Episode 176 – April Showers Bring May Microsoft 365 Updates

Episode 176 – April Showers Bring May Microsoft 365 Updates

In Episode 176, Ben and Scott dive into the April announcements around feature updates to Microsoft Teams, Microsoft Threat Protection, and Azure Active Directory.

- Welcome to Episode 176 of the Microsoft Cloud IT Pro Podcast, recorded live on May 1, 2020. This is the show about Microsoft 365 and Azure from the perspective of IT pros and end users. Where we discuss a topic or recent news and how it relates to you. In this episode, Scott and Ben discuss some of the recent news from the month of April, including some upcoming conferences, Azure AD Security, and Microsoft Teams.

- I feel like April was never going to end.

- Well, it has, I mean, it's still might not have, but officially on the calendar it has. In our brains and collective consciousness it may have not.

- Yes, but the good news is, at least here in Florida, we are slowly starting to open back up. The question is, are you going to go out and do anything, now that it's opened back up?

- Well, we chose to open on our day of highest deaths. So my personal approach is to stay home a little bit while longer.

- You've already had it, you're immune.

- We'll see, I'm thinking about paying the 120 bucks to get the test, just to find out.

- Are you just to find out if you had it or not?

- Yeah, some of the labs are starting to get it. So Quest has one.

- Got it, interesting.

- And less little antibody test.

- I saw the mall, town center is going to open Monday, I think is what I saw. So yeah, stores, restaurants, I think they said are gonna open, but they have to be at 20% capacity. I think it was or 25% capacity.

- Yep, 25 here.

- So, we'll see. We haven't gone out and done a whole lot. We've started to see a few more people. I'm getting kind of stir-crazy and I don't know, like, I feel like we've flattened the curve and we don't need to talk about this too long 'cause we have other topics to talk about. But it's like at what point in time do you just have to start going out? Because obviously vaccines are gonna be a long way off. It feel like the curve is starting to flatten out. So I'm kind of getting close to that approach of, "All right, it's time to start getting out, "seeing some people doing some normal activities again." So yeah, my two cents.

- Slowly but surely, like get back out, see family, things like that, where you can and where it makes sense.

- And that's what we did. My wife's family came over the other day and they didn't even come inside. We actually just sat outside at the picnic tables, in the park next to our house. And it was her sister's birthday, so it was fun. It was fun to see them, we hadn't seen them in like a month. So all good, but there's some other events coming up now too, that are free. So there's some silver lining in all of this. There are some free events coming up that people can participate in.

- Nice, what type of free events are coming?

- Yes, what type of free events? So as an IT pro and as an IT pro-ish podcast, one may or may not appeal to a bunch of our audience, but Build, I have never been to a Build. This year I'm going to Build Scott, virtually because it's free and it's virtual. So that is one of the events coming up. I think you registered for it the other day. I registered for it last night. So I am going to try to keep some of the sessions. Sometimes there's some interesting things that come out of Build, especially around late Visual Studio Code or some of the PowerShell or source control stuff that I use with my PowerShell. There's always stuff that comes out around Azure and things that, well, we may not go Build applications. They still can be applicable to IT pros in terms of how you manage what developers may try to do to your environment based on new capabilities being released. So even though I'm not a developer, I still try to keep track of some of those developer-ish type conferences.

- Yeah, so I think there's some exciting things that they have planned this year, if anything, just in the delivery model that they're going to use for it. So not only is registration open and certainly you should go register because it is a free event. I think there's some constraints there for a lot of us. Like one of the things I love about, you know, going to conferences, isn't just the networking. Like that's certainly valuable. But if you are going to go to sessions, you're there and it's much easier to go and not be distracted by work. So I think lots of people are gonna be potentially competing for work over May 19 and 20 while this goes on, but it's gonna be a 48-hour event and it's gonna be running for 48 hours straight, which means you're going to have coverage in geographies, which would typically feel like they would have to miss out on an event like this, just due to time of day. So if you think about folks over in Australia, and APAC, and certainly Europe and things like that, everybody is going to be able to get in on the fun.

- Yeah, it should be good. And there's another one coming up that will be short. Let me think, it'll be the day after this recording goes live. Office 365 Nashville is doing a virtual one. So Daniel Glenn is kinda spearheading that one and that one is going to be on May 8. So this episode should come out May 7. I think registration will still be open, but it's a free virtual event that you can go sign up for. I'm actually speaking at that one because it was virtual and enabled me to speak at that one. So that one's coming up, we'll put a link in that one, if you wanna go register there. And then there's also one that Joel Oleson is doing. I can't remember the name of it right now, but we'll put it in the show notes.

- Yeah, My 365 something or on there.

- Yeah, it was gonna be like the virtual Olympics and then they ran into like some trademark issues because apparently Olympics is trademarked. Imagine that, who saw that one coming? Marathon, Virtual Marathon, I think is what it is. But it's another Microsoft 365 free Virtual Marathon. I think that one's like 36 hours straight. And I've seen like, he's trying to get 900 live sessions over the course of 36 hours.

- That's gonna be quite a bit.

- Yes, we will find the link for that and put that in the show notes as well.

- Outlook add-ins are a great way to improve productivity and save time in the workplace. And Sperry Software has all the add-ins you'll ever need. The Save As PDF add-in is a best seller and is great for project backups, legal discovery, and more. This add-in saves the email and attachments as PDF files. It's easy to download, easy to install, and Sperry Software's unparalleled customer service is always ready to help. Download a free trial at SperrySoftware.com. S-P-E-R-R-Y-S-O-F-T-W-A-R-E.com and see for yourself how great Save As PDF is. Listeners can get 20% off their order today by entering the code cloudIT. That's cloudIT, C-L-O-U-D-I-T all one word at checkout. Sperry Software, work in email, not on email.

- Those are all the events I have. Do you have any other ones that I didn't think of?

- No, we did just have the Virtual Azure Global Bootcamp, which passed. But lots of these sessions for that were recorded. So if anybody did miss the 2020 Azure Virtual Bootcamp, just hop on YouTube and search around for some of those videos and things that came out from all the wonderful speakers who put their time into it.

- All right, sounds good. Yeah, we didn't do much here because it was all virtual. So who knows if they do kind of an in person one later this year, maybe we'll try to jump on, maybe we'll just have to wait for round two and come back to it in 2021.

- It'll still be there.

- Yep, it will, hopefully I'll in person again. So there was also some news that came out these past few weeks, different things around Azure, some office 365 stuff, some Azure AD stuff, some that spans all of them like Windows Virtual Desktop. So we decided we'd just dive into some of these news articles that have our news announcements that have come out over the last few days. Take your pick. Which one would you like to start with?

- Let's see, I always like the identity stuff. I think they've done some good things there for customers, especially as some of the licensing has opened up like bringing Azure AD Premium P1 to the Microsoft 365 business here and things like that. And they're starting to open up the platform more and more for all customers. Which is always nice to see, especially in these times when everyone is working at home or remotely, or if anything, just on the go more than they are. I think that whole Zero Trust Model around identity and securing your identities and gating your access to all these resources, is super important. So one of the things they've done there is they've extended the ability to use Azure AD single sign-on for an unlimited number of cloud apps at no extra cost. And that's across every SKUs. So now in the past, you would have been limited in the number of cloud apps that you could add to a user. And then also the number that you could potentially perform SSO against your Azure Active Directory with. So this is using SSO with Azure AD, whether you're federated or unfederated. And like I said, it's available across all of the pricing tiers or SKUs of Azure AD, even Azure Active Directory free.

- Perfect, 'cause this used to be, I think the limit used to be 10, right? I think it was 10 apps.

- 10 apps, yeah but you were even limited within SKUs by how many apps you could have and some could have 10 cloud apps, but not SSO. And others could have 10 cloud apps with SSO. So now it's just open across the board, which is much nicer. I mean, it's more consumable. So you make those things more readily available and hopefully people actually use them. You know, that would be the next step is going out and getting folks to light up that feature and actually turn some of that stuff on.

- Well, and this is, like apps that are not native Office 365 apps to it. If you're doing third party apps or developing your own apps, this applies to those apps. Before it was like all the included apps were kind of excluded from those limits. They were all considered bundled in, but this is other apps that you set up SSL with, set up SAML authentication with, whatever he might be doing.

- I mean, it's interesting, like you talked about the Azure AD Premium coming to business and some of that, well, I get that some of these features cost Microsoft more money to let users use because of resources and whatever, by giving these to everybody, it's also helping Microsoft. Because the more people that roll this type of stuff out, the more secure the Cloud platform is gonna be. Because if everybody on Office 365 and Azure AD is using MFA, it's going to help Microsoft from a security perspective, protect their own platform by kind of minimizing those, their footprint, minimizing the security risks that are enabled by rolling these out to everybody and including them with all the plans.

- I also think it makes some of the security services more valuable. So if you look at the way Microsoft approaches machine learning for a couple of their different security products, if you think about risk-based sign-on with conditional access through identity protection, and even some of the features may be inside security products, like the Microsoft Threat Protection Suite or Azure Sentinel, things like that. They rely on signals. And the more signals there are, the better those services are going to become for everybody. In some cases yes, it's probably a little bit of loss on the money side, but it's potentially a gain in the features that you can offer in some of those other super sweet products that kind of build on top of everything that's there and make those true differentiators kind of across the market.

- Yeah, which there was another security. We'll keep moving on through the news. There was another security feature that there was a change to this past week. And that was the Microsoft Threat Protection is now gonna automatically be turned on for any eligible license holders effective June 1 of 2020. So approximately exactly one month from the day we're recording this. If you are licensed for Microsoft Threat Protection, which is, this isn't gonna be your lower SKU. So this is going to be Microsoft 365 E5, Microsoft 365 E5 Security, Windows 10 Enterprise E5, EMS E5, Office 365 E5. Are you getting the pattern here?

- Yes.

- And then some of those other plans like Microsoft Defender, Advanced Threat Protection, Azure Advanced Threat Protection, Cloud App Security, and then Office 365 Advanced Threat Protection Plan two.

- Some of those are interesting though, the E5s, they make total sense, but some of those like, Azure ATP was just a sub-SKUs of... 'Cause MTP is more of an overall, an overarching licensing suite that helps you bring alignment with unified reporting and some other things in there. But Azure ATP or Cloud App Security MCAS that Microsoft CASB, those were both just individual parts of that suite. Now they're saying, "Hey, if you purchase one part "of the suite, we'll give you the rest of it." So now they're saying if you have Cloud App Security and that's all you've done, you're gonna go ahead and enable some other features. Like you'll get features in Office 365 and ATP and an Azure ATP without having to do anything. Which simplifies that whole licensing thing.

- I was gonna say, just reading through this list, really reading through that list as I was listening to myself, say it out loud, I'm like, "Their naming and their licensing is getting "completely out of control." The fact that you have Microsoft Defender Advanced Threat Protection, Azure Advanced Threat Protection, Office 365 Advanced Threat Protection Plan two, it is getting really hard to keep track of all of these SKUs and what's in these SKUs, and how these SKUs impact other SKUs, and all of that.

- Yeah, did you see the one about Planner going away and being renamed, Tasks, but it's gonna be renamed six other things along the way.

- I didn't see the six other things, but I did see that that is gonna be Tasks now.

- Yes, so as we roll out the Tasks experience on Teams, desktop clients, the app will initially appear as Planner to users. The name will then temporarily change to Tasks by Planner and To-Do, and later on, it will be renamed to Tasks. I think it's the first time I've ever seen. I've ever seen an announcement that of all the product renames in one place.

- Which I don't know why it wasn't Tasks originally because you know what the URL for Planner is, don't you?

- Yes.

- It's tasks.office.com. I mean, Tasks would have probably made sense right out of the gate. I don't know, but now people are gonna be, "Did you add it to Tasks?" And it's going to be, "Well, which Tasks? "My Outlook Tasks, which then go to To-Do, "which To-Do also pulls from Planner, "which is now gonna be Tasks." Or you have your Tasks in OneNote, like I get naming things after what they do. But if you're gonna name something after what it does, you can't have five or six or seven or eight things that all do the same thing and name them all the same thing.

- A task is a task, is a task, is a task, except when it's not a task.

- And that's only when it's in the Task app or one of the several Task apps.

- Nice and easy, right?

- That add-in 'cause I know, that add-in that I talked to you about earlier, it just crashed again. I've been having problems with Edge on macOS. Anybody else who's has had problems with the... I'm running the Canary Belt. That's probably my problem.

- Yeah, Canary's had some weirdness going on lately.

- Yes, especially in macOS. But that being said, I just lost all of my notes 'cause not only does Canary crash, it will not allow me to reopen it until I restart my computer.

- It's a feature.

- Something like that. So yes, guy will pull up some more links, but I am flying blind right now in terms of what I was gonna talk about. So Microsoft Defender Advanced Threat Protection, that announcement was made. What is Microsoft Defender Advanced Threat Protection? We talked about it's gonna be turned on, but we haven't actually mentioned what it is.

- I'll be darned if I know at this point. It's gotten kinda crazy out there with some of that stuff, especially when you consider some of the Defenders Threat Protection capabilities and how they integrate maybe with Intune and device management, and what you can push down on that side. That is a product that I too am waiting for clarity in.

- You would like to know what it does? So I have it running on my Mac 'cause they do have like the whole antivirus endpoint.

- Well, you have the EV component running on your Mac, but really it's more about that Cloud-based management and kind of all the other things that go into it.

- Yes, all of that as well. I lost all my articles, I'm trying to pull these all up while I'm talking. So yes, but it is going to be enabled. It's going to be on and it does, like you said, it varies. So there's a whole Microsoft... Well, then you have Windows Defender Advanced Threat protection too that ties into it. That's based on your SKU of Windows that you're running. There are a whole bunch of that go into it. We'll just put links in the show notes about Microsoft Defender Advanced Threat Protection and let you guys go check out all of the capabilities that are not going to be enabled by default. Because I think SafeLink, Safe Attachments, they all fall under that umbrella too, don't they?

- They should, as far as I know. But who actually actually knows at that point?

- Maybe we should try to find somebody from the Microsoft Defender Advanced Threat Protection team to explain it all to us.

- We should. We've had MIP folks before it, because for MTP and kind of that overall fish in there, 'cause it is interesting where it's been going. And once you do get in there and light all those products up, some of the new things that have happened over in security.office.com, particularly when it comes to like incident hunting, they are really cool.

- Yeah, we should, so if anybody that's listening is from that team or know somebody on that team that they can put us in touch with too, we'll go out and see if we can dig up somebody. But yeah, if somebody knows and wants to send them our way or make an introduction, we'll get them on the show and we'll talk about it.

- Just that easy.

- As IT professionals in the Cloud era, sometimes it feels like we don't speak the same language as the rest of the organization. So when stakeholders from finance or other departments start asking about a specific project or Team's Azure costs, they don't always realize how much work is involved in obtaining that information. Sifting through cluttered CSVs and a complex, massive metadata in order to manually create custom views and reports. It's a real headache. On top of helping you understand and reduce your organization's overall Azure spend, ShareGate Overcast lets you group resources into meaningful cost hubs and map them to real world business scenarios. This way you can track costs in the way that makes most sense with your corporate structure. Whether it's by product, business unit, team or otherwise. It's a flexible, intuitive, and business-friendly way of tracking Azure infrastructure costs. And it's only available in ShareGate Overcast. Find out more on sharegate.com/itpro.

- So Teams, Teams has had an endless stream of new announcements and features. I feel like everybody started using it and all of a sudden they wanted all these features, Microsoft, it's like they prioritize a bunch of features all of a sudden.

- Huh? How did that happen?

- I don't know. I don't know why.

- When you have 44% usage growth in one month and then in the next calendar month, you go up another 70% over what was your new 100%. It gets interesting fast.

- Yes, and all of a sudden, like UserVoice. It's like, "Hey, this UserVoice went from, "like 100 votes to 10,000 votes "because all of a sudden everybody's using it "and wants these features." I don't know if there's actually a feature that did that, but it wouldn't surprise me.

- So good news, drum roll, you now get more than four by four in a Teams meeting. You get, I mean not four by four. Won't four by four be nice? You to get more than two by two. You now get three by three. We went from seeing four users at once, Scott to seeing nine.

- Yeah, you did and you can still pin people too. So when you go into those classrooms or you know, if you're a teacher out there and things like that, you can still just right-click and pin and get the big face in front of you. So you can do "The Brady Bunch" view of the world or you can go to a number nine. Coming to a tenant near you. I mean, Brandy it's not the, what can you do on Zoom? Can you do 50?

- Sorry, three by three.

- What can you do on Zoom? I think you can do 50 on one screen in Zoom.

- It goes up...

- Significantly higher.

- It goes up quite a bit, yeah.

- But I did see Microsoft is planning to bring more. I won't lie, I thought they were gonna go up higher than just two by two to three by three. I thought they said they were gonna try to do it so you could see everybody at once. But right now you can put 250 people in a Teams meeting. Can you imagine 250 people looking at all of them at once? It'd be like little thumbnails on most people's monitors.

- It would be like a Zoom meeting. That's what it would be like.

- Yeah, they also increased another feature. In that article was, they increased the number of participants that can take place in a live meeting. So live meetings we used to have a limit of 10,000 people for live meeting. They have doubled that to now allowing you to have 20,000 participants in a Team's live meeting.

- Yes, they have. Limits continue to rise there. It's an interesting one.

- Well, because that takes a lot of resources. Like I thought they were hurting for resources, unless they've kind of gotten a little bit of a handle on that. I was surprised to see that big of a jump in the live meeting attendees

- Resource availability has actually gotten quite a bit better. So not just for Teams things, but I'm even seeing in Azure, some of the restrictions are starting to be lifted, which is very nice.

- Yes, absolutely. It's nice to be able to start using some of this stuff to its full potential again.

- It's like all of a sudden I can create Azure SQL databases. I finally found one of my articles again.

- What else was there? Simultaneous people raising hands is coming. So you're gonna be able to raise hand. Well, before we do raise hands, just on the limit thing, that is a temporary raise.

- Was that a temporary one?

- Yes. The defaults will raise until July 1st.

- Yes.

- And then in August they're going to officially make some changes. So they call out the 20,000 number, but they might settle on something else, you know, after that, if they see that there's huge uptake to the 20,000 number and all that.

- Yeah, it'll be interesting to see once all of this is done, how it changes companies views on remote-work. Or if people tend to work remotely more, if everybody's gonna be so tired of working remotely, everybody's gonna wanna go the office. Shall be interesting.

- I don't know, do you want to go to the office? I don't feel like I do. I'm good staying right where I am.

- I've been right where I am for the last, like 12 years anyways. So hasn't changed a whole lot for me. Background effect was interesting. This one just makes me laugh 'cause they announced background effects which you used to be able to blur, now you can add pictures and I think it was the, like they did this well, they really seating they're like, "We're not gonna allow you "to put your own custom pictures in, for governance reasons." Obviously, you never know what certain people may upload as a background image. I think that day they released this, all these articles came out about how you could just go into a certain directory on your computer and add your own custom images and have them in Teams. It took less than eight hours from when it was live to when, even though they didn't give you the option to do it in the browser, they made it really easy to do by just going to a certain path in your file system, on your C-Drive and adding pictures there.

- Yeah, I've been having a bunch of fun with that one. Made my wife's the envy of all her friends at school.

- Have you seen the articles about people that took, like a screenshot or a picture of them sitting in their office and then they put that as their background picture and they're not actually at the meeting. It's just their picture.

- Yeah, that's a thing that has happened as well. You give somebody a tool and they will absolutely take advantage of it.

- That, they will. Call recording, I mean there's a bunch we'll link to the show notes. There were some updates around devices, a few meeting control changes. Most of the other ones were small. You can do things like put system audio now into a live meeting. So if you wanna play a video and feed that audio back into your live meeting to send it out to everybody, you can do that. But I think that kind of hits some of the big Team's announcements that came out in the month of April.

- Yeah, that'll probably wrap up most of them, like you said, a lot of that stuff just roadmap anyway. So it'll be filtering out. The nice thing is they've been filtering out much quicker, like you brought up.

- Any other news topics you want to cover today before we wrap up.

- Well, since we're talking about end users things, I think a good one to talk about might be some impacts to how end users interact with Azure AD. So there's a couple new experiences that are coming. So all of the new "My URLs" of Azure AD have lit up. So if you've ever pushed out things like My Apps to your users, there's gonna be a new URL and effectively a new UI coming to that. So my applications.microsoft.com is live today and ready to go. So it's kind of like My Apps, but it lets you group your applications by workspaces. They've simplified access management requests. So things that might come through privileged identity management are now gonna be consolidated and available at myaccess.microsoft.com. Sign in information is consolidated at My Sign-ins. That one's actually been out there and kicking around a while. And there's also the new, myworkaccount.microsoft.com, which brings forward kind of what would have been your account portal inside of M365 or O365. So you roll that out, that's all the new look and feel. And then you've also got the new MFA, SSPR consolidated signing experience and things like that. So if you have some downtime and you're at a help desk or you know, you're working with your end user community, and now's a good time to update some of your documentation because now that the URLs are all out there and all live, you can go ahead and get up to date screenshots and everything you might need.

- Yeah, these are nice. The, My Applications one, there's My Groups where I can do groups and...

- So My Applications is an interesting one. That's a UI that's going to be surfaced in two places. So it's going to be at myapplications.microsoft.com. And then you can also go into office.com into the app launcher and you could get to all your apps there. So the UI there is going to stay almost the same as it is today. But when you go into All Applications, you're gonna have access to that same grouping concept with the workspaces.

- Got it, well, it looks like when you go start doing the groups that actually takes you over to your, it's a URL under youraccount.activedirectory.windowsazure.com

- Makes total sense, right?

- Yeah, it's kind of like the number of admin portals.

- Just a few of those.

- I forgot how many different Office 365 tenants I'm a member of, because on that My Applications tool lets you go, you can do a drop down and look at all of the organizations. So you can jump to see all of your apps between all the different tenants you're a part of. My list got rather long.

- It does creep up.

- How many you are in, you go through and look at it and you're like, "Oh, they never actually removed me. "I'm still a guest in their tenants somewhere, or?" Those are some good URLs to know about to bookmark.

- I have quite a few of those kicking around.

- Well, since we had a longer one last week, should we wrap this one up sort of on time?

- All right, just for giggles let's do it.

- Let's do it. We can go back and do some more real work.

- Yes, it's Arm Template Friday.

- All right, I'm going to go play with Azure. I've been playing with Azure more. I've been playing with Windows Virtual Desktop and domain controllers and IS so I'm going to go back and play in Azure some more this afternoon.

- All right, sounds like a plan.

- All right, go enjoy your afternoon, don't work too hard and we will talk to you again next week, Scott.

- Thanks Ben.

- If you enjoyed the podcast, go leave us a five star rating in iTunes. It helps to get the word out so more IT pros can learn about office 365 and Azure. If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter or Facebook. Thanks again for listening and have a great day.

(more…)