Updates from: 07/27/2022 01:24:11
Category Microsoft Docs article Related commit history on GitHub Change details
admin Let Users Reset Passwords https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/let-users-reset-passwords.md
Check out this video and others on our [YouTube channel](https://go.microsoft.co
> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE3AY8S] 1. In the Microsoft 365 admin center, in the left navigation pane, select **Settings** > **Org settings**, and then <a href="https://go.microsoft.com/fwlink/p/?linkid=2072756" target="_blank">**Security & privacy**</a>.
-1. Under **Let your people reset their own passwords**, select**Azure AD admin center**.
+1. Under **Self-service password reset**, select **Go to the Azure portal to turn on self-service password reset**.
1. In the left navigation pane, select **Users**, and then on the **Users - all users** page, select **Password reset**. 1. Select **All** to enable self-service password reset, and then select **Save**.
+1. In the left navigation pane, select **Authentication methods** and select the **Number of methods required to reset** and desired **Methods available to users**, and then select **Save**.
If you found this video helpful, check out the [complete training series for small businesses and those new to Microsoft 365](../../business-video/index.yml).
These steps turn on self-service password reset for everyone in your business.
4. Under **Self-service password reset**, select **Go to the Azure portal to turn on self-service password reset**. 5. On the **Properties** page, select **All** to enable it for everyone in your business, and then select **Save**.+
+6. In the left navigation pane, select **Authentication methods** and select the **Number of methods required to reset** and desired **Methods available to users**, and then select **Save**.
-6. When your users sign in, they will be prompted to enter additional contact information that will help them reset their password in the future.
+7. When your users sign in, they will be prompted to enter additional contact information that will help them reset their password in the future.
## Related content
admin Idle Session Timeout Web Apps https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/idle-session-timeout-web-apps.md
description: "Set how long user's session will last in Microsoft 365 before they
<!-- Add metadata: localization, AdminSurgePortfolio, admindeeplinkMAC. remove robots nofollow -->
+> [!IMPORTANT]
+> Idle session timeout isn't available for Microsoft 365 operated by 21Vianet, or Microsoft 365 Germany.
+ Use idle session timeout to configure a policy on how long users are inactive in your organization before they are signed out of Microsoft 365 web apps. This helps protect sensitive company data and adds another layer of security for end users who work on non-company or shared devices. When a user reaches the idle timeout session you've set, they'll get a notification that they're about to be signed out. They have to select to stay signed in or they'll be automatically signed out of all Microsoft 365 web apps.
When a user has been inactive in Microsoft 365 web apps for the time period you
- Users wonΓÇÖt get signed out in these cases. - If they get single sign-on (SSO) into the web app from the device joined account or selected **Stay signed in** at the time of sign-in. For more info on hiding this option for your organization, see [Add branding to your organization's sign-in page](/azure/active-directory/fundamentals/customize-branding).
- - If they're on a managed device (one that is compliant or joined to a domain) and using a supported browser like Microsoft Edge or Google Chrome (with the [Windows Accounts extension](https://chrome.google.com/webstore/detail/windows-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji)). For this feature to not trigger on a managed device, an eligible Azure AD Premium P1 or P2 subscription, and a specific Conditional Access policy, is required. See below for further details.
-
-> [!IMPORTANT]
-> Idle session timeout isn't available for Microsoft 365 operated by 21Vianet, or Microsoft 365 Germany.
+ - If they're on a managed device (one that is compliant or joined to a domain) and using a supported browser like Microsoft Edge or Google Chrome (with the [Windows Accounts extension](https://chrome.google.com/webstore/detail/windows-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji)). For this feature to trigger on an unmanaged device, an eligible Azure AD Premium P1 or P2 subscription, and a specific Conditional Access policy, is required. See below for further details.
## Idle session timeout on unmanaged devices
admin Password Policy Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/password-policy-recommendations.md
Good password practices fall into a few broad categories:
The primary goal of a more secure password system is password diversity. You want your password policy to contain lots of different and hard to guess passwords. Here are a few recommendations for keeping your organization as secure as possible. + - Maintain an eight-character minimum length requirement - Don't require character composition requirements. For example, \*&amp;(^%$
bookings Delete Calendar https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/delete-calendar.md
The booking calendar is where all relevant information about that booking calend
![Image of Users UI in Microsoft 365 admin center.](../media/bookings-admin-center-users.png)
-1. On the **Active Users** page, choose the names of the users that you want to delete, and then select **Delete user**.
+1. On the **Active Users** page, choose the name of the booking calendar that you want to delete and then select **Delete user**.
![Image of Delete User UI in Microsoft 365 admin center.](../media/bookings-delete-user.png)
business-premium Index https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/index.md
search.appverid:
description: "Learn how to implement cybersecurity for small or medium sized businesses with Microsoft 365 Business Premium. The cybersecurity capabilities and features are optimized to prevent cyberattacks and security breaches, and help safeguard data, devices and information with high-grade cyber defenses."
-# Microsoft 365 Business Premium &mdash; cybersecurity for small business
+# Microsoft 365 Business Premium ΓÇô cybersecurity for small business
Let us begin by saying that you made a wise choice in adopting Microsoft 365 Business Premium and its world class productivity tools. Designed with cybersecurity in mind, Microsoft 365 Business Premium safeguards your data, devices and information. You are your organization's first and best defense against hackers and cyberattackers, including random individuals, organized crime, or highly-sophisticated nation states.
compliance Enable Mailbox Auditing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-mailbox-auditing.md
The following table describes the mailbox actions that are available in mailbox
|**SoftDelete**|A message was permanently deleted or deleted from the Deleted Items folder. Soft-deleted items are moved to the Recoverable Items folder.|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>| |**Update**|A message or any of its properties was changed.|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>| |**UpdateCalendarDelegation**|A calendar delegation was assigned to a mailbox. Calendar delegation gives someone else in the same organization permissions to manage the mailbox owner's calendar.|![Check mark.](../media/checkmark.png)<sup>\*</sup>||![Check mark](../media/checkmark.png)<sup>\*</sup>|
-|**UpdateComplianceTag**|A different retention label is applied to a mail item (an item can only have one retention label assigned to it).|![Check mark.](../media/checkmark.png)|![Check mark](../media/checkmark.png)|![Check mark](../media/checkmark.png)|
|**UpdateFolderPermissions**|A folder permission was changed. Folder permissions control which users in your organization can access folders in a mailbox and the messages located in those folders.|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>| |**UpdateInboxRules**|An inbox rule was added, removed, or changed. Inbox rules are used to process messages in the user's Inbox based on the specified conditions and take actions when the conditions of a rule are met, such as moving a message to a specified folder or deleting a message.|![Check mark.](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>|
enterprise Configure User Account Properties With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/configure-user-account-properties-with-microsoft-365-powershell.md
By using a *$upn* variable, you can make changes to individual accounts based on
```powershell $userName="Belinda Newman" $upn=(Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName
-Set-AzureADUser -ObjectID $upn -UsageLocation "FR"
+Set-AzureADUser -ObjectID $upn -UsageLocation FR
``` ### Change properties for all user accounts
Set-AzureADUser -ObjectID $upn -UsageLocation "FR"
To change properties for all users, you can use a combination of the **Get-AzureADUser** and **Set-AzureADUser** cmdlets. The following example changes the usage location for all users to *France*: ```powershell
-Get-AzureADUser | Set-AzureADUser -UsageLocation "FR"
+Get-AzureADUser -All $true | Set-AzureADUser -UsageLocation FR
``` This command instructs PowerShell to: 1. Get all of the information on the user accounts (**Get-AzureADUser**) and send it to the next command (**|**).
-1. Set the user location to France (**Set-AzureADUser -UsageLocation "FR"**).
+1. Set the user location to France (**Set-AzureADUser -UsageLocation FR**).
### Change properties for a specific set of user accounts To change properties for a specific set of user accounts, you can use a combination of the **Get-AzureADUser**, **Where**, and **Set-AzureADUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*: ```powershell
-Get-AzureADUser | Where {$_.Department -eq "Accounting"} | Set-AzureADUser -UsageLocation "FR"
+Get-AzureADUser | Where {$_.Department -eq "Accounting"} | Set-AzureADUser -UsageLocation FR
``` This command instructs PowerShell to:
This command instructs PowerShell to:
1. Find all the user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**), and send the resulting information to the next command (**|**).
-1. Set the user location to France (**Set-AzureADUser -UsageLocation "FR"**).
+1. Set the user location to France (**Set-AzureADUser -UsageLocation FR**).
## Use the Microsoft Azure Active Directory Module for Windows PowerShell
By using a *$upn* variable, you can make changes to individual accounts based on
```powershell $userName="<display name>" $upn=(Get-MsolUser | where {$_.DisplayName -eq $userName}).UserPrincipalName
-Set-MsolUser -UserPrincipalName $upn -UsageLocation "FR"
+Set-MsolUser -UserPrincipalName $upn -UsageLocation FR
``` ### Change properties for all user accounts
Set-MsolUser -UserPrincipalName $upn -UsageLocation "FR"
To change properties for all users, use a combination of the **Get-MsolUser** and **Set-MsolUser** cmdlets. The following example changes the usage location for all users to *France*: ```powershell
-Get-MsolUser | Set-MsolUser -UsageLocation "FR"
+Get-MsolUser | Set-MsolUser -UsageLocation FR
``` This command instructs PowerShell to: 1. Get all the information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**).
-1. Set the user location to France (**Set-MsolUser -UsageLocation "FR"**).
+1. Set the user location to France (**Set-MsolUser -UsageLocation FR**).
### Change properties for a specific set of user accounts To change properties for a specific set of user accounts, you can use a combination of the **Get-MsolUser**, **Where**, and **Set-MsolUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*: ```powershell
-Get-MsolUser | Where {$_.Department -eq "Accounting"} | Set-MsolUser -UsageLocation "FR"
+Get-MsolUser | Where {$_.Department -eq "Accounting"} | Set-MsolUser -UsageLocation FR
``` This command instructs PowerShell to:
This command instructs PowerShell to:
1. Find all user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**) and send the resulting information to the next command (**|**).
-1. Set the user location to France (**Set-MsolUser -UsageLocation "FR"**).
+1. Set the user location to France (**Set-MsolUser -UsageLocation FR**).
## See also
enterprise Microsoft 365 Mailbox Utilization Service Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-mailbox-utilization-service-alerts.md
These service advisories are displayed in the Microsoft 365 admin center. To vie
:::image type="content" alt-text="Mailbox utilization service alert." source="../media/MailboxUtilizationServiceAlert.png" lightbox="../media/MailboxUtilizationServiceAlert.png":::
-To display a list of mailboxes that are nearing their storage quota (called the *mailbox usage report*), click the highlighted link in the following screenshot. This link is displayed in the service advisory.
+To display a list of mailboxes that are nearing their storage quota, select the highlighted link in the following screenshot to access your mailbox usage report. This link is displayed in the service advisory.
:::image type="content" alt-text="Link to mailbox usage report." source="../media/LinkToMailboxUsageReport.png" lightbox="../media/LinkToMailboxUsageReport.png"::: Alternatively, the direct URL to the mailbox usage report is <https://admin.microsoft.com/Adminportal/Home?source=applauncher#/reportsUsage/MailboxUsage>.
+> [!NOTE]
+> The mailbox usage report information could be 24 hours behind your mailbox utilization service advisory alert.
+ ## What do these service advisories indicate? The service advisories for mailbox utilization inform admins about mailboxes on hold that are nearing the mailbox storage quota. The type of holds that that can be placed on mailboxes include Litigation holds, eDiscovery hold, and Microsoft 365 retention policies (that are configured to retain data). When a mailbox is on hold, users (or automated processes) can't permanently remove data from their mailbox. Instead, admins must configure MRM retention policies in Exchange Online (inline with their organization's compliance policies related to data retention) to move data from a user's primary mailbox to their archive mailbox. If not and a mailbox on a hold reaches a critical or warning state, admins have to [enable archive mailboxes](../compliance/enable-archive-mailboxes.md) and [enable auto-expanding archiving](../compliance/enable-autoexpanding-archiving.md) and then make sure that the retention period for the archive policy assigned to the mailbox (that moves email from the primary mailbox to the archive mailbox) is short enough. If nothing is done to resolve the quota issues that are identified by the mailbox utilization service advisory, then users might not be able to send or receive email messages or meeting invites.
enterprise Microsoft 365 Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-overview.md
Microsoft 365 for enterprise consists of:
|Local apps and cloud-based apps and productivity services|Includes both Microsoft 365 Apps for enterprise, the latest Office apps for your PC and Mac (such as Word, Excel, PowerPoint, Outlook, and others), and a full suite of online services for email, file storage and collaboration, meetings, and more.| |Windows 10 Enterprise|Meets the needs of both large and midsize organizations. It's the most productive and secure version of Windows for users. For IT professionals, it also provides comprehensive deployment, device, and app management.| |Device management and advanced security services|Includes Microsoft Intune, which is a cloud-based enterprise mobility management service that helps enable your workforce to be productive while protecting your organization data.|
-|||
## Plans
Microsoft 365 for enterprise is available in three plans.
|E3|Access the Microsoft 365 core products and features to securely enhance workplace productivity and drive innovation.| |E5|Access the Microsoft 365 latest products and features. These include Defender for Office 365, security tools, and collaboration tools. This plan includes all E3 capabilities, plus advanced security, voice, and data analysis tools.| |F3|Connect with your first-line workers through purpose-built tools and resources that they can use to help them do their best work.|
-|||
If you have Microsoft 365 E3, you can also get these add-ons:
To learn more about Microsoft 365 and work toward a Microsoft 365 certification,
## See also
-[Microsoft 365 for enterprise product page](https://www.microsoft.com/microsoft-365/enterprise)
+[Microsoft 365 for enterprise product page](https://www.microsoft.com/microsoft-365/enterprise)
enterprise Moving Data To New Datacenter Geos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/moving-data-to-new-datacenter-geos.md
Existing customers that have their core customer data stored in an already exist
|**Norway**| European Union | Norway | April 2020 | |**Brazil**| Americas | Brazil | November 2020 | |**Sweden**| European Union | Sweden | November 2021 |
+|**Qatar**| European Union | Qatar | August 2022 |
As of October 1, 2020 customers with an Office 365 Education subscription included in the tenant are not eligible for migration.
security Configure Siem https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-siem.md
Using the Microsoft 365 Defender Add-on for Splunk that supports:
For more information on the Microsoft 365 Defender Add-on for Splunk, see [splunkbase](https://splunkbase.splunk.com/app/4959/).
+### Datadog
+
+Microsoft 365 Defender for Endpoint integration with Datadog supports:
+
+- Ingesting Microsoft Defender for Endpoint alerts and incidents
+- Dashboards that enable monitoring metrics across endpoints, threats and vulnerabilities, and software
+
+For more information on the integration, see [Datadog Marketplace](https://app.datadoghq.com/marketplace/app/crest-data-systems-microsoft-defender/support).
+ ### Micro Focus ArcSight The new SmartConnector for Microsoft 365 Defender ingests incidents that contain alerts from all Microsoft 365 Defender products - including from Microsoft Defender for Endpoint - into ArcSight and maps these onto its Common Event Framework (CEF).
security Configure Updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-updates.md
The following table lists the available group policy settings for configuring up
|Select gradual Microsoft Defender monthly platform update rollout channel|Enable this policy to specify when devices receive Microsoft Defender platform updates during the monthly gradual rollout. <p> Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. <p> Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. <p> Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). <p> Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). <p> Critical- Time Delay: Devices will be offered updates with a 48-hour delay. Suggested for critical environments only. <p>If you disable or do not configure this policy, the device will stay up to date automatically during the gradual release cycle. Suitable for most devices.|Windows Components\Microsoft Defender Antivirus| |Select gradual Microsoft Defender monthly engine update rollout channel|Enable this policy to specify when devices receive Microsoft Defender engine updates during the monthly gradual rollout. <p> Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. <p> Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. <p> Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). <p> Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). <p> Critical- Time Delay: Devices will be offered updates with a 48-hour delay. Suggested for critical environments only.<p> If you disable or do not configure this policy, the device will stay up to date automatically during the gradual release cycle. Suitable for most devices.|Windows Components\Microsoft Defender Antivirus| |Select gradual Microsoft Defender daily security intelligence updates rollout channel|Enable this policy to specify when devices receive Microsoft Defender security intelligence updates during the daily gradual rollout. <p> Current Channel (Staged): Devices will be offered updates after the release cycle. Suggested to apply to a small, representative part of production population (~10%). <p> Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). <p> If you disable or do not configure this policy, the device will stay up to date automatically during the daily release cycle. Suitable for most devices.|Windows Components\Microsoft Defender Antivirus|
-|Disable gradual rollout of Microsoft Defender updates|Enable this policy to disable gradual rollout of Defender updates. <p> Current Channel (Broad): Devices set to this channel will be offered updates last during the gradual release cycle. Best for datacenter machines that only receive limited updates. <p> Note: This setting applies to both monthly as well as daily Defender updates and will override any previously configured channel selections for platform and engine updates. <p> If you disable or do not configure this policy, the device will remain in Current Channel (Default) unless specified otherwise in specific channels for platform and engine updates. Stay up to date automatically during the gradual release cycle. Suitable for most devices.|Windows Components\Microsoft Defender Antivirus|
+|Disable gradual rollout of Microsoft Defender updates|Enable this policy to disable gradual rollout of Defender updates. <p> Current Channel (Broad): Devices set to this channel will be offered updates last during the gradual release cycle. Best for datacenter machines that only receive limited updates. <p> Note: This setting applies to both monthly as well as daily Defender updates and will override any previously configured channel selections for platform and engine updates. <p> If you disable or do not configure this policy, the device will remain in Current Channel (Default) unless specified otherwise in specific channels for platform and engine updates. Stay up to date automatically during the gradual release cycle. Suitable for most devices.|Windows Components\Microsoft Defender Antivirus\MpEngine|
| ## Group Policy
security Run Advanced Query Api https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-api.md
[!include[Improve request performance](../../includes/improve-request-performance.md)]
+> [!NOTE]
+> This API can only query tables belonging to Microsoft Defender for Endpoint. Tables belonging to other Microsoft 365 Defender services require the use of the [Microsoft 365 Defender Advanced hunting API](/microsoft-365/security/defender/api-advanced-hunting).
+ ## Limitations 1. You can only run a query on data from the last 30 days.
security Run Analyzer Macos Linux https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux.md
ms.technology: m365d
1. Download the [XMDE Client Analyzer](https://aka.ms/XMDEClientAnalyzer) tool to the macOS or Linux machine you need to investigate. > [!NOTE]
- > The current SHA256 hash of 'XMDEClientAnalyzer.zip' that is downloaded from the above link is: '94DBD785249C10F37D7BE9C1E881AA096CF3A9F30E829DBBFD42683717BC5DA8'.
+ > The current SHA256 hash of 'XMDEClientAnalyzer.zip' that is downloaded from the above link is: 'AC086D65202D31EBCF9DC76F7CA29A5B8B355CD6F78D31BBF89289EB7AA2B67D'.
2. Extract the contents of XMDEClientAnalyzer.zip on the machine.
security Mfi New Users Forwarding Email https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mfi-new-users-forwarding-email.md
It's suspicious when new user accounts in your organization suddenly start forwarding email messages to external domains.
-The **New domains being forwarded email** insight in the [Security & Compliance Center](https://protection.office.com) notifies you when newly-created users in your organization are forwarding messages to external domains. This condition could indicate compromised admin accounts were used to create the new users. If you suspect the accounts have been compromised, see [Responding to a compromised email account](responding-to-a-compromised-email-account.md).
+The **New users forwarding email** insight in the [Security & Compliance Center](https://protection.office.com) notifies you when newly-created users in your organization are forwarding messages to external domains. This condition could indicate compromised admin accounts were used to create the new users. If you suspect the accounts have been compromised, see [Responding to a compromised email account](responding-to-a-compromised-email-account.md).
This insight appears only when the issue is detected, and it appears on the [Forwarding report](view-mail-flow-reports.md#forwarding-report) page.
security Safe Attachments https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-attachments.md
Safe Attachments in [Microsoft Defender for Office 365](defender-for-office-365.
Safe Attachments protection for email messages is controlled by Safe Attachments policies. Although there's no default Safe Attachments policy, the **Built-in protection** preset security policy provides Safe Attachments protection to all recipients (users who aren't defined in custom Safe Attachments policies). For more information, see [Preset security policies in EOP and Microsoft Defender for Office 365](preset-security-policies.md). You can also create Safe Attachments policies that apply to specific users, group, or domains. For instructions, see [Set up Safe Attachments policies in Microsoft Defender for Office 365](set-up-safe-attachments-policies.md).
+If a file attachment is encrypted or password protected, it can't be examined by Safe Attachments. The message with the attachment will be delivered, and the recipient receives no warning that the file hasn't been scanned by Safe Attachments.
+ The following table describes scenarios for Safe Attachments in Microsoft 365 and Office 365 organizations that include Microsoft Defender for Office 365 (in other words, lack of licensing is never an issue in the examples). |Scenario|Result|
solutions End Life Cycle Groups Teams Sites Yammer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/end-life-cycle-groups-teams-sites-yammer.md
While deletion of the group will also result in the deletion of any associated f
## OneNote
-The OneNote notebook included in a group is stored in the Site Assets library within the associated SharePoint site. While notebook files can sometimes be spread across multiple individual files, they can't be copied and opened independently. Instead, the contents of the OneNote notebook must be moved or exported using OneNote 2016.
+The OneNote notebook included in a group is stored in the Site Assets library within the associated SharePoint site. While notebook files can sometimes be spread across multiple individual files, they can't be copied and opened independently. Instead, the contents of the OneNote notebook must be moved or exported using the OneNote desktop client.
**Move pages and sections to another notebook**
If the flow doesn't need to continue operating but it needs to be preserved for
## Power BI Power BI data and workspaces can operate independently from groups and teams and like other workloads offer different ways of being off-boarded.
+Classic workspaces in Power BI are associated with a Microsoft 365 Group, whereas modern workspaces are not - and can merely share their content with the group (similar to a flow).
**Copy reports to another workspace**
Additionally, files can be [moved to another location within SharePoint such as
Data stored within SharePoint lists can be [exported to an Excel spreadsheet](https://support.office.com/article/bfb2ea48-6118-4fa9-abb6-cced9424e5d9), and imported again to a list in another site.
-Alternatively, a third-party tool can be used to migrate the list between sites in order to retain function, list views, formatting, and other attributes.
+Alternatively, Power Automate or a third-party tool can be used to migrate the list between sites in order to retain function, list views, formatting, and other attributes.
**ΓÇ£ExportΓÇ¥ wiki files**