MicrosoftDocs
diff --git a/‎microsoft-365/admin/TOC.yml‎
Lines changed: 3 additions & 3 deletions b/‎microsoft-365/admin/TOC.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎microsoft-365/business-premium/index.md‎
Lines changed: 1 addition & 2 deletions b/‎microsoft-365/business-premium/index.md‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎microsoft-365/business-premium/media/m365-whatisit-securityfocus2.png‎
45.5 KB b/‎microsoft-365/business-premium/media/m365-whatisit-securityfocus2.png‎
45.5 KB
diff --git a/‎microsoft-365/security/defender-endpoint/tvm-weaknesses.md‎
Lines changed: 1 addition & 1 deletion b/‎microsoft-365/security/defender-endpoint/tvm-weaknesses.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎microsoft-365/security/defender/microsoft-secure-score.md‎
Lines changed: 3 additions & 0 deletions b/‎microsoft-365/security/defender/microsoft-secure-score.md‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations.md‎
Lines changed: 2 additions & 2 deletions b/‎microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-prepare.md‎
Lines changed: 7 additions & 5 deletions b/‎microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-prepare.md‎
Lines changed: 7 additions & 5 deletions
diff --git a/‎microsoft-365/security/office-365-security/preset-security-policies.md‎
Lines changed: 1 addition & 4 deletions b/‎microsoft-365/security/office-365-security/preset-security-policies.md‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎microsoft-365/solutions/empower-people-to-work-remotely-manage-endpoints.md‎
Lines changed: 5 additions & 13 deletions b/‎microsoft-365/solutions/empower-people-to-work-remotely-manage-endpoints.md‎
Lines changed: 5 additions & 13 deletions
diff --git a/‎microsoft-365/solutions/empower-people-to-work-remotely-remote-access.md‎
Lines changed: 1 addition & 1 deletion b/‎microsoft-365/solutions/empower-people-to-work-remotely-remote-access.md‎
Lines changed: 1 addition & 1 deletion
@@ -145,11 +145,11 @@
              href: add-users/remove-former-employee-step-1.md
            - name: Step 2. Save the contents of a former employee's mailbox
              href: add-users/remove-former-employee-step-2.md
-           - name: Step 3. Forward a former employee's email to another employee or convert to a shared mailbox
+           - name: Step 3. Wipe and block a former employee's mobile device
              href: add-users/remove-former-employee-step-3.md
-           - name: Step 4. Give another employee access to OneDrive and Outlook data
+           - name: Step 4. Forward a former employee's email to another employee or convert to a shared mailbox
              href: add-users/remove-former-employee-step-4.md
-           - name: Step 5. Wipe and block a former employee's mobile device
+           - name: Step 5. Give another employee access to OneDrive and Outlook data
              href: add-users/remove-former-employee-step-5.md
            - name: Step 6. Remove the Microsoft 365 license from a former employee
              href: add-users/remove-former-employee-step-6.md
 
@@ -31,8 +31,7 @@ description: "Learn how to collaborate securely in your small business or campai
 
 In our current world, keeping data and communications secure is a priority, particularly for medical and legal practices, political campaigns, and many other smaller businesses. Take advantage of the security features in Microsoft 365 Business Premium to collaborate safely within your small business. This solution provides a set of recommendations designed to help protect you and your data. This library includes help for setting up and using this recommended environment, no matter your business type.
 
-
-![Microsoft 365 Business Premium protects your productivity tools, collaboration tools, file storage, email, devices, and identity.](../media/M365-WhatIsIt-SecurityFocus.png#lightbox)
+:::image type="content" source="media/m365-whatisit-securityfocus2.png" alt-text="Microsoft 365 Business Premium protects your apps, file storage, email, devices, and identities.":::
 
 This configuration includes the following guidance for productivity, collaboration, file storage, email, devices, and identity to protect your business:
 
 
@@ -45,7 +45,7 @@ The **Weaknesses** page lists the software vulnerabilities your devices are expo
 
 Access the Weaknesses page a few different ways:
 
-- Selecting **Weaknesses** from the **Vulnerability management** navigation menu in the [Microsoft 365 Defender portal] (portal-overview.md)
+- Selecting **Weaknesses** from the **Vulnerability management** navigation menu in the [Microsoft 365 Defender portal](portal-overview.md)
 - Global search
 
 ### Navigation menu
 
@@ -39,6 +39,9 @@ Secure Score helps organizations:
 * Improve their security posture by providing discoverability, visibility, guidance, and control.  
 * Compare with benchmarks and establish key performance indicators (KPIs).
 
+Watch this video for a quick overview of Secure score.
+> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RWUPrP]
+
 Organizations gain access to robust visualizations of metrics and trends, integration with other Microsoft products, score comparison with similar organizations, and much more. The score can also reflect when third-party solutions have addressed recommended actions.
 
 ![Secure Score homepage.](../../media/secure-score/secure-score-home-page.png)
 
@@ -27,9 +27,9 @@ To create a simulation automation, do the following steps:
 
    To go directly to the **Simulation automations** tab, use <https://security.microsoft.com/attacksimulator?viewid=simulationautomation>.
 
-2. On the **Simulation automations** tab, select ![Create simulation icon.](../../media/m365-cc-sc-create-icon.png) **Create simulation**.
+2. On the **Simulation automations** tab, select ![Create automation icon.](../../media/m365-cc-sc-create-icon.png) **Create automation**.
 
-   ![Create simulation button on the Simulation automations tab in Attack simulation training in the Microsoft 365 Defender portal.](../../media/attack-sim-training-sim-automations-create.png)
+   ![Create automation button on the Simulation automations tab in Attack simulation training in the Microsoft 365 Defender portal.](../../media/attack-sim-training-sim-automations-create.png)
 
 3. The creation wizard opens. The rest of this article describes the pages and the settings they contain.
 
 
@@ -79,19 +79,21 @@ Review your existing protection features in Microsoft 365 and consider removing
 
 ## Move features that modify messages into Microsoft 365
 
-You need to transfer any customizations or features that modify messages in any way into Microsoft 365. For example, your existing protection service adds an **External** tag to the subject or message body of messages from external senders.
+You need to transfer any customizations or features that modify messages in any way into Microsoft 365. For example, your existing protection service adds an **External** tag to the subject or message body of messages from external senders. Any link wrapping feature will also cause problems with some messages. If you're using such a feature today, you should prioritize the rollout of Safe Links as an alternative to minimize problems.
 
-If you don't disable this functionality in your existing protection service, you can expect the following negative results in Microsoft 365:
+If you don't turn off message modification features in your existing protection service, you can expect the following negative results in Microsoft 365:
 
-- DKIM will break.
-- [Spoof intelligence](anti-spoofing-protection.md) will not work properly.
+- DKIM will break. Not all senders rely on DKIM, but those that do will fail authentication.
+- [Spoof intelligence](anti-spoofing-protection.md) and the tuning step later in this guide will not work properly.
 - You'll probably get a high number of false positives (good mail marked as bad).
 
-To recreate this functionality in Microsoft 365, you have the following options:
+To recreate external sender identification in Microsoft 365, you have the following options:
 
 - The [Outlook external sender call-out feature](https://techcommunity.microsoft.com/t5/exchange-team-blog/native-external-sender-callouts-on-email-in-outlook/ba-p/2250098), together with [first contact safety tips](set-up-anti-phishing-policies.md#first-contact-safety-tip).
 - Mail flow rules (also known as transport rules). For more information, see [Organization-wide message disclaimers, signatures, footers, or headers in Exchange Online](/exchange/security-and-compliance/mail-flow-rules/disclaimers-signatures-footers-or-headers).
 
+Microsoft is working with the industry to support the Authenticated Received Chain (ARC) standard in the near future. If you wish to leave any message modification features enabled at your current mail gateway provider, then we recommend contacting them about their plans to support this standard.
+
 ## Account for any active phishing simulations
 
 If you have active third-party phishing simulations, you need to prevent the messages, links, and attachments from being identified as phishing by Defender for Office 365. For more information, see [Configure third-party phishing simulations in the advanced delivery policy](configure-advanced-delivery.md#use-the-microsoft-365-defender-portal-to-configure-third-party-phishing-simulations-in-the-advanced-delivery-policy).
 
@@ -58,10 +58,7 @@ A profile determines the level of protection. The following profiles are availab
 
   You can only use a condition or exception once, but you can specify multiple values for the condition or exception. Multiple values of the same condition or exception use OR logic (for example, _\<recipient1\>_ or _\<recipient2\>_). Different conditions or exceptions use AND logic (for example, _\<recipient1\>_ and _\<member of group 1\>_).
 
-- **Built-in protection** (Defender for Office 365 only): A profile that enables Safe Links and Safe Attachments protection only. This setting effectively provide default policies for Safe Links and Safe Attachments, which never had default policies.
-
-  > [!NOTE]
-  > The **Built-in protection** preset security policy is currently in General Availability, available to all organizations.
+- **Built-in protection** (Defender for Office 365 only): A profile that enables Safe Links and Safe Attachments protection only. This profile effectively provides default policies for Safe Links and Safe Attachments, which never had default policies.
 
   For **Built-in protection**, the preset security policy is on by default for all Defender for Office 365 customers. Although we don't recommend it, you can also configure exceptions based on **Users**, **Groups**, and **Domains** so the protection isn't applied to specific users.
 
 
@@ -25,17 +25,17 @@ With hybrid workers, you need to support a growing number of personal devices. E
 
 [Microsoft Endpoint Manager](/mem/endpoint-manager-overview) provides services and tools for managing mobile devices, desktop computers, virtual machines, embedded devices, and servers by combining the following services you may already know and be using.
 
-![The components of endpoint management for Microsoft 365.](../media/empower-people-to-work-remotely/endpoint-managment-step-grid.png)
+:::image type="content" source="../media/empower-people-to-work-remotely/endpoint-managment-step-grid.png" alt-text="The components of endpoint management for Microsoft 365" lightbox="../media/empower-people-to-work-remotely/endpoint-managment-step-grid.png":::
 
 ## Microsoft Intune
 
 Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM) that is included with Microsoft 365. 
 
 - **MDM:** For organization-owned devices, you can exercise full control including settings, features, and security. Devices are "enrolled" in Intune where they receive Intune policies with rules and settings. For example, you can set password and PIN requirements, create a VPN connection, set up threat protection, and more.
 
-- **MAM:** Remote workers might not want you to have full control on their personal devices, also known as bring-your-own device (BYOD) devices. You can give your hybrid workers options and still protect your organization. For example, hybrid workers can enroll their devices if they want full access to your organization resources. Or, if these users only want access to email or Microsoft Teams, then use app protection policies that require multi-factor authentication (MFA) to use these apps.
+- **MAM:** Remote workers might not want you to have full control of their personal devices, also known as bring-your-own device (BYOD) devices. You can give your hybrid workers options and still protect your organization. For example, hybrid workers can enroll their devices if they want full access to your organization resources. Or, if these users only want access to email or Microsoft Teams, then use app protection policies that require multi-factor authentication (MFA) to use these apps.
 
-For more information, see the [Manage endpoints with Intune and Microsoft 365](manage-devices-with-intune-overview.md) foundation solution.
+For more information, see the [Manage devices with Intune](manage-devices-with-intune-overview.md) foundation solution.
 
 ## Configuration Manager
 
@@ -53,17 +53,9 @@ For more information, see this [overview of co-management](/mem/configmgr/comana
 
 ## Endpoint Analytics
 
-Endpoint Analytics is a cloud-based service that integrates with Configuration Manager and provides you with insight and intelligence so you can make informed decisions about your Windows clients. It combines data from your organization with data aggregated from millions of other devices connected to Microsoft cloud services. 
+Endpoint analytics aims to improve user productivity and reduce IT support costs by providing insights into the user experience. The insights enable IT to optimize the end-user experience with proactive support and to detect regressions to the user experience by assessing user impact of configuration changes.
 
-With Endpoint Analytics, you can:
-
-- Create an inventory of apps running in your organization.
-- Assess app compatibility with the latest Windows 10 feature updates.
-- Identify compatibility issues and receive mitigation suggestions based on cloud-enabled data insights.
-- Create pilot groups that represent the entire application and driver estate across a minimal set of devices.
-- Deploy Windows 10 to pilot and production-managed devices.
-
-For more information, see this [overview of Endpoint Analytics](/mem/configmgr/desktop-analytics/overview)
+For more information, see this [overview of Endpoint Analytics](/mem/analytics/overview)
 
 ## Windows Autopilot
 
 
@@ -52,7 +52,7 @@ With split tunneling, you can configure your VPN client to exclude specific type
 
 To optimize access to Microsoft 365 cloud resources, configure your split tunneling VPN clients to exclude traffic to the **Optimize** category Microsoft 365 endpoints over the VPN connection. For more information, see [Office 365 endpoint categories](../enterprise/microsoft-365-network-connectivity-principles.md#new-office-365-endpoint-categories). See [this list](../enterprise/urls-and-ip-address-ranges.md) of Optimize category endpoints.
 
-Here is the resulting traffic flow, in which most of the traffic to Microsoft 365 cloud apps bypass the VPN connection.
+Here is the resulting traffic flow, in which most of the traffic to Microsoft 365 cloud apps bypasses the VPN connection.
 
 :::image type="content" source="../media/empower-people-to-work-remotely-remote-access/empower-people-to-work-remotely-remote-access-after-tunneling.png" alt-text="Network traffic from VPN clients with tunneling." lightbox="../media/empower-people-to-work-remotely-remote-access/empower-people-to-work-remotely-remote-access-after-tunneling.png":::