These blog post are a ongoing thing the next 2 days. So I will continue to add new blog post content everyday. So stay tuned.
Just another day at the office… Not quite. Microsoft Ignite is full of surprises. Today’s sessions was no exception.
The third day:
Tuesday 6th of November: Some of those session I was seeing today was about Windows 10 updates in general and Windows update for business (WUfB). Another cool thing was news on Azure information protection – regarding finding and label your sensitive documents/data in general.
Windows update news
Unified Update Platform (UUP) – Introduced back in 2016. Get current and secure in one step. Preserve feature on demand (FoD) and Language packages (LP). When enabled it allows you to control and only get approved quality update and “expedite” (fast deploy) update if needed.
- Default enabled in WUfB and coming for Onprem (ConfigMgr and WSUS) in public preview early 2020. Its in private preview ATM.
Read more about UUP here and how it works -> https://oofhours.com/2019/08/06/uup-is-still-coming-soon-and-dynamic-update-is-still-important/ and https://docs.microsoft.com/en-us/windows/deployment/update/windows-update-overview
- Microsoft reducing feature update offline time in the near future. (20H1 coming April 2020) feature update only reboots the system one time. Windows 1809 had three reboots for installing the 1809 feature update.
- Cloud recovery from (20H1) – Enables recover even with severe corruptions on the device directly from windows update.
- WUfB cloud extensibility also coming early 2020 with these new features:
- Schedule a feature update deployment
- Stay on a specific feature update
- Co-Manage just quality update
- Expedite a specific quality update (for urgent parching)
- Alert and monitor progress of updates
- Automate custom workflows for updates
- Deadline policies available in Intune (already available today)
The first step – Know your data to be able to secure it.
- The new Data classification (Preview):
Read more about how to find your sensitive data here -> https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Understand-where-your-sensitive-data-is-located-and/ba-p/960465
- Auto-classification now built into Office ProPlus
- Based on the policies defined by your organization – a sensitivity label is either automatically applied or recommended to the user.
- Also extending to Microsoft Teams and Office 365 groups and SharePoint sites
- Outside of the clients we are extending support to Teams Office 365 Groups and SharePoint Sites. This allows users to create a Team or Group or Site and simply select the sensitivity label they want applied. The initial sites and groups policies that can be associated with labels are: privacy, user membership, and unmanaged device access policy.
Read more about label teams, SP and group sites here -> https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites