, security dividends can exponentially grow through the company and to the ecosystem at large. Our networks, and yours, are more secure thanks to these developments.

• Ensure your software applications are kept up to date to remain secure. Follow this guidance for Visual Studio.
• By utilizing a common deployment solution in Windows Update for Business and Microsoft Endpoint Manager, efficiency is gained and potential errors from manual updating are mitigated.
• A single update source on a single day per month dramatically improves the user experience.
• Innovations in device scanning provides new telemetry, which leads to new solutions for rare-but-important use cases like end-of-life devices and end-of-service software.

• Unpack our Visual Studio administrator guide.
• Share your deployment experiences and challenges with Visual Studio engineering team.
• Explore .NET Automatic Updates for Server Operating Systems.
• Deploy Visual Studio updates to devices enrolled in Windows Update for Business.
• Discover boosting Windows internally at Microsoft with a transformed approach to patching.

The post Harnessing first-party patching technology to drive innovation at Microsoft appeared first on Inside Track Blog.

Although these features have proven to be incredibly useful to our employees and our wider organization, there are also concerns about how retaining Microsoft Teams meeting data might affect our security posture, records retention policy, and privacy. Just like any other company, we at Microsoft have to balance these varying aspects.

At Microsoft Digital, the company’s IT organization, we’re leading cross-disciplinary conversations to ensure we get it right.

{Learn how Microsoft creates self-service sensitivity labels in Microsoft 365. Discover getting the most out of generative AI at Microsoft with good governance.}

Policy considerations of Microsoft Teams meeting data retention

Our Microsoft Teams meeting data comes in the form of three main artifacts: recordings, transcriptions, and data that AI-powered Microsoft 365 Copilot and recap services can use to increase our general business intelligence.

We find meeting recordings and transcripts are helpful for many reasons, including helping us overcome accessibility issues related to fast-paced, real-time meetings or language differences—this is a powerful way to level the playing field for our employees. Our ability to share recordings and transcripts also supports greater knowledge transfer and asynchronous work, which is especially helpful for teams that operate across time zones.

Microsoft Teams Premium enables AI-generated notes, task lists, personalized timeline markers for video recaps, and auto-generated chapters for recordings. Within a meeting, the Microsoft 365 Copilot sidebar experience helps our late-joining employees catch up on what they’ve missed, provides intelligent prompts to review unresolved questions, summarizes key themes, and creates notes or action items.

The helpfulness of these tools is clear, but data-retention obligations introduce challenges that organizations like ours need to consider. First, producing and retaining this kind of data can be complex if it isn’t properly governed. Second, data-rich artifacts like video recordings occupy a lot of space, eating up cloud storage budgets.

“We tend to think of the recordings we make during meetings as an individual’s data, but they actually represent the company’s data,” says Rachael Heade, director of records compliance for Microsoft Corporate, External, and Legal Affairs (CELA). “We want to empower individuals, but we have to remember that retention and volume impacts of these artifacts on the company can be substantial.”

In light of these potential impacts, some organizations simply opt out of enabling Microsoft Teams meeting recordings.

Asking the right questions to assemble the proper guardrails

Our teams in Microsoft Digital and CELA, our legal division, are working to balance the benefits of Microsoft Teams meeting data retention with our compliance obligations to provide empowering experiences for our employees while keeping the company safe.

“Organizations are always concerned about centralized control over the retention and deletion of data artifacts,” Heade says. “You have excited employees who want to use this technology, so how do you set them up so they can use it confidently?”

Like many policy conversations, getting this right starts with our governance team in Microsoft Digital and our internal partners asking the employees from across the company who look after data governance the right questions:

• When should a meeting be recorded and when should it not?
• What kind of data gets stored?
• Who can initiate recording, and who can access it after the meeting?
• How long should we retain meeting data?
• Where does the data live while it’s retained?
• How can we control data capture and retention?
• What does this mean for eDiscovery management?

These questions help us think about the proper guardrails. Our IT perspective is only one part of the puzzle, so we’re actively consulting with CELA, corporate security, privacy, the Microsoft Teams product group, the company’s data custodians, and our business customers throughout this process.

“As an organization, this is about thinking through your tenant position and getting it to a reasonable state,” says David Johnson, tenant and compliance architect with Microsoft Digital.

Our conversations have brought up distinctions that any organization should consider as they build policy around Microsoft Teams meeting retention:

• The length of time a meeting’s data remains fresh, relevant, or useful
• The difference in retention value between operational and informational meetings, for example, weekly touchpoints versus project kick-offs or education sessions
• The different risks inherent in recordings compared to transcriptions
• Establishing default policies while allowing variability and flexibility when employees need it
• Long-term retention for functional artifacts like demos and trainings

From sharing perspectives to crafting policy

Our policies around Microsoft Teams meeting data retention continue to evolve, but we’ve already implemented some highly effective practices, policies, and controls. Every organization’s situation is unique, so it’s important that you speak to your legal professionals to craft your own policies. But our work should give you an idea of what’s possible through out-of-the-box features within Microsoft Teams.

The policies we’ve put in place represent a mix of technical defaults, meeting options, and empowering employees to make informed decisions about usefulness and privacy. They also build on the foundations of our work with sensitivity labeling, which is helping secure data across our tenant.

• Transcript attribution opt-out gives employees agency and reassures them that we honor their privacy.
• User notices alert employees when a recording or transcription starts, allowing them the opportunity to opt out, request that the meeting go unrecorded, or leave the call.
• Nuanced business guidance from CELA through an internal Recording Smart Use Statement document helps employees understand the implications of recording, when not to record, and when not to speak in a recorded call.
• Recommending that employees “tell and confirm” before recording empowers and supports our people to speak up when they don’t believe the meeting should be recorded or don’t feel comfortable.
• We didn’t wait for Compliance Recording: Although this choice would require that a user consent to recording before unmuting themselves, we decided that opt-outs and user notices provided sufficient agency to our employees.
• Meeting labels that limit who can record mean only the organizer or co-organizer can initiate recordings for meetings labeled “highly confidential.”
• Only meeting organizers can download meeting recordings tokeep the meeting data contained and restrict sharing.
• The default OneDrive and SharePoint meeting expiration is set to 90 days to ensure we minimize the risk of data leakage or cloud storage bloat.

These policies reflect three core tenets we use to inform our governance efforts: empower, trust, and verify.

“The bottom line is that we rely on our employees to be good stewards of the company,” Johnson says. “But because we’ve got a good governance model in place for Teams and good overall hygiene for our tenant, we’re well set up to deal with the evolution of the product and make these decisions.”

We can’t recommend that any organization follow our blueprint entirely, but asking some of the same questions as we have can help build a foundation. To start, read our blog post on how we create self-service sensitivity labels in Microsoft 365 and explore this Microsoft Learn guide on meeting retention policies in Microsoft Teams.

With a firm grasp of the technology and close collaboration with the right stakeholders, you can guide your own policy decisions and unlock the right set of features for your team.

Here are some tips for approaching meeting data retention at your company:

• Face the fear and get comfortable with being uncomfortable: First, establish your concerns, then work toward optimizing your policy compliance.
• Consider how to support your company’s compliance obligations while allowing your employee population to take advantage of the product, and let those things live together side-by-side.
• Connecting with your legal team is essential because they’re the experts on assessing complex compliance questions.
• Investigate meeting labels and what policies you might want to apply to meetings based on sensitivity and other attributes.

See how Microsoft Teams Premium can help you manage your data retention.  

• Learn how Microsoft creates self-service sensitivity labels in Microsoft 365.
• Discover getting the most out of generative AI at Microsoft with good governance.
• Unpack Microsoft Teams Premium—the smart place to work.
• Check out our Microsoft Teams Premium overview for administrators.
• Work with Microsoft 365 Copilot.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Empowering employees after the call: Enabling and securing Microsoft Teams meeting data retention at Microsoft appeared first on Inside Track Blog.

“We’re transforming the experience our employees have when they first turn on their PCs,” says Sean MacDonald, a principal group program manager in Microsoft Digital. “Our employees expect a best-in-class experience and we’ve been working hard to deliver that to them. The best part is that all of our customers can have the exact same experience.”

It used to take up to an hour to get Windows 10 running on a new or rebuilt PC—that was before Microsoft Digital started using Windows Autopilot, a new deployment program that automates most of the setup process. With this new program developed in partnership with the Windows and Intune teams, the user receives a device with the latest image directly from the OEM and all the user needs to do is power on, connect to any internet connection, authenticate, and the rest is silently hydrated via Microsoft Intune.

“Now, with Autopilot, we’re seeing it take less than 10 minutes to set up a device,” MacDonald says. “We’ve reduced the user’s set up time by 90 percent.”

After piloting the technology, Microsoft Digital started a soft launch in October using Autopilot for select new devices, says Mina Aitelhadj, a program manager on Microsoft Digital’s Modern Device Platform Team.

Microsoft is using an OEM-developed (original equipment manufacturer) image on all devices where Autopilot is being used. The goal is for Microsoft Digital to evolve to the point where it is using Autopilot with Intune provisioning to image all new devices by January.

Microsoft is one of the first enterprises to use Autopilot in a full, modern management scenario.

“Our early testing and deployment inside of Microsoft will help us provide best practices and guidelines for our customers when they are ready to move onto a fully modern Azure platform,” Aitelhadj says.

Getting to this point has been challenging, she says.

Like any large enterprise, the Microsoft environment is complex. Company employees work in all kinds of different roles, and they rely on a wide variety of devices to support that work. This variety of device choices made it challenging to provide a consistent out-of-the-box experience for new employees (and for existing employees when issued new PCs).

Before Microsoft started using Autopilot internally, the team streamlined the imaging process as much as possible, but the company is so big (it literally offers employees hundreds of PC configurations to choose from) that speeding up how long it took an employee to get their new machine set up required that Microsoft Digital entirely rethink and redesign its approach, Aitelhadj says.

“Even though our custom imaging process was fine-tuned to its best, it was still process-intensive and wasn’t easy to manage across multiple OEMs and global regions,” she says. “To add to that, our devices needed to be connected to our corporate network to deploy our custom images.”

Now that Autopilot is handling all that work, the team can focus on fine tuning. “This is a big step up for us because we’re saving our team time and money and we’re getting critical work time back,” Aitelhadj says.

Are you interested in how Autopilot could work at your company? Windows Autopilot is available externally (click through here to learn more about it). It is available for Windows 10 users on Azure Active Directory and users of Windows Autopilot Hybrid Azure AD are able to use it to join Windows 10 devices to both Azure Active Directory and Active Directory.

How deploying an image with Autopilot works

Why has installing a new Windows image traditionally been so challenging?

Companies like Microsoft have had to continuously update their custom images to make sure they are current and secure, Aitelhadj says. Every month the Windows team issues patches and updates, and those have had to be woven into each image before it could be deployed.

Before the company started using Autopilot (and in cases where it’s not yet using the new tool), handling those month-to-month updates made deploying new images very challenging.

“Our engineers have had to build and maintain our image on a monthly basis for all devices in our global ecosystem,” she says. “They have had to send each image to the OEMs. Those images include our policies, certifications, profiles—everything needed to get the devices ready for one of our employees. We’ve streamlined how we create our custom image within Microsoft, and Autopilot streamlines that even further for both IT pro and users.”

Once Autopilot is deployed across the entire company, everything will get a lot simpler.

“Say I’m a company and I have 10 users coming onboard,” Aitelhadj says. “Instead of having an IT pro load our custom image onto those PCs, the OEM will preload the devices with a universal Commercial OEM Image, they will register those machines onto Autopilot, and everything will get loaded onto those machines automatically, once the user logs in.”

Using Autopilot, the OEM loads just the operating system and Microsoft Office onto a computer—just what the employee needs to be able to turn their machine on and get started. Once online, Autopilot guides the user through a nearly hands-off out-of-box experience in which it not only handles all custom configuration settings, but also downloads and installs all needed applications. The other benefit is that the user does not have to be on the company’s corporate network or in a campus building to setup the device—they can do it from any internet connection.

And the user experience?

Thanks to Autopilot, it has gone from a struggle to an easy first log in. The trick was to then make it easy and intuitive for the employee to download and set up all the applications they need to do their work.

“We make it as simple as possible by provisioning the device with all the policies, certs, and core apps,” Aitelhadj says. “It all loads in the background within a few minutes. We limit their interaction to just the stuff they need to click through—like security and a few other required things.”

And yes, the team wanted to give the IT pros who spend hours and hours updating images each month time back, but the bigger goal was to create a simpler, more user-guided, less error-prone experience for users, thereby reducing end user frustration and the need for IT support. All this needed to be done without a time gap—for security reasons, all current updates need to be made as the new employee’s PC is booted up and handed over to them.

“We’ve saved our pilot users hundreds of hours—we’re getting them productive faster,” Aitelhadj says. “It’s pretty awesome to have that kind of impact.”

The post Autopilot speeds up Windows 10 image deployment inside Microsoft appeared first on Inside Track Blog.

“Now it’s like creating a book where the pages are always changing,” says Yannis Paniaras, a principal designer in the Microsoft Digital Studio. “At the critical junction in the UX, where humans interact with Copilot, the AI transforms into the conductor of the user experience. This shift is enabling our designers to move away from defining fixed flows to embracing a non-deterministic design style orchestrated by the AI.”

Microsoft Digital Studio is our team of designers and researchers in Microsoft Digital. The Microsoft Digital Studio team is committed to using their expertise in design, research, content strategy, accessibility, and product planning to create experiences that empower Microsoft employees to achieve more in their lives.

Paniaras has observed that designing an AI-enabled product is very different from designing a traditional desktop or mobile app. In conversations with designers, program managers, and developers, he frequently encounters questions about how various product-making disciplines should coordinate their work in this new context.

“We have Copilot, powered by a large language model (LLM), and we use Fluent AI design language for experiences that rely on lean graphical user interfaces with dynamic prompts and dynamically generated, contextual cards,” Paniaras says. “These provide just-in-time user interface elements that map to the generative flow. Consequently, designers are shifting their focus from standard UI towards the vocabulary of prompts, dynamically designed adaptive cards, and on finding consistency withing the UX context. These elements are becoming the new building blocks of AI-based UX design.”

The Microsoft Digital Studio team’s designers still work in Figma, the popular design and prototyping tool, but their designs need to remain open-ended and sometimes more abstract, rather than a set of fixed linear designs.

“The design becomes a set of probabilities,” Paniaras says. “While this poses a challenge for designers, it also encourages us to collaborate more closely with everyone else.”

Laura Bergstrom, a principal UX manager for the Unified Employee Experience team, adds that content designers and designers on her team developed guidance for engineers to scale Copilot responses creating consistent, reliable responses with the right tone of voice at the right time.

“With all the power of generative AI, user experience and design are still responsible for the quality of the experience and the outcome, so we’re finding ways to scale working with engineering and data science,” Bergstrom says.

Spurring collaboration with AI

Using AI to quickly align plans and goals is causing a shift in the way the entire product-making crew works together. “All the different disciplines are working together to get things in place,” Paniaras says.

He tells a story of a designer who worked concurrently with PMs and engineers to design prompts, comparing it with the previous way of doing things.

“It used to be different: you had research, based on that you would have ideas, prototype certain things, build them, then engineers would test them,” Paniaras says. “It was more linear.”

Modern engineering with AI requires a shift to a more collaborative culture on product teams, where there aren’t clear lines of ownership and people can work flexibly together. It’s similar to the shift that engineering went through from the waterfall approach to agile, when instead of owning specific pieces, engineers swarmed over one part of the product for a sprint, then swarmed on another part in the next sprint.

Transitional UI interfaces

Victor Albahadly, a senior UX designer on the Microsoft Digital Studio team, says AI has potential to transform the way he does his core job, which is to test to find out where the designs he and his team build breakdown and fail to meet the needs of the people who will use them.

“I need to figure out what the user wants,” Albahadly says. “When we build an application, I need to know where they are coming from, what they want to do, and where the experience that we’re building for them will break down.”

The challenge is that he has to sample the experiences users have with his designs and extrapolate what he learns to the rest of the design. And importantly, he does this at scale—not for just one person, but for all the people who use the application.

“I need to test how the experience will work for many people,” he says. “That’s an intense process.”

AI has the potential to change that because it will be able to see everything—something a human will never be able to do on their own.

“With AI’s help, someday in the near future, I’ll be able to test the entire application,” Albahadly says. “There will be a lot of power in that.”

AI can help designers get this kind of scale at every step in the process, which not only makes the results far more accurate, but also much faster.

Transforming user testing with AI

The future of ideation

Albahadly also envisions AI enhancing parts of the design process. Today, ideation is done by talking to experts and customers, holding brainstorming sessions, and doing workshops. In the future, he suggests he could do similar ideation with his teammates and AI.

“In your app, say there’s a huge drop-off of traffic coming from Japan,” he says. “Now we need to do a workshop to find out why this is happening. The AI could point to specific stuff like a language barrier or culture barrier, or a time issue like a holiday. Instead of taking a week to ideate, it could become a step in the process the same day.”

In addition to changes in design processes, generative AI is changing the user experience.

“We’ve had a linear way of pumping out experiences—an OS, products on top of it, and apps,” Bergstrom says. “Now there are different copilots, different extensibility, ways of doing things on surfaces. This all has to make sense to a user end-to-end.”

It requires a lot of design thinking to produce that experience.

Data quality is also crucial to producing an experience that makes sense. “Generative AI is a wildcard, which requires data to be more pristine,” Bergstrom says.

For example, the LLM for Microsoft 365 can go through all your emails and SharePoint sites. If you type in “benefits,” it should identify the authoritative source and display that information—not go through your email to find every benefits-related message you’ve ever gotten.

Transforming work with AI

What about the potential of AI to do routine, repetitive work and give people the time to do higher value work? Bergstrom sees a wide range of opportunities.

“We can use generative AI to help employees with everyday tasks, from finding the best place to park to managing the immigration process to identifying the best selections for employee benefits,” Bergstrom says. “And for large enterprises, we can use generative AI to help manage facilities by identifying cost-to-benefit ratios, building usage, and for finding the best locations to have offices.”

Both Bergstrom and Albahadly see an opportunity for AI to help employees write their performance reviews. Bergstrom notes that it could help managers combine review feedback from multiple sources and tie it to OKRs.

And Albahadly says that for employees, AI can help with writing their own performance reviews.

“That’s been a challenge for most Microsoft employees, because at the end of the year, you have to sit and remember everything you worked on,” he says.

Because AI will be exposed to your meetings, your calendar, your projects, it will be easy for it to co-write your review with you.

“In the future, it will be less writing and more selecting stuff, and AI will generate a whole year for you,” Albahadly says.

With all this transformation happening, some people worry about the future of work.

Paniaras is optimistic.

“Everything around us, including our roles, work, processes, and definitions of values, has been created by us humans” he says. “Whenever any of these dimensions change, we inevitably end up redefining them or filling the void. But you need to have that thinking attitude, and the recognition that everything around us is a result of our own making.”

Bergstrom agrees.

“Durable problems don’t change,” she says. “But now we have infinitesimally more ways to solve for those problems with an intelligent assistant that can anticipate needs and predicts possibilities—we’re just trying to figure out how to harness all the capability in our designs.”

Try out Microsoft 365 Copilot to learn what you can do with AI.

Watch John Maeda’s LinkedIn Learning class—UX for AI: Design Practices for AI Developers—to learn more about how collaboration works with AI.

Here are some tips for getting started with generative AI at your company:

1. Embrace AI as a collaborator:
   • Consider AI as a creative partner. It can augment your design process by suggesting patterns, layouts, and interactions.
   • Collaborate with AI tools to generate design variations, explore possibilities, and iterate faster.
2. Understand AI’s capabilities and limitations:
   • Familiarize yourself with the types of AI algorithms commonly used in design, such as neural networks, generative adversarial networks (GANs), and reinforcement learning.
   • Recognize that AI has limitations—it can’t replace human intuition, empathy, or domain expertise. Use it as a tool to enhance your creativity.
3. Design for adaptability and personalization:
   • AI-driven UX should be adaptable and personalized. Create interfaces that adjust dynamically based on user behavior, context, and preferences.
   • Use AI to tailor experiences for individual users, providing relevant content and recommendations.
4. Collect and curate data:
   • AI models require data to learn and improve. Collect relevant user data (with privacy considerations) to train AI algorithms.
   • Curate high-quality datasets that represent diverse user scenarios and behaviors.
5. Iterate and refine AI models:
   • Start with simple AI models and gradually increase complexity. Iterate based on user feedback and real-world usage.
   • Regularly evaluate and fine-tune AI models to ensure they align with user needs and business goals.
6. Ethical considerations:
   • Be mindful of biases in AI algorithms. Ensure fairness, transparency, and inclusivity.
   • Understand the ethical implications of AI-driven decisions and design accordingly.
7. Learn from existing AI-driven products:
   • Study successful AI-powered products and services. Analyze how they integrate AI seamlessly into the user experience.
   • Learn from industry leaders and adapt their best practices to your own projects.

Remember, AI is a powerful tool, but it’s most effective when combined with human creativity and empathy. By embracing AI and understanding its role, UX designers can create innovative, personalized, and adaptive experiences for users.

Find out what you can do with Microsoft 365 Copilot.

• Take this UX for AI: Design Practices for AI Developers class with Microsoft’s John Maeda.
• Explore these five communications-based tips for prompting Microsoft 365 Copilot.
• Unpack deploying Microsoft 365 Copilot internally at Microsoft.
• Discover embracing emerging technology at Microsoft with new AI certifications.

• Want more information? Email us and include a link to this story and we’ll get back to you.
• Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Redesigning how we work at Microsoft with generative AI appeared first on Inside Track Blog.

“We’ve made significant strides to create chip-to-cloud Zero Trust out of the box,” says David Weston, vice president of Enterprise and OS Security at Microsoft. “Windows 11 is redesigned for hybrid work and security with built-in hardware-based isolation, proven encryption, and our strongest protection against malware.”

This new baseline for protection is one of several reasons Microsoft upgraded to Windows 11.

In addition to a better user experience and improved productivity for hybrid work, the new hardware-backed security features create the foundation for new protections. This empowers us to not only protect our enterprise but also our customers.

[Discover how Microsoft uses Zero Trust to protect our users. Learn how new security features for Windows 11 help protect hybrid work. Find out about Windows 11 security by design from chip to the cloud. Get more information about how Secured-core devices protect against firmware attacks.]

How Windows 11 advanced our security journey

Security has always been the top priority here at Microsoft.

We process an average of 65 trillion signals per day, with 2.5 billion of them being endpoint queries, including more than 1,200 password attacks blocked per second. We can analyze these threats to get better at guarding our perimeter, but we can also put new protections in place to reduce the risk posed by persistent attacks.

In 2019, we announced Secured-core PCs designed to utilize firmware protections for Windows users. Enabled by Trusted Platform Module (TPM) 2.0 chips, Secured-core PCs protect encryption keys, user credentials, and other sensitive data behind a hardware barrier. This prevents bad actors and malware from accessing or altering user data and goes a long way in addressing the volume of security events we experience.

“Our data shows that these devices are more resilient to malware than PCs that don’t meet the Secured-core specifications,” Weston says. “TPM 2.0 is a critical building block for protecting user identities and data. For many enterprises, including Microsoft, TPM facilitates Zero Trust security by measuring the health of a device using hardware that is resilient to tampering common with software-only solutions.”

We’ve long used Zero Trust—always verify explicitly, offer least-privilege access, and assume breach—to keep our users and environment safe. Rather than behaving as though everything behind the corporate firewall is secure, Zero Trust reinforces a motto of “never trust, always verify.”

The additional layer of protection offered by TPM 2.0 makes it easier for us to strengthen Zero Trust. That’s why hardware plays a big part in Windows 11 security features. The hardware-backed features of Windows 11 create additional interference against malware, ransomware, and more sophisticated hardware-based attacks.

At a high level, Windows 11 enforced sets of functionalities that we needed anyway. It drove the environment to demonstrate that we were more secure by default. Now we can enforce security features in the Windows 11 pipeline to give users additional protections.

—Carmichael Patton, principal program manager, Digital Security and Resilience

Windows 11 is the alignment of hardware and software to elevate security capabilities. By enforcing a hardware requirement, we can now do more than ever to keep our users, products, and customers safe.

Setting a new baseline at Microsoft

While some security features were previously available via configuration, TPM 2.0 allows Windows 11 to protect users immediately, without IT admins or security professionals having to set specific policies.

“At a high level, Windows 11 enforced sets of functionalities that we needed anyway,” says Carmichael Patton, a principal program manager with Digital Security and Resilience, the organization responsible for protecting Microsoft and our products. “It drove the environment to demonstrate that we were more secure by default. Now we can enforce security features in the Windows 11 pipeline to give users additional protections.”

Thus, getting Windows 11 out to our users was a top priority.

Over the course of five weeks, we were able to deploy Windows 11 across 90 percent of eligible devices at Microsoft. Proving to be the least disruptive release to date, this effort assured our users would be immediately covered by baseline protections for a hybrid world.

We can now look across our enterprise and know that users running Windows 11 have a consistent level of protection in place.

The real impact of secure-by-default

Moving from configurable to built-in protection means that Windows 11 becomes the foundation for secure systems as you move up the stack.

It simplifies everything for everyone, including IT admins who may not also be security experts. You can change configurations and optimize Windows 11 protections based on your needs or rely on default security settings. Secure-by-default extends the same flexibility to users, allowing them to safely choose their own applications while still maintaining tight security.

—David Weston, vice president, Enterprise and OS Security

Applications, identity, and the cloud are able to build off the hardware root-of-trust that Windows 11 derives from TPM 2.0. Application security measures like Smart App Control and passwordless sign-in from Windows Hello for Business are all enabled due to hardware-backed protections in the operating system.

Secure-by-default does all of this without removing the important flexibility that has always been part of Windows.

“It simplifies everything for everyone, including IT admins who may not also be security experts,” Weston says. “You can change configurations and optimize Windows 11 protections based on your needs or rely on default security settings. Secure-by-default extends the same flexibility to users, allowing them to safely choose their own applications while still maintaining tight security.”

Going forward, IT admins working in Windows 11 no longer need to put extra effort in enabling and testing security features for performance compatibility. Windows 11 makes it easier for us to gain security value without extra work.

This is important when you consider productivity, one of the other drivers for Windows 11. We need to empower our users to stay productive wherever they are. These new security components go hand-in-hand with our productivity requirements. Our users stay safe without seeing any decline in quality, performance, or experience.

“With Windows 11, the focus is on productivity and thinking about security from the ground up,” Patton says. “We know we can do these amazing things, especially with security being front and center.”

Now that Windows 11 is deployed across Microsoft, we can take advantage of TPM 2.0 to bring even greater protections to our users, customers, and products. We’ve already seen this with the Windows 11 2022 update.

For example, Windows Defender App Control (WDAC) enables us to prevent scripting attacks while protecting users from running untrusted applications associated with malware. Other updates include improvements to IT policy and compliance through config lock: a feature that monitors and prevents configuration drift from occurring when users with local admin rights change settings.

These are the kinds of protections made possible with Windows 11.

“Future releases of Windows 11 will continue to add significant security updates that add even more protection from the chip to the cloud by combining modern hardware and software,” Weston says. “Windows 11 is a better way for everyone to collaborate, share, and present, all with the confidence of hardware-backed protections.”

• Learn about and upgrade to Windows 11.
• Learn more about the security benefits of Windows 11.

• Discover how Microsoft uses Zero Trust to protect our users.
• Learn how new security features for Windows 11 help protect hybrid work.
• Get more information about how Secured-core devices protect against firmware attacks.

The post Hardware-backed Windows 11 empowers Microsoft with secure-by-default baseline appeared first on Inside Track Blog.