Category | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
microsoft-365-copilot-overview | Microsoft 365 Copilot Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-overview.md | Microsoft 365 apps (such as Word, Excel, PowerPoint, Outlook, Teams, loop, and m | | Calls | Copilot in Teams Phone uses the power of AI to empower you to work more flexibly and intelligently, automating important administrative tasks of a call, such as capturing key points, task owners, and next steps, so you can stay focused on the discussion. Copilot in Teams Phone supports both voice over Internet Protocol (VoIP) and public switched telephone network (PSTN) calls. | | | Whiteboard | Makes meetings and brainstorm sessions more creative and effective. Use natural language to ask Copilot to generate ideas, organize ideas into themes, create designs that bring ideas to life and summarize whiteboard content. | | OneNote | Draft with Copilot | Use prompts to draft plans, generate ideas, create lists, and organize information to help you easily find what you need. |+| Forms | Draft with Copilot | Use prompts to draft questions and suggestions that help you create surveys, polls, and other forms with ease. | To learn more about what's possible with Microsoft 365 Apps and Copilot, check out [Microsoft 365 AI help and learning](https://support.microsoft.com/copilot). |
microsoft-365-copilot-setup | Microsoft 365 Copilot Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-setup.md | description: "Learn how to prepare your organization for Microsoft Copilot for M # Get started with Microsoft Copilot for Microsoft 365 -[Microsoft Copilot for Microsoft 365](https://www.microsoft.com/microsoft-365/blog/2023/03/16/introducing-microsoft-365-copilot-a-whole-new-way-to-work/) is an AI-powered productivity tool that uses large language models (LLMs) and integrates your data with the Microsoft Graph and Microsoft 365 Apps. It works alongside popular Microsoft 365 Apps such as Word, Excel, PowerPoint, Outlook, Teams, and more. Copilot provides real-time intelligent assistance, enabling users to enhance their creativity, productivity, and skills. This article covers the technical requirements to access and configure Copilot for Microsoft 365. +[Microsoft Copilot for Microsoft 365](https://www.microsoft.com/microsoft-365/blog/2023/03/16/introducing-microsoft-365-copilot-a-whole-new-way-to-work/) is an AI-powered productivity tool that uses large language models (LLMs) and integrates your data with the Microsoft Graph and Microsoft 365 Apps. It works alongside popular Microsoft 365 Apps such as Word, Excel, PowerPoint, Outlook, Teams, and more. Copilot provides real-time intelligent assistance, enabling users to enhance their creativity, productivity, and skills. This article covers how you can prepare your organization for Copilot. These steps can be thought of in three primary phases: -## Prerequisites for Microsoft Copilot for Microsoft 365 +1. Optimizing for Search +1. Update channels and apps +1. Provision Copilot licenses ++## Before you begin Before you can access Copilot, you must meet these requirements: -- The following applications must be deployed for your users, which seamlessly integrate with Microsoft Copilot for Microsoft 365 and other applications:- - Word - - Excel - - PowerPoint - - Outlook - - Microsoft Teams - - OneDrive - - SharePoint - - Exchange - -To get started with the implementation process, see [Deployment guide for Microsoft 365 Apps](/deployoffice/deployment-guide-microsoft-365-apps). +You must have one of the following subscription plans to purchase Microsoft Copilot for Microsoft 365. You can purchase Copilot for Microsoft 365 licenses through the Microsoft 365 admin center on the Purchase Services page, Microsoft partners, or Microsoft account team. You can purchase as many Copilot for Microsoft 365 licenses as you have prerequisite licenses. ++Your users must have one of the following base licenses to be eligible for a Copilot for Microsoft 365 license. Prerequisite licenses include: ++- Microsoft 365 E5 +- Microsoft 365 E3 +- Office 365 E3 +- Office 365 E5 +- Microsoft 365 A5 for faculty +- Microsoft 365 A3 for faculty +- Office 365 A5 for faculty +- Office 365 A3 for faculty +- Microsoft 365 Business Standard +- Microsoft 365 Business Premium ++>[!NOTE] +> Customers with Education or Business subscriptions that do not include Teams can still purchase Copilot for Microsoft 365 licenses. ++- **Microsoft 365 Apps** desktop applications such as Word, Excel, PowerPoint, Outlook, and Teams. Copilot will be available in web versions of the apps when a license is assigned.To get started with the implementation process, see [Deployment guide for Microsoft 365 Apps](/deployoffice/deployment-guide-microsoft-365-apps). - **OneDrive Account** You need to have a OneDrive account for several features within Copilot for Microsoft 365, such as saving and sharing your files. For more information, see [Sign in or create an account for OneDrive](https://support.microsoft.com/office/video-sign-in-or-create-an-account-for-onedrive-3adf09fd-90e3-4420-8c4e-b55e2cde40d2?ui=en-us&rs=en-us&ad=us). -- **New Outlook for Windows** For seamless integration of Copilot for Microsoft 365 with Outlook, you are required to use the new Outlook for Windows, currently in preview. You can switch to Outlook Mobile to access the new Outlook experience. For more information, see [Getting started with the new Outlook for Windows](https://support.microsoft.com/office/getting-started-with-the-new-outlook-for-windows-656bb8d9-5a60-49b2-a98b-ba7822bc7627).+- **Outlook for Windows** For seamless integration of Copilot for Microsoft 365 with Outlook, new Outlook (Windows, Mac, Web, Mobile) is recommended. Copilot does support classic Outlook (Windows) as well. You can switch to Outlook Mobile to access the new Outlook experience. For more information, see [Getting started with the new Outlook for Windows](https://support.microsoft.com/office/getting-started-with-the-new-outlook-for-windows-656bb8d9-5a60-49b2-a98b-ba7822bc7627). - **Microsoft Teams** To use Copilot for Microsoft 365 with Microsoft Teams, you must use the Teams desktop client or web client. You can [download the desktop client here](https://www.microsoft.com/microsoft-teams/download-app) or sign into the web app at [https://teams.microsoft.com](https://teams.microsoft.com/). Both the current and the new version of Teams are supported. For more information, see [Microsoft Teams desktop client](/microsoftteams/get-clients?tabs=Windows). To get started with the implementation process, see [Deployment guide for Micros - **Microsoft Whiteboard** To use Copilot for Microsoft 365 with Microsoft Whiteboard, you must have Whiteboard enabled for your tenant. To learn more about Microsoft Whiteboard, see [Manage access to Microsoft Whiteboard for your organization](/microsoft-365/whiteboard/manage-whiteboard-access-organizations). ->[!IMPORTANT] -> Microsoft Copilot for Microsoft 365 will follow the standard practice of deployment and updates for Microsoft 365 Apps, being available in all update channels, except for Semi-Annual Enterprise Channel. Preview channels (also known as Microsoft 365 Insider) include Current Channel (Preview) and Beta Channel. Production channels include Current Channel and Monthly Enterprise Channel. -> -> Copilot is available in Current Channel and in Monthly Enterprise Channel. As always, preview channels are a great option to validate the product before rolling out to the rest of organization. To learn more, see [Overview of update channels](/deployoffice/updates/overview-update-channels) and [Microsoft 365 Insider channels](/deployoffice/insider/compare-channels). +## Optimize for Search ++Microsoft Copilot for Microsoft 365 provides the ability for users to find and access their content through natural language prompting. Copilot ensures data security and privacy by adhering to existing obligations and integrating with your organization's policies. It utilizes your Microsoft Graph content with the same access controls as other Microsoft 365 services. To get the most out of Copilot, you should consider optimizing data and content for Search, to ensure optimal secure access. To learn more about privacy with Microsoft Copilot for Microsoft 365, see [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-privacy.md). ++### Applying principles of Just Enough Access ++From the SharePoint admin center, you can review SharePoint site access to check permissions and access to ensure data is secure, prioritizing sites that contain sensitive information. +++You can check on site privacy by going to Active Sites, then selecting a site, and going to Settings. Setting a site as Private means that only users in your organization with access to the site will find it. You can also review access under the Membership tab, as well as site owners, members, and visitors. -## Manage licenses for Copilot +>[!NOTE] +> A helpful strategy to balance effort and maximizing impact is to establish a data definition for sensitivity and consider prioritizing the review of SharePoint sites, focusing first on the most critical repositories, then deploying licenses to users and piloting Copilot and implementing a process to iterate through the rest of your repositories in parallel with expanding user base. This provides a consistent loop of feedback from users to continually refine access without delaying deployment. [Jump to the deployment section below](#plan-for-deployment-and-measure-adoption-impact-and-sentiment) for a more detailed strategy to deploy and drive adoption. -You can manage Microsoft Copilot for Microsoft 365 licenses from the Microsoft 365 admin center. You can assign licenses to individual users or to groups of users, as well as reassign licenses to other users.   +With an eligible license, you can set up auto-classifiers for content on a SharePoint site by going to the site, selecting the Settings icon on the top right, going to Library Settings, and adjusting default sensitivity labels. This feature ensures that content created or edited inherits this label. Content that is moved to the site without appropriate labels will trigger a notification. ++### Configure advanced policies with Microsoft Purview +++In the Microsoft Purview compliance portal, you can create sensitivity labels by navigating to the Labels tab to customize policies to best fit your data sensitivity classifications. You can also configure auto-labeling by navigating the Auto-labeling menu on the left navigation, under Information protection. Select a label or create a new label policy, and configure protections for content that has the label applied. ++These labels can also be applied based on content found within documents using data loss prevention (DLP) policies. These policies allow labels to be automatically applied when specific types of content are identified in a document, for example, personally identifiable information like addresses, tax information or passport numbers. You can also DLP policies to trainable classifiers that identify categories of content like source code, financial documents, HR and more. You can also set up endpoint DLP policies that would restrict users from actions like copying content to clipboard or removable USB devices or printing. ++### Audit Copilot activity in Microsoft Purview ++All activity from Copilot for Microsoft 365 can be discoverable using content search in the Microsoft Purview portal for audit and review. From the Microsoft Purview portal, you can initiate an audit from the Audit tab on the left navigation. You can also apply retention policies to retain content in prompts and responses based on your organization requirements. eDiscovery and communication compliance policies are also supported for Copilot for Microsoft 365 activity through the Purview portal, allowing you to set up flags for any content matches policies configured. For example, you can set up a policy to flag for activity that includes specific words or code names. ++For more information on data security and compliance configurations using Microsoft Purview, see [Microsoft Purview data security and compliance protections for Microsoft Copilot](/purview/ai-microsoft-purview). ++Review your privacy settings for Microsoft 365 Apps because those settings might have an effect on the availability of Microsoft Copilot for Microsoft 365 features. For more information, see [Microsoft Copilot for Microsoft 365 and policy settings for connected experiences](microsoft-365-copilot-privacy.md#microsoft-copilot-for-microsoft-365-and-policy-settings-for-connected-experiences). ++## Update channels ++Microsoft Copilot for Microsoft 365 will follow Microsoft 365 Apps' standard practice for deployment and updates, being available in all update channels, except for Semi-Annual Enterprise Channel. Preview channels include Current Channel (Preview) and Beta Channel. Production channels include Current Channel and then Monthly Enterprise Channel. Preview channels are a great option to validate the product before rolling out to the rest of organization. To learn more, see [Overview of update channels](/deployoffice/updates/overview-update-channels), and [Microsoft 365 Insider channels](/deployoffice/insider/compare-channels). ++We recommend Current Channel, because it provides your users with the newest Microsoft 365 app features as soon as they're ready and provides the best experience for a fast-moving product like Copilot for Microsoft 365. If you need more predictability of when these new Microsoft 365 app features are released each month, we recommend Monthly Enterprise Channel. ++There are multiple ways you can manage channels for user devices. To learn more, see [Change update channel of Microsoft 365 to enable Copilot](/deployoffice/updates/change-channel-for-copilot). ++## Provision Copilot for Microsoft 365 licenses ++After you’ve prepared your organization for Copilot, you can manage Microsoft Copilot for Microsoft 365 licenses from the Microsoft 365 admin center. You can assign licenses to individual users or to groups of users, as well as reassign licenses to other users. To access license management in the Microsoft 365 admin center, go to **Billing** > **Licenses**. You can also assign licenses in bulk to [groups of users through the Azure admin center](/azure/active-directory/enterprise-users/licensing-groups-assign) or [assign licenses to users with PowerShell](/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell). For more information, see [Assign Microsoft 365 licenses to users](/microsoft-365/admin/manage/assign-licenses-to-users). -## Security and privacy +To learn more about the steps to deploy Copilot for your organization, see [Enable users for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-enable-users.md). -Microsoft Copilot for Microsoft 365 ensures data security and privacy by adhering to existing obligations and integrating with your organization's policies. It utilizes your Microsoft Graph content with the same access controls as other Microsoft 365 services. To learn more about privacy with Microsoft Copilot for Microsoft 365, see [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-privacy.md). +## Configure settings for Copilot -### Privacy settings for Microsoft 365 Apps +As an admin, you can manage Microsoft Copilot experiences for your organization by using the controls available in the Microsoft 365 admin center. You can view the status of Copilot license assignments, access the latest information on Copilot, manage data security and compliance controls, submit feedback on behalf of users, configure plugins and permissions, and enable the use of web data as grounding data in Copilot. -Review your privacy settings for Microsoft 365 Apps because those settings might have an effect on the availability of Microsoft Copilot for Microsoft 365 features. For more information, see [Microsoft Copilot for Microsoft 365 and policy settings for connected experiences](microsoft-365-copilot-privacy.md#microsoft-copilot-for-microsoft-365-and-policy-settings-for-connected-experiences). +You can manage these settings by using the Copilot page in the Microsoft 365 admin center. To learn more, see [Manage Microsoft Copilot for Microsoft 365 with the Copilot page](microsoft-365-copilot-page.md). ++## Plan for deployment and measure adoption, impact, and sentiment ++The myriad uses of Copilot for Microsoft 365 across the various Microsoft 365 apps provides opportunities for users to find value in different ways. ++### Accelerating adoption to get to value ++We recommend approaching adoption of Copilot by leveraging adoption. To do so: ++1. Identify users across various business groups in your organization, ideally with high usage of existing Microsoft 365 features. You can identify these users by reviewing usage metrics in the Microsoft 365 admin center. ++2. Assign these users Copilot for Microsoft 365 licenses and onboard them using the resources available on [Microsoft’s adoption hub](https://adoption.microsoft.com/), including the user onboarding kit. ++3. As these users get more comfortable with using Copilot, they should be able to speak to how they use it best, and where it’s most valuable for them. This provides you with product champions that can help other users adoption Copilot across your organization. ++With your established community of early adopters or Champions, they can better speak to their peers within their organization and contextualize the value of Copilot to best suit their needs. This framework also provides IT departments with a scalable way to handle questions through Champions, developing a team of experts across your organization. To learn more about driving adoption, visit the [Microsoft Copilot adoption hub](https://adoption.microsoft.com/Copilot/). ++The [Microsoft Copilot Dashboard (Preview) from Viva Insights](/viva/insights/org-team-insights/copilot-dashboard) helps organizations maximize the value of Copilot for Microsoft 365 by providing organizational leaders and IT decision makers insights into readiness, adoption, impact, and user sentiment. ++[Access the Microsoft Copilot Dashboard (Preview) from Viva Insights here](https://aka.ms/copilotdashboard). ++[Review this article to learn more about the Microsoft Copilot Dashboard (Preview) from Viva Insights](/viva/insights/org-team-insights/copilot-dashboard). ## More resources - [Microsoft Copilot for Microsoft 365 setup guide](https://admin.microsoft.com/Adminportal/Home?Q=learndocs#/modernonboarding/microsoft365copilotsetupguide) - [Microsoft 365 AI help and learning](https://support.microsoft.com/copilot)+- [Copilot for Microsoft 365 – Microsoft Adoption](https://adoption.microsoft.com/Copilot/) - [Microsoft Copilot for Microsoft 365 - Microsoft Community Hub](https://techcommunity.microsoft.com/t5/microsoft-365-copilot/ct-p/Microsoft365Copilot)+- [Copilot for Microsoft 365 technical documentation hub](index.yml) |
business-premium | M365bp Threats Detected Defender Av | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-threats-detected-defender-av.md | To provide threat protection, Microsoft Defender Antivirus uses several methods. To learn more about malware and Microsoft Defender Antivirus, see the following articles: -- [Understanding malware & other threats](/windows/security/threat-protection/intelligence/understanding-malware)+- [Understanding malware & other threats](/microsoft-365/security/defender-endpoint/malware/understanding-malware) - [How Microsoft identifies malware and potentially unwanted applications](/windows/security/threat-protection/intelligence/criteria) - [Next-generation protection in Windows 10](/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10) |
enterprise | Disable Access To Services With Microsoft 365 Powershell | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/disable-access-to-services-with-microsoft-365-powershell.md | Title: "Disable access to Microsoft 365 services with PowerShell" Previously updated : 12/19/2023 Last updated : 02/28/2024 audience: Admin + - azure-ad-ref-level-one-done ms.assetid: 264f4f0d-e2cd-44da-a9d9-23bef250a720 description: In this article, learn how to use PowerShell to disable access to Microsoft 365 services for users. When a Microsoft 365 account is assigned a license from a licensing plan, Micros ## Use the Microsoft Graph PowerShell SDK -First, [connect to your Microsoft 365 tenant](/graph/powershell/get-started#authentication). +>[!NOTE] +> The Azure Active Directory module is being replaced by the Microsoft Graph PowerShell SDK. You can use the Microsoft Graph PowerShell SDK to access all Microsoft Graph APIs. For more information, see [Get started with the Microsoft Graph PowerShell SDK](/powershell/microsoftgraph/get-started). ++First, use a **Microsoft Entra DC admin**, **Cloud Application Admin**, or **Global admin** account to [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md). Assigning and removing licenses for a user requires the **User.ReadWrite.All** permission scope or one of the other permissions listed in the ['Assign license' Graph API reference page](/graph/api/user-assignlicense). To see the before and after results of the procedures in this topic, see [View a To disable a specific set of Microsoft 365 services for users for a specific licensing plan, perform the following steps: -#### Step 1: Identify the undesired services in the licensing plan by using the following syntax - First list the licensing plans available in your tenant using the following command. ```powershell $addLicenses = @( Set-MgUserLicense -UserId "belinda@litwareinc.onmicrosoft.com" -AddLicenses $addLicenses -RemoveLicenses @() ``` -## Use the Microsoft Azure Active Directory module for Windows PowerShell --First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell). --Next, use this command to view your available licensing plans, also known as AccountSkuIds: --```powershell -Get-MsolAccountSku | Select AccountSkuId | Sort AccountSkuId -``` --> [!NOTE] ->PowerShell Core does not support the Microsoft Azure Active Directory module for Windows PowerShell module and cmdlets with **Msol** in their name. To continue using these cmdlets, you must run them from Windows PowerShell. --For more information, see [View licenses and services with PowerShell](view-licenses-and-services-with-microsoft-365-powershell.md). --To see the before and after results of the procedures in this topic, see [View account license and service details with PowerShell](view-account-license-and-service-details-with-microsoft-365-powershell.md). --A PowerShell script is available that automates the procedures described in this topic. Specifically, the script lets you view and disable services in your Microsoft 365 organization, including Sway. For more information, see [Disable access to Sway with PowerShell](disable-access-to-sway-with-microsoft-365-powershell.md). --### Disable specific Microsoft 365 services for specific users for a specific licensing plan - -To disable a specific set of Microsoft 365 services for users for a specific licensing plan, perform the following steps: - -#### Step 1: Identify the undesired services in the licensing plan by using the following syntax --```powershell -$LO = New-MsolLicenseOptions -AccountSkuId <AccountSkuId> -DisabledPlans "<UndesiredService1>", "<UndesiredService2>"... -``` --The following example creates a **LicenseOptions** object that disables the Office and SharePoint Online services in the licensing plan named `litwareinc:ENTERPRISEPACK` (Office 365 Enterprise E3). --```powershell -$LO = New-MsolLicenseOptions -AccountSkuId "litwareinc:ENTERPRISEPACK" -DisabledPlans "SHAREPOINTWAC", "SHAREPOINTENTERPRISE" -``` --#### Step 2: Use the **LicenseOptions** object from Step 1 on one or more users --To create a new account that has the services disabled, use the following syntax: --```powershell -New-MsolUser -UserPrincipalName <Account> -DisplayName <DisplayName> -FirstName <FirstName> -LastName <LastName> -LicenseAssignment <AccountSkuId> -LicenseOptions $LO -UsageLocation <CountryCode> -``` --The following example creates a new account for Allie Bellew that assigns the license and disables the services described in Step 1. --```powershell -New-MsolUser -UserPrincipalName allieb@litwareinc.com -DisplayName "Allie Bellew" -FirstName Allie -LastName Bellew -LicenseAssignment litwareinc:ENTERPRISEPACK -LicenseOptions $LO -UsageLocation US -``` --For more information about creating user accounts in PowerShell for Microsoft 365, see [Create user accounts with PowerShell](create-user-accounts-with-microsoft-365-powershell.md). --To disable the services for an existing licensed user, use the following syntax: --```powershell -Set-MsolUserLicense -UserPrincipalName <Account> -LicenseOptions $LO -``` --This example disables the services for the user BelindaN@litwareinc.com. --```powershell -Set-MsolUserLicense -UserPrincipalName belindan@litwareinc.com -LicenseOptions $LO -``` --To disable the services described in Step 1 for all existing licensed users, specify the name of your Microsoft 365 plan from the display of the **Get-MsolAccountSku** cmdlet (such as **litwareinc:ENTERPRISEPACK**), and then run the following commands: --```powershell -$acctSKU="<AccountSkuId>" -$AllLicensed = Get-MsolUser -All | Where {$_.isLicensed -eq $true -and $_.licenses.AccountSku.SkuPartNumber -contains ($acctSKU).Substring($acctSKU.IndexOf(":")+1, $acctSKU.Length-$acctSKU.IndexOf(":")-1)} -$AllLicensed | ForEach {Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -LicenseOptions $LO} -``` -- If you use the **Get-MsolUser** cmdlet without using the _All_ parameter, only the first 500 user accounts are returned. --To disable the services for a group of existing users, use either of the following methods to identify the users: --**Method 1. Filter the accounts based on an existing account attribute** --To do this, use the following syntax: --```powershell -$x = Get-MsolUser -All <FilterableAttributes> -$x | ForEach {Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -LicenseOptions $LO} -``` --The following example disables the services for users in the Sales department in the United States. --```powershell -$USSales = Get-MsolUser -All -Department "Sales" -UsageLocation "US" -$USSales | ForEach {Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -LicenseOptions $LO} -``` --**Method 2: Use a list of specific accounts** --To do this, perform the following steps: --1. Create a text file that contains one account on each line like this: -- ```powershell - akol@contoso.com - tjohnston@contoso.com - kakers@contoso.com - ``` -- In this example, the text file is C:\\My Documents\\Accounts.txt. --2. Run the following command: -- ```powershell - Get-Content "C:\My Documents\Accounts.txt" | foreach {Set-MsolUserLicense -UserPrincipalName $_ -LicenseOptions $LO} - ``` --If you want to disable access to services for multiple licensing plans, repeat the above instructions for each licensing plan, ensuring that: --- The user accounts have been assigned the licensing plan.-- The services to disable are available in the licensing plan.--To disable Microsoft 365 services for users while you are assigning them to a licensing plan, see [Disable access to services while assigning user licenses](disable-access-to-services-while-assigning-user-licenses.md). --### Assign all services in a licensing plan to a user account --For user accounts that have had services disabled, you can enable all services for a specific licensing plan with these commands: --```powershell -$userUPN="<user account UPN>" -$acctSKU="<AccountSkuId>" -$LO = New-MsolLicenseOptions -AccountSkuId $acctSKU -Set-MsolUserLicense -UserPrincipalName $userUPN -LicenseOptions $LO -``` - ## Related topics [Manage Microsoft 365 user accounts, licenses, and groups with PowerShell](manage-user-accounts-and-licenses-with-microsoft-365-powershell.md) |
frontline | Deploy Shifts At Scale | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/deploy-shifts-at-scale.md | To start using Shifts, frontline managers are responsible for configuring Shifts As an admin, you can now standardize these Shifts settings across all your frontline teams and manage them centrally by deploying Shifts to your frontline teams at scale in the Teams admin center. You can select which capabilities to turn on or off and create schedule groups and time-off reasons that will be set uniformly across all your frontline teams. Your frontline managers can start using Shifts straight out-of-the-box with minimal setup required. > [!IMPORTANT]-> This feature will begin rolling out for public preview in December 2023. Capabilities to edit Shifts settings configurations after the first deployment will come soon. +> This feature will begin rolling out for public preview in December 2023. ## Prerequisites As an admin, you can now standardize these Shifts settings across all your front ## Set up Shifts for your frontline teams -1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Teams** > **Manage frontline apps**. +1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Frontline deployment** > **Manage frontline apps**. 1. On the Manage frontline apps page, next to **Deploy Shifts to your teams** in the table, select **Set up**. :::image type="content" source="media/dsas-setup.png" alt-text="Screenshot of the table on the Manage frontline apps page, showing the Set up button for deploying Shifts. "lightbox="media/dsas-setup.png"::: You can choose to allow schedule owners to create and manage schedule groups or > To find the Group ID of a group, sign in to the [Azure portal](https://portal.azure.com/), select **Microsoft Entra ID**, and then choose **Groups**. Select the group you want, and then copy the value in the **Object Id** field. 1. Choose one of the following options to define how schedule groups are managed:+ > [!IMPORTANT] + > You won't be able to change your selection after you submit it for setup. + - **Schedule groups are created and managed by schedule owners**: Your schedule owners create and manage schedule groups for their teams. They can add, rename, and delete schedule groups in Shifts. - **Schedule groups are created and managed in the Teams admin center**: You create and manage the schedule group structure for Shifts. Your schedule owners won't be able to add, rename, or delete schedule groups in Shifts. With this option, you can standardize schedule groups across teams, which allows for automating workflows in Shifts across different teams. 1. If you chose the option to create and manage schedule groups in the Teams admin center, select **Add** to add schedule groups. You can choose to allow schedule owners to create and manage schedule groups or ### Review and finish setup -Review your settings. If you need to make changes, selectΓÇ»**Back**, and edit the settings that you want. When you're ready, selectΓÇ»**Finish setup**. +Review your settings. If you need to make changes, selectΓÇ»**Back**, and change the settings that you want. When you're ready, selectΓÇ»**Finish setup**. > [!NOTE] > If you havenΓÇÖt deployed through the [deploy frontline dynamic teams](deploy-dynamic-teams-at-scale.md) experience in the Teams admin center, there may be an error after you finish the setup wizard. If an error occurs, wait 15 minutes and try again. When setup is completed, youΓÇÖre ready to deploy Shifts to your frontline teams :::image type="content" source="media/dsas-deploy-completed.png" alt-text="Screenshot of the table on the Manage frontline apps page, showing a deployment status of Deployed. "lightbox="media/dsas-deploy-completed.png"::: - You can repeat this process to deploy Shifts to any of your frontline teams that don't already have it deployed. Keep in mind that you can't redeploy Shifts to teams that already have Shifts enabled. The capability to edit Shifts settings configurations for your teams after the first deployment will be supported in the future. + You can repeat this process to deploy Shifts to any of your frontline teams that don't already have it deployed. Keep in mind that you can't redeploy Shifts to teams that already have Shifts enabled. ++## Edit Shifts settings ++1. If you want to edit the Shifts settings that you set previously, select **Deploy Shifts to your teams**. This allows you to edit Shifts settings for teams you already deployed Shifts to and for teams you deploy Shifts to in the future. ++ :::image type="content" source="media/dsas-deploy-completed.png" alt-text="Screenshot of the table on the Manage frontline apps page, showing the Deploy Shifts to your teams option. "lightbox="media/dsas-deploy-completed.png"::: ++1. You'll see all your Shifts settings including shift request settings, time-off reasons, schedule owner group ID, and schedule group settings. ++ :::image type="content" source="media/dsas-edit-settings.png" alt-text="Screenshot of the Shifts settings page for editing Shifts settings" lightbox="media/dsas-edit-settings.png"::: ++ - You can turn on or turn off shift request settings, time-off requests, and clock in/clock out by switching the toggles to **On** or **Off**. ++ - You can add, edit, and delete time-off reasons as you did during initial setup. However, you can't edit the time-off codes for the time-off reasons that you set previously. ++ - You can change the schedule owner group ID that identifies the group that contains all schedule owners. ++ - You wonΓÇÖt be able to change your schedule group management selection from **Schedule groups are created and managed by schedule owners** to **Schedule groups are created and managed in the Teams admin center** or vice versa. If you previously chose the option to create and manage schedule groups in the Teams admin center, you can add, edit, and delete schedule groups as you did during initial setup. However, you can't edit the schedule group codes for any of the schedule groups that you set previously. ++1. After you make your edits, choose **Apply**. This action applies the changes to all teams that you already deployed Shifts to. These Shifts settings are also applied to any new teams you deploy Shifts to. ## Troubleshoot errors If an error occurred during the deployment process, the status in the table shows as **Error** after you refresh the Manage frontline apps page. -Select the link to download an error CSV file and use the information in it to help resolve the errors. Then, rerun the [deployment experience](#deploy-shifts-to-your-frontline-teams). +Select the link to download an error CSV file and use the information in it to help resolve the errors. If any errors occurred during setup of your Shifts settings, choose **Deploy Shifts to your teams** to resubmit or edit your Shifts settings. Then, rerun the [deployment experience](#deploy-shifts-to-your-frontline-teams). ## Related articles |
frontline | Teams For Financial Services | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/teams-for-financial-services.md | searchScope: appliesto: - Microsoft Teams - Microsoft 365 for frontline workers Previously updated : 02/07/2024 Last updated : 02/29/2024 # Get started with Microsoft 365 for Financial Services Employee engagement is a significant contributor to workplace satisfaction, loya More information: [Corporate communications with frontline workers](flw-corp-comms.md) > [!NOTE]-> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 enterprise plans, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. +> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. ## Configure services and apps For financial services environments, the following apps and services can help yo | Chat | Enable quick conversations between staff with chat in Teams. | [Chat, teams, channels & apps in Teams](/microsoftteams/deploy-chat-teams-channels-microsoft-teams-landing-page) | [Chat in Teams](https://support.microsoft.com/office/start-and-pin-chats-a864b052-5e4b-4ccf-b046-2e26f40e21b5?wt.mc_id=otc_microsoft_teams) | | Documents and files | Share standard operating procedures, regulatory compliance policies, company policies, and financial product fact sheets. | [Teams and SharePoint integration](/sharepoint/teams-connected-sites) | [Share files](https://support.microsoft.com/office/upload-and-share-files-57b669db-678e-424e-b0a0-15d19215cb12) | | Praise | Recognize coworkers for great teamwork with the Praise app. | [Manage the Praise app](/microsoftteams/manage-praise-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Send Praise to people](https://support.microsoft.com/office/send-praise-to-people-50f26b47-565f-40fe-8642-5ca2a5ed261e) |-| Shifts | Manage schedules and clock in and out with Shifts. | [Manage the Shifts app](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | +| Shifts | Create and manage schedules and clock in and out with Shifts. | [Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | | Tasks | Help employees know what they should focus on when not with customers by assigning tasks. Your corporate office can use [task publishing](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json#task-publishing) to send out tasks to locations and track progress across those locations. | [Manage the Tasks app](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070) | | Updates | Check in on recurring or one-off priorities such as daily counts. Managers can create templates for employees to fill out and submit. | [Manage the Updates app](/microsoftteams/manage-updates-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Updates](https://support.microsoft.com/office/get-started-in-updates-c03a079e-e660-42dc-817b-ca4cfd602e5a) | | Virtual Appointments| Schedule and manage virtual consultations with clients, view analytics, and more, in the Virtual Appointments app.| [Manage the Virtual Appointments app](/microsoftteams/manage-virtual-appointments-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [What is the Virtual Appointments app?](https://support.microsoft.com/topic/22df0079-e6d9-4225-bc65-22747fb2cb5f) | |
frontline | Teams For Manufacturing | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/teams-for-manufacturing.md | searchScope: appliesto: - Microsoft Teams - Microsoft 365 for frontline workers Previously updated : 02/07/2024 Last updated : 02/29/2024 # Get started with Microsoft 365 for Manufacturing Empower your frontline workforce with digital tools and modern devices that offe ## Choose your scenarios -Microsoft 365 and Microsoft Teams offers capabilities that help manufacturing organizations enhance productivity in their daily operations and digital transformation. We recommend the following scenarios for manufacturers: +Microsoft 365 and Microsoft Teams offer capabilities that help manufacturing organizations enhance productivity in their daily operations and digital transformation. We recommend the following scenarios for manufacturers: - [Connect and engage your workforce](#connect-and-engage-your-workforce) - [Enhance workforce management](#enhance-workforce-management) Microsoft 365 and Microsoft Teams offers capabilities that help manufacturing or - [Onboard and train employees](#onboard-and-train-employees) > [!NOTE]-> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 enterprise plans, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. +> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. ### Connect and engage your workforce For manufacturing environments, the following apps and services can help you tra | Chat | Enable quick conversations between staff and managers with secure chat in Teams. | [Chat, teams, channels & apps in Microsoft Teams](/microsoftteams/deploy-chat-teams-channels-microsoft-teams-landing-page) | [Chat in Teams](https://support.microsoft.com/office/start-and-pin-chats-a864b052-5e4b-4ccf-b046-2e26f40e21b5?wt.mc_id=otc_microsoft_teams) | | Documents and files | Share standard operating procedures, manuals, diagrams, inspection records, and more. | [Teams and SharePoint integration](/sharepoint/teams-connected-sites) | [Share files](https://support.microsoft.com/office/upload-and-share-files-57b669db-678e-424e-b0a0-15d19215cb12) | | Praise | Recognize coworkers for great teamwork with the Praise app. | [Manage the Praise app](/microsoftteams/manage-praise-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Send Praise to people](https://support.microsoft.com/office/send-praise-to-people-50f26b47-565f-40fe-8642-5ca2a5ed261e) |-| Shifts | Manage schedules and clock in and out with Shifts. | [Manage the Shifts app](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | +| Shifts | Create and manage schedules and clock in and out with Shifts. |[Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | | Tasks | Supervisors can assign tasks to let workers know what to focus on. Your organization's central office can use [task publishing](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json#task-publishing) to send out tasks to locations and track progress across those locations. | [Manage the Tasks app](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070) | | Updates | Check in on recurring and one-off priorities such as machinery repairs and inspections. Supervisors can create templates for employees to fill out and submit. | [Manage the Updates app](/microsoftteams/manage-updates-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Updates](https://support.microsoft.com/office/get-started-in-updates-c03a079e-e660-42dc-817b-ca4cfd602e5a) | | Viva Connections | Viva Connections creates an experience in Teams that connects employees with tools, news, and resources. Employees can view a tailored news feed from your organization and a personalized dashboard with the resources they need. For example, you could create a Manuals card so your operators can easily find all the necessary manuals. | [Overview of Viva Connections](/viva/connections/viva-connections-overview) | [Use Viva Connections](https://support.microsoft.com/office/your-intranet-is-now-in-microsoft-teams-8b4e7f76-f305-49a9-b6d2-09378476f95b) | |
frontline | Teams For Retail Landing Page | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/teams-for-retail-landing-page.md | searchScope: appliesto: - Microsoft Teams - Microsoft 365 for frontline workers Previously updated : 02/07/2024 Last updated : 02/29/2024 # Get started with Microsoft 365 for retail organizations Make new employee onboarding a great experience by fostering an all-in-one hybri More information: [Onboard new employees](flw-onboarding-training.md) > [!NOTE]-> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 enterprise plans, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. +> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. ## Configure services and apps For retail environments, the following apps and services can help you transform | Documents | Share standard operating procedures, store policies, plans, and more. | [Teams and SharePoint integration](/sharepoint/teams-connected-sites) | [Share files](https://support.microsoft.com/office/upload-and-share-files-57b669db-678e-424e-b0a0-15d19215cb12) | | Praise | Recognize coworkers for great teamwork with the Praise app. | [Manage the Praise app](/microsoftteams/manage-praise-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Send Praise to people](https://support.microsoft.com/office/send-praise-to-people-50f26b47-565f-40fe-8642-5ca2a5ed261e) | | RealWear devices | Handsfree communication with devices. | [Microsoft Teams for RealWear](/microsoftteams/flw-realwear?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Microsoft Teams for RealWear](https://support.microsoft.com/office/using-microsoft-teams-for-realwear-af20d232-d18c-476f-8031-843a4edccd5f) |-| Shifts | Manage schedules and clock in and out with Shifts. | [Manage the Shifts app](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | +| Shifts | Create and manage schedules and clock in and out with Shifts. | [Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) | | Tasks | Help employees know what they should focus on when not with customers by assigning tasks. Operations can use [task publishing](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json#task-publishing) to send out tasks to locations and track progress across those locations. | [Manage the Tasks app](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070) | | Updates | Check in on recurring or one-off priorities such as daily cleaning. Managers can create templates for employees to fill out and submit. | [Manage the Updates app](/microsoftteams/manage-updates-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Updates](https://support.microsoft.com/office/get-started-in-updates-c03a079e-e660-42dc-817b-ca4cfd602e5a) | | Walkie Talkie | Instant push-to-talk communication that's not constrained by geography like standard two-way radios.| [Manage the Walkie Talkie app](/microsoftteams/walkie-talkie?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) | [Use Walkie Talkie](https://support.microsoft.com/office/get-started-with-teams-walkie-talkie-25bdc3d5-bbb2-41b7-89bf-650fae0c8e0c) | |
frontline | Teams In Hc | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/teams-in-hc.md | description: Learn about the telemedicine features in Microsoft 365 and Microsof - seo-marvel-apr2020 - seo-marvel-jun2020 Previously updated : 03/15/2023 Last updated : 02/29/2024 # Get started with Microsoft 365 for healthcare organizations -Microsoft 365 and Microsoft Teams offer a number of telemedicine features useful for hospitals and other Healthcare organizations. Teams features are under development to aid hospitals with: +Microsoft 365 and Microsoft Teams offer a number of telemedicine features useful for hospitals and other healthcare organizations. - Virtual Appointments and Electronic Healthcare Record (EHR) integration-- Teams policy packages-- Secure messaging-- Teams templates+- Teams policy packages for healthcare +- Messaging +- Team templates for healthcare - Care coordination and collaboration > [!NOTE] > This functionality is also part of Microsoft Cloud for Healthcare. Learn more about using this solution, which brings together capabilities from Azure, Dynamics 365, and Microsoft 365 at [Microsoft Cloud for Healthcare](/industry/healthcare). -Watch the following video to learn more about using the healthcare collection to enhance health team collaboration in Teams. +<!-- Watch the following video to learn more about using the healthcare collection to enhance health team collaboration in Teams. -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4Hqan] +> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4Hqan]--> -To get the most benefit for your healthcare organization, you first choose which scenarios Microsoft 365 and Microsoft Teams can help you with in your day-to-day activities, and then make sure that you prepare your Teams environment with the right fundamentals, teams, and apps to support those scenarios. +To get the most benefit for your healthcare organization, first choose which scenarios Microsoft 365 and Teams can help you with in your day-to-day activities, and then make sure that you prepare your Teams environment with the right fundamentals, teams, and apps to support those scenarios. 1. [Choose your scenarios](#scenarios-for-healthcare) you want to implement.-2. [Set up Microsoft 365](flw-setup-microsoft-365.md) - Set up Microsoft 365's core elements, Microsoft Teams, and any other services you need. -3. [Configure services and apps](flw-setup-microsoft-365.md#step-7-configure-apps-for-your-scenario) - Use team templates to set up the teams you need quickly, including the channels and apps you need for your business. Add in other apps from Microsoft as needed to support your scenarios. +2. [Set up Microsoft 365](flw-setup-microsoft-365.md) - Set up Microsoft 365, Teams, and any other services you need. +3. [Configure services and apps](flw-setup-microsoft-365.md#step-7-configure-apps-for-your-scenario) - Use team templates to set up the teams you need quickly, including the channels and apps you need. Add in other apps from Microsoft as needed to support your scenarios. ## Scenarios for healthcare The following scenarios support these goals: | Scenario | Description | Requirements | | -- | -- | -- |-| [Virtual Appointments](virtual-appointments.md) | Schedule, manage, and conduct virtual appointments with patients. This scenario connects Teams and the Oracle Health or Epic platform to support virtual appointments. | Active subscription to Microsoft Cloud for Healthcare or subscription to Microsoft Teams EHR connector standalone offer. <br> Users must have an appropriate Microsoft 365 or Office 365 license that includes Teams meetings*. <br> Organizations must have Oracle Health version November 2018 or later or Epic version November 2018 or later. <br>Details for [Oracle Health EHR](ehr-admin-oracle-health.md#before-you-begin) and [Epic EHR](ehr-admin-epic.md#before-you-begin) requirements | -| [Team communication and collaboration](flw-team-collaboration.md) |Help your frontline workforce communicate within their store, shift, or team with Microsoft Teams. Viva Connections helps you create a dashboard that puts the information they need front and center on their devices, so they can reach out whenever they need to. |Users must have an appropriate license to use Microsoft Teams apps.* | -| [Engage your employees and focus on employee wellbeing](flw-wellbeing-engagement.md) | Build deeper connections across your organization and create an inclusive workplace. |Users must have an appropriate license to use Microsoft Teams apps.* | -| [Schedule your teams with Shifts](shifts-for-teams-landing-page.md) |Use Shifts and Shifts Connectors to schedule your team and connect with your workforce management tools. |Users must have an appropriate license to use Microsoft Teams apps.* | -| [Simplify business processes](simplify-business-processes.md) | Use task publishing to create standard processes across sites, lists to manage information and track ongoing processes, and streamline requests with Approvals. Automated workflows can speed up and automate actions, like collecting data or routing notifications. |Users must have an appropriate license to use Microsoft Teams apps.* To use Power Apps and Power Automate, users will need an appropriate license.**| +| [Virtual Appointments](virtual-appointments.md) | Schedule, manage, and conduct virtual appointments with patients. This scenario connects Teams and the Oracle Health or Epic platform to support virtual appointments. | Active subscription to Microsoft Cloud for Healthcare or subscription to Microsoft Teams EHR connector standalone offer. <br> Users must have an appropriate Microsoft 365 or Office 365 license that includes Teams meetings. <br> See also [Integration into Oracle Health EHR](ehr-admin-oracle-health.md#before-you-begin) or [Integration into Epic EHR](ehr-admin-epic.md#prerequisites). | +| [Team communication and collaboration](flw-team-collaboration.md) |Bring your health teams together to communicate, collaborate, and streamline operations with Teams. Viva Connections helps you create a dashboard that puts the information they need front and center on their devices, so they can reach out whenever they need to. |Users must have an appropriate license to use Teams apps.* | +| [Engage your employees and focus on employee wellbeing](flw-wellbeing-engagement.md) | Build deeper connections across your organization and create an inclusive workplace. |Users must have an appropriate license to use Teams apps.* | +| [Schedule your teams with Shifts](shifts-for-teams-landing-page.md) |Create and manage schedules for your teams in Shifts.|Users must have an appropriate license to use Teams apps.* | +| [Simplify business processes](simplify-business-processes.md) | Use task publishing to create standard processes across sites, lists to manage information and track ongoing processes, and streamline requests with Approvals. Automated workflows can speed up and automate actions, like collecting data or routing notifications. |Users must have an appropriate license to use Teams apps.* To use Power Apps and Power Automate, users need an appropriate license.*| -*Office 365 A3, A5, E3, E5, F1, F3, Microsoft 365 A3, A5, E3, and E5, Business Standard are supported. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams/user-access). -**Office 365 E1, E3, E5, F3, Microsoft 365 E3, E5, F3. -For a detailed comparison of what's included in Microsoft 365 with various licenses, see this [Comparison table](https://go.microsoft.com/fwlink/?linkid=2139145). +> [!NOTE] +> *For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table. Depending on your business needs, you can choose to incorporate more [scenarios](flw-choose-scenarios.md) for Microsoft 365 for frontline workers. Use the following poster to start envisioning what your organization can do with | Item | Description | |:--|:--|-|[![Microsoft 365 for frontline workers: Healthcare scenarios.](media/m365-frontline-healthcare-thumb.png)](https://go.microsoft.com/fwlink/?linkid=2206475) <br/> [PDF](https://go.microsoft.com/fwlink/?linkid=2206475) \| [Visio](https://go.microsoft.com/fwlink/?linkid=2206474) <br>Updated September 2022 |This poster provides an overview of the scenarios you can implement for your frontline workforce in a healthcare setting.| +|[![Microsoft 365 for frontline workers: Healthcare scenarios.](media/m365-frontline-healthcare-thumb.png)](https://go.microsoft.com/fwlink/?linkid=2206475) <br/> [PDF](https://go.microsoft.com/fwlink/?linkid=2206475) \| [Visio](https://go.microsoft.com/fwlink/?linkid=2206474) <br>Updated January 2024 |This poster provides an overview of the scenarios you can implement for your frontline workforce in a healthcare setting.| ## Provide seamless virtual visits -Use the complete meetings platform in Teams to schedule, manage, and conduct virtual appointments with patients. +Use the complete meetings platform in Teams to schedule, manage, and conduct virtual appointments with patients and other providers. -- If your organization already uses an Electronic Health Record (EHR) system, you can integrate Teams for a more seamless experience. Teams Electronic Health Record (EHR) connector makes it easy for clinicians to launch a virtual patient appointment or consultation with another provider in Teams directly from the EHR system. To learn more, see [Virtual Appointments with Teams - Integration into Oracle Health EHR](ehr-admin-oracle-health.md) and [Virtual Appointments with Teams - Integration into Epic EHR](ehr-admin-epic.md).+- If your organization already uses an EHR system, you can integrate Teams for a more seamless experience. Teams EHR connector makes it easy for clinicians to launch a virtual appointment with a patient or a consultation with another provider in Teams directly from the EHR system. To learn more, see [Virtual Appointments with Teams - Integration into Oracle Health EHR](ehr-admin-oracle-health.md) and [Virtual Appointments with Teams - Integration into Epic EHR](ehr-admin-epic.md). - If you aren't using a supported EHR system, you can use the Virtual Appointments app in Teams. To learn more, see [Virtual Appointments with Teams](virtual-appointments.md). -![Virtual Appointments with Microsoft Teams.](media/virtual-visits-teams.png) ## Connect and engage the healthcare workforce Bring your health team together to coordinate care and collaborate with Teams. -![Screenshot of Healthcare: Collaborate with your health team in Teams.](media/teams-healthcare-collaborate-in-teams.png) -Teams enables physicians, clinicians, nurses, and other staff to collaborate efficiently with included collaboration features in Teams, such as: +Teams enables physicians, clinicians, nurses, and other staff to collaborate efficiently with collaboration features in Teams. - Set up teams and channels for your health teams and information workers. Use channels with tabs as a way to structure their work, with additional help from tabs to which they can pin information sources. - Chat, post messages, and communicate. Your team can have persistent conversations about different patients needing attention. - Call and meet with members of the health team. Set up individual meetings, or use channel meetings to manage daily meetings, both with the power of Teams audio, video, screen sharing, recording, and transcription features. - Store and share files and documents. Your health team is part of a single virtualized team that works and collaborates on Office documents. -### Secure messaging +### Messaging for healthcare organizations -Secure messaging supports collaboration within health teams, including several new features: +Messaging policies in Teams are used to control which chat and channel messaging features are available to users. You can edit the settings in the global (Org-wide default) policy or create and assign custom messaging policies to turn on or turn off the features that you want. -- A message sender can set a special priority for their message, so the recipient is repeatedly notified until they read the message.-- A message sender can request a read receipt, so they are notified when a message they sent was read by the message recipient.+For example, consider enabling the following messaging features for your health teams: -Together, these features allow quicker attention to urgent messages and confidence that the message was received and read. New health teams using these features can be created on a per-patient basis. These features are policy-based, and can be assigned to individuals or entire Teams. +- Users can send urgent messages using priority notifications, so the recipient is repeatedly notified until they read the message. +- Users can use read receipts to know when the chat messages they send are read by the recipient. -To learn more, see [Get started with Secure Messaging policies for Healthcare organizations](messaging-policies-hc.md). +Together, these features allow quicker attention to urgent messages and confidence that the message was received and read. -Also related to secure messaging is the ability to have other tenants federated by Healthcare organizations, allowing richer inter-tenant communication. To learn more, see [Manage external meetings and chat in Microsoft Teams](/microsoftteams/manage-external-access). +To learn more, see [Manage messaging policies in Teams](/microsoftteams/messaging-policies-in-teams) and [Messaging policies for healthcare organizations](messaging-policies-hc.md). ### Coordinate over email with Exchange Online You can also set up shared mailboxes to allow for incoming mail from customers ( Unburden and empower your teams with seamless shift scheduling, task management, and workflow automation so they can focus on what matters. -### Teams policy packages +### Teams policy packages for healthcare Apply Teams policy packages to define what different roles can do in Teams. For example, specify policies for: Apply Teams policy packages to define what different roles can do in Teams. For To learn more, see [Teams policy packages for healthcare](/microsoftteams/policy-packages-healthcare?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). -### Teams templates for healthcare organizations +### Team templates for healthcare organizations ++Team templates allow you to quickly create teams by providing a predefined team structure of settings, channels, and preinstalled apps. Teams includes templates designed specifically for healthcare organizations, making it easier to create teams for staff to communicate and collaborate on patient care or operational needs. -Teams includes templates designed specifically for healthcare organizations, making it easier to create teams for staff to communicate and collaborate on patient care or operational needs. To learn more, see [Use healthcare team templates](/microsoftteams/expand-teams-across-your-org/healthcare/healthcare-templates-admin-console?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). +To learn more, see [Use healthcare team templates](/microsoftteams/expand-teams-across-your-org/healthcare/healthcare-templates-admin-console?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). ### Share lists and track information with the Lists app -The Lists app in Teams helps teams track information and organize work. The app is pre-installed for all Teams users and is available as a tab in every team and channel. Lists can be created from scratch, from predefined templates, or by importing data to Excel. +The Lists app in Teams helps teams track information and organize work. The app is preinstalled for all Teams users and is available as a tab in every team and channel. Lists can be created from scratch, from predefined templates, or by importing data to Excel. Health teams can use the Patients template to get started. They can create lists to track the needs and status of patients. Existing patient data on Excel spreadsheets can be brought in to create a list in Teams. These lists can be used for scenarios such as rounds and patient monitoring to coordinate care. -For example, a charge nurse creates a patient list in a team that includes all health team members. During rounds, the health team access Teams on their mobile devices and update patient information in the list, which everyone on the team can view to stay in sync. At rounding sessions where the health team gathers to discuss and evaluate key health performance metrics to ensure a patient is on the right glide path to discharge, they can share this information using Teams on a large display screen. health team members who aren't on site can join remotely. +For example, a charge nurse creates a patient list in a team that includes all health team members. During rounds, the health team access Teams on their mobile devices and update patient information in the list, which everyone on the team can view to stay in sync. At rounding sessions where the health team gathers to discuss and evaluate key health performance metrics to ensure a patient is on the right glide path to discharge, they can share this information using Teams on a large display screen. Health team members who aren't on site can join remotely. -Here's an example list which was set up for patient rounding. +Here's an example list, which was set up for patient rounding. To learn more, see [Manage the Lists app for your organization in Teams](/microsoftteams/manage-lists-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). To learn more, see [Manage the Lists app for your organization in Teams](/micros Use [Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070) in Teams to track to do items for your whole health team. Your health team can create, assign, and schedule tasks, categorize tasks, and update status at any time, from any device running Teams. IT pros and admins can also publish tasks to specific teams for your organization. For example, you could publish a set of tasks for new safety protocols or a new intake step to be used across a hospital. -To learn more, see [Manage the Tasks app for your organization in Microsoft Teams](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) +To learn more, see [Manage the Tasks app for your organization in Microsoft Teams](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). ### Streamline approvals with the Approvals app -Use [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3) to streamline all of your requests and processes with your team. Create, manage, and share approvals directly from your hub for teamwork. Start an approval flow from the same place you send a chat, in a channel conversation, or from the Approvals app itself. Just select an approval type, add details, attach files, and choose approvers. Once submitted, approvers are notified and can review and act on the request. +Use [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3) to streamline all your requests and processes with your team. Create, manage, and share approvals directly from your hub for teamwork. Start an approval flow from the same place you send a chat, in a channel conversation, or from the Approvals app itself. Just select an approval type, add details, attach files, and choose approvers. Once submitted, approvers are notified and can review and act on the request. You can allow the Approvals app for your organization and add it to your teams. To learn more, see [Manage the Approvals app](/microsoftteams/approval-admin?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). -### Create, manage, and share schedules with the Shifts app and Frontline Worker integration +### Create, manage, and share schedules with the Shifts app -Teams integrates with the Shifts app and Frontline Worker, which can be used to coordinate shift staffing features and more. For example, in Shifts, Nurse managers can set up and coordinate schedules for their staff, and nurses can check schedules and swap shifts. +Create and manage schedules for your health teams with Shifts. For example, nurse managers can set up and manage schedules for their staff. They can assign shifts, add open shifts, and approve shift requests from nurses on their team. Nurses can check their own and their team's schedule, request to swap or offer a shift, and more. -To learn more, see [Manage the Shifts app for your organization in Microsoft Teams](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json). +To learn more, see [Shifts for frontline workers](shifts-for-teams-landing-page.md). ## Help your clinical and information workers get going with Teams There are many resources available to help all of the users in your organization get comfortable with using Teams: -- Visit the [Teams adoption center](https://adoption.microsoft.com/microsoft-teams/) for advice on rolling out Teams if you are just starting your organization's journey with Teams, or expanding Teams into more areas of your organization.-- Consider setting up custom [learning pathways](https://adoption.microsoft.com/microsoft-365-learning-pathways/) for your users to cover just the tasks they need to do.-- Get help and training for your users on how to perform basic tasks in Teams on the [Teams support site](https://support.microsoft.com/teams), including [quick training videos](https://support.microsoft.com/office/microsoft-teams-video-training-4f108e54-240b-4351-8084-b1089f0d21d7). This site also has help and training for the Teams apps, including [Lists](https://support.microsoft.com/office/get-started-with-lists-in-teams-c971e46b-b36c-491b-9c35-efeddd0297db), [Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070), [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3), [Bookings](https://support.microsoft.com/office/what-is-bookings-42d4e852-8e99-4d8f-9b70-d7fc93973cb5), and [Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821).+- Check out the [Teams adoption center](https://adoption.microsoft.com/microsoft-teams/) for advice on rolling out Teams if you're just starting your organization's journey with Teams, or expanding Teams to more areas of your organization. +- Get help and training for your users on how to perform basic tasks in Teams on the [Teams help & learning site](https://support.microsoft.com/teams), including [quick training videos](https://support.microsoft.com/office/microsoft-teams-video-training-4f108e54-240b-4351-8084-b1089f0d21d7). This site also has help and training for the Teams apps, including [Virtual Appointments](https://support.microsoft.com/office/what-is-virtual-appointments-22df0079-e6d9-4225-bc65-22747fb2cb5f), [Lists](https://support.microsoft.com/office/get-started-with-lists-in-teams-c971e46b-b36c-491b-9c35-efeddd0297db), [Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070), [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3), and [Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821). |
loop | Loop Components Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-components-configuration.md | In case you create a new policy configuration or change the configuration for an ## Settings management for Loop functionality in Teams -You'll need the latest version of SharePoint PowerShell module to enable or disable Loop experiences in Teams. Loop components default to **ON** for all organizations. Because Loop components are designed for collaboration, the components are always shared as editable by others, even if your organization is set to create shareable links that have **view-only** permissions as the default value for other file types. For more information, see the **Learn more** link next to the setting. +You'll need the [latest version of SharePoint PowerShell module](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online) to enable or disable Loop experiences in Teams. Loop components default to **ON** for all organizations. Because Loop components are designed for collaboration, the components are always shared as editable by others, even if your organization is set to create shareable links that have **view-only** permissions as the default value for other file types. For more information, see the **Learn more** link next to the setting. |Experience |SharePoint organization properties |Notes | |||| |
loop | Loop Preview Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-preview-configuration.md | + Last updated : 02/29/2024 + Title: "Manage Loop app preview" ++++++recommendations: true +audience: Admin +f1.keywords: +- NOCSH ++ms.localizationpriority: medium +++- Strat_SP_admin +- Microsoft 365-collaboration +- Tier3 +- essentials-manage +search.appverid: +- SPO160 +- MET150 +description: "Learn how to manage access to the Loop app preview." +++# Manage Loop app preview access ++This article details the Cloud Policy setting used to gate access to the Loop app preview experiences within your organization. ++## User experience expectations when admin settings are configured ++When a user account in your organization is provided access to the Loop app preview experience, they can choose between the standard or the preview experience. These users default to preview for each Loop app session and are able to manually switch to standard if needed. ++## Microsoft 365 Groups for Cloud Policy ++If you want to scope the Cloud Policy settings to only some users in your tenant, you must create or use an existing Microsoft 365 group that defines which users in your organization this policy applies to. To create a Microsoft 365 group, see [Create a Microsoft 365 group](/microsoft-365/admin/create-groups/create-groups). ++> [!NOTE] +> This section isn't required if you choose to apply the Loop settings to all the users in your tenant. ++You are able to use this group for the Cloud Policy setup procedure specified in [Configuring preview user accounts in Cloud Policy](#configuring-preview-user-accounts-in-cloud-policy). ++If you prefer, you can also create other types of groups to use with Cloud Policy. For more information, see [learn more about creating groups in the Microsoft 365 admin center](/microsoft-365/admin/email/create-edit-or-delete-a-security-group) or [learn more about creating dynamic groups in AzureAD](/azure/active-directory/external-identities/use-dynamic-groups). ++## Configuring preview user accounts in Cloud Policy ++The Loop app oreview gate checks the following [Cloud Policy](/deployoffice/admincenter/overview-cloud-policy) setting: ++- **Enable preview features for Loop** ++1. Sign in to [https://config.office.com](https://config.office.com) with your Microsoft 365 admin credentials. +1. Select **Customization** from the left pane. +1. Select **Policy Management**. +1. Create a new policy configuration or edit an existing one. +1. From the **Choose the scope** dropdown list, choose either **All users** or select the group for which you want to apply the policy. For more information, See [Microsoft 365 Groups for Cloud Policy](#microsoft-365-groups-for-cloud-policy). +1. In **Configure Settings**, choose one of the following settings: + - For **Enable preview features for Loop**: + - **Enabled**: Loop app preview experience is available to the users. + - **Disabled**: Loop app preview experience isn't available to the users. + - **Not configured**: Loop app preview experience isn't available to the users. +1. Save the policy configuration. +1. Reassign priority for any security group, if necessary. (If two or more policy configurations are applicable to the same set of users, the one with the higher priority is applied.) ++In case you create a new policy configuration or change the configuration for an existing policy, there can be a delay in the change being reflected as described: ++- If there were existing policy configurations before the change, then it takes 90 mins for the change to be reflected. +- If there were no policy configurations before the change, then it takes 24 hours for the change to be reflected. ++## Related topics ++- [Get started with Microsoft Loop - Microsoft Support](https://support.microsoft.com/office/get-started-with-microsoft-loop-9f4d8d4f-dfc6-4518-9ef6-069408c21f0c) +- [Manage Loop workspace experiences in SharePoint Embedded](/microsoft-365/loop/loop-workspaces-configuration) +- [Manage Loop components in OneDrive and SharePoint](/microsoft-365/loop/loop-components-configuration) |
loop | Loop Workspaces Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-workspaces-configuration.md | Just like other Microsoft 365 experiences, Loop also uses core services across S ### License requirements -Licensing through the new Loop with workspaces service plan covers the creation of new workspaces. If these requirements are not met, users will experience failures in the Loop app; won't receive notifications or signals when they collaborate and update; and encounter failures in other experiences also. +Licensing through the new Loop with workspaces service plan covers the creation of new workspaces and management of workspace members. The full set of experiences enabled and the specific licenses that include the Loop with workspaces service plan are covered in [Loop access via Microsoft 365 subscriptions](https://support.microsoft.com/office/loop-access-via-microsoft-365-subscriptions-92915461-4b14-49a4-9cd4-d1c259292afa). ### WebSocket connections The Loop app checks the following Cloud Policy setting to see if workspaces are To configure this Cloud Policy setting, perform the following steps: -1. Sign in to https://config.office.com/ with your Microsoft 365 admin credentials. +1. Sign in to [https://config.office.com](https://config.office.com) with your Microsoft 365 admin credentials. 1. Select **Customization** from the left pane. 1. Select **Policy Management**. 1. Create a new policy configuration or edit an existing one. To configure this Cloud Policy setting, perform the following steps: 1. Reassign priority for any security group, if necessary. (If two or more policy configurations are applicable to the same set of users, the one with the higher priority is applied.) In case you create a new policy configuration or change the configuration for an existing policy, there will be a delay in the change being reflected:-- If there were existing policy configurations prior to the change, then it takes 90 mins for the change to be reflected.-- If there were no policy configurations prior to the change, then it takes 24 hours for the change to be reflected. -> [!NOTE] -> In order to target only a group of users in your organization to be able to create and view Loop content in workspaces, create a second group that targets All users, set this group to Disabled, and make it a lower priority than your target group that is set to Enabled. This will override the default Not Configured state to Disabled for all users but your target group. +- If there were existing policy configurations before the change, then it takes 90 mins for the change to be reflected. +- If there were no policy configurations before the change, then it takes 24 hours for the change to be reflected. +> [!NOTE] +> In order to target only a group of users in your organization to be able to create and view Loop content in workspaces, create a second group that targets All users, set this group to Disabled, and make it a lower priority than your target group that is set to Enabled. This will override the default Not Configured state to Disabled for all users but your target group. ## Related topics |
security | Behavioral Blocking Containment | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/behavioral-blocking-containment.md | Last updated 12/18/2020 ## Overview -Today's threat landscape is overrun by [fileless malware](/windows/security/threat-protection/intelligence/fileless-threats) and that lives off the land, highly polymorphic threats that mutate faster than traditional solutions can keep up with, and human-operated attacks that adapt to what adversaries find on compromised devices. Traditional security solutions aren't sufficient to stop such attacks; you need artificial intelligence (AI) and device learning (ML) backed capabilities, such as behavioral blocking and containment, included in [Defender for Endpoint](/windows/security). +Today's threat landscape is overrun by [fileless malware](/microsoft-365/security/defender-endpoint/malware/fileless-threats) and that lives off the land, highly polymorphic threats that mutate faster than traditional solutions can keep up with, and human-operated attacks that adapt to what adversaries find on compromised devices. Traditional security solutions aren't sufficient to stop such attacks; you need artificial intelligence (AI) and device learning (ML) backed capabilities, such as behavioral blocking and containment, included in [Defender for Endpoint](/windows/security). Behavioral blocking and containment capabilities can help identify and stop threats, based on their behaviors and process trees even when the threat has started execution. Next-generation protection, EDR, and Defender for Endpoint components and features work together in behavioral blocking and containment capabilities. |
security | Configure Cloud Block Timeout Period Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md | The default period that the file is [blocked](configure-block-at-first-sight-mic [Block at first sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) and its prerequisites must be enabled before you can specify an extended timeout period. -## Specify the extended timeout period using Microsoft Defender for Endpoint with Endpoint security policies +## Specify the extended timeout period using Microsoft Defender for Endpoint Security settings management -To specify the cloud block timeout period with the Endpoint security policies in Defender for Endpoint: +To specify the cloud block timeout period with Microsoft Defender for Endpoint Security settings management: 1. Go to the Microsoft Defender for Endpoint portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in. 2. Select **Endpoints** > **Configuration management** > **Endpoint security policies**. |
security | Configure Endpoints Script | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-endpoints-script.md | search.appverid: met150 + ms.localizationpriority: medium audience: ITPro Last updated 08/31/2023 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-configureendpointsscript-abovefoldlink) -You can also manually onboard individual devices to Defender for Endpoint. You might want to do this first when testing the service before you commit to onboarding all devices in your network. +You can also manually onboard individual devices to Defender for Endpoint. You might want to onboard some devices when you're testing the service before you commit to onboarding all devices in your network. > [!IMPORTANT]-> This script has been optimized for use on up to ten devices. -> Local scripting is a special onboarding method for evaluating Microsoft Defender for Endpoint. -> The data reporting frequency is set higher than with other onboarding methods when onboarding using a local script. -> This setting is for evaluation purposes and is not normally used in production deployments. For this reason, there are concerns about environmental impact, so we recommend limiting the number of deployments using local scripts to ten. -> If you are deploying to a production environment as previously described, use [other deployment options](configure-endpoints.md) like Group Policy or Microsoft Endpoint Configuration Manager. +> The script described in this article is recommended for manually onbooarding devices to Defender for Endpoint. It should only be used on a limited number of devices. If you're deploying to a production environment, see [other deployment options](configure-endpoints.md), such as Intune, Group Policy, or Configuration Manager. Check out [Identify Defender for Endpoint architecture and deployment method](deployment-strategy.md) to see the various paths in deploying Defender for Endpoint. ## Onboard devices 1. Open the configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft Defender portal</a>:- 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Onboarding**. - 2. Select Windows 10 or Windows 11 as the operating system. - 3. In the **Deployment method** field, select **Local Script**. - 4. Click **Download package** and save the .zip file. ++ 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Onboarding**. + + 2. Select Windows 10 or Windows 11 as the operating system. + + 3. In the **Deployment method** field, select **Local Script**. + + 4. Select **Download package** and save the .zip file. 2. Extract the contents of the configuration package to a location on the device you want to onboard (for example, the Desktop). You should have a file named *WindowsDefenderATPLocalOnboardingScript.cmd*. 3. Open an elevated command-line prompt on the device and run the script:+ 1. Go to **Start** and type **cmd**.+ 2. Right-click **Command prompt** and select **Run as administrator**. :::image type="content" source="images/run-as-admin.png" alt-text="The Window Start menu pointing to Run as administrator" lightbox="images/run-as-admin.png"::: -4. Type the location of the script file. If you copied the file to the desktop, type: *%userprofile%\Desktop\WindowsDefenderATPLocalOnboardingScript.cmd* +4. Type the location of the script file. If you copied the file to the desktop, type: `%userprofile%\Desktop\WindowsDefenderATPLocalOnboardingScript.cmd` -5. Press the **Enter** key or click **OK**. +5. Press the **Enter** key or select **OK**. -6. Type "Y" and enter when prompted. +6. Type "Y" and enter when prompted. -7. After the script completes, it will display "Press any key to continue...". Press any key to complete the steps on the device. +7. After the script completes, it will display "Press any key to continue...". Press any key to complete the steps on the device. For information on how you can manually validate that the device is compliant and correctly reports sensor data see, [Troubleshoot Microsoft Defender for Endpoint onboarding issues](troubleshoot-onboarding.md). For information on how you can manually validate that the device is compliant an For each device, you can set a configuration value to state whether samples can be collected from the device when a request is made through Microsoft Defender XDR to submit a file for deep analysis. -You can manually configure the sample sharing setting on the device by using *regedit* or creating and running a *.reg* file. +You can manually configure the sample sharing setting on the device by using *regedit* or creating and running a `.reg` file. The configuration is set through the following registry key entry: After onboarding the device, you can choose to run a detection test to verify th ## Offboard devices using a local script -For security reasons, the package used to Offboard devices will expire 3 days after the date it was downloaded. Expired offboarding packages sent to a device will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name. +For security reasons, the package used to offboard devices expires three days after the date it was downloaded. Expired offboarding packages sent to a device are rejected. When downloading an offboarding package, you're notified of the package's expiry date, and that date is included in the package file name. > [!NOTE]-> Onboarding and offboarding policies must not be deployed on the same device at the same time, otherwise this will cause unpredictable collisions. +> Onboarding and offboarding policies must not be deployed on the same device at the same time. Otherwise, unpredictable collisions might occur. 1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft Defender portal</a>:- 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Offboarding**. - 2. Select Windows 10 or Windows 11 as the operating system. - 3. In the **Deployment method** field, select **Local Script**. - 4. Click **Download package** and save the .zip file. -2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the devices. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. + 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Offboarding**. + + 2. Select Windows 10 or Windows 11 as the operating system. + + 3. In the **Deployment method** field, select **Local Script**. + + 4. Select **Download package** and save the .zip file. ++2. Extract the contents of the .zip file to a shared, read-only location that devices can access. You should have a file named `WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd`. 3. Open an elevated command-line prompt on the device and run the script:+ 1. Go to **Start** and type **cmd**.+ 2. Right-click **Command prompt** and select **Run as administrator**. :::image type="content" source="images/run-as-admin.png" alt-text="The Windows Start menu pointing to the Run as administrator option" lightbox="images/run-as-admin.png"::: -4. Type the location of the script file. If you copied the file to the desktop, type: *%userprofile%\Desktop\WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd* +4. Type the location of the script file. If you copied the file to the desktop, type: `%userprofile%\Desktop\WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd` -5. Press the **Enter** key or click **OK**. +5. Press the **Enter** key or select **OK**. > [!IMPORTANT] > Offboarding causes the device to stop sending sensor data to the portal but data from the device, including reference to any alerts it has had will be retained for up to 6 months. Monitoring can also be done directly on the portal, or by using the different de 1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft Defender portal</a>. -2. Click **Devices inventory**. +2. Select **Devices inventory**. 3. Verify that devices are appearing. ## Related articles+ - [Onboard Windows devices using Group Policy](configure-endpoints-gp.md) - [Onboard Windows devices using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) - [Onboard Windows devices using Mobile Device Management tools](configure-endpoints-mdm.md) - [Onboard non-persistent virtual desktop infrastructure (VDI) devices](configure-endpoints-vdi.md) - [Run a detection test on a newly onboarded Microsoft Defender for Endpoint device](run-detection-test.md) - [Troubleshoot Microsoft Defender for Endpoint onboarding issues](troubleshoot-onboarding.md)+ [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../../includes/defender-mde-techcommunity.md)] |
security | Configure Microsoft Threat Experts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts.md | search.appverid: met150 Last updated 12/18/2020 -# Configure and manage Microsoft Defender Experts capabilities +# Configure and manage Endpoint Attack Notifications [!INCLUDE [Microsoft Defender XDR rebranding](../../includes/microsoft-defender.md)] Last updated 12/18/2020 Ensure that you have Defender for Endpoint deployed in your environment with devices enrolled, and not just on a laboratory set-up. -If you're a Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly. Contact your account team or Microsoft representative to subscribe to **Microsoft Defender Experts - Experts on Demand** to consult with our threat experts on relevant detections and adversaries. +If you're a Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly. ## Apply for Endpoint Attack Notifications service If you're already a Defender for Endpoint customer, you can apply through the Mi When accepted, you'll receive a welcome email and you'll see the **Apply** button change to a toggle that is "on". In case you want to take yourself out of the Endpoint Attack Notifications service, slide the toggle "off" and click **Save preferences** at the bottom of the page. -## Where you'll see the Endpoint Attack Notifications from Microsoft Defender Experts +## Where you'll see the Endpoint Attack Notifications You can receive targeted attack notification from Microsoft Defender Experts through the following medium: You can filter your incidents and alerts if you want to only see the Endpoint At 2. Scroll down to the Tags field > select the **Defender Experts** check box. 3. Select **Apply**. -## Subscribe to Microsoft Defender Experts - Experts on Demand --This is available as a subscription service. If you're already a Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Defender Experts - Experts on Demand. -> [!NOTE] -> Experts on Demand is not a security incident response service. It's intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/). --## Ask Defender Experts about suspicious cybersecurity activities in your organization --You can partner with Microsoft Defender Experts who can be engaged directly from within the Microsoft Defender portal for their response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised device, or a threat intelligence context that you see on your portal dashboard. --> [!NOTE] -> -> - Alert inquiries related to your organization's customized threat intelligence data are currently not supported. Consult your security operations or incident response team for details. -> - You need to have the **Manage security settings** permission in the Microsoft Defender portal to be able to submit the **Ask Defender Experts** inquiry. --1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or device is in view before you send an investigation request. --2. From the upper right-hand menu, click the **?** icon. Then, select **Ask Defender Experts** --![The Microsoft Ask Defender Experts trial subscription page](../../media/mte/flyout-screen-trial-subscription.png) --A flyout screen opens. The following screen shows when you are on a trial subscription. The following screen shows when you are on a full Microsoft Defender Experts - Experts on Demand subscription. --The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or device details page that you were at when you made the request. --3. In the next field, provide enough information to give the Microsoft Defender Experts enough context to start the investigation. --4. Enter the email address that you'd like to use to correspond with Microsoft Defender Experts. --> [!NOTE] -> If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Customer Success Account Manager. --Watch this video for a quick overview of the Microsoft Services Hub. --> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4pk9f] --## Sample investigation topics that you can consult with Microsoft Defender Experts - Experts on Demand --### Alert information --- We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further?-- We've observed two similar attacks, which try to execute malicious PowerShell scripts but generate different alerts. One is "Suspicious PowerShell command line" and the other is "A malicious file was detected based on indication provided by O365". What is the difference?-- I receive an odd alert today for abnormal number of failed logins from a high profile user's device. I can't find any further evidence around these sign-in attempts. How can Defender for Endpoint see these attempts? What type of sign-ins are being monitored?-- Can you give more context or insights about this alert: "Suspicious behavior by a system utility was observed".--### Possible device compromise --- Can you help answer why we see "Unknown process observed?" This message or alert is seen frequently on many devices. We appreciate any input to clarify whether this message or alert is related to malicious activity.-- Can you help validate a possible compromise on the following system on [date] with similar behaviors as the previous [malware name] malware detection on the same system in [month]?--### Threat intelligence details --- We detected a phishing email that delivered a malicious Word document to a user. The malicious Word document caused a series of suspicious events, which triggered multiple Endpoint Attack Notifications alerts for [malware name] malware. Do you have any information on this malware? If yes, can you send me a link?-- I recently saw a [social media reference, for example, Twitter or blog] post about a threat that is targeting my industry. Can you help me understand what protection Defender for Endpoint provides against this threat actor?--### Defender Experts' alert communications --- Can your incident response team help us address the Endpoint Attack Notifications that we got?-- I received this Endpoint Attack Notifications from Microsoft Defender Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?-- I received an Endpoint Attack Notifications from Microsoft Defender Experts. What data can you provide to us that we can pass on to our incident response team?-- > [!NOTE] - > Microsoft Defender Experts is a managed cybersecurity hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry. --## Scenario --### Receive a progress report about your managed hunting inquiry --Response from Microsoft Defender Experts varies according to your inquiry. They'll email a progress report to you about your **Ask Defender Experts** inquiry within two days, to communicate the investigation status from the following categories: --- More information is needed to continue with the investigation-- A file or several file samples are needed to determine the technical context-- Investigation requires more time-- Initial information was enough to conclude the investigation--It's crucial to respond in quickly to keep the investigation moving. - #### To proactively hunt threats across endpoints, Office 365, cloud applications, and identity, refer to - [Microsoft Defender Experts in Microsoft 365 Overview](../defender/defender-experts-for-hunting.md) |
security | Mac Preferences | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-preferences.md | Specifies the value of tag > - Only one value per tag type can be set. > - Type of tags are unique, and should not be repeated in the same configuration profile. +#### Group identifier ++EDR Group identifiers ++**** ++|Section|Value| +||| +|**Domain**|`com.microsoft.wdav`| +|**Key**|groupIds| +|**Data type**|String| +|**Comments**|Group identifier| +||| + ### Tamper Protection Manage the preferences of the Tamper Protection component of Microsoft Defender for Endpoint on macOS. |
security | Worms Malware | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/malware/worms-malware.md | Download [Microsoft Security Essentials](https://www.microsoft.com/download/deta In case threat removal is unsuccessful, read about [troubleshooting malware detection and removal problems](https://www.microsoft.com/wdsi/help/troubleshooting-infection). -For more general tips, see [prevent malware infection](/microsoft-365/security/intelligence/prevent-malware-infection). +For more general tips, see [prevent malware infection](/microsoft-365/security/defender-endpoint/malware/prevent-malware-infection). |
security | Microsoft Defender Antivirus Windows | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows.md | Microsoft Defender Antivirus is available in Windows 10 and Windows 11, and in v Microsoft Defender Antivirus is a major component of your next-generation protection in Microsoft Defender for Endpoint. This protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices (or endpoints) in your organization. Microsoft Defender Antivirus is built into Windows, and it works with Microsoft Defender for Endpoint to provide protection on your device and in the cloud. +## Microsoft Defender Antivirus capabilities ++Microsoft Defender Antivirus provides anomaly detection, a layer of protection for malware that doesnΓÇÖt fit any predefined pattern. Anomaly detection monitors for process creation events or files that are downloaded from the internet. Through machine learning and cloud-delivered protection, Microsoft Defender Antivirus can stay one step ahead of attackers. Anomaly detection is on by default and can help block attacks such as [3CX Security Alert for Electron Windows App](https://www.3cx.com/blog/news/desktopapp-security-alert/). Microsoft Defender Antivirus started blocking this malware four days before the attack was registered in VirusTotal. ++Modern malware requires modern solutions. Microsoft Defender Antivirus stopped using signature-based engine detections many years ago. The scale and scope of todayΓÇÖs ever-evolving malware landscape requires adaptive, predictive technologies such as, machine learning, applied science, and artificial intelligence to keep you and your organizations safe. ++Microsoft Defender Antivirus can block almost all malware at first sight, in milliseconds. ++WeΓÇÖve also designed our antivirus solution to work in both online and offline scenarios. For offline scenarios, the latest dynamic intelligence from the Intelligence Security Graph is provisioned to the endpoint regularly throughout the day. When connected to the cloud, itΓÇÖs fed real-time intelligence from the [Intelligent Security Graph](https://www.microsoft.com/en-us/security/blog/2018/04/17/connect-to-the-intelligent-security-graph-using-a-new-api/). ++Microsoft Defender Antivirus can also stop threats based on their behaviors and process trees even when the threat has started execution. A common example of these kinds of attacks is fileless malware. Microsoft's Next-generation protection features work together to identify and block malware based on abnormal behavior. To learn more, see [Behavioral blocking and containment](behavioral-blocking-containment.md). + ## Compatibility with other antivirus products If you're using a non-Microsoft antivirus/antimalware product on your device, you might be able to run Microsoft Defender Antivirus in passive mode alongside the non-Microsoft antivirus solution. It depends on the operating system used and whether your device is onboarded to Defender for Endpoint. To learn more, see [Microsoft Defender Antivirus compatibility](microsoft-defender-antivirus-compatibility.md). |
security | Microsoft Defender Endpoint Mac | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-mac.md | Microsoft Defender for Endpoint on Mac requires one of the following Microsoft V - Microsoft 365 Business Premium - Windows 11 Enterprise E5 - Microsoft Defender for Endpoint P2-- Microsoft Defender for Endpoint P1 (which includes [Microsoft 365 E3 (M365 E3)](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639))+- Microsoft Defender for Endpoint P1 (which is included in [Microsoft 365 E3 (M365 E3)](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639)) > [!NOTE] > Eligible licensed users may use Microsoft Defender for Endpoint on up to five concurrent devices. |
security | Next Generation Protection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/next-generation-protection.md | Last updated 02/28/2024 Microsoft Defender for Endpoint includes next-generation protection to catch and block all types of emerging threats. The majority of modern malware is polymorphic, meaning it constantly mutates to evade detection. As soon as one variant is identified, another takes its place. This rapid evolution underscores the need for agile and innovative security solutions. -Next-generation protections, such as Microsoft Defender Antivirus blocks malware using local and cloud-based machine learning models, behavior analysis, and heuristics. Microsoft Defender Antivirus uses predictive technologies, machine learning, applied science, and artificial intelligence to detect and block malware at the first sign of abnormal behavior. --Microsoft Defender Antivirus provides anomaly detection, a layer of protection for malware that doesnΓÇÖt fit any predefined pattern. Anomaly detection monitors for process creation events or files that are downloaded from the internet. Through machine learning and cloud-delivered protection, Microsoft Defender Antivirus can stay one step ahead of attackers. Anomaly detection is on by default and can help block attacks such as [3CX Security Alert for Electron Windows App](https://www.3cx.com/blog/news/desktopapp-security-alert/). Microsoft Defender Antivirus started blocking this malware four days before the attack was registered in VirusTotal. +Next-generation protections, such as [Microsoft Defender Antivirus](microsoft-defender-antivirus-windows.md) blocks malware using local and cloud-based machine learning models, behavior analysis, and heuristics. Microsoft Defender Antivirus uses predictive technologies, machine learning, applied science, and artificial intelligence to detect and block malware at the first sign of abnormal behavior. In addition to Microsoft Defender Antivirus, your next-generation protection services include the following capabilities: |
security | Respond Machine Alerts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/respond-machine-alerts.md | You'll be able to stop containing a device at any time. ## Contain user from the network -When an identity in your network might be compromised, you must prevent that identity from accessing the network and different endpoints. Defender for Endpoint can "contain" an identity, blocking it from access, and helping prevent attacks-- specifically, ransomware. When an identity is contained, any supported Microsoft Defender for Endpoint onboarded device will block incoming traffic in specific protocols related to attacks (network logons, RPC, SMB, RDP) while enabling legitimate traffic. This action can significantly help to reduce the impact of an attack. When an identity is contained, security operations analysts have extra time to locate, identify and remediate the threat to the compromised identity. +When an identity in your network might be compromised, you must prevent that identity from accessing the network and different endpoints. Defender for Endpoint can "contain" an identity, blocking it from access, and helping prevent attacks-- specifically, ransomware. When an identity is contained, any supported Microsoft Defender for Endpoint onboarded device will block incoming traffic in specific protocols related to attacks (network logons, RPC, SMB, RDP), terminate ongoing remote sessions and logoff existing RDP connections, while enabling legitimate traffic. This action can significantly help to reduce the impact of an attack. When an identity is contained, security operations analysts have extra time to locate, identify and remediate the threat to the compromised identity. > [!NOTE] > Blocking incoming communication with a "contained" user is supported on onboarded Microsoft Defender for Endpoint Windows 10 and 11 devices (Sense version 8740 and higher), Windows Server 2019+ devices, and Windows Servers 2012R2 and 2016 with the modern agent. |
security | Whats New In Microsoft Defender Endpoint | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint.md | For more information on Microsoft Defender for Endpoint on specific operating sy - [What's new in Defender for Endpoint on Android](android-whatsnew.md) - [What's new in Defender for Endpoint on iOS](ios-whatsnew.md) +## February 2024 ++**Attack Surface Reduction (ASR) Rules** ++Two new ASR rules are now in public preview: +- Block rebooting machine in Safe Mode (preview): This rule prevents the execution of commands to restart machines in Safe Mode. +- Block use of copied or impersonated system tools (preview): This rule blocks the use of executable files that are identified as copies of Windows system tools. These files are either duplicates or impostors of the original system tools. + ## January 2024 - **Defender Boxed is available for a limited period of time**. Defender Boxed highlights your organization's security successes, improvements, and response actions during 2023. Take a moment to celebrate your organization's improvements in security posture, overall response to detected threats (manual and automatic), blocked emails, and more. |
security | Why Use Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/why-use-microsoft-defender-antivirus.md | Although you can use a non-Microsoft antivirus solution with Microsoft Defender |1|Antivirus signal sharing|Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Microsoft Defender for Endpoint](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/).| |2|Threat analytics and your score for devices|Microsoft Defender Antivirus collects underlying system data used by [threat analytics](/microsoft-365/security/defender-endpoint/threat-analytics) and [Microsoft Secure Score for Devices](/microsoft-365/security/defender-endpoint/tvm-microsoft-secure-score-devices). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture.| |3|Performance|Microsoft Defender for Endpoint is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-microsoft-defender-antivirus.md) and [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/evaluate-mde).|-|4|Details about blocked malware|More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. [Understand malware & other threats](/windows/security/threat-protection/intelligence/understanding-malware).| +|4|Details about blocked malware|More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. [Understand malware & other threats](/microsoft-365/security/defender-endpoint/malware/understanding-malware).| |5|Attack surface reduction|Your organization's security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Get an overview of attack surface reduction](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction).| |6|Network protection|Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](/microsoft-365/security/defender-endpoint/network-protection).| |7|Indicators, such as file, IP address, URL, and/or certificate allow or block indicators |Your organization's security team can import threat intel, which blocks known Indicators of Compromise (IoC's) [Get an overview of Indicator of compromise (IoC)](/microsoft-365/security/defender-endpoint/manage-indicators).| |
security | Whats New In Microsoft Defender Vulnerability Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md | Title: What's new in Microsoft Defender Vulnerability Management Public Preview -description: See what features are available in the latest release of Microsoft Defender for Vulnerability Management public preview. + Title: What's new in Microsoft Defender Vulnerability Management +description: See what features are available in the latest release of Microsoft Defender for Vulnerability Management search.appverid: met150 ms.localizationpriority: medium-+ audience: ITPro - m365-security Previously updated : 08/01/2023 Last updated : 02/26/2024 # What's new in Microsoft Defender Vulnerability Management Public Preview This article provides information about new features and important product updat > [!TIP] > Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](../defender-vulnerability-management/defender-vulnerability-management-trial.md). +## February 2024 ++### Vulnerable components ++Defender Vulnerability Management now provides the ability to identify, report on, and recommend remediation for common, proprietary, and open-source software components and dependencies known to have had security issues in the past. For more information, see [Vulnerable components](tvm-vulnerable-components.md). ++### Request of CVE support ++You can now request for support to be added to Defender Vulnerability Management for a particular Common Vulnerabilities and Exposures (CVE). For more information, see [Request CVE support](tvm-weaknesses.md#request-cve-support). ++### Vulnerability details updates ++- **Common Vulnerabilities and Exposures (CVE) AI generated description (Public Preview)**: A new AI generated vulnerability description is now in public preview. It appears on the vulnerability details page for a CVE and provide detailed information on the vulnerability, its impact, recommended remediation steps, and any additional information, if available. +- **CVSS vector string**: The CVSS vector string is a text representation of the CVSS score. It is commonly used to record or transfer CVSS metric information in a concise and machine-readable form. This string is now represented in the portal for every weakness, and can be pulled via the [List vulnerabilities API](../defender-endpoint/api/get-all-vulnerabilities.md) and Advanced Hunting. For more information on the CVSS Vector, see [Common Vulnerability Scoring System](https://www.first.org/cvss/specification-document#:~:text=The%20Common%20Vulnerability%20Scoring%20System,Threat%2C%20Environmental%2C%20and%20Supplemental) ++### Other updates ++**Microsoft Defender Vulnerability Management Ninja training is now available**: For more information, see [Become a Microsoft Defender Vulnerability Management Ninja](https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/become-a-microsoft-defender-vulnerability-management-ninja/ba-p/4003011) + ## August 2023 <a name='microsoft-defender-vulnerability-management-permissions-are-now-integrated-with-microsoft-365-defender-unified-role-based-access-control-rbac'></a> |
security | Custom Roles | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/custom-roles.md | f1.keywords: ms.localizationpriority: medium Previously updated : 01/03/2023 Last updated : 03/04/2024 audience: ITPro search.appverid: # Custom roles in role-based access control for Microsoft Defender XDR > [!NOTE]-> If you are running the Microsoft Defender XDR preview program you can now experience the new Microsoft Defender 365 role-based access control (RBAC) model. For more information, see [Microsoft Defender 365 role-based access control (RBAC)](manage-rbac.md). +> Microsoft Defender XDR users can now take advantage of a centralized permissions management solution to control user access and permissions across different Microsoft security solutions. Learn more about the [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md). [!INCLUDE [Prerelease](../includes/prerelease.md)] |
security | M365d Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/m365d-permissions.md | -> If you are running the Microsoft Defender XDR preview program you can now experience the new Microsoft Defender 365 role-based access control (RBAC) model. For more information, see [Microsoft Defender 365 role-based access control (RBAC)](manage-rbac.md). +> Microsoft Defender XDR users can now take advantage of a centralized permissions management solution to control user access and permissions across different Microsoft security solutions. Learn more about the [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md). **Applies to:** |
syntex | Backup Limitations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/backup/backup-limitations.md | Performance and speed of web interfaces, initial configuration, and restores mig - The rule-based feature for bulk addition of sites via site names or URL in the backup policy creation workflow can accommodate a maximum of 10 keywords at a time. Each keyword can have a minimum of three characters and maximum of 255 characters. -- The rule-based feature for bulk addition of user accounts via security groups or distribution lists can accommodate a maximum of three groups at a time. These rules are static and applied one time only. That is, the security groups or distribution lists are flattened at the time of adding to the backup configuration policy and won't be dynamically updated in the system if users are added or removed from the original security group, for example.+- The rule-based feature for bulk addition of user accounts via security groups or distribution lists can accommodate a maximum of three groups at a time. These rules are static and applied one time only. That is, the security groups or distribution lists are flattened at the time of adding to the backup configuration policy. Groups or list won't be dynamically updated in the system if users are added or removed from the original security group, for example. - Backup and restore of tenants that have the multi-geo feature enabled for OneDrive and SharePoint might not work properly. We recommend not using the preview version of Backup until multi-geo support is fully enabled. <! Performance and speed of web interfaces, initial configuration, and restores mig - SharePoint sites or OneDrive accounts that are currently in the first stage recycle bin must first be restored from the recycle bin before they can be rolled to a prior point in time via the Microsoft 365 Backup tool. The point in time restore via Microsoft 365 Backup won't work if the site or OneDrive is in the recycle bin. -- SharePoint admins operating the Microsoft 365 Backup tool need to have explicit read+ permissions to the sites they're searching for in the backups to be able to find those sites in the backup and restore them. In the future, weΓÇÖll introduce a Backup role, which will grant SharePoint and Exchange admins full Backup search read rights when combined with their existing admin roles.+- SharePoint admins operating the Microsoft 365 Backup tool need to have explicit read+ permissions to the sites they're searching for in the backups to be able to find those sites in the backup and restore them. In the future, weΓÇÖll introduce a Backup role, which grants SharePoint and Exchange admins full Backup search read rights when combined with their existing admin roles. -- SharePoint sites and OneDrive accounts being restored to a prior point in time aren't locked in a ready-only state. Therefore, users might not realize their current edits will be imminently rolled back and lost. In the future, we'll introduce a read-only lock on all sites undergoing a restore.+- SharePoint sites and OneDrive accounts being restored to a prior point in time aren't locked in a ready-only state. Therefore, users might not realize their current edits will be imminently rolled back and lost. In the future, we introduce a read-only lock on all sites undergoing a restore. - For restores to a new URL, it might take up to 15 minutes for the destination URL to be displayed in the tool once a SharePoint site or OneDrive account restore to a new URL session completes. -- For restores to a new URL, only the admin who executed the restore has ownership permissions for the restored SharePoint sites or OneDrive accounts in the new URLs. Restores to the same URL reverts permissions to their original state. We might decide to change this behavior in the future via a ΓÇ£copy permissionsΓÇ¥ feature.+- For restores to a new URL, only the admin who executed the restore has ownership permissions for the restored SharePoint sites or OneDrive accounts in the new URLs. Restores to the same URL reverts permissions to their original state. We might decide to change this behavior in the future via a "copy permissions" feature. -- Mailboxes and OneDrive accounts that are under legal or in-place holds can't currently be restored unless the destination is removed from legal hold.+- Mailboxes, OneDrive accounts, and SharePoint sites that are under legal or in-place holds currently can't be restored unless the destination is removed from legal hold. To restore a SharePoint site under legal hold, you need to restore the site to a new URL. - While OneDrive account and mailbox backups of deleted users are maintained and after the userΓÇÖs Microsoft Entra ID is deleted are restorable, search in the people picker UI for that user won't work. The user is displayed as an empty user in results, requiring a guess-and-check methodology. - Mailbox draft items aren't backed up or restorable. -- Calendar item backup and restore is limited to modified items only and doesn't cover deleted items. This includes the following specific limitations:+- Calendar item backup and restore is limited to modified items only and doesn't cover deleted items. This action includes the following specific limitations: - Restoring deleted calendar items with the ability to send updates post-restore isn't yet supported. - Replacing encrypted items with healthy items during a cross mailbox restore (mailboxes all belonging to the same user account) isn't supported. Performance and speed of web interfaces, initial configuration, and restores mig - OneDrive and Sharepoint: [Fix site user ID mismatch in SharePoint or OneDrive](/sharepoint/troubleshoot/sharing-and-permissions/fix-site-user-id-mismatch) - Exchange: [Recover an inactive mailbox](/purview/recover-an-inactive-mailbox) -- While restoring Exchange mailboxes at a granular level, the search feature provides several search parameters. These parameters allow you to enter up to a maximum of five keywords each. For example, the parameters ΓÇ£fromΓÇ¥ and ΓÇ£toΓÇ¥ allow you to enter up to a maximum of five email addresses each.+- While restoring Exchange mailboxes at a granular level, the search feature provides several search parameters. These parameters allow you to enter up to a maximum of five keywords each. For example, the parameters "from" and "to" allow you to enter up to a maximum of five email addresses each. -- The multi-geo feature isn't supported for SharePoint Online or OneDrive for Business services in this release. This might affect the restore of sites across different geos. Exchange Online multi-geo is supported, however, when configuring a restore each mailbox in a single restore request must be in the same geo.+- The multi-geo feature isn't supported for SharePoint or OneDrive services in this release. This might affect the restore of sites across different geos. Exchange Online multi-geo is supported, however, when configuring a restore each mailbox in a single restore request must be in the same geo. - OneDrive accounts and SharePoint sites that have undergone the following types of changes won't be undoable via restore: tenant rename, tenant move, and site URL change. -- If there are no differences between the current state of a mailbox and the prior point in time from which you're attempting a restore, there will be no restore performed and no new folders created when a ΓÇ£restore to a new locationΓÇ¥ request is made. We don't plan to modify this behavior in the future.+- If there are no differences between the current state of a mailbox and the prior point in time from which you're attempting a restore, a restore isn't performed and no new folders are created when a "restore to a new location" request is made. We don't plan to modify this behavior in the future. -- SharePoint sites and OneDrive accounts being restored to a new URL will have a read-only lock on that new URL until the restore completes. The global admin can still download documents or remove the read-only lock manually. This isn't behavior we plan on changing.+- SharePoint sites and OneDrive accounts being restored to a new URL have a read-only lock on that new URL until the restore completes. The global admin can still download documents or remove the read-only lock manually. This isn't behavior we plan on changing. ## Self-service scale limits -During the preview, we're enforcing self-service restore limits while we gain a better understanding of how customers are using the tool so that we can build in enhancements in the future to help users avoid mistaken restore actions. These limits are described in the following table. +During the preview, we're enforcing self-service restore limits while we gain a better understanding of how organizations are using the tool so that we can build in enhancements in the future to help users avoid mistaken restore actions. These limits are described in the following table. |Limit parameters |Warning |Limit throttle* | |||| During the preview, we're enforcing self-service restore limits while we gain a Follow these steps: -1. As an administrator, select the following link, which will populate a help query in the admin center: [M365 Backup Limit Request](https://aka.ms/M365BackupLimit). +1. As an administrator, select the following link, which will populate a help query in the admin center: [Microsoft 365 Backup Limit Request](https://aka.ms/M365BackupLimit). 2. At the bottom of the pane, select **Contact Support**, and then select **New Service Request**. |