Month: May 2024
Uplevel collaborative notetaking with Loop components in OneNote
We’re excited to announce that you can now harness the power of Loop components in OneNote apps on the Web, Windows, and Teams. With multiple Loop component types to create on OneNote, collaborative notetaking has never been more seamless in your digital notebook.
What are Loop components?
Loop components are sharable, editable pieces of content, such as lists, tables, and tasks, that are accessible and stay in sync across all the places they’re added across M365 apps. They represent the most elemental portable piece of a Loop workspace, and by using them in your notebooks, you can remain focused on your personal content while collaborating with others in real time without having to switch between different apps. without having to switch between different apps.
An image demonstrating Loop components used for real time collaboration on a meeting agenda and notes on the canvas of OneNote.
To get started with Loop components in OneNote, click on Loop Components under the Insert tab from the OneNote apps for the Web, Windows, or Teams.
A snapshot of the Insert tab on the ribbon of the OneNote Windows app containing the Loop components option.
Multiple relevant Loop component types for a truly collaborative notetaking
Choose and insert from a dozen different Loop component types right from the Insert tab on your ribbon. These components are aimed to help you and your team with the most common scenarios for collaborative notetaking, such as a task list, progress tracker, and kanban board.
An image showcasing different Loop components available for insertion when clicking on the Loop components option from the Insert tab on the ribbon.
Real time collaboration, across Microsoft 365
Get more done right from your notebook with Loop components, which stays in sync across chats, emails, meetings, or documents in real time. Loop components created from any of the eligible M365 apps can be pasted in OneNote and vice versa. Learn more about what apps that currently support Loop components from our support article.
An animated gif demonstrating Loop components pasted in a Teams chat and on a OneNote canvas being edited and syncing in real time.
Bring your team together with added collaboration features
With Loop components comes an added array of collaboration features including @mentions, comments, and reactions. In addition, Loop components are always live, which means you get to see who’s viewing or editing the Loop component on your OneNote page.
An image demonstrating @mentions functionality within a Loop component on OneNote canvas.
Scenarios to try
Create or paste a task list Loop component to keep track of your work items, while staying in sync with Planner and To Do.
An image showing a task list Loop components on the OneNote canvas with tasks assigned to various individuals along with due dates.
Create a progress tracker Loop component within a page in the OneNote-powered Notes tab of your Teams channel to collaborate with your team members on a project. Tag owners to specific work areas to track and accelerate progress.
Collaborate in real time on shared agendas and notes with your team members for your upcoming meetings right from your notebook. Enhance your workflow by having your shared notes right next to your personal notes on the same notebook page.
Improve organization and reduce context switching by consolidating Loop components on OneNote pages.
Availability and requirements
Accessing Microsoft Loop and Loop components in OneNote requires a commercial M365 subscription.
Loop components in OneNote are generally available to users on our Web and Teams apps and will soon be available to users on our Windows Desktop app starting June 2024. Learn more and keep track of the rollout status and platform availability of the latest OneNote features from our Microsoft 365 roadmap!
Note: Loop components are being gradually rolled out and are made available through your work account. Within OneNote, Loop components are available only if your organization allows creation of links that can be edited or viewed by anyone in the organization. Loop components are being rolled out to Windows, Web, and Teams but are not yet available in OneNote for mobile or Mac/iOS. Loop components in OneNote app for the Web and Teams may be available only to targeted release users in your organization and available via Insiders Beta for the OneNote Windows desktop app.
Feedback
We want to hear about your experience! Please share your feedback by selecting Help > Feedback in OneNote on Windows, or by selecting Help > Give Feedback to Microsoft in OneNote for the web.
Please also feel free to navigate to our FAQ for questions specifically about Loop components in OneNote.
Microsoft Tech Community – Latest Blogs –Read More
Cost Optimization for General Purpose VMs using Hibernation now Generally Available
During Microsoft Ignite 2023, we previewed the ability to hibernate VMs, making it easier for customers to save Compute costs. Hibernating a VM deallocates the machine while persisting the VM’s in-memory state. While the VM is hibernated, customers don’t pay for the Compute costs associated with the VM and only pay for storage and networking resources associated with the VM. Customers can later start back these VMs when needed and all their apps and processes that were previously running simply resume from their last state.
Today we are excited to announce that hibernation for general-purpose VMs is now generally available. In addition, customers can now use hibernation with new VM deployments as well as their existing VMs and save more costs.
Use cases
Hibernating VMs is an effective cost management feature for scenarios such as:
Virtual desktops, dev/test – customers can hibernate their machines after business hours and resume their machines the next morning without needing to reopen their apps.
Prewarmed VMs – customers running VMs with apps that have long initialization times due to the memory components, can bring up the apps and hibernate the VMs. Later, these “prewarmed” VMs can be quickly started when needed, with the applications up and running in the desired state.
Customer and Partner testimonials
Several customers and partners used hibernation during preview and shared their feedback.
“We use Azure Virtual Desktop where we used to stop VMs outside working hours. Therefore, when starting work the next day, it was inefficient as we needed to manually start the applications and remember the state of the previous day’s work. However, with the introduction of the hibernation feature, we can now start work while retaining the desktop state from the previous day, greatly improving efficiency. This allows for a balance between cost and convenience. NEC has been using hibernation during preview, and I myself have been using it and experiencing its benefits. With the feature being generally available, we are considering incorporating it into the overall power management system, and anticipate more benefits. Therefore, we plan to apply it to 90,000 single-session AVDs within NEC.” – Oguchi Kazuhiro (小口 和弘) – Executive Professional, ITSM – NEC Corporation.
“As part of our goal to optimize power consumption and costs for our customers, and as a long-time Azure partner providing global virtual desktops to Global 2000 enterprises around the world, Workspot is excited to offer VM hibernation capabilities to our customers, immediately. As part of the preview team, Workspot has worked closely with Microsoft to deliver the ability to hibernate and then resume virtual desktops, saving our joint customers the associated costs in Compute resources while they are away. Workspot delivers this hibernation capability in a seamless manner with no interaction needed by the end-user.” – Jimmy Chang, Chief Product Officer, Workspot.
Getting started with Hibernation
Hibernation is generally available for general purpose Intel and AMD VM sizes. Both Linux and Windows Operating Systems are supported. Hibernation for GPU VM sizes is in public preview.
Hibernation is available in all public regions. You can get started with hibernation using Azure Portal, PowerShell, CLI, ARM, SDKs, and APIs. For more details on how to get started with hibernation, refer to the product documentation.
In addition, customers using Azure Virtual Desktop, Citrix DaaS and Workspot on Azure can take advantage of hibernation today and further optimize costs.
Microsoft Tech Community – Latest Blogs –Read More
Updates for Town Hall in Microsoft Teams and Teams Live Events
Our goal in Teams is to make hybrid work and communication easier and more inclusive than ever before. This pursuit is core to the effort we put into creating meaningful connections between people through our end-to-end events platforms, whether one-to-one meetings or large one-to-many hosted digital events. We introduced our new digital streaming event solution for large events, town hall, in September 2023. Town hall has continued to drive new, exciting experiences for our customers, such as the ability to bring multiple presenters on stage, send out attendee emails, and see real-time health analytics for the event. As we move forward, we are excited to continue to share our latest features with you and let you know what to expect from town hall in the next year.
Additionally, we will not retire Teams Live Events in September 2024, as previously announced. Town hall will continue to be the platform where our new features and value land, and we encourage Teams Live Events users to take advantage of these new innovations by upgrading to town hall when ready. We’ve spoken with customers and understand how important it is to ensure a smooth transition to town hall. We are committed to making it as easy and beneficial as possible for customers to experiment, adopt, and implement town hall as their destination for large-scale digital events, as well as allow customers to upgrade from Live Events to town hall on their own schedule. In the coming days, customers who are still using Teams Live Events, and wish to continue to do so past September 30th, 2024, will be able to schedule Teams Live Events instances beyond this date.
Updates about features that will be rolling out to town hall can be found on our town hall adoption page, and we will communicate future updates about Teams Live Events plans via blogs, MC posts, and any other forums where this announcement is distributed.
Town hall innovations deliver new ways to engage your audience
Town hall adoption continues to grow as we continue to prioritize driving new value for our users. In the last quarter, we saw significant increases in new customers trying town hall, total usage, and the number of hosted events. Our mission is to continue to add new additional capabilities to town hall that make your streaming digital events more impactful to audiences and more seamless to execute. As we look ahead to the coming year, we will be delivering key features to continue to build on the highly engaging and interactive experiences that town hall delivers. Attendees will soon be able to express their feedback and engagement through live reactions, streaming chat and presenters can interact with their audience via raise hands. Advanced production experiences such as the producer role, queuing shared content and preview scene support are also coming to town hall, providing a new level of event execution capabilities.
When we initially announced town hall in September of 2023, we made our users aware that we would continue to release town hall features that provide a similar experience in town hall as Teams Live Events. In the next twelve months, we plan to continue to focus on these areas in town hall to ensure that we provide the same feature effectiveness that customers have come to expect from Teams Live Events. Some key features that will be available in town hall in the next year to help achieve this effectiveness include:
Engagement capabilities (certain Q&A functions: voting, filters, sorting, and archive questions; export questions to CSVdownload Q&A report)
Device capabilities (MTR-W support for presenters and attendees and CVI and VDI support)
Advanced production experiences such as producer role, queuing shared content, and preview scenes.
The combination of ease of use and adoption of town hall, achieving feature effectiveness between the Live Events and town hall, and the new additive value that is exclusive to town hall going forward are all great reasons for current Live Events users to consider upgrading to town hall to take advantage of what we are building.
For the latest updates, feature timelines, and news about what is coming for Teams town hall, please visit our town hall adoption page.
Microsoft Tech Community – Latest Blogs –Read More
Best Practices to Manage and Mitigate Security Recommendations
In the fast-evolving landscape of cloud security, Microsoft Defender for Cloud (MDC) stands as a robust Cloud Native Application Protection Platform (CNAPP). One of its standout features is the premium Cloud Security Posture Management (CSPM) solution, known as Defender CSPM. Among the myriads of advanced capabilities offered by Defender CSPM, the “Governance Rule” feature is a game-changer. This empowers security teams to streamline and automate the assignment, management, and tracking of security recommendations.
In this blog, we’ll delve into best practices for leveraging Governance Rule to ensure effective, efficient, and timely remediation actions and explore practical use cases for maximizing its potential.
Understanding Governance Rule
Governance Rule in Defender CSPM is designed to simplify the management of security recommendations by enhancing accountability. You can define rules that assign an owner and a due date for addressing recommendations for specific resources. This provides resource owners with a clear set of tasks and deadlines for remediating recommendations. By making the assignment and tracking of these tasks more visible, Governance Rule ensures that critical security issues are promptly addressed, reducing the risk of breaches and enhancing overall security posture.
Best Practices for Utilizing Governance Rule
Define Clear Remediation Ownership
Assigning remediation tasks to specific owners is crucial for accountability. Governance Rule allows you to specify who is responsible for each security recommendation. Ensure that each task is assigned to the most appropriate individual or team with the necessary expertise and authority to address the issue. Clear ownership helps avoid confusion and ensures that remediation actions are taken seriously.
Set Realistic ETAs and Grace Periods
Establishing realistic Estimated Time of Arrival (ETA) and grace periods for remediation tasks is essential for maintaining a balance between urgency and feasibility. Overly aggressive timelines can lead to rushed and potentially ineffective fixes, while overly lenient deadlines may delay critical security improvements. Analyze the complexity and impact of each security finding to set achievable timelines that encourage timely resolution without compromising quality.
Prioritize Based on Risk
Not all security recommendations are created equal. Use severity-based prioritization to determine which issues need immediate attention and which can be scheduled for later remediation. Defender CSPM’s Governance Rule allows you to categorize tasks based on their severity and potential impact on your organization’s security posture. Focus on high-severity findings first to mitigate the most significant threats promptly.
Automate Workflow Integration
Leverage the automation capabilities of Governance Rule to integrate remediation workflows with your existing security tools and processes. Automated notifications, status updates, and task assignments can significantly reduce manual effort and improve coordination across teams. By integrating these workflows, you ensure that security recommendations are seamlessly managed from detection to resolution.
Regularly Monitor and Adjust Rules
The dynamic nature of cloud environments means that security needs can change rapidly. Regularly review and adjust your Governance Rules to ensure they remain aligned with your organization’s security objectives and compliance requirements. Monitor the performance of these rules and gather feedback from your security teams to identify areas for improvement.
Foster a Culture of Continuous Improvement
Encourage a culture where continuous improvement is the norm. Use insights gained from the Governance Rule feature to identify recurring security issues and root causes. Implement lessons learned to refine your security policies and practices, reducing the likelihood of similar issues arising in the future.
Before you begin
The Defender Cloud Security Posture Management (CSPM) plan must be enabled.
You need Contributor, Security Admin, or Owner permissions on the Azure subscriptions.
For AWS accounts and GCP projects, you need Contributor, Security Admin, or Owner permissions on the Defender for Cloud AWS or GCP connectors.
Using Governance Rule Priorities in Microsoft Defender for Cloud: A Practical Use Case
The Governance Rule feature in Microsoft Defender for Cloud (MDC) offers a powerful way to prioritize and manage security recommendations by assigning a Priority value from 1 (highest) to 1000 (lowest). This granularity allows organizations to tailor their remediation efforts based on the criticality of the issues at hand. Let’s explore a practical use case to illustrate how setting multiple rules with different priorities can enhance your security posture.
Multi-Tiered Security Remediation Strategy
Scenario: An organization operates a cloud infrastructure that supports various critical business functions, including financial transactions, customer data management, and internal communication systems. Each of these functions has different security requirements and a potential impact on the business if compromised.
Objective: To implement a multi-tiered security remediation strategy that ensures the most critical security issues are addressed first, while less critical issues are still managed effectively within appropriate timelines.
Step-by-Step Implementation
Identify Security Segments and Their Impact:
Tier 1: High-impact areas such as financial transaction systems and customer data management. Compromise in these areas could lead to significant financial loss and regulatory penalties.
Tier 2: Medium-impact areas such as internal communication systems and non-critical business applications. Breaches here could disrupt operations but with manageable consequences.
Tier 3: Low-impact areas such as development and testing environments. Issues here have a minimal immediate impact on business operations.
Set Governance Rules with Priorities:
Rule 1: High Priority (1-100)
Criteria: Security recommendations related to Tier 1 systems.
Priority Value: 1-100
Description: Assign the highest priority to vulnerabilities and security findings in financial transaction systems and customer data management platforms. These tasks should be addressed immediately to prevent significant damage.
Rule 2: Medium Priority (101-500)
Criteria: Security recommendations related to Tier 2 systems.
Priority Value: 101-500
Description: Assign a medium priority to issues in internal communication systems and non-critical business applications. These should be remediated promptly but can be scheduled after Tier 1 issues are addressed.
Rule 3: Low Priority (501-1000)
Criteria: Security recommendations related to Tier 3 systems.
Priority Value: 501-1000
Description: Assign the lowest priority to findings in development and testing environments. While still important, these issues can be managed with a longer timeline, focusing on addressing them during regular maintenance cycles.
Automate and Monitor:
Use MDC’s Governance Rule automation to assign these tasks to appropriate teams or individuals based on their expertise.
Set up automated notifications and tracking to ensure that each priority level is being addressed according to the defined timelines.
Regularly review the progress and adjust priorities as necessary based on new findings, business impact analysis, and changes in the threat landscape.
Benefits of Multi-Priority Governance Rules
Focused Resource Allocation: Ensures that critical resources are directed towards addressing the most impactful security issues first, optimizing the use of your security team’s time and expertise.
Risk Management: Reduces the risk of severe breaches by prioritizing high-impact areas, thereby protecting essential business functions.
Scalability: As the organization grows and the cloud environment evolves, this prioritization strategy can scale to include new systems and adjust to changing priorities.
Efficiency: Automated workflows and clear prioritization reduce the time spent on manual task assignment and tracking, increasing overall operational efficiency
Leveraging Governance Rule Conditions for Efficient Remediation
The Governance Rule feature in Microsoft Defender for Cloud allows for detailed configuration of conditions, making it a versatile tool for managing remediation tasks. Here are some key conditions and their valuable use cases:
Impacted Recommendations: By Severity or By Specific Recommendation
Set Owner: By Resource Tag or By Email Address (one address only)
Set Remediation Timeframe: 7, 14, 30, 90 days with an option to set an equal Grace Period so the recommendation doesn’t affect the Secure Score
Set Email Notifications: Notify owners weekly about open and overdue tasks, notify the owner’s direct manager weekly about open and overdue tasks. Email configuration day of the week – select a day of the week.
Use Case 1: Prioritizing High-Severity Recommendations
Condition Configuration:
Impacted Recommendations: By Severity (High)
Set Owner: By Resource Tag (e.g., “HighPriorityTeam”)
Set Remediation Timeframe: 7 days with an equal grace period
Set Email Notifications: Notify owners weekly about open and overdue tasks, email configuration day: Monday
Description: This use case focuses on ensuring that high-severity security recommendations are addressed with utmost urgency. By assigning these tasks to a dedicated high-priority team and setting a tight remediation timeframe, critical vulnerabilities are mitigated quickly. Weekly email notifications keep the owners informed, ensuring accountability and prompt action.
Use Case 2: Managing Specific Recommendations for Compliance
Condition Configuration:
Impacted Recommendations: By Specific Recommendation (e.g., “Enable Multi-Factor Authentication”)
Set Owner: By Email Address (specific compliance officer)
Set Remediation Timeframe: 30 days with an equal grace period
Set Email Notifications: Notify owners weekly about open and overdue tasks, notify the owner’s direct manager weekly about open and overdue tasks, email configuration day: Wednesday
Description: Certain security recommendations are crucial for compliance with regulatory requirements. By targeting specific recommendations, such as enabling multi-factor authentication, and assigning them to a compliance officer, organizations can ensure these critical tasks are completed within a reasonable timeframe. The grace period prevents these tasks from negatively impacting the Secure Score while they are being addressed. Regular notifications keep everyone on track.
Use Case 3: Efficient Resource Tag-Based Assignment
Condition Configuration:
Impacted Recommendations: By Severity (Medium)
Set Owner: By Resource Tag (e.g., “AppTeam”)
Set Remediation Timeframe: 14 days with an equal grace period
Set Email Notifications: Notify owners weekly about open and overdue tasks, email configuration day: Thursday
Description: For medium-severity issues, assigning tasks based on resource tags allows for efficient distribution of remediation efforts among different teams. This use case assigns recommendations to the application development team, ensuring they handle vulnerabilities related to their specific domain. The 14-day remediation period is sufficient to address these issues without overwhelming the team, while weekly notifications help maintain progress.
Use Case 4: Long-Term Low-Severity Management
Condition Configuration:
Impacted Recommendations: By Severity (Low)
Set Owner: By Email Address (general IT team lead)
Set Remediation Timeframe: 90 days with an equal grace period
Set Email Notifications: Notify owners weekly about open and overdue tasks, email configuration day: Friday
Description: Low-severity recommendations, while still important, can be managed over a longer period. This case assigns these tasks to the general IT team lead, allowing for a 90-day remediation period. The extended timeframe ensures that these issues are addressed without detracting them from more urgent tasks. Weekly notifications ensure that these tasks are not forgotten and are completed within the set period.
Use Case 5: Weekly Review and Reporting
Condition Configuration:
Impacted Recommendations: By Severity (All)
Set Owner: By Resource Tag (e.g., “SecurityOps”)
Set Remediation Timeframe: 30 days with an equal grace period
Set Email Notifications: Notify owners weekly about open and overdue tasks, email configuration day: Monday
Description: A comprehensive approach to managing all levels involves setting a 30-day remediation period for all recommendations and assigning them to the Security Operations team. Weekly notifications sent every Monday keep the team updated on open and overdue tasks, ensuring continuous review and progress on all security recommendations.
Integrating ServiceNow with Governance Rules in Microsoft Defender for Cloud
The integration of ServiceNow with Defender for Cloud allows you to create governance rules that automatically open tickets in ServiceNow for specific recommendations or severity levels. This capability provides significant value by enabling seamless collaboration between the two platforms. With ServiceNow tickets being created, viewed, and linked to recommendations directly from Defender for Cloud, organizations can streamline their incident management process. This integration ensures that security recommendations are promptly addressed, facilitating efficient and effective remediation efforts, and enhancing the overall security posture by providing clear visibility and accountability for each task.
For more detailed instructions, refer to the official documentation.
Conclusion
By configuring Governance Rules with specific conditions tailored to your organization’s needs, you can create a structured and efficient remediation process. Whether it’s prioritizing high-severity issues, managing compliance-related recommendations, or ensuring long-term management of low-severity findings, the flexible configuration options in MDC’s Governance Rule feature allow for a highly effective security strategy. Implementing these use cases will help your organization maintain a strong security posture, ensuring timely and efficient remediation actions across all areas of your cloud infrastructure.
The Governance Rule feature in Microsoft Defender CSPM is a powerful tool that can transform how organizations manage and mitigate security recommendations. By following these best practices, security teams can enhance their efficiency, effectiveness, and responsiveness to security findings. Embrace the capabilities of Governance Rule to stay ahead in the ever-changing world of cloud security, ensuring that your security measures are not only reactive but also proactive and adaptive.
Additional Resources
Watch a demonstration on how to use Governance Rule in this episode of Defender for Coud in the Field
Download the new Microsoft CNAPP eBook at aka.ms/MSCNAPP
Become a Defender for Cloud Ninja by taking the assessment at aka.ms/MDCNinja
Reviewers
Yuri Diogenes, Principal PM Manager, CxE Defender for Cloud
Tal Rosler, Senior PM lead, Microsoft Defender for Cloud
Microsoft Tech Community – Latest Blogs –Read More
