Microsoft Ignite 2020

As much as I wish I could have been in New Orleans for Microsoft's annual Ignite conference, I'm so happy they not only made it virtual but free for end users for the first time!

We've compiled all of our Ignite recommendations and resources into this blog post, below you will be able to find the following:

• Hyperlinks to the recordings of our favorite sessions

• General resources and Ignite news

• The announcements, product releases, and tech updates that we found most important

Below are some of our engineers favorite and most recommended sessions.

Foundational: Playing chess on a trampoline (DB145)

Brad Anderson (Corp. VP, Microsoft 365) will show how to lead during these uncertain times by using modern management tools to help organizations not only survive but thrive. This session will share what Microsoft has learned about supporting a remote workforce, as well as the tools/management strategies you can replicate to empower end users and drive IT efficiency in your own org. Also featured: Four big announcements and demos that illustrate how to move your organization forward.

Modernizing your Sec Ops (DB166)

The world continues to change and challenge us to find ways to effectively protect our customers. Building on our world view anchored in Zero Trust and underpinned by the intelligence of our global operations, Microsoft is the only security vendor offering an integrated XDR and cloud native SIEM solution. Together with a powerful set of cloud security posture capabilities, Microsoft delivers both best of breed and best of platform solutions to customers to modernize their Security Operations.

Windows 10 innovations for enhanced productivity & resiliency (DB139)

Windows 10 gets better with every update, and with the advanced management and security features available with E3 and E5, you'll get even more. Get a fast-paced look at recent innovations and improvements for organizations, IT, and end users. Learn how we are making it easier for you to stay current, protected, and productive whether on-site, remote, or a combination of the two. We'll also share practical tips you can use today to maximize update adoption and minimize user disruption.

Introducing modern admin capabilities to better service M365 Apps for Enterprise (DB155)

Explore the real value of staying current with Microsoft 365 Apps for Enterprise. Intelligent insights and cloud-based controls. Predictable, automated enterprise-level servicing. New tools that enable optimal app health and performance. See how modern admin tools will reduce your workload and total cost of ownership (TCO), letting you focus on strategic projects and delivering the latest productivity, security, and collaboration capabilities to your organization.

Intermediate: MEM updates to enable work from anywhere (IGL146)

Complete tour of endpoint management updates spanning provisioning the latest Windows Autopilot capabilities, tenant attach with Configuration Manager, new policy controls using ADMX templates in MEM, Microsoft Edge compliance, and enabling secure remote work on mobile devices. This is an Ignite exclusive show from Microsoft Mechanics.

Updates to Microsoft Threat Protection (IGL145)

Microsoft Defender is Microsoft’s comprehensive XDR, bringing together your files, identities, endpoints, infrastructure and cross-cloud services together. In this session, we’ll show the anatomy of an incident and how Microsoft Defender discovers, alerts, contains and remediates sophisticated attacks. This is an Ignite exclusive show from Microsoft Mechanics.

AAD Updates: What’s New, What’s Changed (IGL109)

Updates on new and changed functionality in Azure Active Directory.

Taking identity & privacy to a new level | Verifiable credentials w/ decentralized identity using blockchain (IGL164)

Today your identity and related credentials are spread across multiple directory services and institutions. Decentralized identity has the power to move identity lookups securely to blockchain’s distributed ledger to put YOU in control of your identity, credentials and privacy. In this demo-rich tour, we’ll show you how it works and how you can set this up to issue or verify credentials, along with the simple end user experience with their digital wallet. This is an Ignite exclusive show from Microsoft Mechanics.

Azure AD: our vision and roadmap (DB168)

In this era of remote work, Zero Trust—a security approach that assumes breach and verifies every access request—is the new imperative. Identity and access management in the cloud, the foundation for Zero Trust, enables secure remote access and productivity. For everyone on the frontlines, this can’t-miss session will share the latest news on the Azure Active Directory roadmap to help you secure access to any app for any user on any device, automatically remediate threats, and protect privacy.

Save money by securing access to all your apps with AAD (DB165)

Azure Active Directory helps you provide secure access to all your apps, but do you know how to take full advantage of single sign-on and the rich app ecosystem Microsoft offers? Come to this session to learn about what Microsoft is doing to make it easy to connect with the apps you care about, build identity into the apps your organization needs, and manage access efficiently while providing ease-of-use to your workforce.

Zero Trust – the road ahead (DB169)

Organizations around the world have used Zero Trust principles to improve security and minimize risk: verify explicitly, employ least privilege access, and assume breach. Learn how these real-world deployments and the evolving global threat landscape will drive the future of Zero Trust. In this session, Alex Weinert and Sinead O’ Donovan will demonstrate how the Microsoft platform natively enables your end-to-end ZT deployment today, and how ZT is evolving to counter next-generation threat.

Stop attacks, reduce sec ops workload by 50% w/ automated cross-domain security (MTP) (DB164)

Microsoft 365 Defender stops attacks across your Microsoft 365 environment and automatically remediates affected assets. Learn how Microsoft 365 Defender builds a complete picture of each attack in a single dashboard and gives defenders time to focus on hunting across business data, leveraging their unique expertise to build custom detection tools.

Winning AAD strategies for identity security & governance (DB167)

Identity-related cybersecurity incidents make news regularly, and the attacks have become more sophisticated for organizations to keep up. The key to successful identity management is moving towards an identity-centric security strategy that guards against insider and outsider attacks. In this session, we will discuss winning strategies you can do today with Azure Active Directory and achieve a stronger security posture with greater control over access rights and privileges.

Safeguard multi-cloud apps and resources with the latest Cloud Security innovations (DB160)

The shift to the cloud is accelerating, and it’s more important than ever to protect your entire estate – including SaaS, IaaS and PaaS environments. Come and learn how our Cloud Security solutions help you secure your hybrid and multi-cloud environment. Effectively manage cloud app activity, strengthen the security posture of cloud resources, and proactively protect cloud workloads from threats. We’ll also showcase the latest capabilities that you should be using.

Advanced:

Ninja skills: manage your CA policies at scale (OD276)

Microsoft Conditional Access is a powerful policy-based security tool to help you set access controls for the right balance of security and productivity for your business. Did you know that Microsoft Graph, with its rich set of feature APIs, can help you take your Conditional Access policies to the next level? Did you know that you can apply policies to Office 365 suite? Come learn how you can code your policies, deploy policies at scale, and take your identity-driven security to the next level.

Govern access for employees & partners w/ AAD Identity Governance (OD285)

Azure Active Directory has Identity Governance and administration capabilities to help scale and govern access management for your entire workforce including partners. Come check out the latest news and demos around access reviews, entitlement management, and governing guest access to Microsoft Teams.

Bridge the gap between HR, IT, and business with AAD (OD292)

In the new cloud era, where software is a critical asset and technology innovation fuels growth, HR, IT and business teams are increasingly reliant on accurate and consistent identity data to drive business processes and outcomes. Join us to learn how the Azure Active Directory identity provisioning platform enables HR, IT and business teams to address modern challenges and deliver experiences that boost productivity and onboarding.

The science behind AAD Identity Protection (OD294)

Azure Active Directory Identity Protection detects and prevents identity attacks in cloud environments and helps admins understand their risk standing with insights and reporting, enabling risk-based policies for a hands-free security experience. At the core of Identity Protection is its risk engine, which uses ML, UEBA, and anomaly detection to detect your compromised users. Come learn about the science that powers Identity Protection and how it is taking security intelligence to the next level.

Other great resources:

Ignite 2020 Book of News - https://news.microsoft.com/ignite-2020-book-of-news/

Session Catalogue - https://myignite.microsoft.com/sessions

The BIG Announcements (in our opinion...)

SECURITY & COMPLIANCE

• Compliance Manager: GA! Plus, templates from Service Trust portal have been moved into new (new new) Compliance Manager

• AutoPilot: AutoPilot in Co-Management - Use of Windows Autopilot has skyrocketed over the past several months as more and more of our customers are doing zero-touch deployment directly to their employees working remotely. We’ve added two important features to help support this; first, you can utilize Autopilot with Configuration Manager-managed devices. Second, we want to make it as easy as possible for you to embrace co-management, we made it available to deploy during enrollment where previously we required Azure Active Directory (AAD). This is important for you because it enables you to move to modern provisioning and retain and use the investments you have made in your ConfigMgr application library.

• Windows Virtual Desktop: WVD supported in MEM - Microsoft Endpoint Manager allows you to manage policies and distribute applications across devices. You can now enroll Windows Virtual Desktop virtual machines that are hybrid Azure Active Directory domain-joined (joined to your on-premises Active Directory and registered with your Azure Active Directory) with Microsoft Intune and manage them in the Microsoft Endpoint Manager admin center the same way as physical devices. This simplifies management, provides a centralized view across both physical devices and virtual desktops, and creates new areas of collaboration. The Microsoft Endpoint Manager integration is generally available for Windows 10 Enterprise desktops - you can learn more in the public FAQ. The public preview for Windows 10 Enterprise multi-session will be available in the coming months and will initially support policies at the device level.

• Network Connectivity: M365 Admin Center Network Connectivity preview - The Network connectivity category within the Microsoft 365 admin center allows you to see a network assessment that evaluates the impact of your network design on Microsoft 365 user experience in a 0 – 100 scale. This is calculated based on network attributes which have been proven through support cases to affect user experience the most. The network assessment is best evaluated at a specific office location, but an organization wide network assessment is also provided. In addition, specific network insights are provided which identify network design improvements that could be made to align with the published network connectivity principles and improve network performance.

• Defender: No More ATP's - All products previously falling under the "ATP" umbrella of names have been brought into the Defender family.

• Defender for Endpoint (formerly MDATP) MAC support in preview/Android Support in GA - TVM come to MacOS, Android support is Generally Available

• Microsoft Tunnel: MEM introduces Microsoft Tunnel for VPN - Microsoft Tunnel, a remote access solution integrated with Microsoft Endpoint Manager, enables iOS and Android devices to connect to on-premises apps and resources to be productive on the go. Microsoft Tunnel supports full-device and per-app virtual private networks (VPN) and split tunneling, and ties into Conditional Access to help ensure your devices are compliant with policy before allowing access to your network. Available in public preview.

PRODUCTIVITY

• Stream: A wholly new re-imagined Stream - At Ignite 2020, we announced a new journey for Microsoft Stream. This journey begins with a vision for Microsoft Stream: to bring intelligent video creation, sharing, and viewing to all parts of Microsoft 365, while empowering users and administrators to manage video just as they would any other file. This vision elevates video as a primary content type in Microsoft 365, building on the rich content management features of SharePoint, and unlocking the intelligence of Microsoft Graph, to deliver long-awaited features including external and anonymous sharing, integration with Microsoft Search, enhanced analytics, and new controls for security and compliance.

• Teams: Breakout Rooms - Breakout rooms, one of the most requested Teams features, will be available next month. Meeting organizers will be able to split up participants into smaller groups to facilitate brainstorming sessions or workgroup discussions. Presenters can then hop between breakout rooms, make announcements to all breakout rooms, and close the rooms to return everyone to the main meeting.

• Teams: 25k users/Team - Custom layouts, 25,000 member teams, webinar controls, direct SharePoint home site integration, walkie-talkie, and more!

• Teams: New inclusive features - With more important calls, meetings and events happening virtually, it’s critical to make sure everyone can understand the discussion and participate easily, including people with disabilities. Live captions and transcripts with speaker attribution can make meetings more inclusive of people who are hard of hearing or deaf, or have learning disabilities like dyslexia and prefer spoken content to be reinforced with text. You can now provide live captions and transcripts with speaker attribution for 1:1 calls, all the way through to interactive meetings of up to 1,000 participants.