by Contributed | Sep 23, 2020 | Azure, Technology, Uncategorized
This article is contributed. See the original author and article here.
Resource exemption will allow increased granularity for you to fine-tune recommendations by providing the ability to exempt certain resources from evaluation. With Azure Security Center’s Cloud Security Posture Management (CSPM) capabilities, we are offering a broad set of recommendations and security controls, that might be relevant for most, but not all customers. The only way to remove recommendations from the ASC dashboard and prevent them from influencing your Secure Score was to disable the whole related policy in the Azure Security Center Policy Initiative. That way, all resources were affected, meaning that once you switched off a policy, the particular recommendation that was derived from it, was never shown again for any resource. Now, with the new resource exemption capability, you can select which resource should no longer be evaluated against a particular recommendation, whereas others still are. It allows you to exempt a resource in case the resource is already healthy because it was resolved by other means that ASC does not identify, or because you’ve decided to accept the risk of not mitigating this recommendation for this resource.you have research and development environments for which you want to apply a not-so-strict baseline, whereas the rest of resources in the same subscriptions need to be fully protected. These are great examples for exempting these resources from evaluation with waiver as justification, whereas your production environments are still protected. Maybe you have a mix of Vulnerability Assessment solutions in your environment, some of which are not tracked by Azure Security Center. In this scenario, respective recommendation has already been remediated, and you can now create an exemption for these resources and select mitigated as justification.
Figure 1 – Create exemption blade
Our goal is to reduce alert-fatigue so that security analysts can focus on the highest priority recommendations. As a result, your secure score will not be impacted by exempted resources.
How does it work?
The process for exempting a resource from a recommendation is straightforward and explained in our official documentation. Basically, when working with a recommendation, you just have to click the ellipsis menu on the right side and then select create exemption.
Figure 2 – Create exemption
From a technical perspective, when you create a resource exemption, the status of the particular assessment (the evaluation of a particular resource against a given recommendation) is changed. The properties of the assessment will contain the status code “NotApplicable”, the cause “Exempt” and a description, as shown in the screenshot below.
Figure 3 – Assessment status after creating a resource exemption
At the same time, creating a resource exemption in ASC will create an Azure Policy exemption, a new capability the resource exemption feature in ASC relies on. That said, there are several ways to programmatically work with resource exemptions.
Resource exemption and automation
Knowing that an assessment is changed, and a new policy exemption is created every time you create a resource exemption in ASC, you have several ways of programmatically interacting with the resource exemption feature.
Azure Resource Graph
Assessments in Azure Security Center are continuously exported to Azure Resource Graph, giving you a great starting point for automation. ARG is a database that keeps a set of information which is gathered from different resources, giving you a very fast option to query information instead of separately pulling it from our REST APIs. Eli Koreh showed in his article how easy it is to create custom dashboards for ASC powered by ARG. You can find a list of starter query samples for Azure Resource Graph in the documentation.
To give you an idea of how to work with resource exemption in an ARG query, I’ve created the following sample, that will return a list of all resource exemptions that have been created in your environment:
SecurityResources
| where type == 'microsoft.security/assessments' and properties.status.cause == 'Exempt'
| extend assessmentKey = name, resourceId = tolower(trim(' ',tostring(properties.resourceDetails.Id))), healthStatus = properties.status.code, cause = properties.status.cause, reason = properties.status.description, displayName = properties.displayName
| project assessmentKey, id, name, displayName, resourceId, healthStatus, cause, reason
You can tune that query according to your needs, but it’s great as is for a quick overview on all exemptions you have created in your environment.
Resource Exemption and REST API
When a resource exemption in ASC is created, an exemption in the ASC Policy Initiative assignment is created. This is why you can leverage the Microsoft.Authorization/policyExemptions API to query for existing exemptions. This API is available as of version 2020-07-01-preview.
A GET call against the REST URI https://management.azure.com/subscriptions/<your sub ID>/providers/Microsoft.Authorization/policyExemptions?api-version=2020-07-01-preview will return all exemptions that have been created for a particular subscription, similar to the output shown below:
{
"value": [
{
"properties": {
"policyAssignmentId": "/subscriptions/<yourSubID>/providers/Microsoft.Authorization/policyAssignments/SecurityCenterBuiltIn",
"policyDefinitionReferenceIds": [
"diskEncryptionMonitoring"
],
"exemptionCategory": "waiver",
"displayName": "ASC-vmName-diskEncryptionMonitoring-BuiltIn",
"description": "demo justification",
"expiresOn": "2020-09-22T22:00:00Z"
},
"systemData": {
"createdBy": "someone@company.com",
"createdByType": "User",
"createdAt": "2020-09-22T09:27:23.7962656Z",
"lastModifiedBy": "someone@company.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2020-09-22T09:27:23.7962656Z"
},
"id": "/subscriptions/<yourSubID>/resourceGroups/<yourRG>/providers/Microsoft.Compute/virtualMachines/<vmName>/providers/Microsoft.Authorization/policyExemptions/ASC-vmName-diskEncryptionMonitoring-BuiltIn",
"type": "Microsoft.Authorization/policyExemptions",
"name": "ASC-vmName-diskEncryptionMonitoring-BuiltIn"
}
]
}
You can find further information about Policy Exemptions in the Azure Policy documentation.
(Workflow) automation with Logic Apps
Azure Security Center’s workflow automation feature is great for both, automatically reacting on alerts and recommendations, as well as manually triggering an automation in case you need it. I have created a sample playbook to request a resource exemption, that I want to explain a bit further below:
Request a resource exemption
In order to be able to create a resource exemption in ASC, your user account needs to be granted elevated access rights, such as Security Admin. In enterprise environments that we are working with, we often see that Azure subscriptions are given to people who are responsible for their own set of resources, but security is still owned by a central team. In this scenario, you don’t want to necessarily give every resource owner the right to create a resource exemption, but still, for justified reasons, someone should be allowed to request an exemption. To make this process easier and to fit it into your approval process, I’ve created a Logic App that can manually be triggered from the recommendation blade and allows you to request an exemption. Once a resource owner is checking recommendations and wants to exempt a resource, they can do it by clicking the Trigger Logic App button. The screenshot below shows the easy process:
Figure 4 – Request resource exemption process
- Select one or several resources to be exempted from the recommendation you are currently investigating.
- Click the Trigger Logic App button
- Select the Request-ResourceExemption Logic App (or whatever name you give it when deploying it)
- Click the Trigger button
The Logic App leverages the When an ASC recommendation is created or triggered trigger and will then send an email and a Teams message to the subscription’s security contact(s). This email and message will contain information about the resource, the recommendation, and a link that, once clicked, will lead you directly to a portal view that enables you to immediately create the requested resource exemption. You can find this playbook in our Azure Security Center GitHub repository, from where you can one-click deploy it to your environment.
Figure 5 – content of the request email
You can also use this sample playbook as a starting point for customizations according to your needs. For example, if you want to create a ServiceNow or JIRA ticket with that workflow, you can simply add a new parallel branch with the Create a new JIRA issue or the Create ServiceNow Record actions:
Figure 6 – add parallel branches for JIRA and/or ServiceNow to the Logic App
Next Steps
Resource Exemption in Azure Security Center now gives you a way to exempt resources from a recommendation in case it has already been remediated by a process not monitored by Azure Security Center, or in case your organization has decided to accept the risk related to that recommendation. You can easily build your own automations around that feature or leverage the sample artifact we have published in the Azure Security Center GitHub community. You can also publish your own automation templates in the community, so others can benefits from your efforts, as well. We have started a GitHub Wiki so you can easily learn how to publish your automations.
Now, go try it out and let us know what you think! We have published a short survey so you can easily share your thoughts around this new capability and the automation artifact with us.
Special thanks to Miri Landau, Senior Program Manager for reviewing this article.
by Contributed | Sep 23, 2020 | Uncategorized
This article is contributed. See the original author and article here.
There are lots of new announcements at Ignite’20 and it is the great time to reflect and summarize our journey thus far with security and compliance in SharePoint, OneDrive, and Teams. We are excited to share with you a roundup of recent new security and compliance controls in SharePoint and OneDrive and Teams. In this new norm of working remotely, safeguarding your business critical data is super important and we are here to help.
Click on the links below to learn more about respective scenarios and features. All the features mentioned below are generally available, except the ones explicitly called out as Public Preview or Private Preview.
For our Ignite 2020 announcements in Security and Compliance in SharePoint and OneDrive, check out this blog here.
User & session security
MFA (Multi-factor-authentication) for Users
Multi-factor-authentication is new norm and our recommended scheme to identify and authenticate users accessing content in Microsoft 365. Azure Active Directory offers MFA capabilities that you can turn on for internal and external users. Check out the link above for more details.
Unified session sign-out powered by Continuous access evaluation – Public Preview
User has lost his device and you want to sign him/her out across all sessions on all devices? We are providing you a unified session sign-out capability powered by continuous access evaluation. Check out the link above for more details.
Figure. Microsoft 365 admin signs out a user across all sessions on all devices
External users, sharing, and access
External sharing policies in SharePoint and OneDrive
Manage external access in Microsoft Teams
Collaborating with partners and clients external to your organization is bread and butter of many businesses. With our continued investments in external collaboration, SharePoint, OneDrive, and Teams is the hub for your external collaboration teamwork. Check the links above for details.
Figure. SharePoint admin center external sharing settings
Automatic expiration of external access for content in SharePoint & OneDrive
Managing external users access is important to ensure no loss of organization’s data after the external project is completed. You can now configure a The solution is here, automatic expiration of external access for content. Check out the link above for more details.
Figure. SharePoint site collection admin manages external access expiration
Access governance insights in SharePoint and OneDrive – Private Preview
With growing digital data it becomes important to govern the access policies for your top sites and teams that matter the most. Access governance insights in SharePoint and OneDrive aims to help you on these regards. If interested to be an early adopter, sign-up for the private preview here.
Conditional access policies – Devices and Locations security
Granular conditional access policies – Unmanaged device policy
Azure Active Directory offers the coarse grained conditional access policies, and within SharePoint and OneDrive you can do a site specific fine grained device policies. For example, top secret sites you want to block access from unmanaged devices. Check out the above link for more details.
Network IP address policy
Control access to the content based on location IP address that user is accessing from.
Information Protection with Sensitivity labels
As part of the Microsoft Information Protection (MIP) journey, we have a series of capabilities in SharePoint, OneDrive, and Teams to protect your sensitive content and we call out a few below. We continue to invest in this journey.
Microsoft Information Protection for Files
The encrypted files are now treated as first class experience in SharePoint, OneDrive, and Teams, and users can search for them and also co-author in Office Apps in them.
Figure. Microsoft information protection sensitivity labels for files
Microsoft Information Protection at scale – Auto classification with sensitivity labels
With the scale at which digital data is growing, it is not sufficient to have manual labelling only and expect the users and administrators to manually label files. Auto classification with sensitivity labels aim to power you to automatically detect sensitive content in your digital estate and label them.
Figure. Microsoft 365 compliance center showing auto labelling modes
Sensitivity labels for Teams, SharePoint Sites, and Microsoft 365 Groups
Not only at the Files level, you can also now classify and label a SharePoint site, Team, and Microsoft 365 Group and holistically secure all contents in them.
Sensitivity labels with external sharing policies – Public Preview coming soon
We are expanding the policies that can be associated with sensitivity labels, now with external sharing policy settings in SharePoint and OneDrive sites. If interested, sign-up here.
Sensitivity labels with MFA Policy – Private Preview
Multi-factor authentication (MFA) is our recommended authentication scheme for user authentication. You can now associate MFA (multi-factor-authentication) policy to sensitivity labels. If interested to try this out, sign up for the private preview here.
Data loss prevention (DLP)
DLP for SharePoint and OneDrive and Teams
To comply with business standards and industry regulations, organizations must protect sensitive information and prevent accidental leakage of organization’s data. Microsoft 365 Data Loss Prevention policies designed to help you prevent accidental data loss.
DLP Block external access by default for sensitive files in SharePoint/OneDrive/Teams
External collaboration is important for business, however, you do want to protect your sensitive files accidentally shared with external users. This feature specifically helps you meet that need. You can now block external sharing and access until a DLP scan is run on a given file that just got uploaded to SharePoint or OneDrive. Check out this feature link for more details.
DLP policy for blocking anyone links for sensitive content
Often you want to share sensitive content with external collaborators, however, you want to prevent access and sharing anyone with the link option. This new DLP rule helps you to achieve that granular control, check out the link above.
Endpoint data loss prevention (DLP) – Public preview
With remote working and proliferation of devices, end points have exponentially grown, we are helping you to protect and avoid leakage of sensitive content at all end points on Windows devices. Learn more about Endpoint DLP here.
Compliance – Information governance
M365 Communication Compliance
Communication compliance is an insider risk solution in Microsoft 365 and they help you with reviewing messages in scanned email, Microsoft Teams, Yammer, or third party communication tools. Check out the above link for more details.
M365 Multi-Geo capabilities
More organizations are becoming global and have a need to meet data residency compliance in keeping the users OneDrive and Mailbox in their home geo. Multi-Geo helps you to meet these data residency needs while at the same time offering the modern productivity experience to your global workforce.
Figure. SharePoint admin center showing tenant spanned across multiple geo locations
Information Barriers (IB) for SharePoint & OneDrive
You may have compliance need to put barriers in collaboration and communication between certain set of users in your organization to avoid conflict of interest. You can now achieve these controls in Microsoft 365, checkout the Information Barriers scenario link above.
Figure. SharePoint site owner manages information segments for a site
Retention labels
You can meet your governance needs for retaining or deleting the content after certain period of time, check out the retention labels and policies link above.
Records management
Organizations of all types require a records management solution to meet their regulatory, legal, and business requirements. Microsoft 365 records management is designed to help you meet these requirements. Check out the link above.
Check out Microsoft 365 compliance solutions page for many more compliance features available in Microsoft 365.
Other security controls
Global reader role in SharePoint
To reduce the number of administrators with privileged global admin roles, Azure Active Directory introduced Global Reader role. This role is now supported in SharePoint admin center so that they have only read access to all things SharePoint administration. Check out the link above for more details.
Customer key
Microsoft 365 has additional layer of encryption called service encryption on top of volume-level encryption thru BitLocker. Customer key is built on service encryption and enhances the ability to meet the demands of compliance requirements. To learn more, check out the link above.
Customer key for Exchange and SharePoint is already generally available. Customer key for Teams will come to private preview later calendar year 2020.
For licensing related information, check out the Microsoft 365 licensing guidance for security and compliance.
We hope this compilation of security and compliance controls was useful and informative for you.
Check out many more Ignite sessions in the Ignite website and Microsoft 365 Adoption Center: Virtual Hub. If you are new to Microsoft 365, learn how to try or buy a Microsoft 365 subscription.
As you navigate this challenging time, we have additional resources to help. For more information about how we are responding together to COVID-19, visit our Remote Work site. We’re here to help in any way we can.
Thank you!
Sesha Mani – Principal Group Product Manager (GPM)
Microsoft 365, SharePoint and OneDrive
Praveen Vijayaraghavan, Principal PM Manager
Microsoft 365, Teams
by Contributed | Sep 23, 2020 | Uncategorized
This article is contributed. See the original author and article here.
The Update Staging Lab is now Test Base for Microsoft 365 and today, as part of Microsoft Ignite 2020, we are announcing several new features developed in direct response to your feedback. As we all adjust to remote and hybrid work, organizations big and small are turning to technology and leveraging cloud and automation solutions to facilitate collaboration, stay productive, and ensure business continuity. With Test Base for Microsoft 365, we are looking to modernize application testing for software vendors, IT professionals, and their organizations.
In this post, I’ll share more information about Test Base for Microsoft 365, walk you through the new features, and summarize the steps you can take today to take advantage of this service.
What is Test Base for Microsoft 365?
Test Base for Microsoft 365 is an Azure service that facilitates data-driven testing of applications. Backed by the power of data and the cloud, the service enables software vendors and IT professionals to take advantage of intelligent application testing from anywhere in the world. If you are a developer or a tester, and you do not want to worry about your apps continuing to work as platform dependencies, such as the latest Windows updates, change, consider using Test Base for Microsoft 365. It will help you test your applications without the hassle, time commitment, and expenditure of setting up and maintaining complex test environments. It will also give you access to pre-release Windows updates on secure virtual machines (VMs) and world-class Intelligence on the performance and reliability of your applications.
A new tool in your IT toolbox
As an IT professional, one of your key responsibilities is to keep your device estate current, not only with platform updates like those for Windows and Office, but also with other types of updates, such as those related to drivers and applications. We have heard your feedback loud and clear: you want to be to 100% sure that your business-critical apps don’t break. You want to ensure your end users’ productivity is not interrupted. You must strike a balance between rolling out updates as soon as they are released and testing key apps before broad deployment. This is where a service like Test Base for Microsoft 365 can shine!
Microsoft has improved, and continues to improve, application compatibility with Windows 10 and Office 365, causing fewer regression issues. Recent statistics from our App Assure program indicate that 99.75% of customer and software vendor apps in the ecosystem are compatible with the latest build of Windows 10. We have created assessment tools such as Desktop Analytics, phased deployment options in Configuration Manager and Microsoft Endpoint Manager, and the Windows Insider Program for early flighting—all to help drive confidence even higher.
In spite of these great tools and offerings, the majority of our customers still depend on lab-based testing for their critical applications and drivers. Furthermore, the size of the install base for these applications or the business-critical nature of these apps can make it painful when encountering a failure. Testing continues to provide greater assurance against any surprises. However, most if not all testing is steeped in legacy processes and standing on decades-old test collateral and harnesses. Test Base for Microsoft 365 aspires to help organizations focus their test efforts and get to the level of confidence they seek in far less time.
We are initially extending our Test Base for Microsoft 365 offering to critical third-party software vendors whose applications (e.g. antivirus, VPN, and disk encryption) are relied upon by large customer bases. As we think about extending value to enterprise organizations, we will leverage Microsoft Endpoint Manager deployment workflows to do so. In the future, test results from Test Base for Microsoft 365 will be made available in Microsoft Endpoint Manager natively to help you with device and application assessments, all to drive higher deployment confidence.
While we build this seamless workflow, here is what you can do as an IT professional today:
New capabilities in Test Base for Microsoft 365
We are constantly innovating and adding capabilities based on customer feedback. Here are a few of the new features recently released in the service:
- Support for automated functional tests as customers have told us the out-of-box (OOB) tests do not sufficiently exercise application functionality.
- Support for Windows feature update validation. This was one of the top asks from software vendors enrolled in our private preview. We find that customers carry out more extensive testing when it comes to Windows feature updates and would like to have the assurance that their critical apps will continue to work after deploying these updates.
- Enabled testing with Windows update packages (latest cumulative updates, or LCUs) as opposed to using VHD media to image VMs with updates being tested. This will help better mimic real-world customer scenarios encountered when updating end user devices.
What’s next on the roadmap for Test Base for Microsoft 365?
We are continuously listening to you, our customers, to better understand your current testing practices and challenges. We evaluate every piece of feedback we gather to prioritize the next features and capabilities for the Test Base service. Examples of capabilities that you can expect to light up in the next few months include support for Windows 7 monthly security updates, support for Windows Server 2016 and Windows Server 2019 monthly security updates, and easier ways to manage application packages you have already uploaded.
We are engaging with select enterprise customers now to understand their needs and design a solution that fits in seamlessly with the deployment workflow in Microsoft Endpoint Manager. If you would like to participate in this discussion, please nominate yourself.
Join the community
If you are interested in shaping the future of this important service for the world, I invite you to come join us on the new Test Base for Microsoft 365 community community on Tech Community where you can share your experiences and connect with other customers using the service. If you are software vendor who is interested in onboarding your applications to Test Base for Microsoft 365, or if you are an IT professional whose organization is interested in nominating a software vendor to participate, please complete the preview sign-up form.
]
by Contributed | Sep 23, 2020 | Uncategorized
This article is contributed. See the original author and article here.
temp
by Contributed | Sep 23, 2020 | Uncategorized
This article is contributed. See the original author and article here.
As IT leaders, we have the ability to make the work experience more inclusive of the 1 billion people in the world with disabilities with the technology products and capabilities we choose to make available to our organizations. This week, we’ve announced exciting new features that everyone—including people with disabilities—can leverage to be more productive and to make the workplace more inclusive. From Live transcripts, to search to personal wellbeing insights, read on to learn all the ways Teams can help you work more inclusively.
Meetings & Calling & Devices
Live captions and transcripts with speaker attribution available for 1:1 calls and meetings
With more important calls, meetings and events happening virtually, it’s critical to make sure everyone can understand the discussion and participate easily, including people with disabilities. Live captions and transcripts with speaker attribution can make meetings more inclusive of people who are hard of hearing or deaf, or have learning disabilities like dyslexia and prefer spoken content to be reinforced with text. You can now provide live captions and transcripts with speaker attribution for 1:1 calls, all the way through to interactive meetings of up to 1,000 participants. And when you need to expand the reach of your meeting even further, up to 20,000 participants can view the meeting and live captions to follow along. These features can be enabled via the control bar within the call or meeting window, and will be made available in the coming months. Speaker attribution for live captions in meetings is now Generally Available for Commercial customers.
Live captions with speaker attribution during a Microsoft Teams meeting.
New Together mode scenes
When managing our mental health and wellbeing, it’s important to make sure we feel connected and close to other people—whether family members, local communities or those we collaborate with at work. We commissioned a Harris Poll survey of over 2,000 remote workers in six countries, and nearly 60% of people surveyed reported feeling less connected to their colleagues since they started working remotely more often. In China, this number spiked to 70%. In the past few months we’ve introduced new capabilities to make it easier for each of us to more naturally connect with teammates, and to take control of our wellbeing. One of these new capabilities is Together mode, a view in Teams meetings that makes you feel like you’re sitting in the same room with your teammates, and makes it easier to pick up on the non-verbal cues that are so important to natural human interaction and connection. This week we announced new Together mode scenes, coming later this year, including various auditoriums, conference rooms and a coffee shop. Presenters will also be able to select a scene from the gallery as the default scene for all meeting attendees. We hope you can find a Together mode scene that works for you and your team, and that can help your team feel closer together, even when you’re apart.
Read more: What’s New in Microsoft Teams | Microsoft Ignite 2020
In case you missed it
- Touchless experiences in Microsoft Teams Rooms — Touchless experiences not only make Teams Meetings Rooms safer as we return to physical workplaces, they also make them more inclusive of employees with disabilities. Teams Meeting Room devices and other conference calling devices are typically placed in the middle of large conference room tables, making them difficult if not impossible to access for those with limited reach or strength. With Cortana voice assistance and Room Remote on Microsoft Teams Room devices, people with vision and mobility disabilities can more easily use shared meeting room devices with their voice—completely hands free—or with their mobile device. These new capabilities build on the flexibility already afforded by proximity join.
- Dynamic view — Dynamic view gives you more control over how you see shared content and other participants in a meeting. New controls—including the ability to show shared content and specific participants side-by-side—let you personalize the view to suit your preferences and needs. This is particularly important for participants who are deaf and use sign language interpreters to participate in the discussion. With Dynamic View, participants can view shared content and pin their interpreter so they are always in view.
- Live Presentations in Teams — Every presenter knows how hard it is to get—and keep—your audience truly engaged throughout a presentation. With PowerPoint Live, audience members can follow along with the presentation from their personal device, move through slides at their own pace, and enable live subtitles in their preferred language. Not only will Live Presentations help empower participants who are hard of hearing, it will also break language barriers and make sure that everyone in the audience is engaged and included.
- Read more about these recent announcements: Reimagining virtual collaboration for the future of work and learning
Chat & Collaboration
Wellbeing and productivity insights coming in Teams
The rise in remote and hybrid work during the ongoing pandemic is pushing people and organizations to work in new ways, introducing challenges as well as opportunities for a new normal. Our research shows four clear challenges: after hours work is on the rise, boundaries between work and home are being eliminated, the rise of virtual collaboration and video meetings has led to a rise in stress levels, and people feel less connected to their colleagues when working remotely. To help us address some of these challenges so we can thrive and build resilience, we’re bringing wellbeing and productivity insights to Microsoft Teams. From unwinding with Headspace on your virtual commute to discovering opportunities to prevent burnout, see how new insights for individuals, teams, and organizations can help.
Read more: Introducing insights in Teams to power wellbeing and productivity
Wellbeing and productivity insights in Microsoft Teams
Improved search experience
A new search experience in Teams, powered by Microsoft Search and available by the end of 2020, will make finding messages, people and files faster and more intuitive for everyone, including people with disabilities who use assistive technologies like screenreaders. A redesigned search results page provides better context and faster results, with AI-powered relevance based on the people and content you engage with most in Teams, and other Microsoft 365 services. Assistive technology users will be able to use the ‘Control F’ shortcut to access the search bar, initiate a search, and bring information right to their fingertips. It’s everything you love about Search in other Microsoft 365 applications, right in the Teams experience.
Read more: What’s new for Microsoft Search – Ignite 2020 Edition
New search experience in Microsoft Teams powered by Microsoft Search.
In case you missed it
- Less typing, please! — Whether you’re looking to increase your productivity, or have a mobility or learning disability like dyslexia that makes typing or writing difficult, Cortana in Teams and Suggested replies in the Teams mobile app give you another way to communicate with teammates. Cortana is now Generally Available in the Teams mobile app on iOS and Android to Microsoft 365 Enterprise users in the U.S. in English. Suggested replies are also now Generally Available to Commercial customers.
- Read more: Reimagining virtual collaboration for the future of work and learning
Microsoft 365 Announcements
Play My Emails more broadly available – Play My Emails lets you listen and respond to what’s new in your inbox hands-free using Cortana, giving people with learning disabilities like dyslexia a way to consume written content that doesn’t require reading blocks of text. Play my Emails is already available in Outlook for iOS and Android in English in the United States, and will start rolling out in the coming months in English in Australia, Canada, the United Kingdom and India. With updates this month to Outlook for iOS in English in the United States, users can interact with their inbox via their headphones while their phone is in their pocket, initiate a call with the sender of an email to move the conversation forward in real time, play emails from a specific person, time or topic, and connect multiple eligible accounts—whether personal or professional—to the experience.
Voice commands in Outlook Mobile—Now you can use your voice to write emails, schedule meetings, and make calls, all from within Outlook mobile. Tap the microphone, and say “Email Adele that I’m running late”, “Schedule a meeting about Group Meditation with Megan”, or “Call Anna on Teams”. Outlook will find the relevant person, draft up a message, meeting or provide the option to start a call, and help you be more productive, all with voice. Voice capabilities like these provide people with learning disabilities like dyslexia, another way to write content, that doesn’t require typing. It also gives those with mobility disabilities another way to create content on the go.
Briefing Email from Cortana improvements — The Briefing Email is becoming generally available in September for Microsoft 365 Enterprise users with Exchange Online mailboxes in English. And with updates coming by the end of the year, the Briefing email will streamline meeting preparation. Actionable reminders will make it easy to add an agenda or a Teams link for an upcoming meeting if you forget, and to spot if a meeting is missing quorum. Integration with Microsoft To Do will make it seamless to follow up on a suggested task later. We’re also working on bringing specialized insights for people managers to help boost your team’s productivity and wellbeing, such as prompts to schedule regular one-on-one time with your direct reports and reminders to follow up on key asks. The Briefing Email gives people with disabilities like memory loss or ADHD, more proactive assistance and tools to stay on top of their important tasks and relationships.
Read more: What’s new with Cortana, your personal productivity assistant
Read MVP Jeff Stokes’ story here: What I Learnt While Not Remembering: Technology and its use in Traumatic Brain Injury
A reimagined Microsoft Stream – This week we announced a new vision for Microsoft Stream—to bring intelligent video creation, sharing, and viewing to all parts of Microsoft 365, while empowering users and administrators to manage video just as they would any other file. Part of this new vision is an enhanced playback experience that displays more accurate transcripts with speaker attribution for meeting recordings, among other exciting enhancements. These experiences will be made available over the coming year.
Read more: A new vision for Microsoft Stream
In case you missed it
Learn more and take action
1. Watch these Microsoft Ignite sessions to learn more about building an inclusive culture with support from Microsoft 365, and to get a closer look at these new inclusive features:
2. Complete the “Configure Microsoft Teams meeting and calling for Inclusion” training module to learn what you can do to configure Microsoft Teams in a way that maximizes inclusion of your diverse employees.
3. Find more Microsoft 365 Inclusive Workplace resources
Recent Comments