Microsoft Defender XDR will integrate AI-generated summaries and categorizations for DLP alerts via the Microsoft Purview Data Security Triage Agent, improving alert triage. Deployment starts April 2026 (preview) and August 2026 (general). Agent management remains in Purview; DLP policies and user impact remain unchanged.
Microsoft Edge for Business will support cross-tenant Intune Mobile Application Management (MAM) policies, enabling data protection on devices managed by different tenants. This opt-in feature, rolling out from February to April 2026, secures corporate data without extra enrollment or disrupting user experience.
OneDrive for macOS is getting a redesigned Activity Center with a cleaner, more intuitive interface aligned to macOS conventions. It improves sync status visibility, accessibility, and error handling. The update rolls out automatically worldwide in April 2026, requiring no admin or user action.
Organizations can now manually apply Purview Information Protection sensitivity labels in Engage. Allowing admins to create labels and configure label publishing policies to determine which users and groups can manually label content in Engage communities. End users in Engage will be able to then manually apply labels to communities and in turn classify and protect their sensitive data via privacy and external user access controls.
Administrators can choose a severity threshold and receive alerts when a new Edge update includes security fixes that meet or exceed that level, including zero day fixes. This helps organizations quickly identify updates that may require attention, while avoiding unnecessary notifications for routine releases.
Between November 2025 and February 2026, Microsoft Baseline Security Mode automatically created two disabled draft Entra Conditional Access policies in some tenants. This is not a security issue, requires no action, and a fix will remove unintended drafts and prevent automatic creation.
Microsoft 365 Copilot Pages will introduce admin-controlled AI-generated code previews, available only if Copilot Pages are enabled. Rolling out mid-March to mid-April 2026, admins can enable or disable this feature via a Cloud Policy. There are no new compliance or data processing impacts.
Microsoft Purview Endpoint DLP will soon classify Azure RMS–protected Office documents, enabling consistent DLP policy enforcement on encrypted files starting early April 2026. This enhances content inspection without changing user workflows, requiring Endpoint DLP client version 4.18.26030 or higher.
Purview DSPM Data Risk Assessments now support item-level investigation and remediation for SharePoint, enabling admins to detect and fix oversharing risks by applying sensitivity labels, notifying owners, or removing sharing links. This feature requires admin setup and will roll out worldwide by mid-March 2026.
Microsoft Defender for Cloud Apps will retire select IaaS and PaaS threat detections by mid-May 2026 due to low impact, focusing on identity-related threats. Affected alerts and policies will be removed, but historical data remains accessible. No admin action is required, though updating related processes is recommended.
I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.
HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin