conditional access

Microsoft 365 Baseline Security Mode is an opt-in security bundle in the Microsoft 365 admin center that centralizes recommended controls across authentication, files, Exchange Online, SharePoint, OneDrive, Teams, and Entra ID for tenant administrators. That sounds like a switch, and Microsoft...

Most Microsoft 365 configuration drift happens when a tenant’s current security settings gradually diverge from the baseline an MSP or IT team originally deployed, often through small operational changes that accumulate over months without centralized review. That is the core warning in an MSSP...

The FBI issued a May 21, 2026 public warning that a phishing-as-a-service platform called Kali365 is targeting Microsoft 365 accounts by abusing device-code authentication to capture OAuth tokens and bypass multi-factor authentication. That makes this less a story about one new phishing kit than...

Microsoft said on May 8, 2026, that Exchange Online will stop supporting direct Exchange ActiveSync certificate-based authentication by the end of 2026, forcing affected mobile mail clients to authenticate certificates through Microsoft Entra ID instead of presenting them straight to Exchange...

Microsoft has quietly removed one of the biggest identity-management frictions for enterprise customers: the inability to cleanly use third-party MFA providers inside Microsoft Entra ID without sacrificing policy control. The new external MFA capability is now generally available, and Microsoft...

Microsoft’s upcoming enforcement change for Conditional Access in Entra ID is a clear pivot toward consistency and defense‑in‑depth: policies that target All resources will now be evaluated even when those policies include resource exclusions, and sign‑ins that request only minimal OpenID...

Conditional Access in large tenants is often a map of good intentions and accidental complexity, and idPowerApp promises to redraw that map into clear, printable slides so teams can see, reason about, and remediate policy interactions at a glance. Overview Conditional Access (CA) is one of the...

Microsoft’s Windows 365 just added a major twist to its Cloud PC story: administrators can now publish individual, cloud‑hosted applications — Outlook, Word, OneDrive, Edge, PowerPoint and line‑of‑business apps — without provisioning a full Cloud PC for every user, with the feature opening as a...

Microsoft’s decision to let organizations stream single Windows applications from the cloud — instead of entire Cloud PC sessions — marks a pragmatic pivot in how enterprises will adopt Windows 365 for day-to-day workforces and frontline roles. The new Windows 365 Cloud Apps feature, now in...

Microsoft's latest updates to the Windows 365 family push the Cloud PC experience closer to a full, resilient desktop replacement — but they also raise important questions for IT about licensing, capacity, and user data protection. The company has expanded the Connection Center experience so...

Microsoft is weaving its AI assistant deeper into the Office experience by rolling Copilot Chat and agent capabilities directly into core Microsoft 365 apps — Word, Excel, PowerPoint, Outlook, and OneNote — bringing a unified, in-context chat pane and a raft of new tools aimed at turning an AI...

Microsoft’s enterprise backup story just took a meaningful step: Windows Backup for Organizations — the tenant-scoped backup and restore experience Microsoft built to ease device refreshes and large-scale Windows migrations — is being exposed to Intune administrators and moving into wider...

A growing number of Microsoft account holders report successful sign‑ins from IP addresses inside Microsoft’s own network despite having two‑factor authentication enabled — an uptick of incidents first detailed in a German investigation and corroborated by threads on Reddit and Microsoft’s own...

A new, industrialized phishing service called VoidProxy is being used by multiple criminal groups to intercept Google and Microsoft sign-ins in real time, harvest credentials, MFA responses and — critically — session cookies that let attackers impersonate users without needing passwords or...

Microsoft will begin retiring the lightweight Outlook Lite Android app on October 6, 2025, blocking new installs that day as it directs users toward the full Outlook mobile client and consolidates engineering around a single, feature-rich Android email experience. Background Outlook Lite...

If you use Microsoft 365, updating your password regularly is one of the quickest — and most effective — ways to reduce your exposure to account takeover, phishing, and password-spraying attacks. This guide walks through three fast, practical ways to change a Microsoft 365 password (personal...

Microsoft is planning to pull the plug on Outlook Lite’s distribution this October, with multiple technology outlets reporting that new installations will be blocked beginning October 6, 2025, and users being nudged to move to the full Outlook mobile experience. Background / Overview Outlook...

Microsoft is reportedly planning to block fresh installations of Outlook Lite starting in October 2025 as it prepares a broader retirement of the app, forcing users who rely on a lightweight, battery-friendly client to either remain on an aging build or move to the full Outlook for Mobile...

Microsoft has confirmed that Phase 2 of its mandatory multi‑factor authentication (MFA) enforcement for Azure will begin a tenant‑by‑tenant rollout this autumn, extending MFA requirements from portal sign‑ins down into the Azure Resource Manager (ARM) control plane and affecting command‑line...

Microsoft has quietly added a new diagnostic aimed at keeping Copilot agents working reliably inside Microsoft Teams: the Copilot Agent Functionality Diagnostic — a customer-facing validator now accessible through Microsoft’s diagnostic surfaces and designed to surface licensing, permission, and...