Save the date: Windows Office Hours - March 20, 2025
Save the date and join us for our next monthly Windows Office Hours, on March 20th from 8:00-9:00a PT. We will have a broad group of product experts, servicing experts, and engineers representing Windows, Microsoft Intune, Configuration Manager, Windows 365, Windows Autopilot, security, public sector, FastTrack, and more. They will be standing by -- in chat -- to provide guidance, discuss strategies and tactics, and, of course, answer any specific questions you may have. For more details about how Windows Office Hours works, go to our Windows IT Pro Blog. If 8:00 a.m. Pacific Time doesn't work for you, post your questions on the Windows Office Hours: March 20 event page, up to 48 hours in advance. Hope you can join us!No support for Protected Users in Microsoft Entra Domain Services?
I have been loooking into mapping best practices about configuring hardening / tiering model from on-premises Active Directory to Microsoft Entra Domain Services (MEDS). I'm well aware that MEDS is NOT a replacemenet for AD DS and have many restrictions and missing features, but that does not stop me from wanting to make it as secure as possible for member servers to be joined to. Since MEDS is a PaaS in Azure, deployed from within Azure and managed in another way than Active Directory, of course there are different ways of implementering a good tiering model. In my study I wanted to see if I could enable Protected Users feature (join users to Protected Users Group). However I find this group to be present but not possible to add members to (feature greyed out). I have a member server in the MEDS instance and have installed AD DS Tools. My user is member of AD DDS Administrators group. I would like to know if anyone have some knowledge on the subject to share?Microsoft 365 E5 Security is now available as an add-on to Microsoft 365 Business Premium
The threat landscape continues to evolve creating ongoing challenges for small and medium businesses (SMBs) that are faced with increased regulations and cyberinsurance requirements. Today, Microsoft 365 Business Premium delivers core security solutions to SMBs that help safeguard data, defend against cyberthreats, and manage access and devices. With the growing volume of attacks and increased sophistication of threats, there are SMBs that want enhanced cybersecurity protection for their business. We are pleased to announce that Business Premium customers are now able to purchase Microsoft 365 E5 Security as an add-on to further enhance their security. E5 Security brings new security value on top of Business Premium with Microsoft Entra ID Plan 2, Microsoft Defender for Identity, Microsoft Defender for Endpoint Plan 2, Microsoft Defender for Office 365 Plan 2, and Microsoft Defender for Cloud Apps. (ENHANCED) Identity and access controls Business Premium includes Microsoft Entra ID P1, which provides single sign-on, multi-factor authentication (MFA), and conditional access to help SMBs manage user identities and enable access to applications and resources from trusted users, devices, and locations. Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. (NEW) Extended Detection and Response (XDR) Microsoft Defender XDR delivers a unified and efficient approach to incident-level visibility across the attack lifecycle. Together XDR and exposure management (XSPM) consolidate multiple siloed security solutions to provide best-of-breed capabilities across identities, endpoints, apps, and email. (NEW) Identity threat detection and response (ITDR) Identities are one of the most common attack vectors making identity-specific threat detection and response a critical element to secure your business. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. (ENHANCED) Device security Microsoft Defender for Business (MDB) already brings enterprise-grade device protection capabilities to Business Premium customers across Windows, MacOS, iOS, and Android devices. It includes vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. With streaming APIs, customers and partners can build Managed Detection and Response (MDR) services with Defender for Business. For customers who need advanced hunting, Microsoft Defender for Endpoint P2 adds advanced hunting, and 6 months of data retention on the device, along with endpoint security for IoT devices. (ENHANCED) Email and Collaboration security Microsoft Defender for Office 365 P1 in Business Premium includes SafeLinks with time of click URL filtering, safe attachments with real-time attachment scanning in sandbox, and phishing and malware defense across email, Microsoft Teams, OneDrive and SharePoint. It also has AI-powered LLM-based threat protection with 99.995% attacker intent detection accuracy. With Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. (NEW) Software-as-a-service (SaaS) security Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with GenAI apps by combing SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. E5 Security delivers added protection to meet the growing needs of SMBs in a package that is cost-effective. Purchasing E5 Security has 57% savings when compared to the cost of separately purchasing the individual products that are included. FAQ When will E5 Security be available for purchase? E5 Security is available for purchase as an add-on to Business Premium starting today, 3/6. How can I purchase E5 Security? You can purchase E5 Security as an add-on to Business Premium through Microsoft Security for SMBs website or through your Partner. Does Microsoft 365 Business Premium plus Microsoft 365 E5 Security allow mixed licensing for endpoint security solutions? Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft 365 E5 Security for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft 365 E5 Security) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. What are the differences between Microsoft Defender for Business and Microsoft Defender for Endpoint P2? MDB includes many of the same features as MDE P2, including enterprise-grade device protection for Windows, MacOS, iOS, and Android devices, vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. MDE P2 adds endpoint security for IoT devices, threat hunting, and 6 months of data retention on the device. A detailed comparison is available here. As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website. Partners can access training resources, customer decks and deployment checklists from our Business Premium Partner Playbook and find additional resources for Microsoft Security for Partners.
Force users to "entra register" their devices
Hi, is it possible to force user to register their devices when they log in with their company account to any other device than company owned? I tested on my private smarthphone. Logged in as normal user with company account and my device did not show up in entra as "Microsoft Entra registered" Any ideas? Thanks
