1. Policy Insights in Microsoft 365 Copilot for Security: Enhancing DLP Management
Overview
Microsoft 365 Copilot for Security will now power Policy Insights
In Purview Data Loss Prevention (DLP). Now, this new feature will help admins better understand and then keep refining DLP rules with more utilizable insights on Purview coverage, notifications, classifiers, etc. This update has already begun rolling out in Nov 2024, and its general availability is expected to be there by late Feb 2025.
Note: This new feature is not available for the US government cloud users.
Impact
The new policy insights will help your admins better analyze the DLP effectiveness across different locations and classifications. They will now be able to identify sensitive info types and address any violations rather quickly.
The new tool also educates your users on prohibited activities in real-time, which means no more negligence on the pretext of lack of knowledge and more transparency, leading to better security.
More so, the insights are accessible for all policies. They will provide different views for deeper understanding depending on how you want to analyze stuff. All in all, this new Copilot-empowered feature is going to be central to organizational efforts to align their policies with their needs and achieve a strong data protection profile.
Action Needed
You need to be sure that your organization has Security Computer Units (SCUs) so you can access Copilot for Security. Remember, Copilot for security operates only on a provisioned capacity model. Admins may also need to familiarize themselves with the Policy Insights interface.
2. Microsoft Lists: Admin Control to Hide Real-Time Collaborators
Overview
Microsoft Lists comes with an admin control to hide real-time collaborators at the site collection level. This feature has been available since Dec 2024 as it allows admins to enhance privacy by using a PowerShell command to disable the visibility of collaborators in real-time.
Impact
Previously, Lists would display real-time collaborators right adjacent to Filtering and Grouping actions, at the list-item level. Now, admins can hide these collaborators for specific site collections. This way, they can address privacy concerns while allowing Lists configuration flexibility.
Action Needed
To disable this feature, run this PowerShell command:
Set-SPOSite -Identity -HidePeopleWhoHaveListsOpen $false.
No immediate action is required, though. However, you may want to review your sharing policies.
3. Microsoft Teams: App Management Unification Impact Report
Overview
Microsoft is bringing to the table a new App Management Unification Impact report. This is a tool that will help admins know the changes beforehand to preview the app/tenant settings before Teams’ unified management is implemented. This report will be available this February for tenants using Microsoft App Centric management.
Impact
The report is accessible from the Manage Apps page in the admin center. Basically, it lets admins view current app settings and tenant configurations as well as all the anticipated outcomes of unification.
This is a proactive tool to simplify adjustments so you can achieve a seamless transition to unified management. There will be insights both from the Teams admin center and the M365 admin center’s Integrated Apps page.
Action Needed
Run the App Management Unification Impact report to see the coming changes early and assess their impact:
- Review apps, agents, current configurations, etc.
- Know the projected outcomes based on merge logic.
- Make necessary adjustments.
Coordinate with relevant teams to prepare for this rollout.
4. Certificate-Based Authentication Changes: Full Enforcement Mode Reminder
Overview
Starting Feb 2025, Windows domain controllers (DCs) are going to enforce Full Enforcement mode for certificate-based authentication. Any certificates failing to meet mapping requirements will see denied authentication. This change definitely enhances security and follows a phased implementation timeline outlined in KB5014754. Your organization can revert back to Compatibility mode until September 2025.
Impact
Any devices that receive this security update will default to Full Enforcement mode. If there is an authentication failure, it will trigger Event ID 39 ( Event ID 41 for older servers). After Sept 2025, reverting to the registry value 1 will no longer be possible. After this date, you will have to comply with Full Enforcement.
Action Needed
Review KB5014754 for guidance on Full Enforcement mode. There, you will find info on registry key configurations and mapping requirements.
Prepare your environment:
- Ensure certificates fulfill the mapping needs.
- Update devices before Sept 2025.
- Address any compatibility issues proactively.
5. January 2025 Windows Security Update
Overview
All the supported Windows versions can now avail the January 2025 Windows security update. The update brings critical security changes. For Windows 11, version 24H2, the most noteworthy changes are coming to the servicing stack along with the integration of Dec 2024 improvements (KB5048667). The vulnerable driver blocklist has also been updated to bolster protection.
Impact
The update is sure to enhance stability in Windows platforms. The vulnerabilities being addressed will definitely ensure the OS is resilient against any evolving threats, especially the latest ones related to drivers’ vulnerabilities. Both admins and Windows users are going to benefit from improved servicing stack functionality and enhanced security against malicious drivers.
Action Needed
Promptly install the updates. Refer to the following KB articles for instructions:
Windows 11:
- Version 24H2: KB5050009
- Versions 23H2, 22H2: KB5050021
Windows 10:
- Versions 22H2, 21H2: KB5049981
- LTSC 2019 & Server 2019: KB5050008
- LTSB 2016 & Server 2016: KB5049993
- LTSB 2015: KB5050013
Windows Server:
- Server 2025: KB5050009
- Server 2022: KB5049983
- Server 2012 R2: KB5050048 (Monthly Rollup)
- Server 2012: KB5050004 (Monthly Rollup)
- Server 2008 R2 SP1: KB5050049 (Monthly Rollup), KB5050006 (Security Only)
- Server 2008 SP2: KB5050063 (Monthly Rollup), KB5050061 (Security Only)
For more details, you can visit the Windows update history pages on Microsoft’s website.
6. Yammer: Multiple Networks Within a Single Tenant No Longer Supported
Overview
Yammer is now eliminating the option of multiple networks in a single M365 tenant, no more Microsoft-backed support. The process has already started and March 2025 will see its completion as all secondary networks will be consolidated into the primary network.
This shift comes as a measure to align Yammer with Microsoft 365 boundaries. Basically, the change allows upgrades to Native Mode for enhanced compliance. Secondary networks with their groups will no longer be accessible after March.
Impact
If your organization is using Yammer network, you can experience the following:
- Loss of secondary networks: Users will be migrated to the primary network. However, groups/data will not transfer.
- Automated consolidation: You can initiate the consolidation yourself, or Microsoft will manage everything as per the schedule mentioned above.
Action Needed
To prepare for this change:
- Export data: Perform a full data export of secondary networks before consolidation. See Yammer’s data export guide.
- Be sure of your data and groups: Initiate consolidation at a time that works for you. Don’t just sit and wait for Microsoft to do everything.
- Contact support for exceptions.
For organizations opting to wait, Microsoft will notify them of the schedule via the Message Center.
7. Update on Teams PowerShell Cmdlets: Deprecation Delayed
Overview
Microsoft has postponed the deprecation of the following
cmdlets in the Teams PowerShell Module:
- Get-CsOnlineUser
- Get-CsDialPlan
- Get-CsUserPolicyAssignment
The rollout will now begin in mid-Feb 2025 and will finish in the same month. The change of plan also impacts the DialPlan and LocationProfile attributes associated with these cmdlets.
Impact
After the deprecation, admins won’t be able to:
- Use Get-CsDialPlan.
- Access DialPlan via Get-CsOnlineUser.
- Access LocationProfile via Get-CsUserPolicyAssignment.
Admins can use the Get-CsEffectiveTenantDialPlan cmdlet to review dial plans. This change may affect Teams Phone services in your organization, so it’s essential to adjust relevant processes, if any.
Action Needed
No immediate action is required. Notify teams about this change and its timeline.
8. Microsoft Teams: New Streamlined Chat and Channels Experience
Overview
The new Teams Chat and Channels experience has been delayed to late March 2025. It was initially planned to be rolled out in late Jan 2025.
The anticipated change will combine everything: chats, teams, and channels into one view, and there will be exciting options for customization filters, with a unified @mention view improving your conversation and productivity management in an unprecedented manner.
Impact
The change will provide users with a single, streamlined view of everything you typically use in Teams.
Users can eventually:
- Benefit from, new filters: Unread, Meetings, Channels, etc.
- Access an @mention view.
- Quickly jump to key conversations with Ctrl+G on Windows and Cmd+G on Mac.
Most importantly, the update marks a new beginning as it also brings new onboarding flows to help users develop a habit of getting started without IT involvement.
Action Needed
No admin action is required. The rollout happens automatically.
Windows Management Experts
Now A Microsoft Solutions Partner for:
✓ Data & AI
✓ Digital and App Innovation
✓ Infrastructure
✓ Security
The Solutions Partner badge highlights WME’s excellence and commitment. Microsoft’s thorough evaluation ensures we’re skilled, deliver successful projects, and prioritize security over everything. This positions WME in a global tech community, ready to innovate on the cloud for your evolving business needs.
Unlock the Full Potential of Microsoft 365
Keep your business at the cutting edge with the latest Microsoft 365 enhancements. The future of work is evolving. Are you ready? Connect with our experts today to ensure your Microsoft 365 & Azure systems are secure and future-proof.
