Currently, Windows 365 and Azure Virtual Desktop share a common framework for identity access by using Azure Active Directory (Azure AD) and security controls with CA policies. You can target CA policies to the Windows 365 app and this applies only to windows365.microsoft.com web client. To apply CA policies to the full Windows client and non-windows clients, you must assign CA policies to both the Windows 365 and Azure Virtual Desktop apps.
Cloud PC’s can be encrypted using their organizations “bring your own key” if enabled for their entire M365 tenant and meets licensing requirements.
An administrator is able to temporarily freeze an end-user’s access to Windows 365 Cloud PC while that user is under investigation.
Nested Virtualization platform capability will be enabled for certain license types allowing the ability to use Linux and Android subsystem.
A user is able to recover their Windows 365 Cloud PC to a known point-in-time backup.
Integration of Windows 365 Business Cloud PCs in the Device List in Microsoft 365 Lighthouse management UI.
An administrator can manually create a point-in-time restore point for Cloud PCs.
An administrator is able to provision Windows 365 Cloud PCs for users without requiring Hybrid Azure AD Join, with further options to let Microsoft host the virtual network connections.
An administrator is able to create a Cloud PC snapshot for purposes of forensic analysis and legal discovery.