Orlando, Fla. – The ever-increasing scope of cloud-based services demands real-time management capabilities be available to enterprise companies looking to properly control and monitor the flow of data to and from the cloud. This week at Microsoft Ignite, the company’s annual IT professional conference, Microsoft introduced enhancements to the Microsoft 365 Admin Center console to facilitate additional management scenarios. Here are the most notable additions.
Global Reader Role for Microsoft 365
Microsoft introduced a new Global reader role for Azure Active Directory (AAD). The benefit of this new reader role is that Global admins who were promoted to those roles just so they could see all settings and admin content across a Microsoft 365 environment can have more restricted access. The more Global admin accounts there are, the greater the risk of potential unauthorized access if one of those accounts is compromised. The Global reader role can still see all the admin settings but will not have access to make changes. Microsoft said the Global reader role is generally available starting today.
AI-Powered Microsoft 365 Admin Center Recommendations
Microsoft is now using artificial intelligence to improve an organization's security and compliance. After machine learning tools analyze settings and data available in a Microsoft 365 tenant, subscribers will see the areas that they need to address surfaced in the Microsoft 365 Admin Center so they can take appropriate action. Recommendations will be from a variety of services including Microsoft Information Protection, Advanced Threat Protection, Self-Service Password Reset and, of course, suggestions for complying with the EU’s General Data Protection Regulations (GDPR). Using Microsoft Graph, another AI-infused service, all these suggestions will be tailored to an organization based on its unique organizational indicators. These recommendations begin rolling out to Microsoft 365 tenants this week.
Microsoft Endpoint Manager
While Intune and Configuration Manager are already very robust tools for monitoring and managing the endpoints across an organization, the new Microsoft Endpoint Manager will merge data from these two systems to provide organizations with a new perspective of its users’ devices. The Endpoint Manager will include intelligent actions and analytics in a tool that allows IT pros to monitor, manage and ensure any Windows, Apple and Android devices allowed access to an enterprise network are secure. Microsoft Endpoint Manager will also gain the ability to manage Surface firmware updates for the hardware’s Unified Extensible Firmware Interface (UEFI) to better manage those device-level updates. Co-management of devices from Intune and Configuration Manager will go live on December 1st with support for Autopilot and Desktop Analytics.
Microsoft Productivity Score
Microsoft’s Secure Score evaluates an organization’s security posture across Microsoft 365. Similarly, the new Microsoft Productivity Score also takes a holistic, organization-wide approach to focus on the way employees do their work. It looks at visibility, insights, and other actions by the employee – quantifying how people are collaborating on content, working from anywhere, developing a meeting culture and communicating with each other. It also examines the policies, device settings, and hardware and application performance within the organizational environment. These results highlight potential areas of improvement. By determining the optimal configuration of tools, the Productivity Score will presumably allow users to be more efficient and productive. Microsoft will allow customers to sign up for a preview of the new management tool later this month.
For those enterprise customers that are concerned about losing management control of their hardware and services, the Microsoft 365 Admin Center is growing into a robust single pane of glass to take care of all those tasks in a central location. These are updates all enterprises should be paying attention to around Microsoft 365.