There have been many instant messaging/chat applications attempting to take on business communication, and without a doubt, Microsoft’s Teams is the best yet.

This is in no small part fueled by the COVID-19 pandemic, which has seen Teams usage grow from 13 million daily active users in July 2019 to over 300 million in 2023.

In this article, we’ll see what Teams can do for your business communications and collaboration.

A lot of development is going into Teams to make sure it’s the best place for groups of people to work together, the most recent evidence is the new Teams client application (public preview March 2023).

A Team can have up to 25,000 users but in my experience, it works best with smaller teams (up to a few hundred). If you’re delivering a webinar style event with people just watching, there’s a 20,000-attendee limit.

There are client applications for Windows, MacOS (both updated bi-weekly), iOS and Android as well as a web-based interface (updated weekly). Like many things in M365 there are two components to successful adoption, the technical side, and the user training side.

If you have conference rooms, make sure you consider the technology you outfit them with, Teams Rooms are a powerful way to use technology to connect staff in the office with staff working from home.

Teams Rooms are split into Basic (free, up to 25 systems can have this type of license) and Pro, which comes with many security, convenience and extra collaboration features. The old Teams Room Premium licensing has been retired.

Until recently there were just Teams licensing (as part of M365 licensing) and a free Teams for smaller teams (which is being retired). In February 2023 a new, paid for, licensing tier called Teams Premium became available.

As with any M365 feature set you need to carefully assess whether the additional features make business sense, for the users you license it for (not everyone needs to have Teams Premium).

Premium features include protected meetings with watermarks on recordings (with the email address of the person recording), sensitivity labels for meetings and end-to-end encryption, as well as custom meeting templates and themes.

For webinars there are a lot of extra features improving the overall experience, and finally virtual appointments manages these types of meetings, including SMS notifications.

One great appeal of Teams is that you can connect it to the Public Switched Telephone Network (PSTN), allowing your users to call anyone in the world from their Teams client (on any platform) and have a phone number so anyone can call them.

This combination of external phone calls, internal VOIP / video calls and video conference meetings or webinars, easy file sharing and co-authoring, plus asynchronous Instant Messaging and chat is what has made Teams the de facto collaboration and communication hub in many businesses.

There are a few options on how to connect, and depending on your geographical location in the world not all will be available.

You can use Calling Plans, where Microsoft is effectively your telco provider or Operator Connect if your existing telco participates in the program and can facilitate the connectivity.

There’s also Phone Mobile where an existing telco uses SIM-enabled mobile phone numbers with Teams, and finally Direct Routing where you connect on-premises infrastructure to Teams. And in larger environments you may be using several of these in combination.

Your main interface is the Teams Admin portal, and there’s a PowerShell module available.

Underneath each Team is an M365 Group (view more) with the chat messages stored in Azure table storage, shared files in the Team’s SharePoint library and personal files in each user’s OD4B, voicemail and calendars are stored in user’s Exchange mailboxes, and meeting recordings in Azure media services.

If you’re in a larger business, make sure to plan for governance of Teams early in your deployment. Visit your Tenant’s Team’s Guest access settings to make sure you have a good balance between security and collaboration for your business.

Another handy feature is the ability to use templates for Teams creation, including creating your own custom templates.

Each Team has a default General channel, and you can further create channels to organize communications, within each channel you can add tabs for Planner, OneNote, PowerBI, Stream, Wiki, websites and third-party apps.

To limit the proliferation of Teams in your organization you can limit who can create Teams (by default all users can), as well as use Private Channels in a Team.

You could have a Team for the Sales department with a private channel for only sales managers to discuss confidential information for instance. There’s also the ability to share a Channel with an external user, rather than sharing a whole Team.

The main benefit for the invited user is that they can be logged in with their own tenant account and access the shared channel chat and documents without the need to sign out and sign back into Teams using their guest account.

You can only create a new channel as a shared channel, you can’t convert a normal channel to a shared channel.

Delivering presentations using Teams is common, the PowerPoint Live feature makes it more interactive by allowing attendees to interact with the presentation at their own pace and Presenter mode gives you more control over how your presentation delivery shows up for the audience.

To practice your delivery (in PowerPoint in general), use Speaker Coach.

A great feature is breakout rooms. This lets you send users to or ask users to pick “rooms” where they can collaborate with a subset of the users in a Team during a meeting, and then return to the main meeting later.

Recordings of Teams meetings (including transcriptions) used to be stored in Stream, now they’re saved in OD4B / SharePoint where they can be shared easily (including with external attendees).

A good tip is being aware of the default expiry of meeting recordings: 120 days. You can change that (for recordings in your tenant) in the Teams admin center – Meetings – Meeting policies – Recording & transcription.

Speaking of transcriptions, if you have Teams Premium you can enable translated captions, so that a meeting delivered in English can be viewed by a German viewer with captions in their language, and another viewer can have captions in Chinese for example.

If you’re used to communicating via email here are some guidelines to be effective with Teams. Use @ mentions to draw something to the attention of a specific Team member, a channel or a whole team.

Be generous with your Praise when someone does something good for the Team, and if you want to acknowledge a message just Like it, instead of adding to the noise with a text-based reply.

When you’re about to post about something – check if there’s already a thread related to it and add to that instead and use the text styling (or a GIF / Sticker / Meme) when you want to get your point across and Sad, Angry or Happy reactions to contribute to the conversation when appropriate.

You can blur the background when you’re in a video meeting, or replace the background image and if you have frontline workers that need to communicate with others, use the Walkie Talkie push-to-talk feature.

You can also use an avatar to replace your video feed, handy for those Monday morning meetings when you’ve got a bad hair day, instead presenting a “cartoon” version of yourself.

Teams will automatically translate messages in other languages to the language set in your personal settings. And there’s offline functionality, so if you’re offline, Teams will save your unsent messages and send them when you’re back online.

When you’re in a meeting you can use Together mode which will show the video of each participant as if they were sitting in a lecture hall, removing the Brady bunch feel of the traditional grid of video feeds.

If you needed any more proof how central Teams has become to Microsoft’s vision and roadmap for modern collaboration and work, look no further than the Viva employee experience platform (EXP).

Viva has eight pillars, all surfaced in Teams: Viva Connections takes your SharePoint Online Home site, Line of Business (LOB) applications, and other internal news sources and lets you target company news and connections to the right people.

Viva Insights is the next iteration of My Analytics to help staff manage time and avoid burnout, integration with Headspace for guided meditations and a virtual commute function to wrap up the workday.

For Managers there’s a de-identified view to see how a team is fairing from a stress, mental health, and productivity point of view. There’s also a Leaders view for executives to see the overall state of their staff.

The third pillar is Viva Learning, surfacing training courses and microlearning content while integrating with other Learning Management Systems (Cornerstone OnDemand, Saba, SAP SuccessFactors and Workday) to make learning a natural part of everyone’s daily work.

Managers can schedule trainings and staff can share particularly good courses with each other and they’re all available directly in Teams.

Viva Topics builds on Cortex / Syntex and uses AI to organize company-wide content (in-house projects, products, acronyms) and staff expertise and surfacing this as topic cards / pages in Teams, Microsoft Search, SharePoint, and Office. Think of this as Wikipedia for your business.

Viva Goals applies the power of the objectives and key results (OKR) framework to help staff track their progress against goals.

Viva Engage on the other hand connects people across an organization (this is really the new name for what used to be Yammer).

The new Viva Sales integrates with any CRM (including of course Microsoft Dynamics 365) for deeper client insight and engagement.

And finally, Viva Pulse (in public preview at the time of writing) helps leaders and managers to receive and act on internal feedback in an organization.

As you can probably tell from these brief descriptions, most of the Viva modules are likely to find their homes in larger enterprises as that’s where the challenges of “managing people” at scale are most acutely felt.

Another powerful capability is adding apps to Teams through the Teams Store. Microsoft tests and validates these apps.

There are hundreds of different apps for integrating with other platforms, enhancing productivity, improve meetings, customer relationship management (CRM) and many more.

A very popular app is Microsoft Whiteboard, free on all platforms, that you can use both inside Teams and standalone to brainstorm and plan together.

As an administrator you have granular control, you can allow or block apps, control the permissions they are given, manage how the apps are made available to users, plus report on app usage.

You can also have custom apps developed in-house. You can further extend Teams with Bots that can interact with your users naturally through chat or a notification bot that can push relevant information to your users.

With the advent of Slack (Team’s main competitor) and Teams many people have (again) proclaimed the death of email.

As usual we tend to see new technology as a direct replacement for the old while the reality is more nuanced. I find Teams more efficient for group-based work, the sharing of files and communication is superior to email but communication outside of client projects I’m involved in still relies on email.

And you can use email to send messages to a channel in a Team.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

In conclusion, Microsoft Teams stands out as the ultimate collaboration hub, particularly amid the COVID-19 pandemic. With its robust features and exponential user growth, Teams revolutionizes business communication and collaboration.

Microsoft has had Project for large scale project management for many years but for small to medium undertakings it’s overkill (there’s a steep learning curve) and this is where Planner shines.

If you’ve ever used Trello, you should be comfortable with Planner’s workflow. There’s a web-based interface, along with iOS and Android clients but no PC client. If you add a Planner tab to a Team, you can create a new plan or attach an existing one.

You organize tasks into buckets, assign tasks to different people and track the progress of those tasks. Tasks can also be viewed in a Schedule (calendar) view, and you can export a plan to Excel.

Other task management offerings from Microsoft includes To-Do (mobile, web and PC clients are available) which integrates with Outlook tasks.

This is the best way to share video inside your company and it’s similar to YouTube. There are clients for iOS and Android and a web interface but currently there’s no licensing in place for sharing videos with people outside your tenant.

When you upload a video it’ll be processed and if the people in it are speaking English, Chinese, French, German, Italian, Japanese, Portuguese, or Spanish it’ll automatically generate captions which are searchable in Stream, making it easy to find the right video or point in the video.

It’ll also attempt to recognize people in the video and if successful will list those people with the video information. Teams used to use Stream to store meeting recordings, but they’re now stored in OD4B / SharePoint.

Visualizing data is important for any modern business who wants to be data-driven and PowerBI is Microsoft’s answer. There’s a desktop client where you build your dashboards, there’s also a web interface.

Licensing is a bit of a challenge, depending on what you’ve built and who you want to share it with. It’s a lot of fun to use and the results can be extremely useful for many aspects of your business.

This deceptively simple, web-based tool is designed to automate tasks without having to write code (it used to be called Flow).

Simply drag in actions, connect them to external systems and schedule them to run regularly or be triggered by an event. There are lots of templates to help you get started as well as connectors to hook into Microsoft and third-party systems.

If you’ve used If This Then That or Zapier, Power Automate is easy to get started with.

Ever wished you could equip your staff with a custom mobile app to gather or access data in the field but realized the development costs were too high?

PowerApps is the solution, providing a low code / no code development environment to build applications that connect to SharePoint, Excel, O365, Dynamics 365 or SQL server on-premises or in the cloud; or the Dataverse platform.

The resulting app runs on iOS, Android, in a web browser or in Teams and SharePoint Online. If you need to manage data in your apps there’s Dataverse for Teams and the full Dataverse flavor.

Potentially the most confusing technology Microsoft has released in recent years (currently in public preview) is Loop.

The concept is fairly simple, you have Loop Components that you can embed in various locations, such as documents, Teams chats or an email, and these are kept in synch across these different places.

Loop pages lets you bring together components, links, tasks, and other data. Finally, Loop workspaces are shared spaces bringing pages and components together.

I find Loop most useful in the early stages of a project or an idea – brainstorm, work together with others on a concept and keep all ideas in synch with everyone you’re working with.

The challenge today is that due to the underlying storage of Loop components being in user’s personal OneDrive for Business, sharing outside an organization doesn’t really work, and even inside a tenant it can be a challenge.

If Microsoft can solve these challenges, Loop has an interesting future.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

M365 groups are a fundamental building block across different services. In this article, we’ll look at the diverse uses of them.

An area that often confuses new O365 administrators is the different types of groups, here’s a short rundown to sort it out:

• Microsoft 365 Groups
• Distribution Groups (find more here)
• Security Groups are used to grant access to resources
• Mail-enabled Security Groups are also used to grant access and can also be emailed which will mean all members will receive a copy of the email
• Shared Mailboxes (find more here)

While you can create Microsoft 365 Groups directly, you’re more likely to interact with them as a building block, providing a single identity for all of M365, that services such as Teams, Yammer and others use.

In addition, Outlook can use M365 groups, SharePoint Modern Team sites are built on them, and Stream and PowerBI use them to control access.

If configured thus you can write M365 Groups back to your on-premises AD where they manifest as distribution groups.

You can’t nest M365 Groups into other groups, and they can only contain actual M365 user accounts whilst Exchange Distribution groups can contain user accounts, mail users and contacts (see here).

Unless you’ve changed the defaults, any user in your tenant can create an M365 group which could lead to governance issues. You can instead designate users who can create groups.

You can also use various policy settings to control O365 Group behavior in your tenant, such as expiration policies to manage the lifecycle of groups and you can control the naming of groups through policy.

It’s easy to share content from within an M365 group with external users and M365 groups are also a shared repository of historical content as anyone who is a member can see all the content going back to when the group was first created.

It used to be that each licensed user in your tenant gave you five B2B guest licenses, and you could use one time passcodes for external guests who don’t have a Google, Microsoft Account (MSA) or an account in Azure AD.

That licensing model for external users has changed, Microsoft is bringing together Azure B2B and B2C (using Azure as a store for Consumer identities for your in-house developed application) and the new license model means each tenant can have up to 50,000 external users at no extra cost.

Note that guests have full access to all group content by default. You can control which domains external users have to be (or can’t be from) for external access.

Today when you create a group it’s private where the Owners of the group must approve a request to join, you can also make a group public where anyone can join.

You can change the tenant default which will ensure new groups are public or you can change the setting on a group after you’ve created it. Each group can have up to 100 owners and over 1000 users; an individual user cannot create more than 250 groups.

Like other constructs in M365 you have 30 days to restore a group once it’s been deleted while individual documents in the group are housed in the SharePoint recycle bin for 93 days.

Dynamic groups are a neat way to reduce the administrative overhead of managing group membership manually, based on queries of Entra ID attributes, although be aware that it requires Entra ID Premium P1 licensing.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

Microsoft 365 Groups serve as essential components across services, offering diverse functionalities and efficient collaboration.

Sharing files and providing an intranet platform is a core part of M365. Here, we’re looking at OneDrive for Business (OD4B) for personal file storage and sharing, as well as web-based collaboration in SharePoint.

OD4B builds on SharePoint Online to provide each licensed user with their own document storage, 1TB for most SKUs.

This quota can be increased to 5 TB for certain licenses. Once you store files in OD4B, you can access them from any device through Android, iOS, Windows, MacOS, and web interface clients.

There are some limitations on file names, types, and sizes to be aware of. The OD4B sync client lets you see all the files you have synced on a device.

They can be in an Online-only state where you see them, but they’re not actually present on the device; when you open such a file, it’s downloaded and cached and thus locally available; a user can also pick one or more files to always keep on this device.

You can restrict synchronization to only domain joined devices.

To help users manage the contents of common folders you can use Known Folder Move (KFM) to synchronize the content of the Desktop, Documents and Pictures folders to OD4B and thus between devices.

If you’re an on-premises SharePoint administrator, you’ll be familiar with managing the underlying infrastructure of your servers as well as the complex web of sites and document workflows that end users consume on top of it.

Suppose you’re only now meeting SharePoint in the cloud for the first time. In that case, you’ll likely have a very different experience where you see SharePoint simply as the underlying document storage for other applications (Teams, Groups, Planner) and perhaps as the platform for your company’s intranet.

Building blocks in SharePoint are sites where content is stored, and you can control the layout, theme, navigation, and security with classic and modern flavors.

If you’re starting out or creating new sites, Modern sites are the way to go and there are a few different types available such as Communication sites, Team sites and Hub sites.

Part of a larger vision for SharePoint, the modern sites and pages are very useful as they adapt to screen resolutions across smartphones and different size computer screens.

Search lets you find sites, files (including OneDrive for Business files), people and news content and if there are pictures in the content Artificial Intelligence (AI) will have extracted metadata and (if present) text content from those images.

If you have configured a hybrid deployment your on-premises documents will show up in the search results as well. Apps are add-ins / Web parts that expand the functionality of sites and Site collections are a way to group sites with a similar purpose together.

To set up different sites, use site templates to get you started. If you’re creating an intranet site, there’s an excellent Lookbook service with beautiful sites, providing modern experiences.

SharePoint Syntex is a technology that uses AI and ML to automate content processing and transforms content into knowledge. It understands your documents, processes forms and is applicable to large organizations with complex workflows and processes.

Be aware of the limits of SharePoint Online, particularly the total storage available which is 1 TB + 10 GB per license purchased. Search is an area that you want to spend some time customizing so your end users have a good experience.

Sharing is another area that you want to control as how users can share content internally and (critically) externally directly influences the balance between collaboration and security.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

Migrating content from on-premises SharePoint Server and network file shares to M365 is the job of the SharePoint Migration Tool, as well as numerous third-party services.

If users accidentally delete files or ransomware has encrypted stored files you can use the Restore Files interface to restore files and folders or entire libraries from up to 30 days in the past.

There’s also the Recycle bin (93 days retention) for individual file restores and Restore Files for OneDrive.

Email is the lifeblood of business communication, even in this age of Teams, Slack, and numerous other communication tools. It’s the lowest common denominator – the one tool that you can always use to reach someone if you’ve got their email address.

And email is a commodity – every business needs it, but no business is going to be more competitive by running it “more efficiently” than another.

One of the strengths of M365 over Google Workplace, for instance, is the clear migration path from what you have today to the cloud because of Microsoft’s large footprint in corporate data centers around the world. If you have Exchange 2013+ on-premises, you can pick any of the migration methods, some of which provide a hybrid co-existence.

The full hybrid option lets you continue running your on-premises infrastructure for as long as you’d like and chapmove mailboxes in batches to the cloud on your own schedule. You can even move mailboxes back to on-premises should the need arise.

As you’d expect, there are many details to manage in a hybrid setup, including prerequisites, ActiveSync connectivity, and mailbox permissions – especially when a user on-premises has permissions to a mailbox in the cloud or vice versa.

If all you’re looking for is a simple way to move mailboxes from Exchange to Exchange Online – Hornetsecurity has an excellent Mailbox Migration Tool.

One thing to realize about O365 is that Microsoft is going to make sure that you don’t lose your mailbox data, which they do through the native data protection in Exchange – keeping three copies of your mailbox data on separate servers, along with a “lagged copy” (behind in time, for instances where the data is corrupted rather than lost) on a fourth server.

They DON’T, however, keep backup copies of your data going back into the past, which may or may not be an issue for your business, depending on your regulatory needs. Several third-party services on the market will do backups of your Exchange and SharePoint online data. Hornetsecurity 365 Total Backup is an excellent backup solution for mailboxes, Teams, OneDrive for Business, SharePoint, and files on endpoints.

A deleted user account and mailbox can be recovered if no more than 30 days have passed.

Whether your Exchange server is in the cloud or on-premises it’s important that client applications can find it – this is the job of the Autodiscover records in DNS. There are a number of other DNS records required for M365 – find them in this article. 

If you have a hybrid Exchange deployment the Autodiscover records need to point to your on-premises Exchange 2016/2019 Mailbox Server.

There are many tasks associated with mailbox management, one of them is quota management. F3 licenses get 2 GB quotas, E1 are set at 50 GB (with a 50 GB archive) and E3+ have 100 GB quotas with archive mailboxes that can be max 1.5 TB.

The difference between a mailbox and an archive mailbox is that the archive is only available when you’re online. You can control how much mailbox data is stored offline on each device with a slider in Outlook.

If you’re migrating large mailboxes to Office 365, ensure they’re smaller than 100 GB and no item is larger than 150 MB before starting the move.

In the Exchange console you can configure settings for a mailbox such as adding email aliases, see quota usage, control which clients (OWA, Unified Messaging) and the protocols (EAS, MAPI, IMAP and POP) the user can use, message retention and mailbox delegation.

This last option lets you configure other users to Send As emails as the user, Send on Behalf where the recipient can see that the email is sent on behalf of the user, and Full Access.

As mentioned earlier you can enable an Archive mailbox for mailbox content which essentially serves as a “bottomless” storage area for older content, hopefully stopping users from adopting PST files as an archiving solution.

The Outlook mobile client (iOS and Android) cannot access Archive mailboxes. You can enable auto expanding archives for E3 and E5 licensed users using PowerShell:

Set-OrganizationConfig -AutoExpandingArchive

You can also enable Archive mailboxes on a per user basis. Note that the Archive folder that’s created in a mailbox when you right click an item and select archive isn’t related to the Archive mailbox.

Be aware that users can set up their mailboxes to forward mail to an external email address (optionally delivering to both inboxes).

This is something you should keep an eye on because while there may be legitimate business reasons to forward mail, it’s also a favored attack vector for hackers where they silently read emails and then use that for various nefarious purposes.

There’s a report in the Mail Flow dashboard to show you what forwarding rules exist. You can also block users from being able to forward mail in several ways.

There are times when you’d like a mailbox that doesn’t “belong” to a particular user, such as sales or support, where you have a team of users accessing the same alias.

As long as the Shared mailbox doesn’t have a larger quota than 50 GB or uses an Archive mailbox, it won’t consume a license.

It’s also one option for handling staff that have left your company while you still need to monitor their email for incoming emails; converting their mailbox to a shared mailbox and assigning access to the appropriate staff will free up the license to be assigned to a new user.

From a security point of view, make sure direct login to shared mailboxes is blocked – users should only access shared mailboxes by adding them as an additional mailbox in Outlook.

Both Mail Contacts and Users show up in All Contacts, the Global Address List (GAL), and the Offline Address Book (OAB). A contact is a pointer to an email address in an external system, whilst a user is also a pointer to an external address, but the user has O365 credentials to be able to access SharePoint Online or OneDrive for Business.

The latter is a remnant of on-premises Exchange, modern external sharing such as Teams, Planner, and others use Azure Business to Business (B2B) collaboration for guest access.

Grouping email addresses together to facilitate communication with teams of people is something that email systems have been doing for decades – in the Exchange Online Admin Center (EAC), you can create Distribution Lists (DL).

Note that the default is to create an M365 Group instead, and in fact, Microsoft is pushing to replace DLs with Groups.

Dynamic Groups make maintaining membership easier, basing the membership on an Entra ID attribute such as “department” – if that’s set to Marketing, for instance, the user is automatically included in the right group.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

In summary, Exchange Online offers a seamless transition to cloud-based communication, providing robust data protection and efficient mailbox management.

Leveraging features like Autodiscover and mailbox archives, organizations can enhance productivity and streamline communication processes.

The last pillar of M365 is Windows 11 Enterprise, five devices for each licensed user, which will automatically upgrade Windows 11 Pro to Enterprise as soon as a user logs in. Here, we will cover what additional security features this brings to your enterprise.

Enterprise adds Defender Application Guard and Defender Application Control on top of the security features you get in Windows 11 Pro. Application Guard protects your users when browsing potentially malicious sites using Edge in an isolated hardware manner.

This technology has also been extended to Word, Excel, and PowerPoint. On the other hand, Application Control builds on earlier iterations of AppLocker and blocks untrusted applications, including plug-ins and add-ins, from running.

Always On VPN doesn’t require Windows 11 Enterprise and is a successor to Direct Access if you still need to use client VPN in your business.

Whilst it’s not exclusive to Windows 11 Enterprise, look at Windows Hello for Business to improve your user’s login experience as well as your security (a rare case of everyone winning in security) by moving away from passwords.

To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services:

• 365 Total Protection
• 365 Total Backup
• 365 Permission Manager
• 365 Total Protection Compliance & Awareness
• 365 Total Protection Enterprise Backup

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.

If you’re deploying large numbers of Windows 11 devices and you want to reduce the burden of wiping each new device and installing your custom image, consider using Windows Autopilot; it’s a powerful way to “deploy” Windows 11 by simply transforming the pre-installed image as your OEM delivers it.