+| Forms | Draft with Copilot | Use prompts to draft questions and suggestions that help you create surveys, polls, and other forms with ease. |

+[Microsoft Copilot for Microsoft 365](https://www.microsoft.com/microsoft-365/blog/2023/03/16/introducing-microsoft-365-copilot-a-whole-new-way-to-work/) is an AI-powered productivity tool that uses large language models (LLMs) and integrates your data with the Microsoft Graph and Microsoft 365 Apps. It works alongside popular Microsoft 365 Apps such as Word, Excel, PowerPoint, Outlook, Teams, and more. Copilot provides real-time intelligent assistance, enabling users to enhance their creativity, productivity, and skills. This article covers how you can prepare your organization for Copilot. These steps can be thought of in three primary phases:

+1. Optimizing for Search

+1. Update channels and apps

+1. Provision Copilot licenses

+## Before you begin

+You must have one of the following subscription plans to purchase Microsoft Copilot for Microsoft 365. You can purchase Copilot for Microsoft 365 licenses through the Microsoft 365 admin center on the Purchase Services page, Microsoft partners, or Microsoft account team. You can purchase as many Copilot for Microsoft 365 licenses as you have prerequisite licenses.

+Your users must have one of the following base licenses to be eligible for a Copilot for Microsoft 365 license. Prerequisite licenses include:

+- Microsoft 365 E5

+- Microsoft 365 E3

+- Office 365 E3

+- Office 365 E5

+- Microsoft 365 A5 for faculty

+- Microsoft 365 A3 for faculty

+- Office 365 A5 for faculty

+- Office 365 A3 for faculty

+- Microsoft 365 Business Standard

+- Microsoft 365 Business Premium

+>[!NOTE]

+> Customers with Education or Business subscriptions that do not include Teams can still purchase Copilot for Microsoft 365 licenses.

+- **Microsoft 365 Apps** desktop applications such as Word, Excel, PowerPoint, Outlook, and Teams. Copilot will be available in web versions of the apps when a license is assigned.To get started with the implementation process, see [Deployment guide for Microsoft 365 Apps](/deployoffice/deployment-guide-microsoft-365-apps).

+- **Outlook for Windows** For seamless integration of Copilot for Microsoft 365 with Outlook, new Outlook (Windows, Mac, Web, Mobile) is recommended. Copilot does support classic Outlook (Windows) as well. You can switch to Outlook Mobile to access the new Outlook experience. For more information, see [Getting started with the new Outlook for Windows](https://support.microsoft.com/office/getting-started-with-the-new-outlook-for-windows-656bb8d9-5a60-49b2-a98b-ba7822bc7627).

+## Optimize for Search

+Microsoft Copilot for Microsoft 365 provides the ability for users to find and access their content through natural language prompting. Copilot ensures data security and privacy by adhering to existing obligations and integrating with your organization's policies. It utilizes your Microsoft Graph content with the same access controls as other Microsoft 365 services. To get the most out of Copilot, you should consider optimizing data and content for Search, to ensure optimal secure access. To learn more about privacy with Microsoft Copilot for Microsoft 365, see [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-privacy.md).

+### Applying principles of Just Enough Access

+From the SharePoint admin center, you can review SharePoint site access to check permissions and access to ensure data is secure, prioritizing sites that contain sensitive information.

+You can check on site privacy by going to Active Sites, then selecting a site, and going to Settings. Setting a site as Private means that only users in your organization with access to the site will find it. You can also review access under the Membership tab, as well as site owners, members, and visitors.

+>[!NOTE]

+> A helpful strategy to balance effort and maximizing impact is to establish a data definition for sensitivity and consider prioritizing the review of SharePoint sites, focusing first on the most critical repositories, then deploying licenses to users and piloting Copilot and implementing a process to iterate through the rest of your repositories in parallel with expanding user base. This provides a consistent loop of feedback from users to continually refine access without delaying deployment. [Jump to the deployment section below](#plan-for-deployment-and-measure-adoption-impact-and-sentiment) for a more detailed strategy to deploy and drive adoption.

+With an eligible license, you can set up auto-classifiers for content on a SharePoint site by going to the site, selecting the Settings icon on the top right, going to Library Settings, and adjusting default sensitivity labels. This feature ensures that content created or edited inherits this label. Content that is moved to the site without appropriate labels will trigger a notification.

+### Configure advanced policies with Microsoft Purview

+In the Microsoft Purview compliance portal, you can create sensitivity labels by navigating to the Labels tab to customize policies to best fit your data sensitivity classifications. You can also configure auto-labeling by navigating the Auto-labeling menu on the left navigation, under Information protection. Select a label or create a new label policy, and configure protections for content that has the label applied.

+These labels can also be applied based on content found within documents using data loss prevention (DLP) policies. These policies allow labels to be automatically applied when specific types of content are identified in a document, for example, personally identifiable information like addresses, tax information or passport numbers. You can also DLP policies to trainable classifiers that identify categories of content like source code, financial documents, HR and more. You can also set up endpoint DLP policies that would restrict users from actions like copying content to clipboard or removable USB devices or printing.

+### Audit Copilot activity in Microsoft Purview

+All activity from Copilot for Microsoft 365 can be discoverable using content search in the Microsoft Purview portal for audit and review. From the Microsoft Purview portal, you can initiate an audit from the Audit tab on the left navigation. You can also apply retention policies to retain content in prompts and responses based on your organization requirements. eDiscovery and communication compliance policies are also supported for Copilot for Microsoft 365 activity through the Purview portal, allowing you to set up flags for any content matches policies configured. For example, you can set up a policy to flag for activity that includes specific words or code names.

+For more information on data security and compliance configurations using Microsoft Purview, see [Microsoft Purview data security and compliance protections for Microsoft Copilot](/purview/ai-microsoft-purview).

+Review your privacy settings for Microsoft 365 Apps because those settings might have an effect on the availability of Microsoft Copilot for Microsoft 365 features. For more information, see [Microsoft Copilot for Microsoft 365 and policy settings for connected experiences](microsoft-365-copilot-privacy.md#microsoft-copilot-for-microsoft-365-and-policy-settings-for-connected-experiences).

+## Update channels

+Microsoft Copilot for Microsoft 365 will follow Microsoft 365 Apps' standard practice for deployment and updates, being available in all update channels, except for Semi-Annual Enterprise Channel. Preview channels include Current Channel (Preview) and Beta Channel. Production channels include Current Channel and then Monthly Enterprise Channel. Preview channels are a great option to validate the product before rolling out to the rest of organization. To learn more, see [Overview of update channels](/deployoffice/updates/overview-update-channels), and [Microsoft 365 Insider channels](/deployoffice/insider/compare-channels).

+We recommend Current Channel, because it provides your users with the newest Microsoft 365 app features as soon as they're ready and provides the best experience for a fast-moving product like Copilot for Microsoft 365. If you need more predictability of when these new Microsoft 365 app features are released each month, we recommend Monthly Enterprise Channel.

+There are multiple ways you can manage channels for user devices. To learn more, see [Change update channel of Microsoft 365 to enable Copilot](/deployoffice/updates/change-channel-for-copilot).

+## Provision Copilot for Microsoft 365 licenses

+After youΓÇÖve prepared your organization for Copilot, you can manage Microsoft Copilot for Microsoft 365 licenses from the Microsoft 365 admin center. You can assign licenses to individual users or to groups of users, as well as reassign licenses to other users.

+To learn more about the steps to deploy Copilot for your organization, see [Enable users for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-enable-users.md).

+## Configure settings for Copilot

+As an admin, you can manage Microsoft Copilot experiences for your organization by using the controls available in the Microsoft 365 admin center. You can view the status of Copilot license assignments, access the latest information on Copilot, manage data security and compliance controls, submit feedback on behalf of users, configure plugins and permissions, and enable the use of web data as grounding data in Copilot.

+You can manage these settings by using the Copilot page in the Microsoft 365 admin center. To learn more, see [Manage Microsoft Copilot for Microsoft 365 with the Copilot page](microsoft-365-copilot-page.md).

+## Plan for deployment and measure adoption, impact, and sentiment

+The myriad uses of Copilot for Microsoft 365 across the various Microsoft 365 apps provides opportunities for users to find value in different ways.

+### Accelerating adoption to get to value

+We recommend approaching adoption of Copilot by leveraging adoption. To do so:

+1. Identify users across various business groups in your organization, ideally with high usage of existing Microsoft 365 features. You can identify these users by reviewing usage metrics in the Microsoft 365 admin center.

+2. Assign these users Copilot for Microsoft 365 licenses and onboard them using the resources available on [MicrosoftΓÇÖs adoption hub](https://adoption.microsoft.com/), including the user onboarding kit.

+3. As these users get more comfortable with using Copilot, they should be able to speak to how they use it best, and where itΓÇÖs most valuable for them. This provides you with product champions that can help other users adoption Copilot across your organization.

+With your established community of early adopters or Champions, they can better speak to their peers within their organization and contextualize the value of Copilot to best suit their needs. This framework also provides IT departments with a scalable way to handle questions through Champions, developing a team of experts across your organization. To learn more about driving adoption, visit the [Microsoft Copilot adoption hub](https://adoption.microsoft.com/Copilot/).

+The [Microsoft Copilot Dashboard (Preview) from Viva Insights](/viva/insights/org-team-insights/copilot-dashboard) helps organizations maximize the value of Copilot for Microsoft 365 by providing organizational leaders and IT decision makers insights into readiness, adoption, impact, and user sentiment.

+[Access the Microsoft Copilot Dashboard (Preview) from Viva Insights here](https://aka.ms/copilotdashboard).

+[Review this article to learn more about the Microsoft Copilot Dashboard (Preview) from Viva Insights](/viva/insights/org-team-insights/copilot-dashboard).

+- [Copilot for Microsoft 365 ΓÇô Microsoft Adoption](https://adoption.microsoft.com/Copilot/)

+- [Copilot for Microsoft 365 technical documentation hub](index.yml)

+- [Understanding malware & other threats](/microsoft-365/security/defender-endpoint/malware/understanding-malware)

+ - azure-ad-ref-level-one-done

+>[!NOTE]

+> The Azure Active Directory module is being replaced by the Microsoft Graph PowerShell SDK. You can use the Microsoft Graph PowerShell SDK to access all Microsoft Graph APIs. For more information, see [Get started with the Microsoft Graph PowerShell SDK](/powershell/microsoftgraph/get-started).

+First, use a **Microsoft Entra DC admin**, **Cloud Application Admin**, or **Global admin** account to [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md).

+> This feature will begin rolling out for public preview in December 2023.

+1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Frontline deployment** > **Manage frontline apps**.

+ > [!IMPORTANT]

+ > You won't be able to change your selection after you submit it for setup.

+Review your settings. If you need to make changes, selectΓÇ»**Back**, and change the settings that you want. When you're ready, selectΓÇ»**Finish setup**.

+ You can repeat this process to deploy Shifts to any of your frontline teams that don't already have it deployed. Keep in mind that you can't redeploy Shifts to teams that already have Shifts enabled.

+## Edit Shifts settings

+1. If you want to edit the Shifts settings that you set previously, select **Deploy Shifts to your teams**. This allows you to edit Shifts settings for teams you already deployed Shifts to and for teams you deploy Shifts to in the future.

+ :::image type="content" source="media/dsas-deploy-completed.png" alt-text="Screenshot of the table on the Manage frontline apps page, showing the Deploy Shifts to your teams option. "lightbox="media/dsas-deploy-completed.png":::

+1. You'll see all your Shifts settings including shift request settings, time-off reasons, schedule owner group ID, and schedule group settings.

+ :::image type="content" source="media/dsas-edit-settings.png" alt-text="Screenshot of the Shifts settings page for editing Shifts settings" lightbox="media/dsas-edit-settings.png":::

+ - You can turn on or turn off shift request settings, time-off requests, and clock in/clock out by switching the toggles to **On** or **Off**.

+ - You can add, edit, and delete time-off reasons as you did during initial setup. However, you can't edit the time-off codes for the time-off reasons that you set previously.

+ - You can change the schedule owner group ID that identifies the group that contains all schedule owners.

+ - You wonΓÇÖt be able to change your schedule group management selection from **Schedule groups are created and managed by schedule owners** to **Schedule groups are created and managed in the Teams admin center** or vice versa. If you previously chose the option to create and manage schedule groups in the Teams admin center, you can add, edit, and delete schedule groups as you did during initial setup. However, you can't edit the schedule group codes for any of the schedule groups that you set previously.

+1. After you make your edits, choose **Apply**. This action applies the changes to all teams that you already deployed Shifts to. These Shifts settings are also applied to any new teams you deploy Shifts to.

+Select the link to download an error CSV file and use the information in it to help resolve the errors. If any errors occurred during setup of your Shifts settings, choose **Deploy Shifts to your teams** to resubmit or edit your Shifts settings. Then, rerun the [deployment experience](#deploy-shifts-to-your-frontline-teams).

+> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table.

+| Shifts | Create and manage schedules and clock in and out with Shifts. | [Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) |

+Microsoft 365 and Microsoft Teams offer capabilities that help manufacturing organizations enhance productivity in their daily operations and digital transformation. We recommend the following scenarios for manufacturers:

+> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table.

+| Shifts | Create and manage schedules and clock in and out with Shifts. |[Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) |

+> For all these capabilities, users must have an appropriate license. For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table.

+| Shifts | Create and manage schedules and clock in and out with Shifts. | [Shifts for frontline workers](shifts-for-teams-landing-page.md) | [Use Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) |

+Microsoft 365 and Microsoft Teams offer a number of telemedicine features useful for hospitals and other healthcare organizations.

+- Teams policy packages for healthcare

+- Messaging

+- Team templates for healthcare

+<!-- Watch the following video to learn more about using the healthcare collection to enhance health team collaboration in Teams.

+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4Hqan]-->

+To get the most benefit for your healthcare organization, first choose which scenarios Microsoft 365 and Teams can help you with in your day-to-day activities, and then make sure that you prepare your Teams environment with the right fundamentals, teams, and apps to support those scenarios.

+2. [Set up Microsoft 365](flw-setup-microsoft-365.md) - Set up Microsoft 365, Teams, and any other services you need.

+3. [Configure services and apps](flw-setup-microsoft-365.md#step-7-configure-apps-for-your-scenario) - Use team templates to set up the teams you need quickly, including the channels and apps you need. Add in other apps from Microsoft as needed to support your scenarios.

+| [Virtual Appointments](virtual-appointments.md) | Schedule, manage, and conduct virtual appointments with patients. This scenario connects Teams and the Oracle Health or Epic platform to support virtual appointments. | Active subscription to Microsoft Cloud for Healthcare or subscription to Microsoft Teams EHR connector standalone offer. <br> Users must have an appropriate Microsoft 365 or Office 365 license that includes Teams meetings. <br> See also [Integration into Oracle Health EHR](ehr-admin-oracle-health.md#before-you-begin) or [Integration into Epic EHR](ehr-admin-epic.md#prerequisites). |

+| [Team communication and collaboration](flw-team-collaboration.md) |Bring your health teams together to communicate, collaborate, and streamline operations with Teams. Viva Connections helps you create a dashboard that puts the information they need front and center on their devices, so they can reach out whenever they need to. |Users must have an appropriate license to use Teams apps.* |

+| [Engage your employees and focus on employee wellbeing](flw-wellbeing-engagement.md) | Build deeper connections across your organization and create an inclusive workplace. |Users must have an appropriate license to use Teams apps.* |

+| [Schedule your teams with Shifts](shifts-for-teams-landing-page.md) |Create and manage schedules for your teams in Shifts.|Users must have an appropriate license to use Teams apps.* |

+| [Simplify business processes](simplify-business-processes.md) | Use task publishing to create standard processes across sites, lists to manage information and track ongoing processes, and streamline requests with Approvals. Automated workflows can speed up and automate actions, like collecting data or routing notifications. |Users must have an appropriate license to use Teams apps.* To use Power Apps and Power Automate, users need an appropriate license.*|

+> [!NOTE]

+> *For more information about general Teams licensing, see [Manage user access to Teams](/microsoftteams//user-access). Check out [Understand frontline worker user types and licensing](flw-licensing-options.md) to learn more about using Microsoft 365 for frontline workers in combination with other licenses. For a detailed comparison of what's included in Microsoft 365 plans for enterprises, see the [Modern work plan comparison](https://go.microsoft.com/fwlink/p/?linkid=2139145) table.

+|[](https://go.microsoft.com/fwlink/?linkid=2206475) <br/> [PDF](https://go.microsoft.com/fwlink/?linkid=2206475) \| [Visio](https://go.microsoft.com/fwlink/?linkid=2206474) <br>Updated January 2024 |This poster provides an overview of the scenarios you can implement for your frontline workforce in a healthcare setting.|

+Use the complete meetings platform in Teams to schedule, manage, and conduct virtual appointments with patients and other providers.

+- If your organization already uses an EHR system, you can integrate Teams for a more seamless experience. Teams EHR connector makes it easy for clinicians to launch a virtual appointment with a patient or a consultation with another provider in Teams directly from the EHR system. To learn more, see [Virtual Appointments with Teams - Integration into Oracle Health EHR](ehr-admin-oracle-health.md) and [Virtual Appointments with Teams - Integration into Epic EHR](ehr-admin-epic.md).

+Teams enables physicians, clinicians, nurses, and other staff to collaborate efficiently with collaboration features in Teams.

+### Messaging for healthcare organizations

+Messaging policies in Teams are used to control which chat and channel messaging features are available to users. You can edit the settings in the global (Org-wide default) policy or create and assign custom messaging policies to turn on or turn off the features that you want.

+For example, consider enabling the following messaging features for your health teams:

+- Users can send urgent messages using priority notifications, so the recipient is repeatedly notified until they read the message.

+- Users can use read receipts to know when the chat messages they send are read by the recipient.

+Together, these features allow quicker attention to urgent messages and confidence that the message was received and read.

+To learn more, see [Manage messaging policies in Teams](/microsoftteams/messaging-policies-in-teams) and [Messaging policies for healthcare organizations](messaging-policies-hc.md).

+### Teams policy packages for healthcare

+### Team templates for healthcare organizations

+Team templates allow you to quickly create teams by providing a predefined team structure of settings, channels, and preinstalled apps. Teams includes templates designed specifically for healthcare organizations, making it easier to create teams for staff to communicate and collaborate on patient care or operational needs.

+To learn more, see [Use healthcare team templates](/microsoftteams/expand-teams-across-your-org/healthcare/healthcare-templates-admin-console?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json).

+The Lists app in Teams helps teams track information and organize work. The app is preinstalled for all Teams users and is available as a tab in every team and channel. Lists can be created from scratch, from predefined templates, or by importing data to Excel.

+For example, a charge nurse creates a patient list in a team that includes all health team members. During rounds, the health team access Teams on their mobile devices and update patient information in the list, which everyone on the team can view to stay in sync. At rounding sessions where the health team gathers to discuss and evaluate key health performance metrics to ensure a patient is on the right glide path to discharge, they can share this information using Teams on a large display screen. Health team members who aren't on site can join remotely.

+Here's an example list, which was set up for patient rounding.

+To learn more, see [Manage the Tasks app for your organization in Microsoft Teams](/microsoftteams/manage-tasks-app?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json).

+Use [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3) to streamline all your requests and processes with your team. Create, manage, and share approvals directly from your hub for teamwork. Start an approval flow from the same place you send a chat, in a channel conversation, or from the Approvals app itself. Just select an approval type, add details, attach files, and choose approvers. Once submitted, approvers are notified and can review and act on the request.

+### Create, manage, and share schedules with the Shifts app

+Create and manage schedules for your health teams with Shifts. For example, nurse managers can set up and manage schedules for their staff. They can assign shifts, add open shifts, and approve shift requests from nurses on their team. Nurses can check their own and their team's schedule, request to swap or offer a shift, and more.

+To learn more, see [Shifts for frontline workers](shifts-for-teams-landing-page.md).

+- Check out the [Teams adoption center](https://adoption.microsoft.com/microsoft-teams/) for advice on rolling out Teams if you're just starting your organization's journey with Teams, or expanding Teams to more areas of your organization.

+- Get help and training for your users on how to perform basic tasks in Teams on the [Teams help & learning site](https://support.microsoft.com/teams), including [quick training videos](https://support.microsoft.com/office/microsoft-teams-video-training-4f108e54-240b-4351-8084-b1089f0d21d7). This site also has help and training for the Teams apps, including [Virtual Appointments](https://support.microsoft.com/office/what-is-virtual-appointments-22df0079-e6d9-4225-bc65-22747fb2cb5f), [Lists](https://support.microsoft.com/office/get-started-with-lists-in-teams-c971e46b-b36c-491b-9c35-efeddd0297db), [Tasks](https://support.microsoft.com/office/use-the-tasks-app-in-teams-e32639f3-2e07-4b62-9a8c-fd706c12c070), [Approvals](https://support.microsoft.com/office/what-is-approvals-a9a01c95-e0bf-4d20-9ada-f7be3fc283d3), and [Shifts](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821).

+You'll need the [latest version of SharePoint PowerShell module](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online) to enable or disable Loop experiences in Teams. Loop components default to **ON** for all organizations. Because Loop components are designed for collaboration, the components are always shared as editable by others, even if your organization is set to create shareable links that have **view-only** permissions as the default value for other file types. For more information, see the **Learn more** link next to the setting.

+ Title: "Manage Loop app preview"

+recommendations: true

+audience: Admin

+f1.keywords:

+- NOCSH

+ms.localizationpriority: medium

+- Strat_SP_admin

+- Microsoft 365-collaboration

+- Tier3

+- essentials-manage

+search.appverid:

+- SPO160

+- MET150

+description: "Learn how to manage access to the Loop app preview."

+# Manage Loop app preview access

+This article details the Cloud Policy setting used to gate access to the Loop app preview experiences within your organization.

+## User experience expectations when admin settings are configured

+When a user account in your organization is provided access to the Loop app preview experience, they can choose between the standard or the preview experience. These users default to preview for each Loop app session and are able to manually switch to standard if needed.

+## Microsoft 365 Groups for Cloud Policy

+If you want to scope the Cloud Policy settings to only some users in your tenant, you must create or use an existing Microsoft 365 group that defines which users in your organization this policy applies to. To create a Microsoft 365 group, see [Create a Microsoft 365 group](/microsoft-365/admin/create-groups/create-groups).

+> [!NOTE]

+> This section isn't required if you choose to apply the Loop settings to all the users in your tenant.

+You are able to use this group for the Cloud Policy setup procedure specified in [Configuring preview user accounts in Cloud Policy](#configuring-preview-user-accounts-in-cloud-policy).

+If you prefer, you can also create other types of groups to use with Cloud Policy. For more information, see [learn more about creating groups in the Microsoft 365 admin center](/microsoft-365/admin/email/create-edit-or-delete-a-security-group) or [learn more about creating dynamic groups in AzureAD](/azure/active-directory/external-identities/use-dynamic-groups).

+## Configuring preview user accounts in Cloud Policy

+The Loop app oreview gate checks the following [Cloud Policy](/deployoffice/admincenter/overview-cloud-policy) setting:

+- **Enable preview features for Loop**

+1. Sign in to [https://config.office.com](https://config.office.com) with your Microsoft 365 admin credentials.

+1. Select **Customization** from the left pane.

+1. Select **Policy Management**.

+1. Create a new policy configuration or edit an existing one.

+1. From the **Choose the scope** dropdown list, choose either **All users** or select the group for which you want to apply the policy. For more information, See [Microsoft 365 Groups for Cloud Policy](#microsoft-365-groups-for-cloud-policy).

+1. In **Configure Settings**, choose one of the following settings:

+ - For **Enable preview features for Loop**:

+ - **Enabled**: Loop app preview experience is available to the users.

+ - **Disabled**: Loop app preview experience isn't available to the users.

+ - **Not configured**: Loop app preview experience isn't available to the users.

+1. Save the policy configuration.

+1. Reassign priority for any security group, if necessary. (If two or more policy configurations are applicable to the same set of users, the one with the higher priority is applied.)

+In case you create a new policy configuration or change the configuration for an existing policy, there can be a delay in the change being reflected as described:

+- If there were existing policy configurations before the change, then it takes 90 mins for the change to be reflected.

+- If there were no policy configurations before the change, then it takes 24 hours for the change to be reflected.

+## Related topics

+- [Get started with Microsoft Loop - Microsoft Support](https://support.microsoft.com/office/get-started-with-microsoft-loop-9f4d8d4f-dfc6-4518-9ef6-069408c21f0c)

+- [Manage Loop workspace experiences in SharePoint Embedded](/microsoft-365/loop/loop-workspaces-configuration)

+- [Manage Loop components in OneDrive and SharePoint](/microsoft-365/loop/loop-components-configuration)

+Licensing through the new Loop with workspaces service plan covers the creation of new workspaces and management of workspace members. The full set of experiences enabled and the specific licenses that include the Loop with workspaces service plan are covered in [Loop access via Microsoft 365 subscriptions](https://support.microsoft.com/office/loop-access-via-microsoft-365-subscriptions-92915461-4b14-49a4-9cd4-d1c259292afa).

+1. Sign in to [https://config.office.com](https://config.office.com) with your Microsoft 365 admin credentials.

+- If there were existing policy configurations before the change, then it takes 90 mins for the change to be reflected.

+- If there were no policy configurations before the change, then it takes 24 hours for the change to be reflected.

+> [!NOTE]

+> In order to target only a group of users in your organization to be able to create and view Loop content in workspaces, create a second group that targets All users, set this group to Disabled, and make it a lower priority than your target group that is set to Enabled. This will override the default Not Configured state to Disabled for all users but your target group.

+Today's threat landscape is overrun by [fileless malware](/microsoft-365/security/defender-endpoint/malware/fileless-threats) and that lives off the land, highly polymorphic threats that mutate faster than traditional solutions can keep up with, and human-operated attacks that adapt to what adversaries find on compromised devices. Traditional security solutions aren't sufficient to stop such attacks; you need artificial intelligence (AI) and device learning (ML) backed capabilities, such as behavioral blocking and containment, included in [Defender for Endpoint](/windows/security).

+## Specify the extended timeout period using Microsoft Defender for Endpoint Security settings management

+To specify the cloud block timeout period with Microsoft Defender for Endpoint Security settings management:

+You can also manually onboard individual devices to Defender for Endpoint. You might want to onboard some devices when you're testing the service before you commit to onboarding all devices in your network.

+> The script described in this article is recommended for manually onbooarding devices to Defender for Endpoint. It should only be used on a limited number of devices. If you're deploying to a production environment, see [other deployment options](configure-endpoints.md), such as Intune, Group Policy, or Configuration Manager.

+ 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Onboarding**.

+

+ 2. Select Windows 10 or Windows 11 as the operating system.

+

+ 3. In the **Deployment method** field, select **Local Script**.

+

+ 4. Select **Download package** and save the .zip file.

+

+4. Type the location of the script file. If you copied the file to the desktop, type: `%userprofile%\Desktop\WindowsDefenderATPLocalOnboardingScript.cmd`

+5. Press the **Enter** key or select **OK**.

+6. Type "Y" and enter when prompted.

+7. After the script completes, it will display "Press any key to continue...". Press any key to complete the steps on the device.

+You can manually configure the sample sharing setting on the device by using *regedit* or creating and running a `.reg` file.

+For security reasons, the package used to offboard devices expires three days after the date it was downloaded. Expired offboarding packages sent to a device are rejected. When downloading an offboarding package, you're notified of the package's expiry date, and that date is included in the package file name.

+> Onboarding and offboarding policies must not be deployed on the same device at the same time. Otherwise, unpredictable collisions might occur.

+ 1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Offboarding**.

+

+ 2. Select Windows 10 or Windows 11 as the operating system.

+

+ 3. In the **Deployment method** field, select **Local Script**.

+

+ 4. Select **Download package** and save the .zip file.

+2. Extract the contents of the .zip file to a shared, read-only location that devices can access. You should have a file named `WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd`.

+

+4. Type the location of the script file. If you copied the file to the desktop, type: `%userprofile%\Desktop\WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd`

+5. Press the **Enter** key or select **OK**.

+2. Select **Devices inventory**.

+# Configure and manage Endpoint Attack Notifications

+If you're a Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly.

+## Where you'll see the Endpoint Attack Notifications

+#### Group identifier

+EDR Group identifiers

+****

+|Section|Value|

+|||

+|**Domain**|`com.microsoft.wdav`|

+|**Key**|groupIds|

+|**Data type**|String|

+|**Comments**|Group identifier|

+|||

+For more general tips, see [prevent malware infection](/microsoft-365/security/defender-endpoint/malware/prevent-malware-infection).

+## Microsoft Defender Antivirus capabilities

+Microsoft Defender Antivirus provides anomaly detection, a layer of protection for malware that doesnΓÇÖt fit any predefined pattern. Anomaly detection monitors for process creation events or files that are downloaded from the internet. Through machine learning and cloud-delivered protection, Microsoft Defender Antivirus can stay one step ahead of attackers. Anomaly detection is on by default and can help block attacks such as [3CX Security Alert for Electron Windows App](https://www.3cx.com/blog/news/desktopapp-security-alert/). Microsoft Defender Antivirus started blocking this malware four days before the attack was registered in VirusTotal.

+Modern malware requires modern solutions. Microsoft Defender Antivirus stopped using signature-based engine detections many years ago. The scale and scope of todayΓÇÖs ever-evolving malware landscape requires adaptive, predictive technologies such as, machine learning, applied science, and artificial intelligence to keep you and your organizations safe.

+Microsoft Defender Antivirus can block almost all malware at first sight, in milliseconds.

+WeΓÇÖve also designed our antivirus solution to work in both online and offline scenarios. For offline scenarios, the latest dynamic intelligence from the Intelligence Security Graph is provisioned to the endpoint regularly throughout the day. When connected to the cloud, itΓÇÖs fed real-time intelligence from the [Intelligent Security Graph](https://www.microsoft.com/en-us/security/blog/2018/04/17/connect-to-the-intelligent-security-graph-using-a-new-api/).

+Microsoft Defender Antivirus can also stop threats based on their behaviors and process trees even when the threat has started execution. A common example of these kinds of attacks is fileless malware. Microsoft's Next-generation protection features work together to identify and block malware based on abnormal behavior. To learn more, see [Behavioral blocking and containment](behavioral-blocking-containment.md).

+- Microsoft Defender for Endpoint P1 (which is included in [Microsoft 365 E3 (M365 E3)](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639))

+Next-generation protections, such as [Microsoft Defender Antivirus](microsoft-defender-antivirus-windows.md) blocks malware using local and cloud-based machine learning models, behavior analysis, and heuristics. Microsoft Defender Antivirus uses predictive technologies, machine learning, applied science, and artificial intelligence to detect and block malware at the first sign of abnormal behavior.

+When an identity in your network might be compromised, you must prevent that identity from accessing the network and different endpoints. Defender for Endpoint can "contain" an identity, blocking it from access, and helping prevent attacks-- specifically, ransomware. When an identity is contained, any supported Microsoft Defender for Endpoint onboarded device will block incoming traffic in specific protocols related to attacks (network logons, RPC, SMB, RDP), terminate ongoing remote sessions and logoff existing RDP connections, while enabling legitimate traffic. This action can significantly help to reduce the impact of an attack. When an identity is contained, security operations analysts have extra time to locate, identify and remediate the threat to the compromised identity.

+## February 2024

+**Attack Surface Reduction (ASR) Rules**

+Two new ASR rules are now in public preview:

+- Block rebooting machine in Safe Mode (preview): This rule prevents the execution of commands to restart machines in Safe Mode.

+- Block use of copied or impersonated system tools (preview): This rule blocks the use of executable files that are identified as copies of Windows system tools. These files are either duplicates or impostors of the original system tools.

+|4|Details about blocked malware|More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. [Understand malware & other threats](/microsoft-365/security/defender-endpoint/malware/understanding-malware).|

+ Title: What's new in Microsoft Defender Vulnerability Management

+description: See what features are available in the latest release of Microsoft Defender for Vulnerability Management

+## February 2024

+### Vulnerable components

+Defender Vulnerability Management now provides the ability to identify, report on, and recommend remediation for common, proprietary, and open-source software components and dependencies known to have had security issues in the past. For more information, see [Vulnerable components](tvm-vulnerable-components.md).

+### Request of CVE support

+You can now request for support to be added to Defender Vulnerability Management for a particular Common Vulnerabilities and Exposures (CVE). For more information, see [Request CVE support](tvm-weaknesses.md#request-cve-support).

+### Vulnerability details updates

+- **Common Vulnerabilities and Exposures (CVE) AI generated description (Public Preview)**: A new AI generated vulnerability description is now in public preview. It appears on the vulnerability details page for a CVE and provide detailed information on the vulnerability, its impact, recommended remediation steps, and any additional information, if available.

+- **CVSS vector string**: The CVSS vector string is a text representation of the CVSS score. It is commonly used to record or transfer CVSS metric information in a concise and machine-readable form. This string is now represented in the portal for every weakness, and can be pulled via the [List vulnerabilities API](../defender-endpoint/api/get-all-vulnerabilities.md) and Advanced Hunting. For more information on the CVSS Vector, see [Common Vulnerability Scoring System](https://www.first.org/cvss/specification-document#:~:text=The%20Common%20Vulnerability%20Scoring%20System,Threat%2C%20Environmental%2C%20and%20Supplemental)

+### Other updates

+**Microsoft Defender Vulnerability Management Ninja training is now available**: For more information, see [Become a Microsoft Defender Vulnerability Management Ninja](https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/become-a-microsoft-defender-vulnerability-management-ninja/ba-p/4003011)

+> Microsoft Defender XDR users can now take advantage of a centralized permissions management solution to control user access and permissions across different Microsoft security solutions. Learn more about the [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md).

+> Microsoft Defender XDR users can now take advantage of a centralized permissions management solution to control user access and permissions across different Microsoft security solutions. Learn more about the [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md).

+- The rule-based feature for bulk addition of user accounts via security groups or distribution lists can accommodate a maximum of three groups at a time. These rules are static and applied one time only. That is, the security groups or distribution lists are flattened at the time of adding to the backup configuration policy. Groups or list won't be dynamically updated in the system if users are added or removed from the original security group, for example.

+- SharePoint admins operating the Microsoft 365 Backup tool need to have explicit read+ permissions to the sites they're searching for in the backups to be able to find those sites in the backup and restore them. In the future, weΓÇÖll introduce a Backup role, which grants SharePoint and Exchange admins full Backup search read rights when combined with their existing admin roles.

+- SharePoint sites and OneDrive accounts being restored to a prior point in time aren't locked in a ready-only state. Therefore, users might not realize their current edits will be imminently rolled back and lost. In the future, we introduce a read-only lock on all sites undergoing a restore.

+- For restores to a new URL, only the admin who executed the restore has ownership permissions for the restored SharePoint sites or OneDrive accounts in the new URLs. Restores to the same URL reverts permissions to their original state. We might decide to change this behavior in the future via a "copy permissions" feature.

+- Mailboxes, OneDrive accounts, and SharePoint sites that are under legal or in-place holds currently can't be restored unless the destination is removed from legal hold. To restore a SharePoint site under legal hold, you need to restore the site to a new URL.

+- Calendar item backup and restore is limited to modified items only and doesn't cover deleted items. This action includes the following specific limitations:

+- While restoring Exchange mailboxes at a granular level, the search feature provides several search parameters. These parameters allow you to enter up to a maximum of five keywords each. For example, the parameters "from" and "to" allow you to enter up to a maximum of five email addresses each.

+- The multi-geo feature isn't supported for SharePoint or OneDrive services in this release. This might affect the restore of sites across different geos. Exchange Online multi-geo is supported, however, when configuring a restore each mailbox in a single restore request must be in the same geo.

+- If there are no differences between the current state of a mailbox and the prior point in time from which you're attempting a restore, a restore isn't performed and no new folders are created when a "restore to a new location" request is made. We don't plan to modify this behavior in the future.

+- SharePoint sites and OneDrive accounts being restored to a new URL have a read-only lock on that new URL until the restore completes. The global admin can still download documents or remove the read-only lock manually. This isn't behavior we plan on changing.

+During the preview, we're enforcing self-service restore limits while we gain a better understanding of how organizations are using the tool so that we can build in enhancements in the future to help users avoid mistaken restore actions. These limits are described in the following table.

+1. As an administrator, select the following link, which will populate a help query in the admin center: [Microsoft 365 Backup Limit Request](https://aka.ms/M365BackupLimit).