+## Week of September 12, 2022

+| 9/14/2022 | [Microsoft Defender Threat Intelligence (Defender TI) Data Sets](/defender/threat-intelligence/data-sets) | modified |

+| 9/14/2022 | [Searching & pivoting with Microsoft Defender Threat Intelligence (Defender TI)](/defender/threat-intelligence/searching-and-pivoting) | modified |

+| 9/14/2022 | [Sorting, filtering, and downloading data using Microsoft Defender Threat Intelligence (Defender TI)](/defender/threat-intelligence/sorting-filtering-and-downloading-data) | modified |

+## Week of August 29, 2022

+| 9/2/2022 | [Tutorial: Gathering vulnerability intelligence](/defender/threat-intelligence/gathering-vulnerability-intelligence) | modified |

+A subdomain is an internet domain, which is part of a primary domain. Subdomains are also referred to as "hosts". As an example,`learn.microsoft.com` is a subdomain of `microsoft.com`. For every subdomain, there could be a new set of IP addresses to which the domain resolves to and this can be a great data source for finding related infrastructure.

+A subdomain is an internet domain, which is part of a primary domain. Subdomains are also referred to as "hosts". As an example, `learn.microsoft.com` is a subdomain of `microsoft.com`. For every subdomain, there could be a new set of IP addresses to which the domain resolves to and this can be a great data source for finding related infrastructure.

+**Training:** Training is available through videos, recorded live events, and classes leading to certification. For more information, see [Microsoft 365 basics video training](https://support.microsoft.com/office/microsoft-365-basics-video-training-396b8d9e-e118-42d0-8a0d-87d1f2f055fb), [Microsoft 365 Training](https://support.microsoft.com/training), [for admins and IT Pros](/training/m365/), [for small businesses](/microsoft-365/admin/admin-video-library), [browse the full learning catalog](/training/browse/), [become Microsoft certified](/certifications/), [browse all learning options](/training/browse/), and [watch live and recorded events](/training/tv/).

+In this introductory course, you'll learn the six critical elements to drive adoption of your Microsoft cloud services to deliver value to your company. This course is applicable to any size company and uses Office 365 and Microsoft Teams as the example service to create real-world scenarios. For more information about training for adoption specialists, read [Use the Microsoft service adoption framework to drive adoption in your enterprise](/training/paths/m365-service-adoption).

+View a video on groups with [Understand and manage groups](/training/m365/).

+- [Learn more about using OneDrive](https://go.microsoft.com/fwlink/?LinkID=511458).

+Training your security operations team, IT administrators, and compliance investigators team in the fundamentals for Audit (Standard) and Audit (Premium) can help your organization get started more quickly using auditing to help with your investigations. Microsoft Purview provides the following resource to help these users in your organization getting started with auditing: [Describe the eDiscovery and audit capabilities of Microsoft Purview](/training/modules/describe-ediscovery-capabilities-of-microsoft-365).

+## Provide match/not a match accuracy feedback in trainable classifiers

+You can view the number of matches a trainable classifier has in **Content explorer** and **Trainable lassifiers**. You can also provide feedback on whether an item is actually a match or not using the **Match**, **Not a Match** feedback mechanism and use that feedback to tune your classifiers. See, [Increase classifier accuracy (preview)](data-classification-increase-accuracy.md) for more information.

+1. Manage eDiscovery (Premium) ΓÇô [learn how to configure eDiscovery (Premium), manage cases by using the Security & Compliance Center, manage a workflow in Advanced eDiscovery, and analyze Advanced eDiscovery search results](/training/modules/manage-advanced-ediscovery).

+## Provide match/not a match accuracy feedback in content explorer

+You can view the number of matches a SIT or trainable classifier has in **Content explorer**. You can also provide feedback on whether an item is actually a match or not using the **Match**, **Not a Match** feedback mechanism and use that feedback to tune your classifiers. See, [Increase classifier accuracy (preview)](data-classification-increase-accuracy.md) for more information.

+ Title: "Increase Classifier Accuracy"

+f1.keywords:

+- NOCSH

+audience: ITPro

+ms.localizationpriority: medium

+- M365-security-compliance

+search.appverid:

+- MET150

+description: "Learn how to increase the accuracy of your classifiers"

+# Increase classifier accuracy (preview)

+Classifiers, like [sensitive information types](sensitive-information-type-learn-about.md) (SIT) and [trainable classifiers](classifier-learn-about.md) are used in various kinds of policies to identify sensitive information. Like all models, sometimes they identify an item as being sensitive that isn't. Or sometimes that don't identify an item as being sensitive when it actually is. These are called false positives and false negatives.

+This article shows you how to confirm whether items matched by a classifier are true positive (a **Match**) or a false positive (**Not a match**) and provide **Match**, or **Not a match** feedback. You can use that feedback to tune your classifiers to increase accuracy. You can also send redacted versions of the document as well as the **Match**, **Not a Match** feedback to Microsoft if you want to help increase the accuracy of the classifiers that Microsoft provides.

+The **Match**, **Not a match** experience is available in:

+- Content Explorer

+- Sensitive Information Type Matched Items page

+- Trainable Classifier Matched Items page

+- Microsoft Purview Data Loss Prevention (DLP) Alerts page

+## Applies to

+|Classifier |Contextual summary| Redacted preview panel| Match and Not a Match|

+|||||

+|SIT |Yes| Yes|Yes|

+|Custom SIT | Yes|No | Yes|

+|Fingerprint SIT| No|No|Yes|

+|Exact data match SIT|No|No|No|

+|Named entities| No| No| No|

+|Built-in Trainable classifiers|No| Yes| Yes|

+|Custom trainable classifier |No| No| Yes|

+> [!IMPORTANT]

+> The match/not a match feedback experience supports items in SharePoint Online sites, OneDrive for Business sites and emails in Exchange Online.

+## Licensing and Subscriptions

+See the [licensing requirements for Data classification analytics: Overview Content & Activity Explorer](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#information-protection-data-classification-analytics-overview-content--activity-explorer).

+## Known limitations for this preview

+- The contextual summary only shows a limited number of matches in any given item, not all matches.

+- The contextual summary and feedback experience is only available for items created or updated after the feedback experience was enabled for the tenant. Items that were classified before the feature was enabled may not have the contextual summary and feedback experience available.

+## How to evaluate match accuracy and provide feedback

+The contextual summary experience where you indicate if a matched item is a true positive (**Match**) or a false positive (**Not a match**) is similar no matter where is surfaces.

+> [!IMPORTANT]

+> You must have already deployed DLP policies that use either SIT or trainable classifier to OneDrive sites, SharePoint sites or Exchange mailboxes and had item matches before you will see items in the **Contextual summary** page.

+### Using Content Explorer

+This example shows you how to use the **Contextual Summary** tab to give feedback.

+1. Open the **Microsoft Purview compliance portal** > **Data classification** > **Content explorer** page.

+1. Type the name of the SIT or trainable classifier that you want to check matches for in **Filter on labels, info types, or categories**.

+1. Select the SIT.

+1. Select the location. Make sure that there's a non-zero value in the **File** column.

+1. Open the folder and select a document.

+1. Select the link in the **Sensitive info type** column for an item to see which SITs the item matched and the [confidence level](/microsoft-365/compliance/sensitive-information-type-learn-about.md#more-on-confidence-levels).

+1. Select **Close**

+1. Open an item and expand the **Contextual Summary** page. Select the **Contextual Summary** tab.

+1. Review the item and confirm if it's a match.

+1. If it's a match, select **Close**. You're done.

+1. OPTIONAL: Select **I agree to provide a copy of the file to Microsoft** if you want to submit the match feedback to Microsoft and select **Submit to Microsoft.**

+1. If it's not a match, select the ellipsis next to **Close** and select **Withdraw feedback**.

+1. Select the **Not a match**.

+1. Review the item and redact or unredact any text.

+1. Optional: Select **I agree to provide a copy of the file to Microsoft** if you want to submit the feedback to Microsoft and select **Submit to Microsoft**.

+1. Select **Close**.

+If you later decide that the not a match feedback is incorrect, you can select the **Withdraw feedback** button. This puts the item back into the **Not a match**, **Match** page.

+### Using Sensitive Information Type Matched Items page

+You can access the same feedback mechanisms in the **Sensitive Info types** page.

+1. Open the **Microsoft Purview compliance portal** > **Data classification** > **Sensitive info types** page.

+1. Type the name of the SIT whose accuracy you want to check into **Search**.

+1. Open the SIT. This brings up **Overview** tab. Here you can see the count of the number of items that match, a count of the number of items that aren't a match, and the number of items with feedback.

+1. Select the **Matched items** tab.

+1. Open the folder and select a document.

+1. Select the link in the **Sensitive info type** column for an item to see which SITs the item matched and the [confidence level](/microsoft-365/compliance/sensitive-information-type-learn-about.md#more-on-confidence-levels).

+1. Select **Close**.

+1. Open an item and expand the **Contextual Summary** page. Select the **Contextual Summary** tab.

+1. Review the item and confirm if it's a match.

+1. If it's a match, select **Close**. You're done.

+1. If it isn't a match, select the ellipsis next to **Close** and select **Withdraw feedback**. This exposes the **Not a Match** button.

+1. Select the **Not a match** button.

+1. Review the item and redact or unredact any text.

+1. Optional: Select **I agree to provide a copy of the file to Microsoft** if you want to submit the feedback to Microsoft and select **Submit to Microsoft**.

+1. Select **Close**.

+If you later decide that the not a match feedback is incorrect, you can select the **Withdraw feedback** button. This puts the item back into the **Not a match**, **Match** page.

+### Using Trainable Classifier Matched Items page

+1. Open the **Microsoft Purview compliance portal** > **Data classification** > **Trainable classifiers** page.

+1. Select the trainable classifier whose accuracy you want to check.

+1. Open the trainable classifier. This brings up **Overview** tab. Here you can see the count of the number of items that match, a count of the number of items that aren't a match, and the number of items with feedback.

+1. Select the **Matched items** tab.

+1. Open the folder and open a document.

+1.Open an item and expand the **Contextual Summary** page.

+1. Review the item and confirm if it's a match.

+1. If it's a match, select **Close**. You're done.

+1. If it isn't a match, select **Withdraw feedback**. This exposes **Not a Match** button.

+1. Select the **Not a match** button.

+1. Select **Close**.

+If you later decide that the not a match feedback is incorrect, you can select the **Withdraw feedback** button. This puts the item back into the **Not a match**, **Match** page.

+### Using Data Loss Prevention Alerts page

+1. Open the **Microsoft Purview compliance portal** > **Data loss prevention** > **Alerts** page.

+1. Select an alert for an item that was created or updated after the **Match**/**Not a Match** functionality was enabled for your tenant.

+1. Select **View details**.

+1. Select the **Events** tab.

+1. Select the **Contextual summary** tab.

+1. Review the item and confirm if it's a match.

+1. If it's a match, select **Close**. You're done.

+1. If it's not a match, select **Actions** and **Not a match**.

+1. Review the item and redact or unredact any text.

+1. Optional: Select **I agree to provide a copy of the file to Microsoft** if you want to submit the feedback to Microsoft and select **Submit to Microsoft**.

+1. Select **Close**.

+## Using the feedback to tune your classifiers

+If your SIT or trainable classifiers are returning too many false positives based on the feedback, you can try some of these steps to tune them and increase the accuracy.

+### Trainable classifiers

+Use the steps in [How to retrain a classifier in content explorer](classifier-how-to-retrain-content-explorer.md) to increase the accuracy of a trainable classifier.

+### Sensitive information types

+

+If you're seeing high amounts of false positives, use these recommendations to fine-tune your SITs:

+- Increase the thresholds of sensitive information types found to determine severity. It's okay to use different thresholds for individual classifiers

+- Understand confidence levels and how they're defined. Try using a low confidence with high instance count or a higher confidence level with a low instance count.

+- Clone and modify the built-in SITs to include other conditions, such as keywords, or more stringent matching of values, or stronger formatting requirements.

+- Modify a custom SIT to exclude known prefixes, suffixes or patterns. For example, a custom SIT to detect phone numbers might trigger for every email if your email signatures or document headers include phone numbers. Excluding your orgs phone number sequences common as prefixes to your custom SIT can prevent the rule from triggering for every email or document.

+- Include more dictionary-based SITs as conditions to narrow down the matches to those that talk about the relevant articles. For example, a rule for matching patient diagnostics may be enhanced by requiring the presence of words like diagnostic, diagnosis, condition, symptom, and patient.

+- For a named entity SITs, like **All Full Names**, itΓÇÖs best to set a higher instance count threshold, like 10 or 50. If both the person names and the SSNs are detected together, itΓÇÖs more likely that the SSNs are truly SSNs, and we reduce the risk that the policy doesnΓÇÖt trigger because not enough SSNs are detected.

+- [Introduction to information protection and data lifecycle management in Microsoft Purview](/training/modules/m365-compliance-information-governance)

+- [Manage the data lifecycle in Microsoft Purview](/training/modules/m365-compliance-information-govern-information/)

+- [Manage records in Microsoft Purview](/training/modules/m365-compliance-information-manage-records/)

+For documentation to support users when these solutions are deployed, see the end user documentation sections for [data lifecycle management](get-started-with-information-governance.md#end-user-documentation) and [records management](get-started-with-records-management.md#end-user-documentation).

+- https://learn.microsoft.com/microsoft-365/compliance/use-notifications-and-policy-tips?view=o365-worldwide

+- https://learn.microsoft.com/microsoft-365/compliance/dlp-policy-tips-reference?view=o365-worldwide

+<!-- This section covers what they are and how to best use them in conjunction with Test/Turn it on right away and link out to where to find the business justification for the override (DLP reports? https://learn.microsoft.com/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide) https://learn.microsoft.com/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide#view-the-justification-submitted-by-a-user-for-an-override-->

+https://learn.microsoft.com/microsoft-365/compliance/view-the-dlp-reports?view=o365-worldwide

+https://learn.microsoft.com/microsoft-365/compliance/dlp-configure-view-alerts-policies?view=o365-worldwide-->

+Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Content search, eDiscovery (Standard), and eDiscovery (Premium) can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/training/modules/describe-ediscovery-capabilities-of-microsoft-365).

+- [Introduction to information protection and data lifecycle management in Microsoft Purview](/training/modules/m365-compliance-information-governance)

+- [Classify data for protection and governance](/training/modules/m365-compliance-information-classify-data)

+- [Protect information in Microsoft Purview](/training/modules/m365-compliance-information-protect-information)

+- [Prevent data loss in Microsoft Purview](/training/modules/m365-compliance-information-prevent-data-loss)

+| Manage insider risk in Microsoft 365 |[Complete learning path](/training/paths/m365-compliance-insider) <br> This learning path includes all the individual solution modules for communication compliance, insider risk management, information barriers, and privileged access management. Select this learning path to complete all the modules. |

+| Communication compliance | [Learning module: Prepare communication compliance](/training/modules/m365-compliance-insider-prepare-communication-compliance) <br> This module helps you learn the basics on how to identify and remediate code-of-conduct policy violations with communication compliance, cover the prerequisites needed before creating communication compliance policies, and learn about the types of built-in, pre-defined policy templates in communication compliance. |

+| Insider risk management | [Learning module: Insider risk management](/training/modules/m365-compliance-insider-manage-insider-risk) <br> This module helps you learn how insider risk management can help prevent, detect, and contain internal risks in an organization, learn about the types of built-in, pre-defined policy templates, understand the basic prerequisites needed before creating insider risk policies, and explains the types of actions you can take on insider risk management cases. |

+| Information barriers | [Learning module: Plan for information barriers](/training/modules/m365-compliance-insider-plan-information-barriers) <br> This module helps you learn how information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, lists the types of situations when information barriers would be applicable, helps explain the process of creating an information barrier policy, and helps explain how to troubleshoot unexpected issues after information barriers are in place. |

+| Privileged access management | [Learning module: Implement privileged access management](/training/modules/m365-compliance-insider-implement-privileged-access-management) <br> This module helps you understand the difference between privileged access management and privileged identity management, understand the privileged access management process flow, and understand the basics of how to configure and enable privileged access management. |

+Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for eDiscovery (Premium) can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/training/modules/describe-ediscovery-capabilities-of-microsoft-365).

+## Provide match/not a match accuracy feedback in sensitive info types

+You can view the number of matches a SIT has in **Sensitive info types** and **Content explorer**. You can also provide feedback on whether an item is actually a match or not using the **Match**, **Not a Match** feedback mechanism and use that feedback to tune your SITs. See, [Increase classifier accuracy (preview)](data-classification-increase-accuracy.md) for more information.

+- [Sensitivity bar](sensitivity-labels-office-apps.md#sensitivity-bar) is integrated into existing user workflows

+- Visibility of labels on the status bar (Will be replaced with the sensitivity bar on the window title.)

+Example showing how sensitivity labels are integrated into user workflows:

+

+|Visibility of labels on a toolbar|  |

+|Label colors|  |

+|[Sensitivity bar](#sensitivity-bar) and [display label color](#label-colors) | Preview: Rolling out to [Beta Channel](https://office.com/insider) | Preview: Rolling out to [Beta Channel](https://office.com/insider) | Under review | Under review | Under review |

+|[Sensitivity bar](#sensitivity-bar) and [display label color](#label-colors) | Under review | Under review | Under review | Under review | Under review |

+This configuration is not available in the Microsoft Purview compliance portal. You must use PowerShell advanced settings with the [Set-Label](/powershell/module/exchange/set-label) or [New-Label](/powershell/module/exchange/new-label) cmd after you've [connected to Office 365 Security & Compliance Center PowerShell](/powershell/exchange/office-365-scc/connect-to-scc-powershell/connect-to-scc-powershell).

+## Sensitivity bar

+Newly supported in preview for built-in labels in Word, Excel, and PowerPoint, but not yet for Outlook or Office for the web, see the tables in the [capabilities](#support-for-sensitivity-label-capabilities-in-apps) section on this page to identify minimum versions.

+For supported apps, sensitivity labels are now displayed in a sensitivity bar, displaying next to the file name on the top window bar. For example:

+

+Information about the labels and the ability to select or change a label are also integrated into user workflows that includes save and rename, export, share, print, and [convert to PDF](#pdf-support).

+As part of this high visibility, these labels also support colors. For more information, see the next section.

+### Label colors

+> [!IMPORTANT]

+> If your labeling apps don't support this capability, they don't display the configured label colors.

+>

+> The Azure Information Protection unified labeling client supports label colors. For labeling built in to Office, label colors are currently supported in preview for Word, Excel, and PowerPoint on Windows and macOS, but not Outlook or Office for the web. For more information, see the tables in the [capabilities](#support-for-sensitivity-label-capabilities-in-apps) section on this page.

+Newly created labels don't have a color by default. If your labels were [migrated from Azure Information Protection](/azure/information-protection/configure-policy-migrate-labels) or you configured label colors for the Azure Information Protection unified labeling client, these label colors are now displayed in apps that support them.

+Use the Microsoft Purview compliance portal to select one of 10 standard colors for sensitivity labels. This configuration is on the first page of the label configuration after the label name and description.

+You can't select colors for sublabels because they automatically inherit the label color from their parent label.

+If the label is configured for a different color from one of the 10 colors, you see a **Custom color** option selected and the standard color options aren't available:

+

+You can change the custom color to one of the standard colors by first removing the custom color selection, and then selecting one of the standard colors. But you can't use the compliance portal to configure a different custom color. Instead, use PowerShell, as described in the next section.

+#### Configuring custom colors by using PowerShell

+You can use the [Security & Compliance Center PowerShell](/powershell/exchange/scc-powershell) advanced setting **color** to set a color for a sensitivity label. This configuration supports colors that you can't configure in the Microsoft Purview compliance portal.

+To specify your choice of color, use a hex triplet code for the red, green, and blue (RGB) components of the color. For example, #40e0d0 is the RGB hex value for turquoise.

+For more information about these codes, see the [\<color>](https://developer.mozilla.org/docs/Web/CSS/color_value) page from the MSDN web docs, and you might also find [RapidTables](https://www.rapidtables.com/web/color/RGB_Color.html) helpful. You can identify these codes in many applications that let you edit pictures. For example, Microsoft Paint lets you choose a custom color from a palette and the RGB values are automatically displayed, which you can then copy.

+Example PowerShell command, where the sensitivity label GUID is **8faca7b8-8d20-48a3-8ea2-0f96310a848e**

+```PowerShell

+Set-Label -Identity 8faca7b8-8d20-48a3-8ea2-0f96310a848e -AdvancedSettings @{color="#40e0d0"}

+```

+For more information to help you specify PowerShell advanced settings for sensitivity labels, see [PowerShell tips for specifying the advanced settings](create-sensitivity-labels.md#powershell-tips-for-specifying-the-advanced-settings).

+> - [Microsoft Purview audit log activities via O365 Management API - Part 2](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-365-compliance-audit-log-activities-via-o365/ba-p/2957297)

+[Training: Improve business performance with AI Builder](/training/paths/improve-business-performance-ai-builder/?source=learn)

+[Training: Improve business performance with AI Builder](/training/paths/improve-business-performance-ai-builder/?source=learn)

+[Training: Improve business performance with AI Builder](/training/paths/improve-business-performance-ai-builder/?source=learn)

+|Learn to use SharePoint Syntex |[SharePoint Syntex learning path](/training/paths/syntex-get-started)|

+The [Get started with SharePoint Syntex](/training/paths/syntex-get-started) learning path will teach how you can use document understanding and form processing models to classify documents, extract text, and label your documents for quick and easy knowledge management.

+- [Learn how modules](/training/paths/audit-safeguard-customer-data/) are designed for people in audit, compliance, risk, and legal roles who seek an overall understanding provide an in-depth review of how Microsoft 365's fundamental security and privacy practices to safeguard customer data.

+To learn more about Microsoft 365 and work toward a Microsoft 365 certification, you can start with [Microsoft 365 Certified: Fundamentals](/training/paths/m365-fundamentals/).

+|[Introduction to security in Microsoft 365](/training/modules/security-in-m365/) |Enterprise, F1, F3 |

+|[Introduction to compliance tools in Microsoft 365](/training/modules/compliance-in-m365/) |Enterprise, F1, F3 |

+We recommend that you prepare for deployment by completing this 30-minute learning path: [Prepare for a Teams deployment with Microsoft 365](/training/modules/m365-teams-collab-prepare-deployment/).

+## Week of September 12, 2022

+| Published On |Topic title | Change |

+|||--|

+| 9/12/2022 | [Learn about and configure insider risk management browser signal detection](/microsoft-365/compliance/insider-risk-management-browser-support?view=o365-worldwide) | modified |

+| 9/12/2022 | [Insider risk management policies](/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide) | modified |

+| 9/12/2022 | [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-worldwide) | modified |

+| 9/12/2022 | [Learn about insider risk management](/microsoft-365/compliance/insider-risk-management?view=o365-worldwide) | modified |

+| 9/12/2022 | [Add users and assign licenses in Microsoft 365](/microsoft-365/admin/add-users/add-users?view=o365-worldwide) | modified |

+| 9/12/2022 | Create, edit, or delete a custom user view | removed |

+| 9/12/2022 | Resend a user's password - Admin Help | removed |

+| 9/12/2022 | [Reset passwords](/microsoft-365/admin/add-users/reset-passwords?view=o365-worldwide) | modified |

+| 9/12/2022 | Turn off strong password requirements for users | removed |

+| 9/12/2022 | How to get help in the Microsoft 365 admin center | removed |

+| 9/12/2022 | [Basic Mobility and Security frequently-asked questions (FAQ)](/microsoft-365/admin/basic-mobility-security/frequently-asked-questions?view=o365-worldwide) | modified |

+| 9/12/2022 | Get details about Basic Mobility and Security managed devices | removed |

+| 9/12/2022 | [Manage device access settings in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/manage-device-access-settings?view=o365-worldwide) | modified |

+| 9/12/2022 | Troubleshoot Basic Mobility and Security | removed |

+| 9/12/2022 | Empower your small business with remote work | removed |

+| 9/12/2022 | [Use sensitivity labels to configure the default sharing link type](/microsoft-365/compliance/sensitivity-labels-default-sharing-link?view=o365-worldwide) | modified |

+| 9/12/2022 | [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-worldwide) | modified |

+| 9/12/2022 | [App-based deployment for Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-install?view=o365-worldwide) | modified |

+| 9/12/2022 | [Microsoft Defender for Endpoint - Mobile Threat Defense](/microsoft-365/security/defender-endpoint/mtd?view=o365-worldwide) | modified |

+| 9/13/2022 | [Microsoft 365 admin center katakana glossary](/microsoft-365/admin/m365_glossary?view=o365-worldwide) | added |

+| 9/13/2022 | [Microsoft 365 admin center help # < 60 chars](/microsoft-365/admin/index?view=o365-worldwide) | modified |

+| 9/13/2022 | [Microsoft 365 Business Premium resources # < 60 chars](/microsoft-365/business/index?view=o365-worldwide) | modified |

+| 9/13/2022 | [Customize an archive and deletion policy (MRM) for mailboxes](/microsoft-365/compliance/set-up-an-archive-and-deletion-policy-for-mailboxes?view=o365-worldwide) | modified |

+| 9/13/2022 | [Microsoft 365 for frontline workers # < 60 chars](/microsoft-365/frontline/index?view=o365-worldwide) | modified |

+| 9/13/2022 | [Microsoft 365 documentation # < 60 chars](/microsoft-365/index?view=o365-worldwide) | modified |

+| 9/13/2022 | [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-worldwide) | modified |

+| 9/13/2022 | [Investigate domains and URLs associated with a Microsoft Defender for Endpoint alert](/microsoft-365/security/defender-endpoint/investigate-domain?view=o365-worldwide) | modified |

+| 9/13/2022 | [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-worldwide) | modified |

+| 9/13/2022 | [Microsoft 365 admin center katakana glossary](/microsoft-365/admin/m365_glossary?view=o365-worldwide) | modified |

+| 9/13/2022 | [Planning your portal launch roll-out plan in SharePoint Online](/microsoft-365/enterprise/planportallaunchroll-out?view=o365-worldwide) | modified |

+| 9/13/2022 | [Prepare for directory synchronization to Microsoft 365](/microsoft-365/enterprise/prepare-for-directory-synchronization?view=o365-worldwide) | modified |

+| 9/13/2022 | [Retrieve customer tenant reporting data with Windows PowerShell for DAP partners](/microsoft-365/enterprise/retrieve-customer-tenant-reporting-data-with-windows-powershell-for-delegated-ac?view=o365-worldwide) | modified |

+| 9/13/2022 | [Get started with troubleshooting mode in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/enable-troubleshooting-mode?view=o365-worldwide) | modified |

+| 9/13/2022 | [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-worldwide) | modified |

+| 9/14/2022 | [Apply encryption using sensitivity labels](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-worldwide) | modified |

+| 9/14/2022 | [Attack surface reduction frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/attack-surface-reduction-faq?view=o365-worldwide) | modified |

+| 9/14/2022 | [Investigate agent health issues](/microsoft-365/security/defender-endpoint/health-status?view=o365-worldwide) | modified |

+| 9/14/2022 | [Investigate devices in the Defender for Endpoint Devices list](/microsoft-365/security/defender-endpoint/investigate-machines?view=o365-worldwide) | modified |

+| 9/14/2022 | [Onboarding using Microsoft Endpoint Configuration Manager](/microsoft-365/security/defender-endpoint/onboarding-endpoint-configuration-manager?view=o365-worldwide) | modified |

+| 9/14/2022 | [Deploy and manage Removable Storage Access Control using group policy](/microsoft-365/security/defender-endpoint/deploy-manage-removable-storage-group-policy?view=o365-worldwide) | added |

+| 9/14/2022 | [Deploy and manage Removable Storage Access Control using Intune](/microsoft-365/security/defender-endpoint/deploy-manage-removable-storage-intune?view=o365-worldwide) | added |

+| 9/14/2022 | [Microsoft Defender for Endpoint Device Control Removable Storage frequently asked questions](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control-faq?view=o365-worldwide) | added |

+| 9/14/2022 | Create and edit Autopilot profiles | removed |

+| 9/14/2022 | Use this step-by-step guide to add Autopilot devices and profile | removed |

+| 9/14/2022 | Set app protection settings for Android or iOS devices | removed |

+| 9/14/2022 | About Autopilot Profile settings | removed |

+| 9/14/2022 | Create and edit Autopilot devices | removed |

+| 9/14/2022 | Enable domain-joined Windows 10 devices to be managed by Microsoft 365 for business | removed |

+| 9/14/2022 | Set up managed devices | removed |

+| 9/14/2022 | [Set up and secure managed devices](/microsoft-365/business-premium/m365bp-protect-devices?view=o365-worldwide) | modified |

+| 9/14/2022 | Edit or set application protection settings for Windows devices | removed |

+| 9/14/2022 | [Microsoft 365 Business Premium - Productivity and security](/microsoft-365/business-premium/m365bp-secure-users?view=o365-worldwide) | modified |

+| 9/14/2022 | Secure Windows devices | removed |

+| 9/14/2022 | [Microsoft 365 Business Premium trial playbook](/microsoft-365/business-premium/m365bp-trial-playbook-microsoft-business-premium?view=o365-worldwide) | modified |

+| 9/14/2022 | Validate app protection settings on Android or iOS devices | removed |

+| 9/14/2022 | Validate app protection settings for Windows 10 PCs | removed |

+| 9/14/2022 | [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-worldwide) | modified |

+| 9/14/2022 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide) | modified |

+| 9/14/2022 | [Integrate Microsoft OneDrive LTI with Canvas](/microsoft-365/lti/onedrive-lti?view=o365-worldwide) | modified |

+| 9/14/2022 | [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-worldwide) | modified |

+| 9/14/2022 | [The Microsoft Defender for Office 365 email entity page](/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-worldwide) | modified |

+| 9/14/2022 | [Get started with communication compliance](/microsoft-365/compliance/communication-compliance-configure?view=o365-worldwide) | modified |

+| 9/14/2022 | [Top 10 ways to secure your business](/microsoft-365/admin/security-and-compliance/secure-your-business-data?view=o365-worldwide) | modified |

+| 9/14/2022 | [Overview of the Device security page in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-device-security-overview?view=o365-worldwide) | modified |

+| 9/14/2022 | [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-worldwide) | modified |

+| 9/14/2022 | [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-worldwide) | modified |

+| 9/15/2022 | [Device health Microsoft Defender Antivirus health report](/microsoft-365/security/defender-endpoint/device-health-microsoft-defender-antivirus-health?view=o365-worldwide) | renamed |

+| 9/15/2022 | [Device health reporting in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/device-health-reports?view=o365-worldwide) | added |

+| 9/15/2022 | [Device health Sensor health & OS report](/microsoft-365/security/defender-endpoint/device-health-sensor-health-os?view=o365-worldwide) | added |

+| 9/15/2022 | [Microsoft Defender Antivirus export device antivirus health details API methods and properties](/microsoft-365/security/defender-endpoint/device-health-api-methods-properties?view=o365-worldwide) | modified |

+| 9/15/2022 | Microsoft Defender Antivirus Device Health details API | removed |

+| 9/15/2022 | [Create a SharePoint communications site in Teams with Microsoft 365 for business](/microsoft-365/business-premium/create-communications-site?view=o365-worldwide) | modified |

+| 9/15/2022 | [Maintain your environment](/microsoft-365/business-premium/m365bp-maintain-environment?view=o365-worldwide) | modified |

+| 9/15/2022 | [Trojan malware](/microsoft-365/security/intelligence/trojans-malware?view=o365-worldwide) | modified |

+| 9/15/2022 | [Report spam, non-spam, phishing, suspicious emails and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide) | modified |

+| 9/15/2022 | [Microsoft Purview Compliance Manager templates list](/microsoft-365/compliance/compliance-manager-templates-list?view=o365-worldwide) | modified |

+| 9/16/2022 | [Capabilities of Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/capabilities?view=o365-worldwide) | modified |

+| 9/16/2022 | [Enhancing mail flow with MTA-STS ](/microsoft-365/compliance/enhancing-mail-flow-with-mta-sts?view=o365-worldwide) | modified |

+| 9/16/2022 | [Get started with the Microsoft Service Trust Portal](/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-worldwide) | modified |

+| 9/16/2022 | [Customize an archive and deletion policy (MRM) for mailboxes](/microsoft-365/compliance/set-up-an-archive-and-deletion-policy-for-mailboxes?view=o365-worldwide) | modified |

+| 9/16/2022 | [Review architecture requirements and planning concepts for Microsoft Defender for Office 365](/microsoft-365/security/defender/eval-defender-office-365-architecture?view=o365-worldwide) | modified |

+| 9/16/2022 | [Pilot Microsoft Defender for Office 365, use the evaluation in your production environment](/microsoft-365/security/defender/eval-defender-office-365-pilot?view=o365-worldwide) | modified |

+| 9/16/2022 | [Evaluate and pilot Microsoft 365 Defender, an XDR solution](/microsoft-365/security/defender/eval-overview?view=o365-worldwide) | modified |

+| 9/16/2022 | [How-to deploy and configure the report message add-in](/microsoft-365/security/office-365-security/step-by-step-guides/deploy-and-configure-the-report-message-add-in?view=o365-worldwide) | modified |

+| 9/16/2022 | Microsoft Defender Security Center Security operations dashboard | removed |

+| 9/16/2022 | [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-worldwide) | modified |

+70 | Default<BR>Required | No | `*.o365weve.com, amp.azure.net, appsforoffice.microsoft.com, assets.onestore.ms, auth.gfx.ms, c1.microsoft.com, dgps.support.microsoft.com, learn.microsoft.com, msdn.microsoft.com, platform.linkedin.com, prod.msocdn.com, shellprod.msocdn.com, support.microsoft.com, technet.microsoft.com` | **TCP:** 443

+For more information about this architecture, including deployment objectives for your entire digital estate, see [Zero Trust Rapid Modernization Plan (RaMP)](https://review.learn.microsoft.com/security/zero-trust/zero-trust-ramp-overview?branch=zt-content-prototype).

+### [Built-in protection](built-in-protection.md)

+ Title: Built-in protection helps guard against ransomware

+description: Learn how built-in protection protects against ransomware as part of Microsoft Defender for Endpoint.

+search.appverid: MET150

+audience: Admin

+ms.localizationpriority: medium

+f1.keywords: NOCSH

+# Built-in protection helps guard against ransomware

+[Microsoft Defender for Endpoint](microsoft-defender-endpoint.md) helps prevent, detect, investigate, and respond to advanced threats, such as ransomware attacks. [Next-generation protection](next-generation-protection.md) and [attack surface reduction](overview-attack-surface-reduction.md) capabilities in Defender for Endpoint were designed to catch emerging threats. In order for the best protection from ransomware and other cyberthreats to be in place, certain settings must be configured. Built-in protection can help by providing you with default settings for better protection.

+> [!TIP]

+> **You don't have to wait for built-in protection to come to you**! You can protect your organization's devices now by configuring these capabilities:

+> - [Enable cloud protection](why-cloud-protection-should-be-on-mdav.md)

+> - [Turn tamper protection on](prevent-changes-to-security-settings-with-tamper-protection.md)

+> - [Set attack surface reduction rules to block mode](attack-surface-reduction-rules-deployment.md)

+> - [Enable network protection in block mode](enable-network-protection.md)

+## What is built-in protection, and how does it work?

+Built-in protection is a set of default settings that are rolling out to help ensure your devices are protected. These default settings are designed to protect devices from ransomware and other threats. Initially, built-in protection will include turning [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) on for your tenant, with other default settings coming soon.

+| Phase | What happens |

+|:|:|

+| Built-in protection is rolling out in [preview](preview.md) | Customers who have opted to receive preview features are receiving [notification](#what-does-the-notification-look-like) that built-in protection is coming. If it's not already configured, tamper protection will be turned on for customers who have Defender for Endpoint Plan 2 or Microsoft 365 E5. |

+| Built-in protection becomes available for your tenant | You'll be [notified](#what-does-the-notification-look-like) that your tenant is about to receive built-in protection and when tamper protection will be turned on (if it's not already configured). |

+| Built-in protection arrives | Tamper protection will be turned on for your tenant, and will be applied to your organization's Windows devices. You can [opt out](#can-i-opt-out) or [change your built-in protection settings](#can-i-change-built-in-protection-settings). |

+| After built-in protection has arrived | Whenever new devices are onboarded to Defender for Endpoint, built-in protection settings will be applied to any new devices running Windows. You can always [change your built-in protection settings](#can-i-change-built-in-protection-settings). |

+> [!NOTE]

+> Built-in protection sets default values for Windows devices. If endpoint security settings change, such as through baselines or policies in [Microsoft Endpoint Manager](/mem/endpoint-manager-overview), those settings override the built-in protection settings.

+## What does the notification look like?

+You can expect to receive two types of notifications:

+- A message center post indicating that built-in protection is coming soon; and

+- A banner in the Microsoft 365 Defender portal that resembles the following image:

+ :::image type="content" source="media/bip-notification-m365defender.png" alt-text="Screenshot showing yellow banner highlighting built in protection in Microsoft 365 Defender portal.":::

+Your notification will tell you when built-in protection is coming and when tamper protection will be turned on (if it's not already configured) for your tenant.

+## Can I opt out?

+You can opt out of built-in protection by specifying your own security settings. For example, if you prefer to not have tamper protection turned on automatically for your tenant, you can explicitly opt out.

+> [!NOTE]

+> **We do not recommend turning tamper protection off**. Tamper protection provides you with better ransomware protection.

+> You must be a global administrator or security administrator to perform the following procedure.

+1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.

+2. Go to **Settings** > **Endpoints** > **Advanced features**.

+3. Set **Tamper protection** to **On** (if it's not already on), and then select **Save preferences**. *Don't leave this page yet*.

+4. Set **Tamper protection** to **Off**, and then select **Save preferences**.

+## Can I change built-in protection settings?

+Built-in protection is a set of default settings. You aren't required to keep these default settings in place. You can always change your settings to suit your business needs. The following table lists tasks your security team might perform, along with links to learn more.

+| Task | Description |

+|:|:|

+| Determine whether tamper protection is turned on | 1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.<br/>2. Go to **Settings** > **Endpoints** > **Advanced features** > **Tamper protection**. |

+| Manage tamper protection tenant wide using the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) | 1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.<br/>2. Go to **Settings** > **Endpoints** > **Advanced features**.<br/>3. Set **Tamper protection** to **On** (*recommended*) or **Off**.<br/>4. Select **Save preferences**.<br/><br/>See [Manage tamper protection for your organization using Microsoft 365 Defender portal](manage-tamper-protection-microsoft-365-defender.md). |

+| Set tamper protection settings for some, but not all, devices | Use endpoint security policies and profiles that are applied to specific devices. See the following articles:<br/>- [Manage tamper protection using Microsoft Endpoint Manager](manage-tamper-protection-microsoft-endpoint-manager.md)<br/>- [Manage tamper protection using tenant attach with Configuration Manager, version 2006](manage-tamper-protection-configuration-manager.md)|

+| Turn tamper protection on or off on an individual device | 1. On your Windows device, select **Start**, and start typing *Security*.<br/>2. In the search results, select **Windows Security**.<br/>3. Select **Virus & threat protection** > **Virus & threat protection settings**.<br/>4. Set **Tamper Protection** to **On** (*recommended*) or **Off**. <br/><br/>If the device is onboarded to Defender for Endpoint, or the device is managed in the Microsoft Endpoint Manager admin center, those settings will override user settings on the individual device. <br/><br/>See [Manage tamper protection on an individual device](manage-tamper-protection-individual-device.md). |

+| Temporarily disable tamper protection on a device for troubleshooting purposes | See the following articles:<br/>- [Get started with troubleshooting mode in Microsoft Defender for Endpoint](enable-troubleshooting-mode.md)<br/>- [Troubleshooting mode scenarios in Microsoft Defender for Endpoint](troubleshooting-mode-scenarios.md) |

+## See also

+- [Protect security settings with tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md)

+- [Manage endpoint security in Microsoft Intune](/mem/intune/protect/endpoint-security)

+- [Configure Microsoft Defender for Endpoint in Intune](/mem/intune/protect/advanced-threat-protection-configure)

+- [Manage Microsoft Defender for Endpoint on devices with Microsoft Endpoint Manager](/mem/intune/protect/mde-security-integration)

+- [Responding to ransomware attacks](../defender/playbook-responding-ransomware-m365-defender.md)

+If you're a home user, or you aren't subject to settings managed by a security team, you can use the Windows Security app to manage tamper protection. You must have appropriate admin permissions on your device to do change security settings, such as tamper protection.

+> [Start >](/training/paths/defender-endpoint-fundamentals/)

+|[Blue Hexagon for Network](/training/modules/explore-malware-threat-protection/)|Blue Hexagon has built the industry's first real-time deep learning platform for network threat protection

+> Get notified when this page is updated by copying and pasting the following URL into your feed reader: `https://learn.microsoft.com/api/search/rss?search=%22In+the+navigation+pane%2C+select+Settings+%3E+Advanced+features+%3E+Preview+features.%22&locale=en-us&facet=`

+> https://learn.microsoft.com/api/search/rss?search=%22features+are+generally+available+%28GA%29+in+the+latest+release+of+Microsoft+Defender+for+Endpoint%22&locale=en-us&facet=

+### Queries

+Advanced hunting data uses the UTC (Universal Time Coordinated) timezone.

+

+Queries should be created in UTC.

+### Results

+Advanced hunting results are converted to the [timezone](m365d-time-zone.md) set in Microsoft 365 Defender.

+- [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)

+> Although the examples in this section encourage you to paste in secret values for testing purposes, you should **never hardcode secrets** into an application running in production. A third party could use your secret to access resources. You can help keep your app's secrets secure by using [Azure Key Vault](/azure/key-vault/general/about-keys-secrets-certificates). For a practical example of how you can protect your app, see [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/).

+- [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)

+> Although the example in this demo app encourage you to paste in your secret value for testing purposes, you should **never hardcode secrets** into an application running in production. A third party could use your secret to access resources. You can help keep your app's secrets secure by using [Azure Key Vault](/azure/key-vault/general/about-keys-secrets-certificates). For a practical example of how you can protect your app, see [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/).

+- [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)

+- [OAuth 2.0 Authorization for user sign in and API access](/azure/active-directory/develop/active-directory-v2-protocols-oauth-code)

+| [Manage secrets in your apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/) |

+> Although the examples in this section encourage you to paste in secret values for testing purposes, you should **never hardcode secrets** into an application running in production. A third party could use your secret to access resources. You can help keep your app's secrets secure by using [Azure Key Vault](/azure/key-vault/general/about-keys-secrets-certificates). For a practical example of how you can protect your app, see [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/).

+- [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)

+> [Start >](/training/modules/defender-investigate-incidents/)

+> [Start >](/training/modules/defender-self-healing/)

+- Advanced hunting results

+> The custom time range filter in advanced hunting remains in UTC regardless of the time zone setting.

+> There are lots of other learning opportunities in [Microsoft Learn](/training/). You'll find certification training such as [Course MS-500T02-A: Implementing Microsoft 365 Threat Protection](/training/certifications/courses/ms-500t02).

+> [Start >](/training/paths/defender-detect-respond/)

+ - [Detect and respond to cyber attacks with Microsoft 365 Defender](/training/paths/defender-detect-respond/)

+ - [Secure your organization with Microsoft Defender for Endpoint](/training/paths/defender-endpoint-fundamentals/)

+https://learn.microsoft.com/api/search/rss?search=%22Lists+the+new+features+and+functionality+in+Microsoft+365+defender%22&locale=en-us

+|Microsoft 365 security|[Learning module: Secure your organization with built-in, intelligent security from Microsoft 365](/training/modules/security-with-microsoft-365)|This module enables you to describe how Microsoft 365 security features work together and to articulate the benefits of these security features.|

+|Microsoft 365 security|[Learning module: Secure your organization with built-in, intelligent security from Microsoft 365](/training/modules/security-with-microsoft-365) <p>This module enables you to describe how Microsoft 365 security features work together and to articulate the benefits of these security features.|

+> [Start >](/training/modules/m365-compliance-information-governance/introduction/)

+> [Start >](/training/modules/m365-security-info-overview/introduction/)

+||Learn about the Microsoft 365 security and compliance solutions areas and the capabilities available to help enterprises secure their enterprise and meet regulatory requirements. If you're unfamiliar with basic cloud computing concepts, we recommend you take [Cloud Concepts - Principles of cloud computing](/training/modules/principles-cloud-computing/index).<br><br>3 hr 11 min - Learning Path - 8 Modules|

+> [Start >](/training/modules/what-is-m365/1-introduction/)

+Today, I find many customer IT groups are structured around "products." It's logical for an on-premises world since you need an expert for each specific product. However, I'm totally happy that I don't have to debug an Active Directory or Exchange database ever again as these services have moved to the cloud. Automation (which cloud kind of is) removes certain repetitive manual jobs (look what happened to factories). However, these tasks are replaced with more complex requirements to understand cross-services interaction, impact, business needs, and so on. If you are willing to [learn](/training/), there are great opportunities enabled by cloud transformation. Before jumping into technology, I often talk to customers about managing change in IT skills and team structures.

+> [Start >](/training/modules/m365-security-info-overview/introduction/)

+> [Start >](/training/modules/m365-identity-overview/introduction/)

+[Simplify device management with Microsoft Endpoint Manager](/training/modules/simplify-device-management-with-microsoft-endpoint-manager/)

+[Set up Microsoft Intune](/training/modules/set-up-microsoft-intune/)

+> [Start >](/training/modules/m365-teams-collab-prepare-deployment/introduction/)

+> [Start >](/training/modules/m365-teams-sharepoint-plan-sharepoint/introduction/)

+> [Start >](/training/modules/m365-security-info-overview/introduction/)

+> [Start >](/training/modules/m365-identity-overview/introduction/)