The world of IT is constantly evolving and the only successful recipe to keep pace with it is to be aware of the changes. In this blog post, we will explore five insights into the latest trends in Microsoft 365, which is a popular productivity suite.
These insights are based on our research and experience. We’ll discuss how these trends are impacting businesses of all sizes, and we will offer some tips on how to stay ahead of the curve.
So, whether you are a small business owner or a large enterprise, read on to learn about the latest trends in Microsoft 365
Let’s Get Down To Brass Tacks!!
Microsoft 365 Insight # 1
Using Intune for LAPS can help you to improve the security of your devices by ensuring that the passwords for the local administrator accounts are complex and rotate on a regular basis. It also centralizes the management of these passwords, which makes it easier to track and audit them. That said, Intune provides a mechanism for recovering the passwords for these accounts if they are lost or forgotten.
Enhance Device Security with Microsoft Intune: Local Administrator Password Management (LAPS)
Microsoft Intune can be used to manage local administrator passwords (LAPS) on devices that are enrolled in Intune. This allows you to centrally manage the passwords for these accounts, which can help to improve the security of your devices.
To use Intune for LAPS you will need to:
- Enable the LAPS feature in Azure Active Directory.
- Create a client-side policy in Intune that specifies the password requirements for the local administrator account.
- Configure Intune to back up the LAPS passwords to Azure Active Directory or on-premises Active Directory.
Password Management Features of LAPS:
Once you have configured Intune for LAPS, you can use the following features to manage the passwords for these accounts:
- Rotate the passwords for the local administrator accounts on a schedule.
- View the current passwords for the local administrator accounts.
- Recover the passwords for the local administrator accounts if they are lost or forgotten.
Using Intune for LAPS can help you to improve the security of your devices by:
- Ensuring that the passwords for the local administrator accounts are complex and rotate on a regular basis.
- Centralizing the management of the passwords for these accounts, which makes it easier to track and audit them.
- Providing a mechanism for recovering the passwords for these accounts if they are lost or forgotten.
How to use Microsoft Intune for Local Administrator Password Management (LAPS)?
- Enable the LAPS feature in Azure Active Directory.
- First, sign in to the Azure portal as a Cloud Device.
- Browse to Azure Active Directory > Devices > Device settings.
- Select “Yes” for the Enable Local Administrator Password Solution (LAPS) setting and select Save.
- Create a client-side policy in Intune that specifies the password requirements for the local administrator account.
- Come to the Intune admin center.
- Go to Device Config > Policies > Create Policy.
- Select the Windows 10 and later category and then select Local Administrator Password.
- In the Policy settings section, specify the password requirements for the local administrator account.
- Configure Intune to back up the LAPS passwords to Azure Active Directory or on-premises Active Directory.
- From Create Policy onwards, Select the Windows 10 and later category and then select Local Administrator Password Backup.
In the Policy settings section, specify whether you want to back up the passwords to Azure Active Directory or on-premises Active Directory.
- From Create Policy onwards, Select the Windows 10 and later category and then select Local Administrator Password Backup.
- Once you have configured Intune for LAPS, you can use the following features to manage the passwords for these accounts:
Rotate the passwords for the local administrator accounts on a schedule.
- Go to Intune admin center.
- Now, head to Devices > All devices.
- Select the device that you want to rotate the password for.
- Select options and then Rotate local admin password.
You can also view the current passwords for the local administrator accounts. This time, select Show local administrator password.
To recover the passwords for the local administrator accounts if they are lost or forgotten, select Recover local administrator password.
Inquire Away! We've Got You Covered!
Microsoft 365 Insight # 2
The devices that your employees use can have a significant impact on your organization’s cyber security posture.
So, Choose Your Devices Wisely
For example, devices that are not up to date with the latest security patches are more vulnerable to attack. In fact, devices that are not properly configured can also be a security risk.
How compromised devices can pose significant security risks within a Microsoft 365 environment?
Phishing Attacks: An employee’s device gets compromised through a phishing email, where they unknowingly provide their login credentials to attackers. The attackers then use these credentials to gain unauthorized access to the employee’s Microsoft 365 account. They can access sensitive data and emails and even spread malware in the organization.
Ransomware Infections: A compromised device can easily attract ransomware. The ransomware can spread to other devices and servers within the organization’s network, encrypting files. Hackers then demand a ransom for their release. This can disrupt business operations and can lead to data loss if proper backup measures are not in place.
Insider Threats: A disgruntled insider can exploit compromised device controls and misuse their privileges within their Microsoft 365 environment. Potentially, they can steal sensitive data, tamper with important documents, or even sabotage your critical systems.
Data Exfiltration: Attackers can use such devices to exfiltrate confidential information from your organization. They can steal customer data, intellectual property, or even financial records. The stolen data can be sold on the black market or used for malicious purposes. This can be a huge setback for your business.
Business Email Compromise (BEC): Attackers compromise a device belonging to a high-level executive or an employee with financial authority. They then use it to send fraudulent emails to other employees or partners, tricking them into performing unauthorized financial transactions or disclosing sensitive information.
Account Takeovers: Compromised devices can be used to gain unauthorized access to employee accounts. Once an account is compromised, attackers can impersonate the legitimate user and can access confidential information. They can also initiate unauthorized transactions or spread malware within the organization.
How to exercise caution while choosing devices for your organization?
- Security: The devices should be selected with security as the most important factor in mind. This means that the device should have features such as secure boot, encryption, and malware protection.
- Updatability: They should be upgradable to the latest security patches. This will help to protect the organization from known vulnerabilities.
- Configuration: The devices should be configured securely. This includes setting strong passwords, enabling security features, and avoiding risky behaviors.
That said, you should also consider the specific needs of your organization when choosing devices.
For example, if your organization requires devices that are highly mobile, you will need movement-friendly devices.
By carefully considering the factors listed above, you can choose devices that will help to improve your organization’s cyber resiliency posture.
Choose devices that consolidate your organization’s cyber resiliency plan:
- Consider the security posture of your organization:
What are the specific threats that your organization faces? What are your organization’s security goals? - Work with a trusted security vendor.
A security vendor can help you to assess your organization’s security needs and choose the right devices. - Keep up with the latest security threats.
As new threats emerge, you will need to update your devices to ensure that they are protected. - Implement a regular security patch management process.
This will help to ensure that your devices are always up to date with the latest security patches. - Educate your employees about cyber security.
Your employees are your first line of defense against cyber-attacks. Make sure that they are aware of the latest threats and how to protect themselves.
Microsoft 365 Insight # 3
New Windows 11 innovation improves security, IT management, and user experience.
Microsoft released the latest version the Windows 11 just recently. If you are looking for a new operating system for your business or personal use, Windows 11 is a great option.
Security Features in Windows 11
One of the key areas of focus for Windows 11 is security. The new features are:
- Secure Boot: This feature helps to prevent malware from infecting the computer during the boot process.
- Virtualization-based security (VBS): This feature helps to protect the computer from malware that tries to exploit vulnerabilities in the operating system.
- Windows Hello: Users can sign in to their computers using biometric authentication, such as facial recognition or fingerprint scanning.
IT Management with Windows 11
IT management features make the job of IT administrators easier:
- Windows Update for Business: IT administrators can control how Windows updates are deployed to their devices.
- Device Guard: Protects devices from malware by preventing unauthorized applications from running.
- Intune: This cloud-based service allows IT administrators to manage their devices from anywhere.
User Experience in Windows 11
The features that significantly enhance user experience include:
- A new Start menu: The new Start menu is more user-friendly and easier to navigate.
- Snap layouts: Quickly & easily arrange their windows on the screen.
- Widgets: This feature provides users with a live feed of news, weather, and other information.
Microsoft 365 Insight # 4
Microsoft recently announced the public preview of Windows 365 Boot, a new feature that allows users to boot directly into a Windows 365 cloud PC from their local device.
This feature can be used to provide users with secure and always-on access to their applications and data, regardless of their location or the state of their local device.Windows 365 Boot: Deploy the Public Preview Today!
To deploy Windows 365 Boot, you need to:
- Enroll your local devices in the Windows Insider Program Dev Channel.
- Install the Windows 365 Boot client on your local devices.
- Configure your Windows 365 Boot settings.
Once you have deployed Windows 365 Boot, users will be able to boot directly into their Windows 365 cloud PC by pressing the Windows key + F12.
This will launch the Windows 365 Boot menu, from which users can select their Windows 365 cloud PC.
Benefits of using Windows 365 Boot:
- Improved security: Protect users from malware and other threats by running their applications and data in the cloud.
- Always-on access: Users can access their applications and data from anywhere, regardless of the state of their local device.
- Increased productivity: Allows users to be more productive because they can switch between their local device and their Windows 365 cloud PC seamlessly.
Windows 365 Boot is a powerful new feature that can help organizations to improve the security and productivity of their users. If you are interested in trying out Windows 365 Boot, you can sign up for the public preview today.
Microsoft 365 Insight # 5
Accessibility Baseline: Empower users with disabilities to effectively use M365 tools and services.
The Accessibility Baseline is a set of policies and recommended settings for Microsoft 365 Apps that can help organizations to improve the accessibility of their documents. It includes features such as captioning, transcription, sign language view, and more.
The Accessibility Baseline is based on the Web Content Accessibility Guidelines (WCAG) 2.1, which are international standards for web accessibility.
What is Web Content Accessibility Guidelines (WCAG) 2.1?
Web Content Accessibility Guidelines (WCAG) 2.1 is a set of guidelines for making web content more accessible to people with disabilities. The World Wide Web Consortium (W3C) oversees it.
WCAG 2.1 is based on 4 principles:
Perceivable: People with all types of disabilities, including visual, auditory, and cognitive disabilities should be able to perceive the content.
Operable: The Content must be operable by people with disabilities, including those who use assistive technologies.
Understandable: Content must be understandable by people with disabilities, including those who have difficulty reading or understanding text.
Robust: Content must be robust enough to be accessible even when it is modified by assistive technologies or by changes in the way it is displayed.
Here are some of the benefits of making your website WCAG 2.1 compliant:
- You can improve the accessibility of your website to people with disabilities.
- You can make your website more user-friendly for everyone.
- You can improve your website’s SEO ranking.
- You can avoid legal liability.
Leveraging Accessibility Baseline features and settings in your Microsoft 365 environment:
Enable Accessibility Features in Microsoft Teams:
Microsoft Teams offers various accessibility features that can be enabled to enhance communication and collaboration. For example, you can enable a sign language view to keep interpreters and signers visible during meetings and enable captions and transcription for improved communication. You can access and configure these features through the Accessibility Settings menu in Teams.
Utilize Accessibility Features in OneNote:
OneNote provides accessibility features like transcribing and ink experiences.
With transcribe, you can record audio while taking notes and later review the transcription. This feature is helpful for lectures, presentations, or any situation where you want to capture spoken information. Ink experiences allow you to write or draw on your notes while recording audio.
Manage Transcripts & Captions in SharePoint and OneDrive:
If you store Teams meeting recordings or other videos in SharePoint or OneDrive for Business, you can now upload, download, delete, or replace the WebVTT caption files associated with them. This capability lets you correct auto-generated transcripts or add translated captions to make the content more accessible.
Non-Verbal Expressions in Outlook & Teams:
Microsoft 365 offers non-verbal ways to express quick opinions in Outlook and Teams, which can be particularly beneficial for individuals with dyslexia or fine motor disabilities.
In Outlook, you can use Reactions, such as thumbs-up, laugh, heart, celebrate, or shed a tear, to react to emails. In Teams, you can use reactions, stickers, animated GIFs, and 1-click instant polls to contribute and engage in meetings.
As a result, the Accessibility Baseline can help organizations to achieve the following benefits:
- Improved accessibility: Organizations can make their documents more accessible to people with disabilities.
- Better compliance: Organizations can easily comply with accessibility regulations, such as Section 508 of the Rehabilitation Act of 1973.
- Reduced risk: The Accessibility Baseline can help organizations to reduce the risk of legal liability for accessibility violations.
- More productivity: When employees find it easier to create and edit accessible documents, organizations grow faster.
Wrapping it Up:
In this blog post, we explored five key insights into the latest trends of Microsoft 365. These insights are based on our research and experience, and we hope that you will find them helpful as you make decisions about your Microsoft 365 future decisions.
If you are looking for a partner to help you implement these latest insights, we encourage you to contact WME. We are an established Professional & Managed It services provider with significant experience in Microsoft 365 and other Microsoft technologies. We can help you to choose the right solutions for your organization and to implement them effectively.
WME Microsoft 365 Services
We offer a wide range of professional and managed services for Microsoft 365, including:
- Deployment and configuration
- Security and compliance
- Training and support
We are committed to helping our customers achieve their business goals. We believe that Microsoft 365 is the right platform for businesses of all sizes, and we are here to help you get the most out of it.
Contact us today to learn more about our services.
