Windows Server Summit 2024 – Powered by Engineering
The significantly EXPANDED Windows Server Summit 2024, with content now powered by Microsoft Engineering teams has been announced. Join us on March 26th to March 28th to discover the latest updates on Windows Server 2025, on-prem and Hybrid scenarios, Azure Arc, Identity, Virtualization, SMB updates and more! Interact with expert speakers and engineering teams through live Q&A and comments section. Register now and don't miss out on this multi-day, deep technical content focused, virtual event hosted on Microsoft Tech Community.Microsoft 365 E5 Security is now available as an add-on to Microsoft 365 Business Premium
The threat landscape continues to evolve creating ongoing challenges for small and medium businesses (SMBs) that are faced with increased regulations and cyberinsurance requirements. Today, Microsoft 365 Business Premium delivers core security solutions to SMBs that help safeguard data, defend against cyberthreats, and manage access and devices. With the growing volume of attacks and increased sophistication of threats, there are SMBs that want enhanced cybersecurity protection for their business. We are pleased to announce that Business Premium customers are now able to purchase Microsoft 365 E5 Security as an add-on to further enhance their security. E5 Security brings new security value on top of Business Premium with Microsoft Entra ID Plan 2, Microsoft Defender for Identity, Microsoft Defender for Endpoint Plan 2, Microsoft Defender for Office 365 Plan 2, and Microsoft Defender for Cloud Apps. (ENHANCED) Identity and access controls Business Premium includes Microsoft Entra ID P1, which provides single sign-on, multi-factor authentication (MFA), and conditional access to help SMBs manage user identities and enable access to applications and resources from trusted users, devices, and locations. Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. (NEW) Extended Detection and Response (XDR) Microsoft Defender XDR delivers a unified and efficient approach to incident-level visibility across the attack lifecycle. Together XDR and exposure management (XSPM) consolidate multiple siloed security solutions to provide best-of-breed capabilities across identities, endpoints, apps, and email. (NEW) Identity threat detection and response (ITDR) Identities are one of the most common attack vectors making identity-specific threat detection and response a critical element to secure your business. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. (ENHANCED) Device security Microsoft Defender for Business (MDB) already brings enterprise-grade device protection capabilities to Business Premium customers across Windows, MacOS, iOS, and Android devices. It includes vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. With streaming APIs, customers and partners can build Managed Detection and Response (MDR) services with Defender for Business. For customers who need advanced hunting, Microsoft Defender for Endpoint P2 adds advanced hunting, and 6 months of data retention on the device, along with endpoint security for IoT devices. (ENHANCED) Email and Collaboration security Microsoft Defender for Office 365 P1 in Business Premium includes SafeLinks with time of click URL filtering, safe attachments with real-time attachment scanning in sandbox, and phishing and malware defense across email, Microsoft Teams, OneDrive and SharePoint. It also has AI-powered LLM-based threat protection with 99.995% attacker intent detection accuracy. With Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. (NEW) Software-as-a-service (SaaS) security Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with GenAI apps by combing SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. E5 Security delivers added protection to meet the growing needs of SMBs in a package that is cost-effective. Purchasing E5 Security has 57% savings when compared to the cost of separately purchasing the individual products that are included. FAQ When will E5 Security be available for purchase? E5 Security is available for purchase as an add-on to Business Premium starting today, 3/6. How can I purchase E5 Security? You can purchase E5 Security as an add-on to Business Premium through Microsoft Security for SMBs website or through your Partner. Does Microsoft 365 Business Premium plus Microsoft 365 E5 Security allow mixed licensing for endpoint security solutions? Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft 365 E5 Security for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft 365 E5 Security) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. What are the differences between Microsoft Defender for Business and Microsoft Defender for Endpoint P2? MDB includes many of the same features as MDE P2, including enterprise-grade device protection for Windows, MacOS, iOS, and Android devices, vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. MDE P2 adds endpoint security for IoT devices, threat hunting, and 6 months of data retention on the device. A detailed comparison is available here. As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website. Partners can access training resources, customer decks and deployment checklists from our Business Premium Partner Playbook and find additional resources for Microsoft Security for Partners.
Accidental Teams Free deletion email sent out - explanation and FAQs
Hi folks - My name is Sam Cosby and I help run the Customer Experience & Obsession side for Teams Free Organizations within the Teams Engineering Team at Microsoft. Thanks for feedback from some Teams Free users on the following thread, as this has helped convey a clear problem that we needed to address. The following post is to explain that particular problem in further detail, with some additional FAQs that should help us understand further for anyone who may have seen this. I'll follow up on this thread once the bug is fully resolved. I received an email stating my trial is ending for Microsoft Teams (Free), but I didn’t sign up for a trial, why did I receive this? Back in January of 2021, there was an implementation of a new method to help reduce the number of Teams Free organizations that go unused over a 90-day period of inactivity by deleting them. Only organizations that did not have any sign-ins during this period and/or the grace period after the 90 days (120 days in total), would eventually become deleted. Unfortunately, there was a bug that sent out notification emails to Teams Free Admins even if their organization was in use during the past 90 days. We’ve since fixed this bug and expect that we shouldn’t see any additional emails be sent out to organizations that have been recently used. Figure 1: Example of accidental email sent out. Will Teams Free still delete in the next few weeks? No, as long as Teams has been in use in the past 90 days. While there are articles out there that have shown Teams Free Admins how to view their license ‘duration’, it’s been confirmed that once the fix goes live that any Teams Free orgs impacted with the above email will be ‘extended’ automatically and won’t have to worry about any data loss. Why does Teams Free have a deleted state? There was a new organization deletion method created back in January of 2021 to help reduce organization clutter by implementing a new deletion policy on organizations that go unused over a 90-day period of inactivity by deleting them. Only Teams Free organizations that did not have any sign-ins during this period and during the 30-day grace period after the 90 days (120 days in total), would eventually become deleted. Will documentation be updated? Yes. We realized that while this new method to help reduce organization clutter was released, the documentation unfortunately did not get updated as expected. We’ll be making changes to this as soon as we can to address the new deletion policies for Teams Free orgs moving forward. What does deleted mean for Teams Free? When the subscription is deleted, customer data is deleted and Azure Active Directory is removed, if not in use by other services. Users can’t access Teams, files/apps/services in this state.Elevating security for SMBs with AI-powered email protection and new partner initiatives
Cybersecurity is increasingly top of mind for small and medium businesses (SMBs) with a recent survey indicating that 94% consider cybersecurity critical to their business 1 . This is understandable, as 1 in 3 SMBs say they have experienced a cyberattack 2 , underscoring a need to bring sophisticated security to SMBs, but in an affordable and easy to use package. Continuing on our mission to bring enterprise-grade security to customers of all sizes, we are excited to announce that we’re bringing AI-powered email and collaboration protection to Microsoft Defender for Office 365 and Microsoft 365 Business Premium to better protect SMBs. Since partners play a critical role in helping secure SMB customers, we’re also announcing new integrations and programs to help them better serve their customers. Enhanced email and collaboration security with intent-based detections backed by LLM for SMBs Phishing emails are no longer clumsy, error-ridden messages with apparent mistakes. Our research teams have found that bad actors have begun using Gen AI to craft phishing emails, enhancing the language and customization, making them increasingly difficult to spot. Moreover, they use AI to engage in prolonged conversations with targets to extract money via payroll fraud, invoicing scams, or simply to gather PII (Personally Identifiable Information). Thus, we are excited to announce that Microsoft Defender for Office 365 now provides AI-powered email and collaboration security, using purpose-built Large Language Models (LLM) at scale. These models have been trained on one of the largest datasets in the industry and enable more accurate identification of text-only attacks like Business Email Compromise (BEC). Our solution interprets email language to understand and identify attacker intent and classify threats at machine speed. With an initial rollout to select customers over the past few months, we have seen impressive results of a 99.995% attacker intent detection accuracy and filtering, and 140K BEC emails blocked daily based on the LLM alone. Defender for Office 365 can effectively predict and neutralize attacks by recognizing malicious intent and safeguard your inbox against sophisticated social engineering tactics. We are now rolling out the new LLM-powered email analysis and filtering to Defender for Office 365 Plan 1 customers, which is also included in Microsoft 365 Business Premium. New SMB initiatives to help easily deliver security services at scale Managed Service Provider (MSP) partners play a critical role in helping secure SMB customers’ IT environments. We are introducing integrations and strategic programs to help MSPs better serve their customers. Huntress Managed Detection and Response integration with Microsoft Defender for Business and Microsoft Entra: With the global shortage in cybersecurity professionals many partners also face a lack of in-house security specialists. For those partners who want to resell security services but do not have the resources to invest in an in-house SOC, we are pleased to announce Microsoft Defender for Business and Microsoft Entra integrations with Huntress’ Managed Detection and Response (MDR) solution, designed for MSPs serving SMBs. Huntress’ 24/7 Security Operations Center (SOC) will triage, manage and remediate incidents and alerts for Defender for Business, helping expand the MSPs defenses and extending protection for joint customers without requiring any additional partner investment for in-house SOC. The integration is available to standalone Defender for Business and Microsoft 365 Business Premium customers starting today. Huntress is also integrating with Microsoft Entra ID to help ensure that joint customers use multifactor authentication (MFA) and Huntress to provide risk-based conditional access policies to protect their users and accounts. The Entra ID integration will be available by end of 2024. Training and readiness with Arrow and TDSYNNEX: Additionally, we are thrilled to announce strategic initiatives with Arrow and TDSYNNEX to enable their MSPs with training and readiness on Microsoft Defender for Business. This year-long collaboration provides resources and support for MSPs primarily in North America and Europe as they look to expand their security service offerings through Microsoft solutions. Microsoft SMB verified solution with MISA SMBs have unique requirements different from traditional Enterprise-centric security solutions. The Microsoft Intelligent Security Association (MISA) is thrilled to welcome SMB verified solution status to its portfolio. This status highlights technology solutions that are purpose built to meet the needs of SMBs, and the MSPs who manage IT and Security on their behalf. MISA members who meet the qualifying criteria and have gone through engineering review, will receive a specialized MISA member badge showcasing the verification and will be featured in the MISA partner catalog. We are excited to launch this status with our first two SMB verified partners: Blackpoint Cyber and Huntress. Learn more at Ignite 2024: Attend the sessions below to learn more about what’s happening in the SMB space: Date Time (CST) Location Session 11/19 1:30pm - 1:45pm Theater (THR553) Detect and respond to next gen email threats with Defender for Office 365 (add to your schedule) 11/20 2:30 - 4:30pm MSFT Expert Meetup Hub Huntress 11/21 12:30 - 2:30pm MSFT Expert Meetup Hub Blackpoint Cyber Additional Information: To learn more about Microsoft Security solutions for SMBs, including Microsoft 365 Business Premium and Microsoft Defender for Business, please visit our website. To learn more about MISA, visit the website. To learn more about Microsoft SMB verified solution, view the eligibility criteria. To get started on your SMB managed services journey, our partner playbooks – Microsoft 365 Business Premium Partner Playbook and Microsoft Defender for Business Partner kit – provide you with sales and technical trainings as well as customer ready assets. References 1,2 SMB Cybersecurity Report 2024
FY24 Modern Work & Security Partner Guide for SMB - now available for download!
Dear Parters, If you are present in the SMB market and would like to understand how Microsoft can support you programmatically in driving your Modern Work & Security business, then download and use our Modern Work & Security Partner guide. The guide summarizes programs and resources that help you to plan your enablement, go-to-market, target customers and identifying and developing opportunities from pre-sales to post-sales. Please find the download link below and leverage the guide actively. The guide will be periodically updated so make sure you use the download link in order to always have the latest version at hand.
