This article is contributed. See the original author and article here.

You are reading the next issue of the Infrastructure + Security: Noteworthy News series!  As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.

 

Microsoft Azure

Sign-in to Azure Active Directory using email as an alternate login ID (preview)

Many organizations want to let users sign in to Azure Active Directory (Azure AD) using the same credentials as their on-premises directory environment. With this approach, known as hybrid authentication, users only need to remember one set of credentials.  To help with the move to hybrid authentication, you can now configure Azure AD to let users sign in with an email in your verified domain as an alternate login ID.

Add a self-service sign-up user flow to an app (Preview)

Ever wish you could use B2C style user flows with B2B accounts?  Wait no longer.   You can now create user flows for apps that are built by your organization.  Once you associate the user flow with one or more applications, users who visit that app will be able to sign up and gain a guest account using the options configured in the user flow.

Check out this video for a demonstration:  https://www.youtube.com/watch?v=tFY6AjqBzLI&feature=youtu.be

Log Analytics New Query Experience – Example Queries

Pre built queries that provide an instant insight into a resource or an issue shorten the time it takes to start using Log Analytics and provide a nice way to start learning and using KQL.  We have been hard at work collecting and curating over 250 example queries, designed to provide instant value.

Top 4 tips to protect your remote workforce with data compliance in OneDrive

Microsoft is committed to helping protect your company’s most critical data as the business world changes before our eyes. For content stored in the Microsoft Cloud, that commitment starts with OneDrive.  Read this article to learn how Microsoft 365 and OneDrive helps keep your data secure and private at the same time reducing the stress on IT during compliance or litigation issues.

What’s New in Microsoft Teams | May 2020

This month, we have new meetings, calling, devices, chat, collaboration, platform, and industry features we will not want you to miss. Read on to stay up-to-date. If you are interested in our recent Microsoft Build news, check out our Teams Build blog!

 

Azure AD Connect sync V2 endpoint API (Pubic Preview)

Microsoft has deployed a new endpoint (API) for Azure AD Connect that improves the performance of the synchronization service operations to Azure Active Directory. By utilizing the new V2 endpoint, you will experience noticeable performance gains on export and import to Azure AD.

Manage your authentication phone numbers and more in new Microsoft Graph beta APIs

We’ve had a ton of requests for APIs to manage users’ authentication methods. That’s why it is so cool that today we get to announce that the first set of these APIs has reached beta in Microsoft Graph.

 

Windows Server

Azure server-side encryption with customer-managed keys now available for Azure Ultra Disks

Azure Ultra Disk customers already benefit from server-side encryption (SSE) with platform-managed keys for Azure Managed Disks enabled by default. SSE with customer-managed keys (CMK) improves on platform-managed keys by giving you control of the encryption keys to meet your compliance needs.

Changes to the Intune Exchange On-Premises Connector

Intune is deprecating the Exchange On-Premises Connector feature from the Intune service. This does not affect existing customers with an active connector, they will be able to continue using the connector for the time being.  The only customers that will be impacted are those that do not have an existing active connector. Those customers will no longer be able to create new connectors or manage on-premises EAS devices from Intune.

Windows Client

Windows Virtual Desktop media optimization for Microsoft Teams is now available in preview

With media optimization for Microsoft Teams, the Windows Desktop client handles audio and video locally for calls and meetings. You can still use Microsoft Teams on Windows Virtual Desktop with other clients without optimized calling and meetings. Teams chat and collaboration features are supported on all platforms.

Security

Key Vault bring your own key (BYOK) is now generally available

The process of importing keys from on-premises HSMs to Key Vault HSMs is generally referred to as bring your own key (BYOK). Key Vault has supported BYOK with nCipher HSMs since its launch in 2015.  The new BYOK method will enable Azure customers to use any supported on-premises HSMs to generate keys and import them into Key Vault.

Say hello to the new alert page in Microsoft Defender ATP

We are excited to announce the public preview of a completely redesigned alert page in the Microsoft Defender Security Center. The new Microsoft Defender ATP alert page will enable security researchers to more effectively triage, investigate, and take effective actions on alerts.

Azure Backup now provides protection against accidental deletion of Azure file shares

To provide protection against cyberattacks or accidental deletion, Azure Backup has added one more level of security to the Azure file shares snapshot management solution by providing protection against the accidental or malicious deletion of backed-up file shares.

What’s New: Livestream for Azure Sentinel is now released for General Availability

Livestream lets you run queries that refresh every 30 seconds and notifies you of any new results.  Creating a livestream enables you to (1) test newly created queries as events occur, (2) receive notifications from a session when a match is found, (3) promote a livestream to a detection rule to generate incidents in the future, (4) quickly launch investigations if necessary. You can quickly create a livestream session using any Log Analytics query.

How to: Password-less FIDO2 Security Key Sign-in to Windows 10 HAADJ Devices

Fido2 support for single sign-on (SSO) was introduced first for cloud resources, and then expanded to include both cloud and on-premises resources. For both cases, you can use either Azure AD joined or Hybrid Azure AD joined Windows 10 devices.  See this field experience case for to deploy in your environment.

Safe Documents in Microsoft 365 E5

Safe Documents is a feature in Microsoft 365 E5 or Microsoft 365 E5 Security that uses Microsoft Defender Advanced Threat Protection to scan documents and files that are opened in Protected View.

Detect and Remediate Illicit Consent Grants

In an illicit consent grant attack, the attacker creates an Azure-registered application that requests access to data such as contact information, email, or documents.  Learn how to recognize and remediate the illicit consent grants attack in Office 365.

Announcing general availability of Microsoft Information Protection in Power BI

Microsoft Information Protection is a built-in, intelligent, unified, and extensible solution to protect sensitive data across your enterprise – in Microsoft 365 cloud services, on-premises, third-party SaaS applications, and more.  Today we are excited to announce the general availability of Microsoft Information Protection’s sensitivity labels in Power BI. The same sensitivity labels you use to classify and label data in Microsoft365 apps can now be used to classify and label sensitive data in the Power BI service too.

A new consolidated API version in Azure Monitor Logs is now available

A new API version for Azure Monitor Logs resource provider, 2020-03-01-preview, is now available. This API supports new functionality like customer-managed keys (CMK), bring your own storage (BYOS), along with other capabilities.  The new version consolidates the functionality of all earlier versions including: 2015-03-20, 2015-11-01-preview, and 2017-04-26-preview.

Updates and Support Lifecycle

Azure Spring Cloud updates

New features in Spring Cloud that boost developer productivity, enable more DevOps scenarios, and make the platform production ready, are now available.

Recent Updates to the Microsoft 365 Admin Center

The Microsoft 365 admin center—admin.microsoft.com—is the hub of the Microsoft 365 ecosystem. As part of our ongoing efforts to improve your Microsoft 365 admin experience, we have enhanced the Settings area, enabled dark mode across most pages, added several enhancements related to Microsoft 365 Groups, and added provisioning status for Microsoft Teams.

Azure Firewall May 2020 updates

Two new key features are now available in Azure Firewall—forced tunneling and SQL FQDN filtering. Additionally, we’re increasing the limit for multiple public IP addresses from 100 to 250 for both DNAT and SNAT.

Products reaching End of Support for 2020

Microsoft Premier Support News

Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.

 

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.