| Category | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| admin | Enable Modern Authentication | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/security-and-compliance/enable-modern-authentication.md | Create or modify the following registry keys to force Outlook to use a newer aut HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\ ``` -8. If the keys in the table above already exist, modify the values if necessary, then exit Registry Editor. If they do not, on the Edit menu, point to **New** and then select **DWORD Value** to create the missing keys. +8. If the *EnableADAL* and *Version* keys already exist, modify the values if necessary, then exit Registry Editor. If they do not, on the Edit menu, point to **New** and then select **DWORD Value** to create the missing keys. 9. For example, if the *EnableADAL* key is missing, type *EnableADAL*, and then press **Enter.** |
| business-premium | M365bp Device Groups Mdb | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-device-groups-mdb.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| business-premium | M365bp Onboard Devices Mdb | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-onboard-devices-mdb.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| business-premium | M365bp Review Remediation Actions Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-review-remediation-actions-devices.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| business-premium | M365bp Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-setup.md | audience: Admin Last updated 03/01/2022 -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH You have several options for setting up and configuring Microsoft 365 Business P - [Use a guided setup experience for basic setup and configuration](#guided-process-for-basic-setup) - [Work with a partner, such as a Microsoft Cloud Solution Provider (CSP)](#work-with-a-microsoft-partner)-- [Work through the setup process manually](#manual-setup-and-configuration)- Use this article as a guide. +> [!TIP] +> Need some help? Consider getting [Business Assist for Microsoft 365](https://support.microsoft.com/en-us/office/business-assist-for-microsoft-365-37deb8fe-61cc-4cf9-9ad1-1c8d93475070) + ## Guided process for basic setup -Microsoft 365 Business Premium includes a guided process for basic setup. Tasks include connecting to a custom domain, adding users, assigning licenses, installing Outlook on mobile devices, reviewing data protection settings, and applying a mobile app protection policy. +Microsoft 365 Business Premium includes a guided process for basic setup. Tasks include connecting to a custom domain, adding users, assigning licenses, and activating your DNS records. To see how the guided setup works, watch the following video: <br/><br/> To see how the guided setup works, watch the following video: <br/><br/> After you have finished the guided setup, there are additional steps to complete to help ensure that your security and compliance capabilities are properly set up and applied. These steps include: -- [Securing Windows devices](m365bp-secure-windows-devices.md)-- [Deploying Microsoft 365 apps](../admin/setup/install-applications.md)-- [Setting up and configuring your new Defender for Business capabilities](../security/defender-business/mdb-setup-configuration.md)+- [Turning on security defaults](m365bp-conditional-access.md) +- [Protecting against phishing and other attacks](m365-campaigns-phishing-and-attacks.md) +- [Securing devices](m365bp-secure-windows-devices.md) [Learn more about the differences between the guided setup process and the Setup page](../admin/setup/o365-setup-wizard-and-setup-page.md). -> [!TIP] -> See the following section for more details about setting up and configuring Microsoft 365 Business Premium. -- ## Work with a Microsoft partner Microsoft has a list of solution providers who are authorized to sell offerings, including Microsoft 365 Business Premium. To find a solution provider in your area, take the following steps: Also see [Find your partner or reseller](../admin/manage/find-your-partner-or-reseller.md). -## Manual setup and configuration --If you prefer to complete your setup and configuration process manually, use the following table as a guide: --| Phase | Task | Resources to learn more | -|||| -| **Planning** | Plan your setup and configuration process | [Plan your setup of Microsoft 365 for business](../admin/setup/plan-your-setup.md) | -| | Review the requirements | [Microsoft 365 Business Premium requirements](https://www.microsoft.com/microsoft-365/business/microsoft-365-business-premium?activetab=pivot:overviewtab) | -| **Basic setup** | Use a custom domain like `rob@contoso.com` with Microsoft 365 | [Add a domain to Microsoft 365](../admin/setup/add-domain.md) | -| | Add users and assign licenses in Microsoft 365 | [Add users and assign licenses at the same time](../admin/add-users/add-users.md) | -| | Assign admin roles to users who'll perform certain functions, such as: <br/>- Managing features<br/>- Managing user accounts<br/>- Managing devices<br/>- Viewing or managing your organization's security and compliance information | [Learn about admin roles](../admin/add-users/about-admin-roles.md) <br/><br/> [Assign admin roles](../admin/add-users/assign-admin-roles.md) | -| | Install Microsoft 365 Apps (like Word, Excel, PowerPoint, and more) | [Install Office applications](../admin/setup/install-applications.md) | -| **Securing your organization** | Refer to the top 10 days to secure your Microsoft 365 subscription | [Top 10 ways to secure Microsoft 365 for business plans](../admin/security-and-compliance/secure-your-business-data.md) | -| | Require everyone to use an additional verification method when they sign in to Microsoft 365 | [Set up multifactor authentication](../admin/security-and-compliance/set-up-multi-factor-authentication.md) | -| **Protecting email and content** | Set up advanced anti-phishing protection to guard against malicious impersonation-based phishing attacks and other phishing attacks | [Protect your email from phishing attacks](../admin/security-and-compliance/secure-your-business-data.md) | -| | Set up Safe Attachments to protect your organization from malicious email attachments | [Protect against malicious attachments and files with Safe Attachments](../admin/security-and-compliance/secure-your-business-data.md) | -| | Set up Safe Links to protect against malicious websites (URLs) in email messages and Office documents | [Set up Safe Links](../admin/security-and-compliance/secure-your-business-data.md) | -| | Set up data loss prevention policies to protect sensitive information from being shared | [Set up compliance features](../admin/security-and-compliance/set-up-compliance.md) | -| **Managing and protecting devices** | Secure your organization's Windows devices | [Secure Windows devices](m365bp-secure-windows-devices.md) <br/><br/>[Set or edit application protection settings for Windows 10 devices](../admin/devices/protection-settings-for-windows-10-devices.md) | -| | Secure Microsoft 365 apps on mobile devices | [Set app protection settings for Android or iOS devices](../admin/devices/app-protection-settings-for-android-and-ios.md) | -| | Set up Microsoft Defender for Business (when available for your tenant) | [Overview of Microsoft Defender for Business](../security/defender-business/mdb-overview.md)<br/><br/>[Use the wizard to set up Defender for Business](../security/defender-business/mdb-use-wizard.md) | -| **File storage and migrating content** | Set up file storage and how sharing will work for your organization | [Set up file storage and sharing in Microsoft 365](../admin/setup/set-up-file-storage-and-sharing.md) | -| | Import or migrate email and contacts | [Migrate email and contacts to Microsoft 365](../admin/setup/migrate-email-and-contacts-admin.md) | -| | Move the company files that everyone needs to access to SharePoint (SharePoint typically replaces the use of a file share or network drive) | [Move files to SharePoint](../admin/setup/files-to-sharepoint.md) | -| | Move your existing work files, such as personal work files or sensitive business files, to OneDrive | [Move files to OneDrive](../admin/setup/files-to-onedrive.md) | -| **Training admins and your security team** | Learn how to use the admin center | [Overview of the Microsoft 365 admin center](../admin/admin-overview/admin-center-overview.md) | -| | Use the free training video library for Microsoft 365 admins | [Admin training video library](../admin/admin-video-library.yml) | -| | Learn how to use the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) | [Get started using the Microsoft 365 Defender portal](../security/defender-business/mdb-get-started.md) | --> [!TIP] -> Need some help? Consider getting [Business Assist for Microsoft 365](https://support.microsoft.com/en-us/office/business-assist-for-microsoft-365-37deb8fe-61cc-4cf9-9ad1-1c8d93475070) - ## See also - [Overview of Microsoft Defender for Business](../security/defender-business/mdb-overview.md) (now included with Microsoft 365 Business Premium!) |
| business-premium | M365bp View Edit Create Mdb Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| commerce | Use Cost Mgmt | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/use-cost-mgmt.md | +ms.localizationpriority: medium - M365-subscription-management - Adm_O365 |
| compliance | Archive Slack Data Microsoft | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data-microsoft.md | Last updated audience: Admin -localization_priority: Normal +ms.localizationpriority: medium description: "Learn how to set up and use a Slack eDiscovery data connector provided by Microsoft to import and archive instant messaging data." |
| compliance | Compliance Manager Assessments | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-assessments.md | You can create a group while creating a new assessment. Groups can't be created - Related assessment controls in different assessments within the same group automatically update when completed. - Groups can contain assessments for the same certification or regulation, but each group can only contain one assessment for a specific product-certification pair. For example, a group can't contain two assessments for Office 365 and NIST CSF. A group can contain multiple assessments for the same product only if the corresponding certification or regulation for each one is different. - Deleting an assessment breaks the relationship between that assessment and the group.-- Groups can't be manually deleted.+- Groups can't be deleted. ## Understand templates before creating assessments |
| compliance | Compliance Manager Mcca | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-mcca.md | After you install MCCA, you can run MCCA and generate a report. To run a report: 3. Once MCCA runs, it does an initial version check and ask for credentials. At the Input the user name prompt, sign in with your Microsoft 365 account email address ([view the roles eligible to create reports](#role-based-reporting)). Then enter your password at the password prompt. -Your report will then take approximately 2-5 minutes to generate. When itΓÇÖs done, a browser window opens and displays your HTML report. Every time you run the tool, it will ask for your credentials and generate a new report. This report is stored locally in the following directory: --C:\Users\<username>\AppData\Local\Microsoft\MCCA. +Your report will then take approximately 2-5 minutes to generate. When itΓÇÖs done, a browser window opens and displays your HTML report. Every time you run the tool, it will ask for your credentials and generate a new report. This report is stored locally in the directory C: \ Users \ *username* \ AppData \ Local \ Microsoft \ MCCA. You can access previously generated reports from this directory. |
| compliance | Compliance Manager Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-setup.md | Compliance Manager detects signals from other Microsoft 365 compliance solutions Compliance Manager also detects signals from complementary improvement actions that are also monitored by [Microsoft Secure Score](../security/defender/microsoft-secure-score.md). Using these signals, Compliance Manager can automatically test certain improvement actions for you, which helps maximize efficiency in your compliance activities. When an improvement action is successfully tested and implemented, you receive the full amount of points, which gets credited to your overall compliance score. -In each improvement action's details page - Automatic testing is turned on by default for organizations new to Compliance Manager. When you first deploy Microsoft 365 or Office 365, it takes approximately seven days to fully collect data and factor it into your compliance score. When automated testing is turned on, the actionΓÇÖs test date wonΓÇÖt be updated, but its test status will update. When new assessments are created, scores automatically include Microsoft control scores and Secure Score integration. #### Manage automated testing settings |
| compliance | Device Onboarding Macos Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-macos-overview.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Device Onboarding Offboarding Macos Intune Mde | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-intune-mde.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Device Onboarding Offboarding Macos Intune | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-intune.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Device Onboarding Offboarding Macos Jamfpro Mde | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Device Onboarding Offboarding Macos Jamfpro | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Device Onboarding Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-overview.md | -localization_priority: Priority +ms.localizationpriority: high - M365-security-compliance - m365solution-mip |
| compliance | Dlp Policy Design | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-policy-design.md | Last updated audience: ITPro -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Get Started With Service Trust Portal | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-service-trust-portal.md | The Microsoft Service Trust Portal provides a variety of content, tools, and oth ## Accessing the Service Trust Portal -The Service Trust Portal contains details about Microsoft's implementation of controls and processes that protect our cloud services and the customer data therein. To access some of the resources on the Service Trust Portal, you must log in as an authenticated user with your Microsoft cloud services account (either an Azure Active Directory organization account or a Microsoft Account) and review and accept the Microsoft Non-Disclosure Agreement for Compliance Materials. +The Service Trust Portal contains details about Microsoft's implementation of controls and processes that protect our cloud services and the customer data therein. To access some of the resources on the Service Trust Portal, you must log in as an authenticated user with your Microsoft cloud services account (Azure Active Directory organization account) and review and accept the Microsoft Non-Disclosure Agreement for Compliance Materials. ### Existing customers Existing customers can access the Service Trust Portal at <https://aka.ms/STP> w - Azure > [!NOTE]- > Azure Active Directory accounts associated with organizations have access to the full range of documents and features like Compliance Manager. Microsoft accounts created for personal use have limited access to Service Trust Portal content. + > Azure Active Directory accounts associated with organizations have access to the full range of documents and features like Compliance Manager. ### New customers and customers evaluating Microsoft online services |
| compliance | Named Entities Learn | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-learn.md | -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance description: "Learn how named entities help you detect sensitive items containing names of people, physical addresses, and medical terms via data loss prevention policies" |
| compliance | Named Entities Use | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-use.md | -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance description: "Use these procedures to take advantage of named entities in your data loss prevention policies" |
| compliance | Sit Common Scenarios | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-common-scenarios.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Based Sits Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-based-sits-overview.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Create Rule Package | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Create Schema | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-create-schema.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Export Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-export-data.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Hash Upload | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-hash-upload.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Get Started Exact Data Match Test | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-test.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Learn About Exact Data Match Based Sits | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Use Exact Data Manage Schema | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-use-exact-data-manage-schema.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| compliance | Sit Use Exact Data Refresh Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-use-exact-data-refresh-data.md | audience: Admin Last updated -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance search.appverid: |
| contentunderstanding | Metadata Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/metadata-search.md | search.appverid: - enabler-strategic - m365initiative-syntex-localization_priority: Priority +ms.localizationpriority: high description: Learn how to use advanced metadata search to find items in SharePoint document libraries using SharePoint Syntex. |
| contentunderstanding | Powershell Syntex Explanations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-explanations.md | +ms.localizationpriority: medium description: "Learn about work with SharePoint Syntex document understanding model explanations in PowerShell." |
| contentunderstanding | Powershell Syntex Import Export | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-import-export.md | +ms.localizationpriority: medium description: "Learn about how to export and import document understanding models with PowerShell in SharePoint Syntex." |
| contentunderstanding | Powershell Syntex Intro | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-intro.md | +ms.localizationpriority: medium description: "Learn how to manage SharePoint Syntex with PowerShell." |
| contentunderstanding | Powershell Syntex Processing | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-processing.md | +ms.localizationpriority: medium description: "Learn how to use PowerShell to request processing by a SharePoint Syntex document understanding model." |
| contentunderstanding | Powershell Syntex Publishing | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-publishing.md | +ms.localizationpriority: medium description: "Learn how to publish a SharePoint Syntex document understanding models with PowerShell." |
| enterprise | O365 Data Locations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/o365-data-locations.md | If CustomerΓÇÖs billing address is outside Europe and Customer has an Office 365 ### How does Microsoft define data? -Review our [definitions for different types of data](https://go.microsoft.com/fwlink/p/?linkid=864390) on the Microsoft Trust Center. In the [Microsoft Online Services Terms](https://go.microsoft.com/fwlink/p/?linkid=862403), Microsoft makes contractual commitments regarding customer data/your data. We refer to core customer data as the customer data that is committed to be stored at rest only within your region according to the [Microsoft Online Services Terms](https://go.microsoft.com/fwlink/p/?linkid=862403). +Review our [definitions for different types of data](https://go.microsoft.com/fwlink/p/?linkid=864390) on the Microsoft Trust Center. In the [Privacy & Security Terms](https://www.microsoft.com/licensing/terms/product/PrivacyandSecurityTerms/all), Microsoft makes contractual commitments regarding customer data/your data. We refer to core customer data as the customer data that is committed to be stored at rest only within your region according to the [Privacy & Security Terms](https://www.microsoft.com/licensing/terms/product/PrivacyandSecurityTerms/all). ### Where are the exact addresses of the data centers? |
| managed-desktop | Readiness Assessment Tool | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/get-ready/readiness-assessment-tool.md | The [online tool](https://aka.ms/mmdart) checks settings in Microsoft Endpoint M Microsoft Managed Desktop retains the data associated with these checks for 12 months after the last time you run a check in your Azure AD organization (tenant). After 12 months, we retain it in de-identified form. You can choose to delete the data we collect. -Anyone with at least the Global Reader or Intune Administrator role will be able to run this tool, but two of the checks ([Conditional access policies](readiness-assessment-fix.md#conditional-access-policies) and [Multi-factor authentication](readiness-assessment-fix.md#multi-factor-authentication) require extra permissions. +Anyone with at least the Global Reader or Intune Administrator role will be able to run this tool, but two of the checks ([Conditional access policies](readiness-assessment-fix.md#conditional-access-policies) and [Multi-factor authentication](readiness-assessment-fix.md#multi-factor-authentication)) require extra permissions. > [!IMPORTANT] > The online readiness assessment tool helps you check your readiness to enroll in Microsoft Managed Desktop for the first time. If your organization is already enrolled in Microsoft Managed Desktop, don't use this tool. |
| managed-desktop | Localization | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/get-started/localization.md | Users can select the language of their choice for Windows 10, and Microsoft 365 | Windows 10 language features | <ul><li>Display language</li><li>Keyboard language</li><ul> | | Microsoft 365 Apps for Enterprise language features | <ul><li>Display language</li><li>Proofing and authoring tools</li></ul> | -To make the [Supported languages](#supported-languages) for Microsoft 365 Apps for Enterprise available for your users to install, add the users to the **Modern Workplace-Office-Language_Packs** group. The languages will be available in the Intune Company Portal. +## Install more languages ++> [!NOTE] +> As of March 16, 2022, we're phasing out the Modern Workplace-Office-Language_Packs group that allows yours to add languages to Microsoft Office. The transition to the new method (see below) will be completed in April 2022. If you have any issues during this transition period, please reach out to [support](../working-with-managed-desktop/admin-support.md). ++By default, Microsoft Office requires users to be admin. Microsoft Managed Desktop deploys an Office policy to enable standard users to install language accessory packs directly from their Office apps. For more information, see [Allow users who aren't admins to install additional languages](/deployoffice/overview-deploying-languages-microsoft-365-apps#allow-users-who-arent-admins-to-install-additional-languages). ## Supported languages If your users need a language other than the ones listed here, file a [support r ## Languages for support and operations -### User support --Microsoft Managed Desktop provides support only in English. If users choose another language in the Get Help app, they'll get support from the general Microsoft support channels, rather than support directly from Microsoft Managed Desktop. For more information, see [Getting help for users](../working-with-managed-desktop/end-user-support.md). --If your users need support in other languages, you'll have to provide that through non-Microsoft support sources or from your own organization. - ### Admin support and operations Microsoft Managed Desktop provides admin support only in English. This support includes the Admin portal and all communications with Microsoft Managed Desktop Operations. You should assume that all admin-related interactions and interfaces will be in English, unless specified otherwise. |
| managed-desktop | Shared Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/service-description/shared-devices.md | keywords: Microsoft Managed Desktop, Microsoft 365, service, documentation +ms.localizationpriority: medium |
| security | Compare Mdb M365 Plans | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/compare-mdb-m365-plans.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Get Defender Business | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/get-defender-business.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Configure Security Settings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-configure-security-settings.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Create Edit Device Groups | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-create-edit-device-groups.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Custom Rules Firewall | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-custom-rules-firewall.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Email Notifications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-email-notifications.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Firewall | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-firewall.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Get Started | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-get-started.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Lighthouse Integration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-lighthouse-integration.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Manage Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-manage-devices.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Next Gen Configuration Settings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Onboard Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-onboard-devices.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-overview.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Policy Order | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-policy-order.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Reports | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-reports.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Requirements | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-requirements.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Respond Mitigate Threats | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-respond-mitigate-threats.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Review Remediation Actions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-review-remediation-actions.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Roles Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-roles-permissions.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Setup Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-setup-configuration.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Simplified Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-simplified-configuration.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Tutorials | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-tutorials.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb Use Wizard | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-use-wizard.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb View Edit Create Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-view-edit-create-policies.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb View Manage Incidents | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-view-manage-incidents.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Mdb View Tvm Dashboard | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-view-tvm-dashboard.md | -localization_priority: Normal +ms.localizationpriority: medium f1.keywords: NOCSH |
| security | Android Configure Mam | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/android-configure-mam.md | ms.pagetype: security -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro - m365-security-compliance |
| security | Azure Server Integration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/azure-server-integration.md | ms.sitesec: library ms.pagetype: security -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro |
| security | Defender Endpoint False Positives Negatives | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives.md | Before you classify or suppress an alert, determine whether the alert is accurat 4. Depending on the alert status, take the steps described in the following table: -<br/><br/> - |Alert status|What to do| ||| |The alert is accurate|Assign the alert, and then [investigate it](investigate-alerts.md) further.| If you have a file that was either wrongly detected as malicious or was missed, 1. Review the guidelines here: [Submit files for analysis](/windows/security/threat-protection/intelligence/submission-guide). -2. Visit the Microsoft Security Intelligence submission site (<https://www.microsoft.com/wdsi/filesubmission>), and submit your file(s). +2. Visit the [Microsoft Security Intelligence submission site](https://www.microsoft.com/wdsi/filesubmission) (https://www.microsoft.com/wdsi/filesubmission), and submit your file(s). ### Submit a fileless detection for analysis If something was detected as malware based on behavior, and you don't have a fil 3. Review the guidelines here: [Submit files for analysis](/windows/security/threat-protection/intelligence/submission-guide). -4. Visit the Microsoft Security Intelligence submission site (<https://www.microsoft.com/wdsi/filesubmission>), and submit your .cab files. +4. Visit the [Microsoft Security Intelligence submission site](https://www.microsoft.com/wdsi/filesubmission) (https://www.microsoft.com/wdsi/filesubmission), and submit your .cab files. ### What happens after a file is submitted? |
| security | Delete Library | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/delete-library.md | f1.keywords: - NOCSH -localization_priority: normal +ms.localizationpriority: medium audience: ITPro |
| security | Edr In Block Mode | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/edr-in-block-mode.md | ms.technology: mde > EDR in block mode does not provide all the protection that is available when Microsoft Defender Antivirus real-time protection is enabled. All features that depend on Microsoft Defender Antivirus to be the active antivirus solution will not work, including the following key examples: > > - Real-time protection, including on-access scanning, is not available when Microsoft Defender Antivirus is in passive mode. To learn more about real-time protection policy settings, see **[Enable and configure Microsoft Defender Antivirus always-on protection](configure-real-time-protection-microsoft-defender-antivirus.md)**.+> > - Features like **[network protection](network-protection.md)** and **[attack surface reduction rules](attack-surface-reduction.md)** are only available when Microsoft Defender Antivirus is running in active mode. > > It is expected that your non-Microsoft antivirus solution provides these capabilities. The following image shows an instance of unwanted software that was detected and ## Enable EDR in block mode +> [!IMPORTANT] +> Starting with platform version 4.18.2202.X, you can now set EDR in block mode to target specific device groups using Intune CSPs. You can continue to set EDR in block mode tenant-wide in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a>. Please note that EDR in block mode is primarily recommended for devices running MDAV in passive mode (a 3rd party AV is active). + > [!TIP] > Make sure the [requirements](#requirements-for-edr-in-block-mode) are met before turning on EDR in block mode. +### Security Portal + 1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com/](https://security.microsoft.com/)) and sign in.+ 2. Choose **Settings** \> **Endpoints** \> **General** \> **Advanced features**.+ 3. Scroll down, and then turn on **Enable EDR in block mode**. -> [!IMPORTANT] -> EDR in block mode can be turned on only in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a>, and is applied tenant wide. You cannot set EDR in block mode to target specific device groups or users. You cannot use registry keys, Microsoft Intune, or Group Policy to enable or disable EDR in block mode. +### Intune ++To create a custom policy in Intune, see [Deploy OMA-URIs to target a CSP through Intune, and a comparison to on-premises](/troubleshoot/mem/intune/deploy-oma-uris-to-target-csp-via-intune). ++For more information on the Defender CSP used for EDR in block mode, see "Configuration/PassiveRemediation" under [Defender CSP](/windows/client-management/mdm/defender-csp). + ## Requirements for EDR in block mode +The following table lists requirements for EDR in block mode: + |Requirement|Details| ||| |Permissions|You must have either the Global Administrator or Security Administrator role assigned in [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal). For more information, see [Basic permissions](basic-permissions.md).| The following image shows an instance of unwanted software that was detected and ## Frequently asked questions +### Can I specify exclusions for EDR in block mode? ++In you get a false positive, you can submit the file for analysis at the [Microsoft Security Intelligence submission site](https://www.microsoft.com/en-us/wdsi/filesubmission). ++You can also define an exclusion for Microsoft Defender Antivirus. See [Configure and validate exclusions for Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md). + ### Do I need to turn EDR in block mode on if I have Microsoft Defender Antivirus running on devices? The primary purpose of EDR in block mode is to remediate post-breach detections that were missed by a non-Microsoft antivirus product. However, we recommend keeping EDR in block mode turned on, whether Microsoft Defender Antivirus is running in passive mode or in active mode. - When Microsoft Defender Antivirus is in passive mode, EDR in block mode provides another layer of defense together with Microsoft Defender for Endpoint.+ - When Microsoft Defender Antivirus is in active mode, EDR in block mode does not provide extra scanning, but it does allow Microsoft Defender Antivirus to take automatic actions on post-breach, behavioral EDR detections. ### Will EDR in block mode affect a user's antivirus protection? For more information, see [Microsoft Defender Antivirus compatibility](microsoft To confirm whether Microsoft Defender Antivirus is running in active or passive mode, you can use Command Prompt or PowerShell on a device running Windows. -<br/><br/> - |Method|Procedure| ||| |PowerShell|1. Select the Start menu, begin typing `PowerShell`, and then open Windows PowerShell in the results.<br/><br/>2. Type `Get-MpComputerStatus`.<br/><br/>3. In the list of results, in the **AMRunningMode** row, look for one of the following values:<br/>- `Normal`<br/>- `Passive Mode`<br/><br/>To learn more, see [Get-MpComputerStatus](/powershell/module/defender/get-mpcomputerstatus).| If you choose to disable EDR in block mode, it can take up to 30 minutes for the ## See also - [Tech Community blog: Introducing EDR in block mode: Stopping attacks in their tracks](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/introducing-edr-in-block-mode-stopping-attacks-in-their-tracks/ba-p/1596617)+ - [Behavioral blocking and containment](behavioral-blocking-containment.md) |
| security | Ios Install | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ios-install.md | Next, configure the supervised mode for Defender for Endpoint app through an App 1. On the **Review + create** page, when you're done, choose **Create**. The new profile is displayed in the list of configuration profiles. -1. Next, for enhanced Anti-phishing capabilities, you can deploy a custom profile on the supervised iOS devices. Follow the steps below: +1. Next you must deploy a custom profile on supervised iOS devices. This is for enhanced Anti-phishing capabilities. Follow the steps below: - Download the config profile from [https://aka.ms/mdeiosprofilesupervised](https://aka.ms/mdeiosprofilesupervised) - Navigate to **Devices** -> **iOS/iPadOS** -> **Configuration profiles** -> **Create Profile** |
| security | List Library Files | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/list-library-files.md | f1.keywords: - NOCSH -localization_priority: normal +ms.localizationpriority: medium audience: ITPro |
| security | Live Response Library Methods | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/live-response-library-methods.md | f1.keywords: - NOCSH -localization_priority: normal +ms.localizationpriority: medium audience: ITPro |
| security | Manage Updates Baselines Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus.md | All our updates contain - Integration improvements (Cloud, [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender)) <br/><br/> <details>-<summary>February-2022 (Platform: 4.18.xxxx.xx | Engine: 1.1.19000.8)</summary> +<summary>February-2022 (Platform: 4.18.2202.4 | Engine: 1.1.19000.8)</summary> - Security intelligence update version: **1.357.x.x**<br/> + Security intelligence update version: **1.361.14.0**<br/>  Released: **March 14, 2022**<br/>- Platform: **4.18.xxxx.xx**<br/> + Platform: **4.18.2202.4**<br/>  Engine: **1.1.19000.8**<br/>  Support phase: **Security and Critical Updates**<br/> Engine version: 1.1.19000.8 <br/>-Security intelligence update version: 1.357.x.x <br/> +Security intelligence update version: 1.361.14.0 <br/> ### What's new -- Coming soon+- Improvements to detection and behavior monitoring logic +- Fixed false positive triggering attack surface reduction detections +- Added fix resulting in better fidelity of EDR and Advanced Hunting detection alerts +- Defender no longer supports custom notifications on toast pop ups. Modified GPO/Intune/SCCM and docs to reflect this change. +- Improvements to capture both information and copy of files written to removable storage. To learn more, see [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](device-control-removable-storage-access-control.md). +- Improved traffic output when SmartScreen service is unreachable +- Connectivity improvements for customers using proxies with authentication requirements +- Fixed VDI device update bug for network FileShares +- EDR in block mode now supports granular device targetting with new CSPs. See [Endpoint detection and response (EDR) in block mode](edr-in-block-mode.md). ### Known Issues |
| security | Microsoft Defender Antivirus Compatibility | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility.md | The table in this section summarizes the features and capabilities that are acti | [Attack surface reduction rules](attack-surface-reduction.md) | Yes | No | No | No | | [Limited periodic scanning availability](limited-periodic-scanning-microsoft-defender-antivirus.md) | No | No | Yes | No | | [File scanning and detection information](review-scan-results-microsoft-defender-antivirus.md) | Yes | Yes<sup>[[5](#fn5)]</sup> | No | Yes | - | [Threat remediation](configure-remediation-microsoft-defender-antivirus.md) | Yes | Yes | No | Yes | + | [Threat remediation](configure-remediation-microsoft-defender-antivirus.md) | Yes | See note <sup>[[6](#fn6)]</sup> | No | Yes | | [Security intelligence updates](manage-updates-baselines-microsoft-defender-antivirus.md) | Yes | Yes | No | Yes | (<a id="fn4">4</a>) In general, when Microsoft Defender Antivirus is in passive mode, real-time protection does not provide any blocking or enforcement, even though it is enabled and in passive mode. (<a id="fn5">5</a>) When Microsoft Defender Antivirus is in passive mode, scans are not scheduled. +(<a id="fn6">6</a>) When Microsoft Defender Antivirus is in passive mode, it does not remediate threats. However, Threats can be remediated by [Endpoint detection and response (EDR) in block mode](edr-in-block-mode.md). In this case, you might see alerts showing Microsoft Defender Antivirus as a source, even when Microsoft Defender Antivirus is in passive mode. + > [!NOTE] > [Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about) protection continues to operate normally when Microsoft Defender Antivirus is in either active or passive mode. |
| security | Microsoft Defender Endpoint Linux | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux.md | If you experience any installation failures, refer to [Troubleshooting installat - Debian 9 or higher - SUSE Linux Enterprise Server 12 or higher - Oracle Linux 7.2 or higher+ - Oracle Linux 8.x - Amazon Linux 2 - Fedora 33 or higher |
| security | Security Config Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/security-config-management.md | ms.sitesec: library ms.pagetype: security -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro |
| security | Server Migration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/server-migration.md | ms.sitesec: library ms.pagetype: security -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro |
| security | Upload Library | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/upload-library.md | f1.keywords: - NOCSH -localization_priority: normal +ms.localizationpriority: medium audience: ITPro |
| security | Advanced Hunting Link To Incident | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/advanced-hunting-link-to-incident.md | f1.keywords: - NOCSH -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro |
| security | Microsoft 365 Defender Train Security Staff | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-defender-train-security-staff.md | f1.keywords: - NOCSH -localization_priority: Normal +ms.localizationpriority: medium audience: ITPro |
| security | Attack Simulation Training Payload Automations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations.md | -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance - m365initiative-defender-office365 |
| security | Attack Simulation Training Simulation Automations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations.md | -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance - m365initiative-defender-office365 |
| security | Attack Simulation Traning End User Notifications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-traning-end-user-notifications.md | -localization_priority: Normal +ms.localizationpriority: medium - M365-security-compliance - m365initiative-defender-office365 |