Join us at the What’s Next in Security from Microsoft digital event on February 24

Helping users stay safe: Blocking internet macros by default in Office – For macros in files obtained from the internet, users will no longer be able to enable content with a click of a button. A message bar will appear for users notifying them with a button to learn more. The default is more secure and is expected to keep more users safe including home users and information workers in managed organizations.

Cybersecurity threats are always changing—staying on top of them is vital, getting ahead of them is paramount – Microsoft Security Insider is a site for business leaders focused on cybersecurity to get the latest news, insights, threat intelligence, and perspectives on top-of-mind topics in cybersecurity. As we analyze over 24 trillion threat signals daily and engage with hundreds of thousands of customers, our objective is to share our unique perspective on the threat landscape and the top challenges facing security practitioners and Chief Information Security Officers (CISOs) today.

Collaborate more securely with new cross-tenant access settings – Cross-tenant access settings enable you to control how users in your organization collaborate with members of external Azure AD organizations. Now you’ll have granular inbound and outbound access control settings that work on a per org, user, group, and application basis. These settings also make it possible for you to trust security claims from external Azure AD organizations like Multi-Factor Authentication (MFA), device compliance, and hybrid Azure AD joined devices. 

All Microsoft Defender for Identity features now available in the Microsoft 365 Defender portal – Over the last few months, as part of our XDR journey, we’ve been working to make all Microsoft Defender for Identity features available in the Microsoft 365 Defender portal. Today, we’re pleased to announce that the final two features are now generally available:

Detect active network reconnaissance with Microsoft Defender for Endpoint – The Microsoft Compromise Recovery Security Practice has observed how the security industry has evolved over the last few years as consumers, businesses, and industry professionals continue to adapt to the changing landscape. We have seen the emergence of new frameworks, such as the Cybersecurity Framework by the National Institute of Standards and Technology (NIST), which can empower us to build scalable programs and accelerate the transition to a Zero Trust workplace.

Setting data access permission using Azure Purview’s Data Policy Feature – We recently launched Azure Purview Data Policy features into public preview. The policy author and data source admin can set data access permission on storage accounts for ADLS Gen 2 and blob at the file, folder, container, or storage account level. Also, an entire subscription or resource group can be brought under the policy governance of Azure Purview using the Data Policy features.