Stay ahead with the latest cybersecurity insights and IT innovations. Discover proactive defense strategies against emerging cyber threats, including the latest ransomware variants. Plus, eGroup Enabling Technologies expands its capabilities with the acquisition of Redhawk Digital Solutions, enhancing expertise in Azure, ERP integrations, and .NET development. Learn more about these key industry updates and what they mean for your business.
The Buzz in March: Cybersecurity
Recently, threat actors successfully launched a cyberattack against an organization using a new ransomware variant, which CISA refers to as FiveHands. Staying ahead of cyberattacks like this one is crucial to proactively defend against threats, minimize financial and operational damage, adhere to regulatory and compliance requirements, strengthen Incident Response Plans, protect sensitive data, and so much more.
Don’t wait until it’s too late. Explore how cutting-edge security solutions can fortify your defenses and keep your business running smoothly. In the meantime, stay informed with our latest security insights and register for one of our upcoming security events to gain expert strategies for staying ahead of cyber threats.
🔒 Zero Trust and Putting Identity First
🔒 A Cybersecurity Close Call: How We Detected and Contained the Threat
🔒 Summarizing Digital Defense Reports for 2024
🔒 Cloud Identities and Security: Mastering Cloud Security
🔒 Journey to Zero Trust: 2025 Update
Announcement
eGroup Enabling Technologies Expands Capabilities With Redhawk Digital Solutions
eGroup is thrilled to announce its acquisition of Redhawk Digital Solutions (Redhawk). This collaboration enhances innovation and delivers more value to customers by merging talent and innovation, enhancing expertise in Azure, ERP integrations, and .NET development. Together, eGroup and Redhawk accelerate end-to-end digital transformation at scale and speed.
Read more about the expansion here.
What’s New in the Hybrid Data Center?
Cisco
Cisco expanded its Wi-Fi 7 portfolio with the introduction of the CW9178 and CW9176 access points. These models are AI-native, self-configuring, and offer resilient, secure connections. They can be managed using either on-premises controllers or cloud tools, providing flexibility for various scenarios.
Cisco’s Meraki platform achieved FedRAMP Moderate Authorization, underscoring its commitment to security and compliance for U.S. government agencies. This authorization enables federal agencies to leverage Meraki’s cloud-managed networking solutions while adhering to stringent security standards.
Cohesity
Cohesity has announced Data Cloud release 7.2.2 to GA, with support for RedHat OpenShift Virtualization, enhanced data security for AWS and Azure, and cluster-level encryption by default on all new clusters. One of our most watched/waited for features is a self-managed deployment model of Helios, which will be released as a 1.0 version, enabling large organizations with many edge or disconnected sites to consume the Helios SaaS capabilities, but within on-prem deployments.
A few quick reads from Cohesity on recent ransomware topics, Black Basta and Ghost—highlighting Cohesity’s ability to assist organizations with threat classification with Data Hawk, Cohesity CyberScan integration with Tenable for scanning, along with rapid response and recovery with Cohesity’s Clean Room.
Nutanix
In what may be one of the final “LTS” releases, AOS 6.10.1 and AHV 20230302.103003 dropped mid-February. There were a number of fixes and resolved issues that came with both. This release will most likely be the jumping point to the Unified Release model, which started with 7.0.
Nutanix released X-Ray 5.3, which is a major release and the first of a performance and resiliency validation tool since 4.4.1. This release switches the Linux kernel from CentOS to Rocky Linux, and as such cannot be upgraded from previous versions. There were a lot of improvements in the benchmark tests, so check this one out! For more information, read this blog post about using X-Ray to validate a Nutanix cluster.
Nutanix also continues to ramp up the features in Nutanix Enterprise AI (“NAI”), releasing 2.2 to market. NAI enables organizations to seamlessly run AI workloads on-premises, delivering accelerated insights with simplified infrastructure management, high-performance scalability, and enhanced data sovereignty. This release supports new NIMs from NVIDIA and additional models.
Pure Storage
Pure and Rubrik have partnered to unify and secure unstructured data at scale! Combining the Pure FlashArray provided File Services or FlashBlade with Rubrik’s NAS Cloud Direct to protect and secure massive amounts of data!
Teased in the industry recently, Pure announced that they had been selected by a major hyperscaler as the foundation of its storage platform. Now we know that was Meta, who will leverage the FlashBlade and FlashArray to provide unmatched performance and reliability at scale!
Rubrik
Rubrik continues to build support for alternative ecosystems other than VMware, and this month has released disaster recovery capabilities for Nutanix AHV environments. Leveraging capabilities of CDM and RSC, Rubrik’s DR for Nutanix AHV provides the ability to create multiple recovery plans to automate the restoration of critical applications, failover, and failback of those workloads, and schedule recovery tests for validation. Like other Rubrik features, this simplifies operations and resilience in recovery.
VMware
Broadcom released several critical advisories related to zero-day vulnerabilities, impacting various products, most importantly ESXi. ESXi versions 7 and 8 are impacted, as well as various Workstation and Fusion products.
Zerto
Zerto released 10.0 U6P1, with incremental features and a stable of resolved issues. The highlight of this release is the Azure VMware Solution update, enabling the migration to the Linux Zerto Virtual Manager appliance, and taking advantage of a more secure platform. Interested in how Azure VMware Solution can be your managed colocation for DR? Learn to deploy Zerto for Azure VMware Solution.
Looking at refreshing your disaster recovery strategy? Read here about Choosing the Right Solution. Reach out today to discuss how we can conduct a comprehensive disaster recovery planning workshop with your team. Start with your goals and let that lead you to the correct technology.
What’s New at Microsoft?
Azure
Check out Tales From the Road—Using Intelligent Teams meeting recap, Copilot, and real stories about what people are asking for the most around Microsoft Azure. Avoid the shiny object and get real guidance on what challenges are being solved today.
Businesses are searching for alternatives to the high (and rising) costs of Citrix and Omnissa Horizon. Join us for a blog series on the business case, challenges, opportunities, and benefits of migrating to Microsoft Azure Virtual Desktop AND Intune-managed endpoints as an alternative.
- Looking to act? We suggest planning your Azure Virtual Desktop with Nerdio Pilot
Azure AI Foundry expands model access and features, including GPT-4.5 in preview on the Azure OpenAI service to create more natural interactions and instruction adherence during conversation and reduces the hallucination rate by half to 37.1%.
Azure for Healthcare—Microsoft continues to invest in Azure for mission-critical resources like healthcare EHR platforms. Specifically for institutions running EPIC, Microsoft has expanded scalability of Chronicles Operational Database (ODB) by increasing capacity to 65 million global references per second on new MBbv3 VMs.
Microsoft 365 Copilot
Introduction to Microsoft 365 Copilot Chat – If you haven’t checked out the ability to create agents within Microsoft 365 Copilot Chat, it’s very effective. Users can create agents that are focused on specific processes, knowledge sources, and more. It’s free to use, but if you want to securely include your work data in the conversation, you will need a Microsoft 365 Copilot license. It’s a great way to get started with productivity on public knowledge sources.
Users will soon be able to search past Copilot chat sessions. This feature requires a Copilot license and will be available on Windows desktop and the web. The rollout completes by mid-March.
Copilot will offer a new license request feature and self-service purchase option for various Microsoft 365 plans. Admins can manage license requests and self-service purchases in the admin center.
Copilot will soon support custom engine agents, allowing organizations to create specialized solutions using any large language model. This feature will be available in Microsoft 365 Copilot Business Chat and requires a Microsoft 365 Copilot license. The rollout to general availability is in April.
Microsoft 365 Copilot Actions is rolling out to Targeted Release. This feature automates tasks to boost productivity using AI, with templates for common scenarios, via the Microsoft 365 web app.
The Agent UX in Microsoft 365 Copilot is now available on iOS/Android, allowing users to discover, add, and chat with agents in mobile Copilot on Teams, Outlook, and the Copilot app.
SharePoint can be a knowledge source for agents’ generative answers. When a user asks a question and the agent doesn’t have a topic to use for an answer, the agent can search the SharePoint URL and all subpaths, and generative answers will summarize this content into a targeted response.
Defender for Cloud Apps
Microsoft Entra ID Protection alerts will be removed from Microsoft Defender for Cloud Apps and integrated into Microsoft Defender XDR. No admin action is needed.
If using Defender for Cloud Apps, please update your firewall rules to allow outbound traffic on port 443 to the new CDN endpoints before March 27: cdn.cloudappsecurity.com and cdn-discovery.cloudappsecurity.com. All required outbound access URLs can also be found on the Defender for Cloud Apps network requirements page under ‘Portal Access.’
Defender for Office 365
Administrators can now configure Defender for Office 365 to automatically send third-party reported messages to Microsoft for analysis. Configure by updating user reporting settings in the Defender portal.
Defender for Office is introducing “Threat Classification” for email, enhancing malware threat detection and analysis. The rollout begins in January 2026, with features integrated into Threat Explorer, Advanced Hunting, email summary panel, and email entity page.
Defender XDR
In March 2025, new LDAP query events will be added to the IdentityQueryEvents table in Advanced Hunting, potentially increasing activity, and alerts. Admins should review and adjust custom detection rules as needed. Further details are available on Microsoft Learn.
Entra ID
If using Authenticator on Android devices, keep reading! In July, as part of Microsoft’s hardening efforts, Microsoft Entra ID device registration will be hardware-bound. Since the device identity will be hardware-bound, we will retire the ability for users to enable a feature called Enable Browser Access (EBA) in the Microsoft Authenticator app and the Microsoft Company Portal app for Android. After this retirement, browser access will automatically be enabled as part of device registration.
Exchange Online
Two major changes to be aware of starting in April 2025; first, Microsoft Exchange Online will impose a limit of 3,000 dynamic distribution groups (DDGs) per organization. If the limit is reached, admins must delete existing DDGs to create new ones. This change is automatic and cannot be disabled.
Second, Exchange Online will implement Tenant Outbound Email Limits (TERRL) to cap the daily number of external recipients based on purchased email licenses. Enforcement will roll out in phases, and admins can monitor usage with a new report in the Exchange admin center.
Intune
In the upcoming version (20.3.0) of the iOS Intune App SDK and Intune App Wrapping Tool, users can be alerted when a screen capture action (including recording and mirroring) is detected in a managed app.
Microsoft Intune Endpoint Privilege Management for Windows 11 ARM-based PCs will be released in March.
Loop
Users can choose an existing Microsoft 365 Group to manage new Loop workspaces, like SharePoint Team sites. The rollout will be completed by late April.
Microsoft 365
Microsoft 365 will prompt eligible users to back up files to OneDrive via the Message Bar in Word, Excel, and PowerPoint starting mid-March. Users can select folders to back up, benefiting from cloud features like Copilot support, easy collaboration, and increased security.
Forrester evaluated the financial benefits of adopting Microsoft 365 E3 solutions. The result was a 197% return on investment (ROI) over three years, with a payback period of less than 6 months. Major contributors? It was cost consolidation, enhanced productivity, and IT efficiency (mainly from endpoint management reduction in effort). Learn how your business can get the most out of your Microsoft 365 Investments.
Admins in tenants with at least one Microsoft 365 Copilot license will be able to access Copilot in the Microsoft 365 admin center via the Copilot button on the top right corner of the screen.
Microsoft 365 Apps Admin Center
Great community information on “what’s new and what’s gone” for Microsoft 365 in February 2025.
A new “Outlook for Windows Migration Progress” report will be available in the Microsoft 365 admin center. This report will track the adoption of the new Outlook for Windows, requiring no admin action before rollout. Review configurations and notify users about the change.
OneDrive
OneDrive is updating storage policies for unlicensed accounts, effective late January to March. Unlicensed accounts over 90 days will be archived and inaccessible to users but visible to admins.
OneDrive will soon allow web users to protect PDF files with User and Owner Passwords, enhancing security. The rollout starts in March. Users can set passwords to restrict access and permissions.
Outlook (Mobile)
Microsoft Outlook for iOS and Android will allow users to request message recalls within their organization. This feature provides control to retract sent emails. Users should be informed!
Outlook for iOS and Android will soon allow users to attach emails directly in the compose window. Rollout completes by late March. Users will see a new “Attach email” option.
Outlook for iOS/Android has new reporting buttons, allowing reports of phishing, junk, or not junk.
Outlook (New)
Agents for Microsoft 365 Copilot Chat in Outlook will be available on the Web and Work tabs starting in late March 2025. Admins can manage these agents in the Microsoft 365 admin center. Users can customize their Copilot experience with these agents, which will appear in the right-side panel of Outlook (Microsoft 365 Roadmap ID: 481558).
Purview Information Protection
Bookmark “What is NEW in Microsoft Purview” monthly update. Stay up to date on the changes and improvements in Purview with this monthly feed.
Purview’s Insider Risk Management (IRM) data will soon integrate with Microsoft Defender XDR, providing a unified queue for alerts, indicators, and events for comprehensive investigation and correlation. Public Preview begins mid-January, with General Availability in early May. Admins need to enable data sharing and assign permissions to access this feature.
Purview Insider Risk Management will soon roll out risky AI usage detections. Public Preview is underway, and General Availability begins in mid-June 2025. Admins can prepare by using analytics, creating policies, and leveraging new Generative AI indicators.
A new cmdlet, Export-ContentExplorerData, will enable admins to export all data rows from Content Explorer. Rollout ends mid-May.
Microsoft is retiring the classic eDiscovery including classic Content Search, eDiscovery (Standard), and eDiscovery (Premium) from the Microsoft 365 Purview portal starting August 1, 2025, and ending September 1, 2025. Instead, use the new unified eDiscovery, which is faster and easier to use.
Purview Data Loss Prevention will now protect sensitive data in network shares and mapped network drives on Mac endpoints. The rollout timeline has been updated: General Availability in early April.
SharePoint
SharePoint Online is updating Microsoft Lists forms to include new features such as notifications, form scheduling, conditional branching, quick form creation, and additional field-type support. The rollout begins in January 2025 for Targeted Release and mid-February 2025 for General Availability, completed by late March 2025. No admin action is required. (Microsoft 365 Roadmap ID 124865)
Teams
The era of Skype is ending. On May 4, 2025, Skype will be retired. Consumers should make the leap to Teams. Teams users will no longer communicate with Skype accounts after this date. Skype for Business organizations should plan the move to Teams before the end of support this fall.
Teams Chat and Channels
Teams is rolling out a new streamlined Chat and Channels experience by the end of April. Key updates include a simplified onboarding process, message previews by default on mobile, a quick navigation bar, and a combined Chat view. Users can customize their experience and defer the new setup three times.
Teams will rename the “Files” tab to the “Shared” tab in channels, combining shared post content and document library files. This change, starting mid-April 2025 for targeted release and mid-May for general availability, requires no admin action. Existing functionality remains, with keyword search soon.
Whiteboards created in Teams Channels will now be stored in the corresponding SharePoint site instead of the initiator’s OneDrive to resolve access issues. This change will roll out from early to late April 2025 and requires no action from tenant admins.
Users will soon be able to record video clips in Microsoft Teams channels, similar to chat. This feature will respect existing video message policies. It will be available worldwide by early 2025 and for GCC High, and DoD by mid-March 2025. No admin action is required before rollout.
Teams Meetings
The new Microsoft Teams policy, effective mid-March 2025, will enable voice and face enrollment by default, offering enhanced meeting features. Admins should configure settings now using new PowerShell cmdlets and inform users of changes. A Microsoft 365 Copilot license is required.
Microsoft Teams is introducing Email OTP verification for external participants to join meetings. A new policy will be available in the Teams Admin Center, allowing admins to manage anonymous user access. This feature is for all organizations and will be rolled out through April.
Microsoft Teams is introducing new DVR capabilities for town halls on desktop and web, with a rollout starting in early completing by early April. This feature allows attendees to interact with live streams as they would with recorded content, including pausing, skipping, and volume control.
New transcription policies for Teams town halls and webinars will allow finer control and won’t follow the current Teams meeting transcription policies. They will be configurable in the Teams admin center or with PowerShell commands after early March.
Teams is implementing a one-year retention policy for meeting attendance reports. This applies to all Teams platforms and Graph API. Attendance reports for meetings before November 2024 will be accessible until late August 2025. Contact Microsoft Support to apply the policy now.
Meeting participants in Teams for Windows and Mac desktops will soon be able to request collaborative annotation sessions during screen sharing. The rollout completes by early May 2025.
If a file with higher sensitivity is shared in a meeting, the meeting’s sensitivity can update automatically, or the organizer can be notified. Available with Microsoft 365 E5 and Teams Premium licenses when admins enable label inheritance policies.
Admins must enable Device Administrator privilege in the Microsoft Intune Portal for Teams Rooms devices to avoid sign-in errors on Android-based Teams devices. This applies to customers updating to Intune Company Portal version 5.0.6152 or above.
Teams will soon allow Microsoft Copilot to answer questions based on content shared onscreen during recorded and transcribed meetings, with a Microsoft 365 Copilot license. The rollout starts in March/April.
When Microsoft 365 Copilot in Teams meetings responds to a prompt, Copilot will also suggest follow-up questions to keep the conversation going.
Teams Phone
Microsoft Teams is updating location-sharing settings to enhance privacy and security. Users will have new consent options for location data usage, affecting emergency calls, location-based routing, and Call Quality Dashboard. The rollout starts in late March 2025. Fully-managed devices are excluded. Educate users on these changes and update documentation accordingly.
Enhanced compliance and security for voicemail messages in Microsoft Exchange will be rolled out through June. Changes include updating the “From:” field to comply with RFC 6854 and adding “Unverified” and “External” tags to increase trust and security.
Microsoft Teams Android devices will require updates in February 2025, affecting Teams phones, displays, panels, and Rooms. Devices with updates older than five months will stop working in June 2025. Admins should update devices via the Teams admin center. End users will not notice any changes.
Teams Admin
Microsoft will retire the Graph connector management feature from the Teams admin center starting April 14. Admins should transition to the Search & Intelligence feature in the M365 admin center.
