Skip to the main content.

3 min read

Microsoft Endpoint Management and Security – The Latest Announcements and What They Mean to Your Organization

Microsoft Endpoint Management and Security – The Latest Announcements and What They Mean to Your Organization

Microsoft continues to build and invest in endpoint management and security products. As more and more organizations adopt products like MEM (Intune), Autopilot, and Azure AD Premium with great success, it’s clear they are building a powerful, industry-leading platform.  As the adoption has ramped up, Microsoft’s ability to gather customer feedback and implement features in response to end-user input has been extremely impressive.

Below we will break down some of the recent releases and why they are relevant to Microsoft customers and IT pros looking to more effectively secure and manage devices across their organization’s network.

Azure AD Join for Windows 365 Cloud PC is now fully supported

The release of Windows 365 and the promise of a ‘Cloud PC’ built a lot of excitement amongst IT professionals.  However, the requirement(s) to have an existing Azure subscription, connect with an existing AD environment and VPN/virtual network connection felt much more ‘traditional’ than cloud-first for many administrators. 

With the announcement 2/9/2022 that “Azure AD Join as a Cloud PC join type option, you no longer need an existing Azure infrastructure to use the service, just your Azure AD users.” 

For Windows 365 customers this is in the process of being pushed out by Microsoft now and no action is necessary to begin using the feature.  Here’s how to begin rolling out your Cloud PC’s in a ‘Microsoft Hosted Network’.

In the provisioning policy creation flow, simply select ‘Microsoft Hosted Network’ and the desired region.

Customers will still have the option to bring their own Azure virtual network.  Once your Azure AD Join network is created, simply select your network from the drop-down menu when provisioning.          

While these options are exciting there are pros and cons to each decision.  If your company is considering implementing AADJ for Windows 365 our team of consultants would be happy to offer guidance based on your unique situation.

Microsoft Defender P1 Now Available in Public Preview for M365 E3 Customers

If you are an M365 E3 customer today, you may have noticed some of the Microsoft Defender for Endpoint Features now available in your tenant.  Microsoft’s foundational Endpoint Protection product was added to the M365 E3/A3 bundle in Mid-January and is focused on providing customers prevention and baseline endpoint protection.  At a high level the MDE P1 SKU will provide:

  • Next-Generation Anti-Malware
  • Attack Surface Reduction Capabilities
  • Device Based Conditional Access

While MDE P1 is a strong foundational product from Microsoft, many customers have come to expect more from third-party endpoint protection providers.  If you are considering replacing a third-party with Microsoft Defender, it’s important to first ensure you are getting the functionality your organization requires.  Below is a full feature comparison of the P1 and P2 bundles.

MDE P1 will be available as a standalone SKU ($3/user/month) along with MDE P2 ($5.20/user/month). As previously mentioned, MDE P1 will now be included with M365 E3/A3 ($32/user/month) and should be available in your M365 tenant in public preview today. 

Microsoft Endpoint Analytics Updates

With the continued adoption of remote work, Microsoft has continued to bolster the capabilities of their Endpoint Analytics offering for IT professionals.  The dashboard is included with Microsoft’s M365/EMS E3 bundles and offers customers powerful dashboards for all Intune-managed/co-managed physical and cloud PC’s. 

Most reports found in the dashboard today are focused on helping admins understand sign-in activity and resource utilization.  This allows IT teams to proactively reach out to potentially frustrated end-users and no longer worry about “silent sufferers” whose devices are hindering them from company productivity. 

The dashboard now includes a more robust ‘Work From Anywhere’ tab that will serve as a Windows 11 readiness report. The readiness reporting allows IT teams to quickly filter out devices that do not meet the minimum system requirements for Windows 11. The ability to quickly diagnose devices on the domain that require upgrades will become more and more useful as we approach the Win 10 end of support date in 2025. 

Microsoft continues to bolster the Endpoint Analytics offering and has announced upcoming releases on the roadmap.  These new releases include:

  • Real-time metrics across the network in tenant wide or per user views
  • Real-time usage reports to help identify dormant or unutilized licenses
  • Proactive custom alerts outside of the MEM dashboard (email/SMS)

CloudServus consultants are working with organizations regularly to maximize their investments with Microsoft and are eager to build new partnerships focused on aligning with Microsoft’s best practices for secure device management. 

Invested with Microsoft and interested in adopting more of their security and device management technology?  Reach out to our team today to set up an introduction and get started!

Recent Microsoft Licensing Changes – Q4 2022

Recent Microsoft Licensing Changes – Q4 2022

Microsoft Has Recently Announced Some Major Changes Microsoft licensing is complex and it’s often difficult to remain up to date on the constant...

Read More
Breaking Down the Latest Microsoft Licensing Updates

Breaking Down the Latest Microsoft Licensing Updates

CloudServus aims to ensure that you stay informed about the dynamic landscape of Microsoft products and licensing. Our objective is to keep you...

Read More