This Week in IT: New Loop Features in Teams, Security Copilot Update, Resource Guard for Azure Backup, and much more…
- Podcasts
- This Week in IT
- This Week in IT: New Loop Features in Teams, Security Copilot Update, Resource Guard for Azure Backup, and much more…
This Week in IT, unlock seamless collaboration in Teams with the new Loop components update, allowing real-time edits, sharing, and integration across Microsoft 365! Plus, Microsoft introduces extra security to protect Azure Backup vaults from ransomware, Windows 365 Cloud PCs get an important new security feature, and Security Copilot gets an update and wider availability. Stay tuned for this and the rest of the week’s IT news.
Links and resources
- Loop Components Coming to Microsoft Teams Channels (petri.com)
- M365 Changelog: Loop components in Channels and Loop Embed Mode in Teams – Petri IT Knowledgebase
- Microsoft Introduces Multi-User Authorization for Azure Backup Vaults (petri.com)
- Generally Available: Multi-user authorisation for Backup vaults | Azure updates | Microsoft Azure
- Microsoft Security Copilot Early Access Program Now Available (petri.com)
- Microsoft Security Copilot Early Access Program is now available | Microsoft Security Blog
- Microsoft Defender for Endpoint Now Blocks Human-Operated Attacks (petri.com)
- Microsoft Defender for Endpoint now stops human-operated attacks on its own | Microsoft Security Blog
- Microsoft to Phase Out Default Outbound Access for Azure VMs (petri.com)
- Default outbound access for VMs in Azure will be retired— transition to a new method of internet access | Azure updates | Microsoft Azure
- Microsoft Intune Endpoint Privilege Management Gets Support for Windows 365 (petri.com)
- Default outbound access for VMs in Azure will be retired— transition to a new method of internet access | Azure updates | Microsoft Azure
- Microsoft Graph Activity Logs Now Available in Preview (petri.com)
- Microsoft Graph Activity Log is Now Available in Public Preview – Microsoft Community Hub
- Microsoft Updates Teams PowerShell Module to Version 5.7.0 (petri.com)
- Microsoft Teams PowerShell Release Notes – Microsoft Teams | Microsoft Learn
Transcript
This Week in IT, unlock seamless collaboration in teams with the new loop component update, allowing real-time edits, sharing, and integration across Microsoft 365.(…) Plus,(…) Microsoft introduces extra security to protect Azure Backup Volts from ransomware. Windows 365 Cloud PCs get an important new security feature, plus security copilot gets an important update and wider availability. So stay tuned for this and the rest of the week’s IT news.
Welcome to This Week in IT, the show where I cover all the latest news on Microsoft 365, Windows, and Azure. But before I get started, I’ve got a quick favor to ask you. 80% of the people who watched last week’s video weren’t subscribed to the channel. Now, as we go live today, we’ve got about 1,140 subscribers, and I’d really love to push that this week to 1,200. So if you’d like to see this kind of news roundup every week, then please subscribe to the channel, help us reach our goal, and don’t forget to hit the bell notification to make sure you don’t miss out on the latest uploads. So this has been a long time coming. Microsoft is planning to roll out loop components in Teams channels. Now, loop components are portable pieces of content that you can use across Microsoft 365.
So, it could be something like a table or a block of text or a bullet list, something like that. Now, you’ve probably realized that loop has been available in chats for a long time, even before the loop app came into preview. And Microsoft is finally making loop components available in channels across all types of channels, whether it’s a standard channel, a private one, or a shared channel, you’ll be able to access loop components. And when they’re created in a channel, they’re going to be stored in the respective SharePoint site that’s connected to that Teams channel. So if you haven’t experimented with loop components yet, the great thing about them is that regardless of where they’re placed or where they’re created, you can edit the components in real time with your colleagues. It doesn’t matter which app you’re using the component in, you don’t have to think, oh, well, I need to create a table, so I have to open Excel. No, you can just create a loop components.
Now loop is in preview at the moment, and there’s also a loop app, which functions a little bit like Notion, if you’ve ever experimented with that. Now we’ve been using loop a little bit here at Petri, and it’s pretty good so far. I love the way that Microsoft always creates a very simplified interface, it’s much easier to get to grips with the Notion for instance, but there are some bits of functionality missing that you find in loop. For instance, you can’t create a database, which is one of the most powerful features of Notion. But who knows, maybe that will come at some point down the line. Now while adding loop components to channels may not seem like a big deal, it is I think, because we need some consistency across where you can create these loop components.
To an end user, it won’t make much sense that, well, I can create a loop component in a chat in Teams, but not in a channel. Because for them, there’s not a huge amount of difference between these two things, although they do of course function differently, and the technology behind how they work is actually different, which is why it’s taken Microsoft a little bit of time to bring loop components to channels.(…) So while all of that seems like really good news, I thought as usual that I would look at some of the fine print to see what the details of this really are.
So, one of the things that you should bear in mind is that when you create a loop component in a Teams channel, that component is then saved to the respective SharePoint site, as I previously said, and that component is also available in the Files tab for that channel. So one of the disadvantages of creating loop components in a channel at the moment is that there’s no support for external users. So that’s going to be a big usability issue, I think, for lots of Teams.
(…)
And as always, I’m not sure how Microsoft is going to communicate that to end users, because for them, they’re creating a loop component, why shouldn’t it just not work for everybody in the channel? But of course, that might not necessarily be the case. Now, if you create the loop component somewhere else and then paste it into a Teams channel, Microsoft isn’t saying explicitly, but as far as I can understand from the documentation, that that loop component then won’t be available in the Files tab, but it is available still across the Microsoft 365 ecosystem. So you can find it in your OneDrive for instance, or anywhere else that you need to access it.
But what worries me a little bit is the lack of consistency about how components and component access is implemented across the different areas of Teams, whether it be a chat or a channel, and the standard user is not really going to understand how all of that hangs together. But we’ll have to see how this moves forward. I don’t know whether Microsoft is planning to enable external access to loop components in a channel, we’ll have to see how that pans out. But while I really like what Microsoft is doing here, I do feel that this lack of consistency and complexity behind the scenes could be an issue at the end of the day for user adoption.
Microsoft is planning to roll this out in November, so you’ve only got a few weeks to wait until that functionality comes to your tenant. Let me know what you think in the comments about the implementation of loop components across Microsoft 365. Is it going to be too complicated for users to understand, or do you think that Microsoft is going to get the implementation of this right? Now Microsoft is adding an extra layer of security to Azure Backup Vaults.
Now this is the technology that’s already implemented for Recovery Services Vaults, and it’s being brought across to Azure Backup Vaults, and it’s called multi-user authentication.(…) Now the terminology doesn’t really explain how all of this technology works, so let me give you a quick rundown. So imagine you’ve got your Backup Vault, of course there is some level of security on it in terms of access. So what MUA does is it puts a resource guard in front of that Backup Vault to provide an extra layer or an extra step that users need to go through in order to access it.(…) So you can implement that to really help secure that Backup Vault. And of course Microsoft is doing this because backups are crucial when any kind of ransomware hits. If ransomware hits your Backup Vault as well, then you’re really in trouble of course. And to make this even more effective, Microsoft is saying that you can put your resource guard in a different Azure tenant to give an extra boost, and that’s the most secure implementation of this feature.(…) Security Copilot is getting a wider release this week and some new features. So the first thing is that Microsoft is saying that Security Copilot is now going to be based on OpenAI’s chat GPT 4.
So that obviously is a bigger, more powerful language model which should make everything there more efficient and effective. Now this has been in a private preview with some of its customers up until now, but Microsoft is releasing Security Copilot on an early access program which you have to apply to, but it’s going to make it available to a wider range of customers. Now Microsoft isn’t saying when Security Copilot will be generally released, but if you’re a big enough organization you might be able to get on that early access program. So what is Security Copilot exactly?
Well it’s for people who are working in Security Operations Centers. They have to deal with analyzing massive sets of data, of course all the logs that come from all the various different systems, and what Security Copilot does is allow them to use natural language to query that data. So it might be to query the data for potential vulnerabilities, for URLs,(…) to analyze code snippets, and just to make their life easier. And Microsoft is saying that in their testing so far, Security Copilot is able to save operations staff up to 40% of their time. Microsoft is also adding Security Copilot to Windows 365 Defender to provide real-time malware analysis there. Microsoft Defender for Endpoint is also getting a new feature and it’s called contain user disruption.
So if you imagine that Microsoft is collecting, you know, I think millions of signals from lots of devices every day, and some of those signals indicate that a user, or probably a malicious user, is doing something in real time to try and infiltrate a system. So Microsoft is able to pick out those signals and create an alert essentially in Microsoft Defender for Endpoint, which then blocks the particular user that’s been used to perform those malicious actions across all devices where they might have access. So it allows you to stop potentially an attack in real time.
And of course this is a user that has been compromised, so it’s something that it’s important to block. And this feature is currently in public preview. Microsoft is deprecating outbound internet access for Azure VMs and this work is going to be complete by September 2025. So there’s a bit of a lead time on this. So why is Microsoft doing this? Well again it’s to improve security, to help block ransomware attacks, and just security overall of course. So Microsoft is saying well if you need outbound internet access you’re going to have to use another method to get that now for your Azure virtual machines. So whether that’s an Azure NAT gateway or outbound rules for the Azure load balancer, you’re going to have to find a different way of getting that outbound internet access to work. So if you’ve got VMs that are already deployed,(…) they’re not going to be affected.
But Microsoft is recommending that while those VMs won’t be affected, you should try to do something to change the way that they get outbound internet access. So it’s just not a complete three-for-all. So that’s a very important change that’s coming to Azure. Endpoint privilege management in Intune has been available for a while now. I think it was about a year ago that I spoke on this channel to Steve Dispencer about that and all those things that were coming to Intune. So endpoint privilege management, this basically allows you to assign a user standard user privileges, which is what you should preferably be doing, and then for a limited period of time you can elevate those privileges to administrator for a particular application or process.(…) So what is the change here that Microsoft has announced?
This feature is now going to be supported in Windows 365 Cloud PCs. So you’ll be able to implement that technology there. Microsoft also announced that this technology, so endpoint privilege management for Intune, is also coming to Azure, just plain Azure virtual machines, single instances of a virtual machine in Azure. So that’s interesting to see this feature become more widely available across different device types. Microsoft announced this week an update to the Microsoft Graph activity logs. So this update is going to allow security professionals to monitor HTTP requests to applications. So it allows them to monitor for suspicious API usage or privilege escalations in the requests themselves.
So, this is going to give security professionals a better insight into client behaviors and API interactions to try and detect any malicious activity. Now there are a couple of limitations with this at the moment. So this doesn’t allow you to see activity or to monitor those HTTPS requests in a multi-tenant environment where you’re monitoring from one tenant the activity into another tenant. You can only monitor within your own tenant.(…) And Azure Monitor at the moment doesn’t support filtering of these logs.(…) So I’m assuming that’s something that Microsoft will be able to rectify in an update to Azure Monitor going forwards. Microsoft released an update to the team’s PowerShell module. So we’re now on version 5.7.0.(…) And there are the usual bug fixes and all the rest of it. And a couple of changes as well. So I’ll just let you know the most important ones. So the getcsonline user commandlets now includes a reference to the user’s administrative unit membership.(…) So you can retrieve that information now.
There are also participant name change and auto recording parameters for the new CS Teams meeting policy and set CS Teams meeting policy cmdlets. So the participant name change allows administrators to determine whether in a meeting the user can change the name that’s displayed. Is it what’s in the directory or are they able to change that themselves? So you can block that behavior. And the auto recording parameter allows administrators to set when a meeting is started, a recording automatically starts.(…) So that can be quite useful if it’s users that are getting to manually start a recording. You can just set that. So nope, it’s going to start automatically and it just takes one less thing away from whoever’s running the meeting, one less thing to think about, I guess. So do go and check out that updated PowerShell module. Thanks for watching today’s video. If you found it useful, I’d really appreciate it if you gave it a like because that helps us get the video seen by more people on YouTube.
Of course, don’t forget to subscribe if you’d like to see these news updates every week. But I’m going to leave you with another video on the screen that you might find useful. That’s it from me today, and I’ll see you next time.