Windows 10 News You Can Use – June 2018

Posted on June 5, 2018 Updated on June 5, 2018

Windows 10 news you can use, June 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

Latest Windows 10 1803 feature upgrade news:

• Administrative Templates and GPO Reference Spreadsheet for Windows 10 1803 are available for download.
  • https://www.microsoft.com/en-us/download/details.aspx?id=56880
  • https://www.microsoft.com/en-us/download/details.aspx?id=56946
• Features deprecated in Windows 10 1803.
  https://docs.microsoft.com/en-us/windows/deployment/planning/windows-10-1803-removed-features
• NEW: Upgrade to Windows 10 1803 without suspending BitLocker. https://blogs.technet.microsoft.com/mniehaus/2018/05/02/new-upgrade-to-windows-10-1803-without-suspending-bitlocker
• Official release of the security configuration baseline settings for Windows 10 1803.
  https://blogs.technet.microsoft.com/secguide/2018/04/30/security-baseline-for-windows-10-april-2018-update-v1803-final
• Updated Remote Server Administration Tools (RSAT) for Windows 10 1803. https://www.microsoft.com/en-us/download/details.aspx?id=45520
• New features for Microsoft Edge extensions in the Windows 10 April 2018 Update: Extensions can now be enabled for InPrivate browsing, and notifications API for extensions.
  http://blogs.windows.com/msedgedev/2018/05/24/new-extension-features-april-2018-update-notifications-inprivate
• New Delivery Optimization options in Windows 10 1803. https://docs.microsoft.com/en-us/windows/deployment/update/waas-delivery-optimization#delivery-optimization-options

1) SetupDiag.exe is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. It works by examining Windows Setup log files then attempts to parse these log files to determine the root cause of a failure to update or upgrade the computer to Windows 10. SetupDiag can be run on the computer that failed to update, or you can export logs from the computer to another location and run SetupDiag in offline mode.
https://docs.microsoft.com/en-us/windows/deployment/upgrade/setupdiag

2) Defining application taxonomies to drive your application compatibility testing. https://blogs.msdn.microsoft.com/cjacks/2018/04/30/defining-app-tranches-to-drive-your-app-compat-testing

3) Announcing Delivery Optimization Insights for Windows Analytics: Update Compliance https://blogs.technet.microsoft.com/upgradeanalytics/2017/12/17/announcing-post-upgrade-insights-in-upgrade-readiness

4) Enterprise-ready in the age of Windows as a service https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Enterprise-ready-in-the-age-of-Windows-as-a-service/ba-p/188712

5) New IT Pro application packaging tool: MSIX. This is the next generation of application delivery.

• Build 2018 public announcement (short).
  https://developer.microsoft.com/en-us/events/build/content/announcing-it-pro-package-tool
• MSIX: Inside and Out. Foundational understanding about MSIX for why the solution is needed and how it functions.
  https://developer.microsoft.com/en-us/events/build/content/msix-inside-and-out
• Accelerating Windows 10 enterprise app deployment with MSIX. Includes tools for converting legacy applications (including App-V) to MSIX. https://developer.microsoft.com/en-us/events/build/content/accelerating-windows-10-enterprise-app-deployment

6) Dive on Windows 10 co-management with Intune and System Center Configuration Manager.
https://channel9.msdn.com/Series/Endpoint-Zone/Windows-10-co-management-with-Intune-and-ConfigMan-Endpoint-Zone-1804#time=14m34s

7) Learn how to create a Windows 10 kiosk that runs multiple apps. With Windows 10, version 1803, you can also: configure a single-app kiosk profile in your XML file, assign group accounts to a config profile, and configure an account to sign in automatically.
https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps

8) Video to learn how to setup Windows Autopilot in just over 3-minutes. https://www.youtube.com/watch?v=KYVptkpsOqs

1) Video showcasing protection capabilities against the most sophisticated threats with Windows Defender Advanced Threat Protection (WDATP). https://www.youtube.com/watch?v=JojhJ0Ib8vU

2) Microsoft’s Windows Defender ATP team is committed to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions. In the continued spirit of these principles, we want to share the results of the January-February 2018 test conducted by independent antivirus tester AV-TEST and provide a transparency report that augments the test findings with contextual information to help our customers make informed decisions about Windows Defender ATP adoption. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/24/adding-transparency-and-context-into-industry-av-test-results

3) IT showcase: Microsoft uses Windows Defender Antivirus to boost malware protection. Updated May 2018. https://www.microsoft.com/itshowcase/Article/Content/752/Microsoft-uses-Windows-Defender-Antivirus-to-boost-malware-protection

4) Adversaries are reusing credentials all the time; How can you check and prevent credential reuse attacks? Deny them by leveraging new (and old) security features. https://blogs.technet.microsoft.com/motiba/2018/05/06/avoiding-credentials-reuse-attacks

5) Use Windows Information Protection (WIP) to help make accidental data leakage a thing of the past. WIP protects users and organizations from accidental leaks via copy-and-paste, drag-and-drop, removable storage (e.g., USB thumb drives), and unauthorized applications (e.g., non-work cloud storage providers). https://cloudblogs.microsoft.com/microsoftsecure/2018/05/15/use-windows-information-protection-wip-to-help-make-accidental-data-leakage-a-thing-of-the-past

6) Windows Insider Preview build 17672 introduced support for the SameSite cookies standard in Microsoft Edge, ahead of a planned rollout in Microsoft Edge and Internet Explorer. Same-site cookies enable more protection for users against cross-site request forgery (CSRF) attacks. To broaden the security benefits of this feature, we plan to service Microsoft Edge and Internet Explorer 11 on the Windows 10 Creators Update and newer to support same-site cookies as well, allowing sites to rely on same-site cookies as a defense against CSRF and other related cross-site timing and cross-site information-leakage attacks.
http://blogs.windows.com/msedgedev/2018/05/17/samesite-cookies-microsoft-edge-internet-explorer

7) Big news in our drive to eliminate passwords: FIDO2 / WebAuthn Reaches Candidate Recommendation status! This will allow Microsoft customers to use any Microsoft identity to sign-in using a FIDO device instead of a password on any FIDO2 compatible device or browser – for both personal Microsoft accounts and organizational identities based on Azure Active Directory. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/12/big-news-in-our-drive-to-eliminate-passwords-fido2-webauthn-reaches-candidate-recommendation-status

8) The new Windows Privacy hub converges related content about Windows privacy on docs.microsoft.com. Here you can find new guidance to help IT decision makers get ready for GDPR, a list of Windows 10 services configuration settings used for personal data privacy protection, understand Windows diagnostic data, and much more.

• Privacy hub: https://docs.microsoft.com/windows/privacy
• Privacy guidance for GDPR: https://docs.microsoft.com/windows/privacy/gdpr-it-guidance
• Configuration settings for Windows 10 services: https://docs.microsoft.com/windows/privacy/windows-personal-data-services-configuration

1) Introducing two new mixed reality business applications: Microsoft Remote Assist and Microsoft Layout. http://blogs.windows.com/windowsexperience/2018/05/07/introducing-two-new-mixed-reality-business-applications-microsoft-remote-assist-and-microsoft-layout

2) Windows 10 Tip: How to enable Focus Assist in the Windows 10 April 2018 Update.
http://blogs.windows.com/windowsexperience/2018/05/09/windows-10-tip-how-to-enable-focus-assist-in-the-windows-10-april-2018-update

3) Microsoft Build 2018 highlights for productivity advancements coming to Windows 10.
http://blogs.windows.com/windowsexperience/2018/05/07/microsoft-build-2018-empowering-developers-to-build-intelligent-apps-with-microsoft-365

• A new way to connect your phone to your PC with Windows 10 that enables instant access to text messages, photos, and notifications.
• An updated Microsoft Launcher application on Android that will support Enterprise customers with easy access to line of business applications via Microsoft Intune.
• Microsoft Launcher on Android will also support Timeline for cross-device application launching. Today, your Microsoft Edge browsing sessions on your iPhone or iPad are included in the Timeline experience on your Windows 10 PC.
• Updates to Sets, an easier way to organize your stuff and get back to what you were doing. With Sets, what belongs together stays together, making it easier and faster to create and be productive.

4) Windows 10 Tip: A guide to using the basic tools in Paint 3D. http://blogs.windows.com/windowsexperience/2018/05/21/windows-10-tip-a-guide-to-the-basic-tools-in-paint-3d

5) What happens when three identical devices run different browsers? The Microsoft Edge team wanted to find out. This experiment showed that battery life on a PC running Microsoft Edge lasts 98% longer than Mozilla Firefox and 14% longer than Google Chrome. Windows 10 April 2018 Update Edition. https://www.youtube.com/watch?v=T24bRAm8MT0

6) Windows 10 Tip: Capture your thoughts easily with Dictation. Did you know that with the Windows 10 April 2018 Update, it’s now easier than ever to take a note or write a paper – with just your voice, using your device’s microphone? http://blogs.windows.com/windowsexperience/2018/05/29/windows-10-tip-capture-your-thoughts-easily-with-dictation

7) At Microsoft, we want to empower every person and every organization to achieve more. We deeply believe everyone should have the opportunity to reach their potential and we can help by empowering all people, regardless of their abilities. Global Accessibility Awareness Day gives us the chance to celebrate our differences and reflect on the ways in which we continue to strive to make Windows more accessible to everyone in their everyday life. Windows for each of us. http://blogs.windows.com/windowsexperience/2018/05/16/celebrating-global-accessibility-awareness-day

• Envisioning your security deployment. Envisioning is a systematic way to match Microsoft 365 Security features with relevant company goals. It involves identifying and prioritizing relevant scenarios while learning about the tools and resources available as you plan for your rollout. In many ways, this stage is the most critical part of your journey, as you’re setting the business goals you’ll measure your success against later. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/01/first-things-first-envisioning-your-security-deployment
• Windows IoT accelerates the intelligent edge with the Windows 10 April 2018 Update.
  http://blogs.windows.com/business/2018/05/01/windows-iot-accelerates-the-intelligent-edge-with-the-windows-10-april-2018-update
• Making IT simpler with a modern workplace…it’s time for a modern desktop. What do we mean by a “modern desktop?” Learn more at. https://www.microsoft.com/en-us/microsoft-365/blog/2018/04/27/making-it-simpler-with-a-modern-workplace
• Building a world without passwords. When thinking about creating a world without passwords, Microsoft wants to deliver on two key promises. (1) User promise: End-users should never have to deal with passwords in their day-to-day lives. (2) Security promise: User credentials cannot be cracked, breached, or phished. Microsoft’s philosophy is to devalue the password and replace it with something that eradicates its use for the end user and drains its value for an attacker. Windows Hello, the Microsoft Authenticator app, and FIDO2 security keys are current password-replacement offerings. The Windows 10 April 2018 Update, when configured in S mode, does not require passwords. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/01/building-a-world-without-passwords
• Securing the modern workplace with Microsoft 365 threat protection.
  • Part 1: The roots of Microsoft 365 threat protection. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/24/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-1
  • Part 2: Protecting the modern workplace against Ransomware. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/02/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-2
  • Part 3: Detecting ransomware in the modern workplace. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/08/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-3
  • Part 4: Responding to ransomware in the Modern Workplace https://cloudblogs.microsoft.com/microsoftsecure/2018/05/16/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-4
• Safeguard individual privacy rights under GDPR with the Microsoft intelligent cloud.
  https://www.microsoft.com/en-us/microsoft-365/blog/2018/05/25/safeguard-individual-privacy-rights-under-gdpr-with-the-microsoft-intelligent-cloud

Windows 10 News You Can Use – May 2018

Posted on May 1, 2018 Updated on June 5, 2018

Windows 10 news you can use, May 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

Windows 10 April 2018 Update (version 1803) released!  More info at:

• What’s new in the Windows 10 April 2018 Update http://blogs.windows.com/windowsexperience/2018/04/30/whats-new-in-the-windows-10-april-2018-update
• What’s new in Microsoft Edge in the Windows 10 April 2018 Update http://blogs.windows.com/msedgedev/2018/04/30/edgehtml-17-april-2018-update
• How to get the Windows 10 April 2018 Update http://blogs.windows.com/windowsexperience/2018/04/30/how-to-get-the-windows-10-april-2018-update

1)      Windows 10 Group Policy vs. Intune MDM Policy: who wins? https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins

2)      If you’re an IT administrator managing Windows Server and Windows, you probably open dozens of consoles for day-to-day activities, such as Event Viewer, Device Manager, Disk Management, Task Manager, Server Manager – the list goes on and on. Windows Admin Center brings many of these consoles together in a modernized, simplified, integrated, and secure remote management experience. https://cloudblogs.microsoft.com/windowsserver/2018/04/12/announcing-windows-admin-center-our-reimagined-management-experience

3)      Forrester Study: Modernize Your Device Management Using The Cloud. Today’s computing infrastructure acquisition, deployment, management, and servicing methods pose challenges to large and small organizations alike. As employees increasingly rely on myriad devices and applications to do their jobs, IT professionals must find efficiencies in how they provision and support new devices and applications. Luckily, operating system (OS) solutions that are fully integrated with the cloud and designed to work across devices are emerging. https://info.microsoft.com/ModernizeYourDeviceManagement.html

4)      With the upcoming release of Windows 10, version 1803, we are taking the next steps in our efforts to make kiosks even more capable – and easier – to deploy and configure.
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Simplifying-kiosk-management-for-IT-with-Windows-10/ba-p/187691

5)      Announcing MSIX – bringing together the best of UWP and traditional MSI applications.  Including a partnership with Advanced Installer Express edition. https://www.youtube.com/watch?v=AUUwZTurcmQ
https://www.youtube.com/watch?v=o9k8y46udho

1)      Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices.
http://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys

2)      Azure AD Conditional Access policies can now check device health as reported by Windows Defender Advanced Threat Protection. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/17/password-less-sign-in-to-windows-10-azure-ad-using-fido2-is-coming-soon-plus-other-cool-news

3)      New capabilities of Windows Defender ATP further maximizing the effectiveness and robustness of endpoint security.  Includes: automated investigation + remediation of threats, Microsoft 365 conditional access based on device-risk, advanced hunting, signal sharing across the Intelligent Security Graph, Windows Secure Score reports on devices’ security posture with actionable recommendations. http://blogs.windows.com/business/2018/04/17/new-capabilities-of-windows-defender-atp-further-maximizing-the-effectiveness-and-robustness-of-endpoint-security

4)      With Windows 10 1803, we are implementing the first phase of Windows Defender System Guard runtime attestation, laying the groundwork for future innovation in this area. This includes developing new OS features to support efforts to move towards a future where violations of security promises are observable and effectively communicated in the event of a full system compromise, such as through a kernel-level exploit.  Runtime attestation can help in many scenarios, including: providing supplementary signals for endpoint detection and response (EDR) and antivirus vendors, detecting artifacts of kernel tampering/rootkits/exploits, protected game anti-cheat scenarios, sensitive transactions, conditional access. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/19/introducing-windows-defender-system-guard-runtime-attestation

5)      Windows Defender ATP will now be able to provide the machine-risk level to conditional access (powered by Microsoft Intune and Azure Active Directory) to block compromised devices from accessing corporate resources. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/18/enhancing-conditional-access-with-machine-risk-data-from-windows-defender-advanced-threat-protection

6)      Teaming up in the war against social engineering attacks like tech support scams with Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/20/teaming-up-in-the-war-on-tech-support-scams

7)      Nearly one year passed since David das Neves had written a comprehensive summary around PowerShell Security (http://aka.ms/PSSecEnt). There are many security controls which need to be known and configured. But the problem for most admins is ‘Where to start and where to end?’.  This article provides guidance on how to prioritize those security controls. https://blogs.msdn.microsoft.com/daviddasneves/2018/04/25/prioritize-all-the-security-controls

8)      We now have a published table of which Windows Defender Exploit Guard feature works with which edition of Windows 10 (Professional vs. Enterprise E3 vs. Enterprise E5).
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard

9)      Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected customers from a massive Dofoil outbreak that we traced back to a software update poisoning campaign several weeks prior. In this blog post, we will expound on Dofoil’s anti-debugging and anti-analysis tactics, and demonstrate how the rich detection libraries of Windows Defender Advanced Threat Protection and Windows Defender Exploit Guard can help during investigation. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/04/hunting-down-dofoil-with-windows-defender-atp

1)      Make the most of your time with the new Windows 10 update for April 2018. With Timeline, your Windows 10 PC lets you go back in time up to 30 days to find your stuff, whether you were working on it earlier today, last week, or a few weeks ago. With Focus Assist, use whenever you want to get things done without distractions, like social media or other notifications. Or set it to turn on automatically at certain times during the day when you want focused time. With Dictation, it’s now easier than ever to take a note or write a paper, with just your voice. http://blogs.windows.com/windowsexperience/2018/04/27/make-the-most-of-your-time-with-the-new-windows-10-update

2)      Windows 10 Tip: Five expert tips to help you master ink in OneNote. http://blogs.windows.com/windowsexperience/2018/04/02/windows-10-tip-five-expert-tips-to-help-you-master-ink-in-onenote

3)      Windows 10 Tip: 10 things you can do in Windows Mixed Reality right now. http://blogs.windows.com/windowsexperience/2018/04/09/windows-10-tip-10-things-you-can-do-in-windows-mixed-reality-right-now

4)      Windows 10 Tip: Five things you might not know that you can do right now with your Windows 10 PC.
http://blogs.windows.com/windowsexperience/2018/04/17/five-things-you-might-not-know-you-can-do-right-now-with-your-windows-10-pc

5)      Windows 10 Tip: Five keyboard shortcuts you may not know about. http://blogs.windows.com/windowsexperience/2018/04/23/windows-10-tip-five-keyboard-shortcuts-you-may-not-know-about

• • Security baselines should underpin efforts to manage cybersecurity risk across sectors.  Microsoft has published a new whitepaper on the role of security baselines, a set of foundational activities through which organizations can advance cyber risk management. Microsoft also advocates for baselines that engage executives and embed flexibility, enabling organizations security capabilities and investments to evolve with rapidly changing threats. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/09/security-baselines-should-underpin-efforts-to-manage-cybersecurity-risk-across-sectors

• Your customers expect regular delivery of new capabilities, as well as support for existing applications. Find out how you compare to your peers—get The Case For Supporting Always Up-To-Date Operating Systems, a commissioned study conducted by Forrester Consulting, and discover the latest usage trends among software vendors like you. Reduce Complexity And Accelerate Your Application Release Cycle.  Register to download the white paper now to review recent findings about cloud-enabled OS adoption and usage trends among software vendors. Plus, learn five critical recommendations to consider as you evolve your application support and release strategy.
  https://developer.microsoft.com/en-us/windows/projects/campaigns/windows-compatibility

• From an administration perspective, our vision for Microsoft 365 is to help simplify IT by unifying management across users, devices, apps and services. We are rolling out a new admin experience for Microsoft 365 enterprise customers. This will be a single place for admins to get started with Microsoft 365 and discover the breadth of management capabilities and experiences available to them across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. Integrated into this admin center is both the new Microsoft 365 Security & Compliance Center, dedicated to providing security and compliance specialists with integrated management capabilities across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. The Security and Compliance Center will be available shortly, with Device Management to follow afterwards. Please look forward to additional details. https://techcommunity.microsoft.com/t5/Office-365-Blog/Introducing-the-Microsoft-365-Admin-Center/ba-p/167392
• Microsoft security announcements from the RSA 2018 conference.
  • Tapping the intelligent cloud to make security better and easier: Improving protection, Speeding up detection and response, Working across the industry, and The evolution of the intelligent edge. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/16/tapping-the-intelligent-cloud-to-make-security-better-and-easier
  • By connecting security data and systems, we can gain an advantage over todays adversaries. At Microsoft, our security products are powered by the Intelligent Security Graph which synthesizes massive amounts of threat intelligence and security signals from across Microsoft products, services, and partners using advanced analytics to identify and mitigate cyberthreats. This week at the RSA conference, we announced the public preview of a Security API that empowers customers and partners to build on the Intelligent Security Graph. By connecting security solutions and integrating with existing workflows, alerts and contextual information from multiple solutions can be easily consolidated and correlated to inform threat detection, and actions can be taken to streamline incident response. The unified API will make these connections easier by providing a standard interface and uniform schema to integrate and correlate security alerts from multiple sources, enrich investigations with contextual data, and automate security operations for greater efficiency. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/17/connect-to-the-intelligent-security-graph-using-a-new-api

Windows 10 News You Can Use – April 2018

Posted on April 2, 2018 Updated on June 5, 2018

Windows 10 news you can use, April 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

1) Explore the results of a recent Forrester study and learn how to take advantage of new cloud functionality to improve the end user computing operations lifecycle and leverage the ease and flexibility of the cloud for device management. https://info.microsoft.com/ModernizeYourDeviceManagement.html

2) Afraid of Windows 10 with Azure AD join? Michael Niehaus demystifies AADJ and provides practical guidance to try it out!
Part 1: https://blogs.technet.microsoft.com/mniehaus/2018/01/19/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-1
Part 2: https://blogs.technet.microsoft.com/mniehaus/2018/02/21/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-2

3) In case you missed it, Microsoft Deployment Toolkit (MDT), build 8450 was released in late December, offering support for Windows 10, version 1709; the Windows Assessment and Deployment Kit (ADK) for Windows 10, version 1709; and System Center Configuration Manager, version 1710. https://blogs.technet.microsoft.com/msdeployment/2017/12/21/mdt-8450-now-available

4) Watch a free webinar to learn how EMS can help you manage and secure user identities, devices, apps, and data across all of your Windows devices, iOS, macOS, and Android. This one-hour session includes: 1) Securing access to company email, files, and apps stored in the cloud and on-premises, 2) Protecting company data on all endpoints, 3) Modernizing Windows 10 management.
https://resources.office.com/ww-landing-M365PD-Identity-Driven-UEM-with-EMS-Video.html?LCID=EN-US

5) With the 1710 update to ConfigMgr and the 1709 update to Windows 10, we’ve provided the foundations of our solution to bridge Windows modernization through Co-Management. This bridge is an entry-point for our customers to start their transitions to modern management – a path that leads traditional, domain-joined and ConfigMgr-managed solutions, to a deployment of Azure Active Directory and Intune. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/07/the-future-is-on-the-other-side-of-this-bridge

6) The documentation team has an article with the current list of UWP provisioned (in-box) and installed (from the store on first logon) for various Windows 10 releases. But one thing that isn’t reflected in that documentation: the list of apps installed from the store can be different depending on the type of account you sign in with, by the SKU that you are using, and even by the region of the world the device is in. https://blogs.technet.microsoft.com/mniehaus/2018/03/13/more-on-included-windows-10-apps

7) An updated version of System Center Updates Publisher (SCUP) is now available which adds support for Windows 10 and Windows Server 2016. SCUP enables independent software vendors or line-of-business application developers to manage custom updates.
https://cloudblogs.microsoft.com/enterprisemobility/2018/03/21/system-center-updates-publisher-adds-support-for-new-oses

8) The AskPFEPlat team is here today with you in force. Recently they put together 10 Tips and Tricks from the Field – a collection of tips and tricks in our tool belt that they use on occasion. They wanted share these with all their readers in-an-effort to make your day a little easier. https://blogs.technet.microsoft.com/askpfeplat/2018/03/19/10-tips-and-tricks-from-the-field

9) Moving from project to process: digital transformation with Windows as a service.
https://techcommunity.microsoft.com/t5/Windows-10-Blog/Moving-from-project-to-process-digital-transformation-with/ba-p/175688

1) How to enable BitLocker Drive Encryption and automate the process for an AutoPilot device that is provisioned for a standard user using the Windows 10 Fall Creators Update version 1709. https://blogs.technet.microsoft.com/showmewindows/2018/01/18/how-to-enable-bitlocker-and-escrow-the-keys-to-azure-ad-when-using-autopilot-for-standard-users

2) Windows Defender System Guard: Making a leap forward in platform security with memory integrity.
https://techcommunity.microsoft.com/t5/Windows-Insider-Program/Windows-Defender-System-Guard-Making-a-leap-forward-in-platform/m-p/167303#M1256

3) Windows 10 in S-Mode coming soon to all editions of Windows 10. http://blogs.windows.com/windowsexperience/2018/03/07/windows-10-s-mode-coming-soon-editions-windows-10

4) Learn from the Windows Defender Research group about protecting corporate networks from cryptocurrency miners with the security capabilities in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/13/invisible-resource-thieves-the-increasing-threat-of-cryptocurrency-miners

5) Announcing a set of new preview features for Windows Defender ATP, which includes capabilities such as Automated Investigation and Response (AIRS), advanced hunting tools for SecOps, role-based access controls, Azure ATP integration, insights into additional Win10 security capabilities, and more! https://techcommunity.microsoft.com/t5/What-s-New/WDATP-preview-features-are-now-ON/td-p/170598

6) Guided lab to get Windows Hello for Business to work on Windows 10 to show the user experience and provide some lessons learned. https://blogs.technet.microsoft.com/chadcox/2018/03/19/my-notes-on-setting-up-a-poc-windows-hello-for-business-lab-using-hybrid-key-trust

7) Over the last year, we’ve talked about how we’re investing in new innovations to address today’s challenging threat landscape, what we’ve delivered, and how it will change the dynamics. Today, I want to share the results of our new antivirus capabilities in Windows Defender Advanced Threat Protection (ATP) which are genuinely incredible because they will directly benefit the work you are doing. Read more on why Windows Defender Antivirus is the most deployed in the enterprise. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise

1) Windows 10 Tip: Three ways you can personalize your desktop with fun themes and colors.
http://blogs.windows.com/windowsexperience/2018/03/05/windows-10-tip-three-ways-can-personalize-desktop-fun-themes-colors

2) Windows 10 Tip: Clear your workspace in one of two simple steps.
http://blogs.windows.com/windowsexperience/2018/03/13/windows-10-tip-clear-your-workspace-in-two-simple-steps

3) Windows 10 Accessibility: What to expect in the year ahead. http://blogs.windows.com/windowsexperience/2018/03/19/windows-10-accessibility-what-to-expect-in-the-year-ahead

4) Windows 10 Tip: Six keyboard shortcuts to help you find what you’re looking for. http://blogs.windows.com/windowsexperience/2018/03/26/windows-10-tip-six-keyboard-shortcuts-to-help-you-find-what-youre-looking-for

• We are delighted to announce that we have released version 1802 for the Current Branch (CB) of System Center Configuration Manager that includes new features and product enhancements! https://cloudblogs.microsoft.com/enterprisemobility/2018/03/22/now-available-update-1802-for-system-center-configuration-manager
• Webinar: Learn how new Windows Defender ATP advancements can help you protect against the latest threats and enable your organization to detect and respond to highly sophisticated, advanced attacks. https://info.microsoft.com/WindowsDefenderATPdetectandrespondtohighlysophisticatedadvancedattacks-OnDemandRegistration.html
• Windows Defender Antivirus blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. Behavior-based signals coupled with cloud-powered machine learning uncovered this new wave of infection attempts. Within the next 12 hours, more than 400,000 instances were recorded in the global encounters. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign
• Tips for getting started on your security deployment. Microsoft has provided a sampling of the most common security scenarios customers like you may be wanting to accomplish. To help you envision your plan, we provided the optimum combination of Microsoft 365 products and features you need to bring your scenarios to life with Microsoft security. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/06/tips-for-getting-started-on-your-security-deployment
• FinFisher exposed: A security researcher’s tale of defeating traps, tricks, and complex virtual machines. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/01/finfisher-exposed-a-researchers-tale-of-defeating-traps-tricks-and-complex-virtual-machines
• Microsoft Security Intelligence Report volume 23 is now available for download. The report is based on Microsoft’s analysis of on-premises systems and cloud services, focuses on threat trends since February 2017. Here are three key themes from the report: 1) Botnets continue to impact millions of computers globally. 2) Easy marks methods like phishing are commonly used by cybercriminals. 3) Ransomware remains a force to be reckoned with. Deep dive webcast on the report to be held April 10^th. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/15/microsoft-security-intelligence-report-volume-23-is-now-available
• Microsoft has a service designed specifically to help you accelerate your Microsoft Security deployment across your organization: FastTrack for Microsoft 365. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/20/accelerate-your-security-deployment-with-fasttrack-for-microsoft-365
• In this comprehensive overview of the Microsoft 365 Security offering, Brad Anderson (CVP, Enterprise Mobility) shares how he talks to customers about the unique and powerful M365 Security story. Brad offers an in-depth look at identity-driven security, information protection, threat protection, and security management.
  https://youtu.be/8321obNofgM

Windows 10 News You Can Use – March 2018

Posted on March 6, 2018 Updated on March 6, 2018

Windows 10 news you can use, March 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

1)      Windows Analytics now helps assess Meltdown and Spectre protections. https://blogs.windows.com/business/2018/02/13/windows-analytics-now-helps-assess-meltdown-and-spectre-protections

2)      Update 1802 for Configuration Manager [Technical Preview Branch] – includes new features and functionality for Windows 10 deployment and management! https://cloudblogs.microsoft.com/enterprisemobility/2018/02/13/update-1802-for-configuration-manager-technical-preview-branch-available-now

3)      Windows Update for Business offers an additional option to aid administrators in the critical pursuit of ensuring systems are kept up to date. Understanding what Windows Update for Business is and how it can be implemented either standalone or through integration with Configuration Manager is critical, so you make the best choice for your business.  Watch this easy-to-follow video tutorial on implementing and managing WUfB with SCCM. https://blogs.technet.microsoft.com/configurationmgr/2018/01/22/configmgr-current-branch-windows-update-for-business-video-tutorial

4)      Express Update is a capability of WSUS and the Windows Update Agent that was added to help reduced the overall network impact of these larger updates. Configuration Manager current branch 1702 (though 1710 and higher is recommended for best performance) added full support for Express. Understanding how Express works is important so that administrators know what to expect and can plan accordingly. Watch this easy-to-follow video for details of how Express works and how supporting Express is supported in a Configuration Manager environment. https://blogs.technet.microsoft.com/configurationmgr/2018/01/26/configmgr-current-branch-express-updates-video-tutorial

1)      Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. Our top priority is clear: Help protect the safety and security of our customers’ devices and data. Today, I’d like to provide an update on some of that work, including Windows security update availability for additional devices, our role in helping distribute available Intel firmware (microcode), and progress driving anti-virus compatibility. http://blogs.windows.com/windowsexperience/2018/03/01/update-on-spectre-and-meltdown-security-updates-for-windows-devices

2)      Microsoft was named a “Visionary” in the 2018 Magic Quadrant for Endpoint Protection Platforms. According to Gartner “Visionaries deliver in the leading-edge features — such as cloud management, managed features and services, enhanced detection or protection capabilities, and strong incident response workflows — that will be significant in the next generation of products, and will give buyers early access to improved security and management.”
http://www.gartner.com/reprints/?id=1-4PY5MQU&ct=180130&st=sb

3)      Starting this summer, customers can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints. https://blogs.windows.com/business/2018/02/12/announcing-windows-defender-atp-support-for-windows-7-and-windows-8-1

4)      Learn how Windows Defender Antivirus and artificial intelligence stopped an Emotet outbreak on February 3^rd with intelligent, real-time protection against modern threats.
https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak

5)      Monthly antimalware platform updates for Windows Defender Antivirus. While keeping up-to-date with signatures and engines is a best practice, a machine that is up-to-date with both definition/engine and platform updates can have a higher protection level than a machine that is just update-to-date with definition/engine updates. https://blogs.technet.microsoft.com/configurationmgr/2018/02/05/monthly-antimalware-platform-updates-for-windows-defender

6)      Fujitsu has teamed with Microsoft to build devices with Windows 10 Pro and industry-leading biometric options including Windows Hello and palm vein authentication to prevent security attacks in the modern workplace. http://blogs.windows.com/business/2018/02/08/fujitsu-microsoft-focused-advancing-security-modern-workplace

1)      Microsoft like to provide you with the latest planning tools to help guide you to the best deployment process for your business. The Windows 10 Adoption Planning Kit includes the following resources: 1) Gartner Report: Making Critical Deployment Choices for Windows 10 Success, 2) End-User Readiness Assets, 3) Microsoft FastTrack Program Flyer, 4) Microsoft Press Article: Deploying Windows 10 e-Book. https://info.microsoft.com/Windows10AdoptionPlanningKit.html

2)      Print to corporate printers from Azure AD joined Windows 10 devices! We’ve just released Microsoft Hybrid Cloud Print, a print solution built specifically for Azure Active Directory-joined and Intune-managed devices. Now people in your organization can use Azure AD-joined devices to discover on-premise printers, and can print from work or from home or from anywhere else they can connect to the internet. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/01/so-cool-print-to-corporate-printers-from-azure-ad-joined-windows-10-devices

3)      Windows 10 Tip: 7 pro tips for getting started with Microsoft Edge as your PDF viewer.
http://blogs.windows.com/windowsexperience/2018/02/12/windows-10-tip-7-pro-tips-getting-started-microsoft-edge-pdf-viewer

• Developing an effective cyber strategy: At Microsoft, we are continuously evaluating the current threats faced by our customers and building products and services to help CISOs execute their strategies. The design of our products not only accounts for the techniques utilized by cyber attackers, but also incorporates features that address the human dynamics within an enterprise and the staff and retention challenges faced by security teams. https://cloudblogs.microsoft.com/microsoftsecure/2018/02/07/developing-an-effective-cyber-strategy
• Learn more about how Microsoft views the importance of cyber resilience for the modern enterprise, get prescriptive guidance on building a cyber resiliency plan and roadmap, and find out what Microsoft is doing to help enterprises rapidly become resilient to commonly encountered attacks and vulnerabilities. https://cloudblogs.microsoft.com/microsoftsecure/2018/02/12/cyber-resilience-for-the-modern-enterprise
• Inside the Microsoft Security Research Center (MSRC) – How we recognize our researchers.
  https://blogs.technet.microsoft.com/msrc/2018/02/02/inside-the-msrc-how-we-recognize-our-researchers
• Today, we are taking another important step forward in our ability to offer customers more choice and capability by making Intune APIs in Microsoft Graph generally available. This opens a new set of possibilities for our customers and partners to automate and integrate their workloads to reduce deployment times and improve the overall efficiency of device management.
  • Announcement:
  • https://cloudblogs.microsoft.com/enterprisemobility/2018/01/31/intune-apis-in-microsoft-graph-now-generally-available
  • Thoughts and highlights from Brad Anderson: https://cloudblogs.microsoft.com/enterprisemobility/2018/02/02/highlights-from-the-ga-of-the-intune-apis-in-microsoft-graph

• Microsoft has already documented the maximum supported scalability limits as well as the hardware guidelines needed to run Configuration Manager (current branch) sites in the very largest environment sizes. Now we are sharing a draft, unofficial whitepaper with supplemental performance guidance for Configuration Manager environments of all sizes. This document includes specific details and test results generated by the product team, as well as frequently asked questions for common performance issues. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/22/public-preview-configuration-manager-performance-guidance-for-environments-of-all-sizes
• Microsoft is pleased to announce the final release of the recommended security configuration baseline settings for Microsoft Office Professional Plus 2016 and Office 365 ProPlus 2016 apps. https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-and-office-365-proplus-apps-final

• In a 3-part series, we introduce what rapid cyberattacks are and illustrate how they are different in terms of execution and outcome, and hot to mitigate them.
  • Part 1 – overview of rapid cyber attacks: https://cloudblogs.microsoft.com/microsoftsecure/2018/02/05/overview-of-petya-a-rapid-cyberattack
  • Part 2 – overview of Petya, a rapid cyber attack: https://cloudblogs.microsoft.com/microsoftsecure/2018/01/23/overview-of-rapid-cyberattacks
  • Part 3 – How to mitigate rapid cyberattacks such as Petya and WannaCrypt:
    https://cloudblogs.microsoft.com/microsoftsecure/2018/02/21/how-to-mitigate-rapid-cyberattacks-such-as-petya-and-wannacrypt

Windows 10 News You Can Use – February 2018

Posted on February 1, 2018

Windows 10 news you can use, February 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other news related to Windows 10…

• Announcing changes to Office and Windows servicing and support.  Delivering a secure and productive modern workplace is a top priority for many of our commercial customers, and we’re committed to help. Today we’re announcing servicing extensions for Windows 10, changes to the Office 365 ProPlus system requirements, and new details on the next perpetual release of Office and Long-Term Servicing Channel (LTSC) release of Windows. https://blogs.technet.microsoft.com/windowsitpro/2018/02/01/changes-to-office-and-windows-servicing-and-support
• A decade ago, most cyber-attacks started with a piece of malware or a complex method to directly attack the infrastructure of a company. But this picture has changed and today all it takes is a sophisticated e-mail phishing for an identity. Learn how to disrupt attacks caused by social engineering. The built-in functionality of Enterprise Mobility + Security, Windows 10, Office 365, and Microsoft Azure enables organizations to disrupt these attacks. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/how-to-disrupt-attacks-caused-by-social-engineering
• New! Microsoft 365 powered device lab kit. This updated version of the popular Windows 10 Deployment and Management lab features a fully-provisioned virtual lab environment with Windows 10 Fall Creators Update, Office 365, Enterprise Mobility + Security. Plus, 25 step-by-step lab guides covering AutoPilot, Windows Defender Application Guard, Windows Hello, Windows Analytics, and more. https://blogs.technet.microsoft.com/ausoemteam/2017/12/14/the-microsoft-365-powered-device-lab-kit-available-for-download
• Microsoft is pleased to announce the draft release of the recommended security configuration baseline settings for Microsoft Office Professional Plus 2016 and Office 365 ProPlus 2016 apps. https://blogs.technet.microsoft.com/secguide/2018/01/29/security-baseline-for-office-2016-and-office-365-proplus-apps-draft
• Over a year ago, we announced public preview of Intune on Azure and followed up six months ago with general availability of the new admin experience for Intune on Azure. Starting on April 2, 2018, we will turn off mobile device management (MDM) in the classic Silverlight console for those customers using Intune standalone and instead ask that you use Intune on Azure for all your MDM needs… including Windows 10 MDM. https://blogs.technet.microsoft.com/intunesupport/2018/01/03/plan-for-change-use-intune-on-azure-now-for-your-mdm-management

1.  Windows 10 1709 is now designated as a Semi-Annual Channel release (e.g. formerly known as Current Branch for Business).
   http://blogs.windows.com/windowsexperience/2018/01/11/windows-10-fall-creators-update-1709-fully-available
2. To gain insights into the health and performance of more than 300,000 Windows 10 devices, Microsoft began using Device Heath, a new service in Windows Analytics. Available through the Microsoft Operations Management Suite, Device Health analyzes telemetry and provides details about device and driver crashes. This data helps us monitor our environment and quickly resolve issues. https://www.microsoft.com/itshowcase/Article/Content/961/Improving-reliability-with-Windows-Analytics-Device-Health
3. Collecting members of the Local Administrators group via SCCM. https://blogs.technet.microsoft.com/benjamin/2018/01/27/collecting-members-of-the-local-administrators-group
4. An important feature for desktop application developers is the ability to view detailed analytics about application performance and its popularity with users. Until today, developers had difficulty accessing these analytics without cobbling together multiple tools. With the new Windows Desktop Program, developers now have a convenient, one-stop portal to view their desktop application analytics or access the data via an API. Statistics and charts quickly show how the applications are doing– from how many customers they’ve reached to detailed performance data on crashes and failures. With these analytics, developers can better track and prioritize fixes, monitor the distribution of their application, prepare and improve the overall experience for their customers. http://blogs.windows.com/buildingapps/2018/01/23/introducing-windows-desktop-program-desktop-application-analytics

1. Get an end-to-end look at the security features and technologies in Windows 10 that can help you protect your data, devices, and identity. Join Windows Security Senior Product Manager Chris Hallum as he walks you through the features and tools that have shipped to date and provides insight into what’s to come. This one-hour webcast will take from place Tuesday, February 6th from 10:00 a.m. to 11:00 a.m. Pacific Time and will cover protecting data on lost and stolen devices, replacing passwords with multi-factor authentication, using data separation, containment, and encryption to help prevent accidental data leaks, and much more. https://blogs.technet.microsoft.com/windowsitpro/2018/01/04/save-the-date-windows-10-security-webcast-feb-6
2. Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems.  Terry Myerson, Executive Vice President, Windows and Devices Group describes the discovered vulnerabilities as clearly as possible, discusses what customers can do to help keep themselves safe, and shares what Microsoft has learned so far about performance impacts. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems
   • Related: Use SCCM Configuration Baseline to confirm a system is protected against the Meltdown and Spectre vulnerabilities https://gallery.technet.microsoft.com/Speculation-Execution-Side-1483f621
   • Related: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
3. Windows 10: Multi-layer defense against ransomware attacks. The year 2017 saw three global ransomware outbreaks driven by multiple propagation and infection techniques that are not necessarily new but not typically observed in ransomware. While there are technologies available on Windows 7 to mitigate attacks, Windows 10’s comprehensive set of platform mitigations and next-generation technologies cover these attack methods. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/a-worthy-upgrade-next-gen-security-on-windows-10-proves-resilient-against-ransomware-outbreaks-in-2017
4. Customers that deployed Microsoft’s security baseline for Windows 10 v1709 might have experienced device and component failures. The BitLocker GPO settings recommended in the Windows security configuration baselines for Windows 10 include enabling “Disable new DMA devices when this computer is locked” to defend against Direct Memory Access (DMA) attacks. Windows’ internal implementation underlying that Group Policy setting was modified for v1709 to strengthen its enforcement. However, the change inadvertently led to some device and component failures on v1709 that are described in KB article 4057300, including potential problems with network adapters, audio devices, and pointing devices. https://blogs.technet.microsoft.com/secguide/2018/01/18/issue-with-bitlockerdma-setting-in-windows-10-fall-creators-update-v1709
5. Exposing fileless malware attacks with Windows Defender ATP and mitigating attacks against the endpoint with next-gen security technologies in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/24/now-you-see-me-exposing-fileless-malware
6. Data privacy will continue to be a priority towards making Windows 10 the best and most secure experience. From improving in-product control, transparency and information about your privacy, while providing a complete list of the diagnostic data collected at the Basic level, among others, to launching the Microsoft Privacy Dashboard and the enhancements we’ve made since then, we want you to be able to easily see and manage your activity data online across multiple Microsoft services. http://blogs.windows.com/windowsexperience/2018/01/24/microsoft-introduces-new-privacy-tools-ahead-of-data-privacy-day
7. Looking for information on how Windows 10 Enterprise can enable and support HIPAA compliance, privacy, and security? Download the latest version of the “HIPAA Compliance with Microsoft Windows 10” white paper, which now includes the updates found in Windows 10, version 1709. https://blogs.technet.microsoft.com/windowsitpro/2018/01/09/hipaa-compliance-with-windows-10-enterprise
8. Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked with, these rapid cyberattacks took down most or all IT systems in just about one hour, resulting in $200M – 300M USD of damage at several customers. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/23/overview-of-rapid-cyberattacks
9. There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program. Starting March 1, 2018, Windows Defender Antivirus and other Microsoft security products will classify programs that display coercive messages as unwanted software, which will be detected and removed. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/30/protecting-customers-from-being-intimidated-into-making-an-unnecessary-purchase

1. Windows 10 Tip: Add 3D to your PowerPoint presentation in 5 steps http://blogs.windows.com/windowsexperience/2018/01/29/windows-10-tip-add-3d-powerpoint-presentation-5-steps
2. Windows 10 Tip: Get started with the Mixed Reality Viewer app. http://blogs.windows.com/windowsexperience/2018/01/08/windows-10-tip-get-started-mixed-reality-viewer-app
3. Easily and securely manage devices –  Windows 10 helps to manage devices efficiently and cost effectively while reducing business disruptions, as you make new devices available to your employees. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Easily-and-securely-manage-devices
4. Fuel your creativity with powerful devices and apps – Use Surface Studio and Windows 10 to transform the way you sketch, model, and share your creative ideas. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Fuel-your-creativity-with-powerful-devices-and-apps
5. Use your device like a PC to stay productive and secure – Maintain the high level of productivity you need, wherever you are, by leveraging the seamless, secure mobile experience offered by Windows 10. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-your-device-like-a-PC-to-stay-productive-and-secure
6. Use integrated apps and devices to improve healthcare patient care – Gain secure, speedy access to lab results, specialist recommendations, patient notes, scheduling, and more from your Microsoft 365 powered device and your clinic’s integrated apps. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-integrated-apps-and-devices-to-improve-patient-care
7. Streamline healthcare lab operations while ensuring compliance – Improve your lab’s testing operations and ensure regulatory compliance by using powerful, modern devices. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Streamline-lab-operations-while-ensuring-compliance