Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Microsoft basically phoned it in with the last few Windows Server releases, which included relatively few new or updated features. They seemed primarily designed to appease certain customers who still wanted and needed an on-premises server OS.

But the next version of on-premises Windows Server, which will be available to customers in the second half of 2024, looks to be something quite different.

Unsurprisingly, the next release will be named “Windows Server 2025.” And perhaps surprisingly to some, it will still be a “perpetual” software product with five years of Mainstream support and five years of Extended support, not one that forces customers to subscribe to get regular features or security updates. Microsoft officials also have said the system requirements for Windows Server 2025 have not changed, so customers can upgrade all their existing Windows Servers to the new version.

“Overall, many of the Windows Server 2025 features either come directly from or are based on things that were introduced with Azure Stack HCI or Azure Edition,” said Directions on Microsoft analyst Jim Gaynor. “This goes along with what Microsoft said when they killed the SAC (Semi-Annual Channel). These other server OSs and editions ‘receive innovation’ first, and features are brought to the LTSC (Long Term Servicing Channel) version if deemed worthy.”

Among the new features coming to Windows Server 2025, which Microsoft officials have shared publicly:

Microsoft also is adding a new option for Windows Insider testers who want to flight new Windows Server test builds. And, after first appearing in a late 2023 patch to Windows Server 2022, a “wizard” to make it even easier to install Azure Arc will be included with Windows Server 2025.

Related Resources

Microsoft Ignite: What’s New in Windows Server vNext

Windows Server vNext Ask Me Anything

Introducing Windows Server 2025

Windows Insider flighting on Windows Server

The public relations push that Microsoft has generated behind their range of Copilot-branded technologies is seemingly unmatched in the company’s history.

As a result, the customer interest — and confusion — also seems to be unmatched. How are customers supposed to evaluate the technology for licensing or adoption, if there isn’t even a high-level way to describe each Copilot, what it does, what it integrates into, and the friction that it attempts to help the licensed end-user with? As a friend has suggested, we need a Copilot for Copilot licensing, because it’s impossible at this point to get your mind around what each of the Copilots does, and as soon as you understand most of them, something will change.

While customers should consider kicking the tires on Copilot-branded technologies that apply to their organization, it’s equally critical that they pace themselves in terms of any significant adoption of those services.

So when we consider Copilot, why, exactly should customers pace themselves, or potentially hold back entirely? Let’s consider a list of reasons:

1. Copilot is not consistent.

I’m not talking about the underlying LLM or inconsistencies in returned results. Instead, I mean that it isn’t clear what “Copilot” is even supposed to be. What Copilot in Bing does (summarize search) is completely different from what Copilot in Windows does (automate the Windows UI). What Microsoft 365 Copilot does depends on which piece of software or what service into which it has been integrated.

At a high level, Copilot helps users do things they would normally do, but faster or easier. But how it does them varies wildly depending on which Copilot we’re talking about, and what it is doing for you.

Microsoft has done themselves no favor by blurring the lines when it comes to which Copilot is which. How are customers supposed to evaluate the technology for licensing or adoption, if there isn’t even an elevator pitch to describe each Copilot, what it does, what it integrates into, and the friction that it attempts to help the licensed end-user with?

2. It’s very expensive (and expansive) yet offers unproven ROI.

This point is primarily about Microsoft 365 Copilot, which is so expansive, you can’t really easily define it. But at a simplistic level, Microsoft 365 Copilot takes tasks that a licensed user might need to perform and attempts to simplify them. But what it does, and how it does it, depends on the software or service it is integrated into, as discussed earlier. And each product team—in seemingly classic Microsoft form—has interpreted “integrate Copilot into your stack” in a completely different way.

I have seen a lot of customers curious about Microsoft 365 Copilot, and we’ve already seen many of them licensing it in some form. Given that it is so unfinished and lightly documented, it’s hard to see how a customer can look it in the eye and say it’s worth $30 per user each month at this point. What does it help a user do? It depends. How much does it save you annually on a per-user basis? It depends. Is Microsoft exaggerating the savings in their ROI documentation? You can bet on it.

3. It’s not done (and likely never will be).

Copilot isn’t done. Unlike legacy releases of Windows or Office distributed on shiny media, Copilots are never finished. If you adopt one or more Copilot-branded services, you’re on a Copilot journey with Microsoft.

Some of the already announced Copilot services are not even in preview yet. (See Copilots for OneDrive and SharePoint.) Some are still in private preview with no publicly announced ship target (see Security Copilot).

New Copilot features will arrive. Infrequently used features may disappear. User interfaces can and will change. Users will complain that their cheese has been moved, and they’ll want to know where it went. Your IT team needs to be prepared to train users and stay up to date on the Copilot technologies themselves (as much as they can). But at the end of the day, most Copilot technologies aren’t going to be well suited to users who aren’t comfortable with learning and re-learning on their own and aren’t comfortable with adapting to change.

4. It’s plagued by unstable requirements, branding, licensing, and packaging.

Branding for one Copilot, the service formerly known as “Bing Chat Enterprise,” has changed at least three times and will surely change again. At current writing, it’s now officially known as “Copilot with Commercial Data Protection.” This offering was initially limited to Microsoft 365 business customers, with a US$5 add-on for anyone else. But that approach was changed before the service became generally available in December and has changed again since.

Even without the constant change of Copilot, getting your head around what you must license for any single Copilot offering is an almost intractable task. Certain Copilot services are free. Certain Copilot services are free if you buy a specific other service. (You must be this tall to ride this ride.) And of course, some Copilot services/offerings, like Microsoft 365 Copilot itself, require specific —and very expensive — licensing per user. (Most Microsoft services in 2024 are licensed on a per user basis.)

5. It creates new regulatory compliance and security hurdles.

Copilot, which is described by Microsoft as “artificial intelligence” is based on the underlying large language model (LLM) technologies that Microsoft has licensed from OpenAI. As a result, it is trained on certain content (not your organization’s content). It can peruse your organization’s content and data to help users perform their work, depending on which Copilot we’re talking about.

Microsoft says, “Copilot automatically inherits your organization’s security, compliance, and privacy policies set in Microsoft 365.” And it’s important to note that it won’t help users bypass security permissions or legal hold settings for compliance, data residency settings to comply with GDPR, Priva privacy settings, etc. There are sure to be issues down the road where Copilot may lead to (or help discover) underlying security, compliance, or privacy issues. In short, organizations shouldn’t just shrug away concerns about security, compliance, data privacy and residency, etc. They must do research on topics that Microsoft hasn’t documented well, and that are subject to change.

Remember: It’s a marathon, not a sprint.

The intent of this post isn’t to keep you from investigating or even adopting any — or even most — of the Copilot-branded services. But it feels like Microsoft is working hard to reduce the due diligence organizations would have classically performed when they made decisions around upgrading from one version of Windows to another or migrating from legacy Office perpetual licensing on-premises to hosted Office 365/Microsoft 365 services.

My advice: Pace yourselves. Understand what you’re buying before you buy the Copilots for anything but a pilot project.

Also, if you’re confused or want a clearer story, licensing, pricing, or general strategy about “the Copilots”, I strongly encourage you to communicate with Microsoft and perhaps your reseller and push for it. However, note that many resellers and partners are already on board the same FOMO (fear of missing out) train that some Microsoft customers are clearly already on in terms of Copilot and Microsoft’s “AI” marketing push, and are ready to adopt and promote it at almost any cost regardless of the concerns I outlined above.

Related Resources

Directions on Microsoft’s Copilot tracker (downloadable reference sheet)

Directions on Microsoft’s Copilot Kit (Directions members only)

Copilot prerequisite: Proper data hygiene and controls are Essential (Directions members only)

Microsoft’s Copilot Super Bowl commercial

On January 16, Microsoft will expand availability of its $30 per user per month Copilot for Microsoft 365 so that more enterprise and business customers have the option to buy it.

Microsoft is enabling Office 365 E3 and E5, as well as Microsoft 365 Business Standard and Premium customers — not just Microsoft 365 E3 and E5 ones — to buy Copilot for Microsoft 365. It also is removing the 300-seat minimum requirement. In addition, Microsoft is launching today a version of Copilot for Microsoft 365 Family and Personal consumers for $20 per user per month.

“It’s great that Microsoft is opening up this powerful new technology (Copilot for Microsoft 365) to all customers, including businesses and consumers. The wide availability will create better user awareness and provide more feedback to find creative ways to use the Copilot and find weaknesses that can be addressed,” said Directions on Microsoft analyst Rob Sanfilippo.

The Copilot matrix continues to morph

Microsoft has been changing its branding and availability plans for its various Copilot AI assistants over the past year.

Until just before November 1, Microsoft officials had pledged to make Copilot available to Microsoft 365 E3 and E5 users, as well as Business Standard and Premium small- and midsize business (SMB) users on November 1. Subsequently, Microsoft dropped plans to make Copilot for Microsoft 365 available to anyone other than M365 E3 and E5 customers willing to buy 300 seats minimum and who went through their Microsoft reps to purchase (as Copilot for Microsoft 365 wasn’t on the price list). At the time, Microsoft officials declined to say when Business Standard or Premium customers would get their chance to buy Copilot for Microsoft 365.

However, for the past couple of months, Microsoft has been testing Copilots privately with select SMB customers and some consumers. As of today, Microsoft is making Copilot for Microsoft 365 available to customers via its Cloud Solution Provider (CSP) channel. It also is enabling individuals with Microsoft 365 Personal and Family subscriptions to add “Copilot Pro” for $20 per user per month.

Copilot Pro will be available via the Microsoft Store, and possibly other channels. Copilot Pro will work with Word, Excel (currently in preview and English only), PowerPoint, Outlook, and OneNote on PC, Mac and iPad. (There’s no word so far if and when it also will work with Android and if the consumer version of Teams and Clipchamp will be added to the mix.) Copilot Pro also will be getting at some point “soon” a Copilot GPT builder, which will allow customers to build their own customized Copilots tailored for a specific topic.

Microsoft will continue to offer plain-old Copilot — the product formerly known as Bing Chat — for no additional charge.

It seems Microsoft also will continue to offer the other Copilot — the product formerly named Bing Chat Enterprise. (I’ve asked Microsoft to confirm but no word back yet.) Bing Chat Enterprise is Bing Chat with commercial data protection added for customers who sign in with their Entra ID accounts.

At one point, Microsoft announced that the Bing Chat Enterprise version of Copilot would only be free for those with Microsoft 365 E3, E5, Business Standard or Business Premium or for $5 (USD) per user per month as a standalone commercial product. But Microsoft quietly dropped its standalone SKU plans and instead said the enterprise Copilot would be available to any organization using Microsoft Entra ID at no additional cost.

Until today, Microsoft had blocked Office 365 E3 and E5 users from the group of those eligible to buy Copilot for Microsoft 365 for $30 per user per month for no apparent technical reason. There’s been speculation that Microsoft did so to convince more Office 365 users to upgrade to Microsoft 365.

Microsoft officials said they are extending the Semantic Index for Copilot to Office 365 users who have a paid Copilot license. The Semantic Index is meant to work with the underlying Copilot system and Microsoft Graph to create a map of the data and content in an organization to help Microsoft 365 Copilot create more personalized and relevant responses.

Need help tracking the Microsoft Copilots? We’ve got you

Microsoft has announced over two dozen Copilots so far and more are on the way. Directions on Microsoft has created an infographic that pulls together basic facts for 27 Copilots organized into four categories:

Our chart provides an at-a-glance understanding of each Copilot, detailing use scenarios; training and customer data used; licensing costs; and dependencies on other Microsoft products.

Get your free copy of this cheat sheet here (for Directions members).

Related Resources

Microsoft broadens paid Copilot availability

Microsoft Copilots: The year in review and the year(s) ahead

Practical365.com: How Microsoft is Using Copilot to Drive Customers to Microsoft 365

Copilots! A Directions on Microsoft Brainstorm podcast

Ten things you need to know before buying Microsoft 365 Copilot

Microsoft spent most of 2023 announcing — and sometimes delivering — its rapidly expanding family of Copilot AI assistants. If you thought there were a lot of Microsoft Copilots, just wait: There will be many more announcements in 2024 and beyond.

GitHub Copilot, Microsoft’s AI assistant for developers, kicked off the Microsoft Copilot frenzy back in 2021. Throughout 2023, Microsoft unveiled plans for AI assistants across Bing Chat, Windows 10 and 11, Dynamics 365, Power Platform, Power BI, Microsoft 365, the Fabric data-analytics platform, Microsoft’s security platform, and more.

Microsoft officials have touted that they used the same orchestration and same design language/”Copilot Stack” across its varied Copilots. However, as we’ve said consistently at Directions on Microsoft, “Copilot” primarily is a Microsoft branding term. Different product groups at the company have implemented Copilots differently in terms of user interface, data set used for training and licensing and pricing.

In some cases, Microsoft has rebranded existing AI-centric features as “Copilots,” especially in the Dynamics 365 space. In others, it has applied the Copilot brush to already shipping products, such as Power Virtual Agents, which it christened in November 2023 as “Copilot Studio.” Microsoft also has created some brand-new AI assistants, such as the Copilots across its Microsoft 365 suite, and is slowly beginning to make them available to customers.

What’s next for Microsoft Copilots

Microsoft has been embedding AI functionality in various products for years. Before the debut of its partner OpenAI’s ChatGPT, however, Microsoft had a different focus with AI, as acknowledged by Executive VP of Experiences and Devices Rajesh Jha.

“Prior to generative AI, it was as if the human beings did all the work and the AI was the editor. It would show up in auto-complete, grammar check, spell check. But now it’s flipped. AI is doing the work. They’re doing the first draft, they’re doing the summarization, and the human beings are now editors. So it’s gone from AI being editors to now where it should be, which is the human beings are the editors and the AI is the assistant,” Jha said during a December appearance at the Barclays Global TMT conference in December.

In the near term, Microsoft is planning to add more OpenAI goodies to its Microsoft Copilot search tools formerly known as Bing Chat and Bing Chat Enterprise. On the near-term list for these two Copilots: Built-in integration with Open AI’s GPT-4 Turbo and DALL-E 3 imaging model; a new Code Interpreter capability for performing complex tasks such as more accurate calculation, coding, data analysis, visualization, and math.

Microsoft also is doing more to blur the lines between the shell, search and browser, Microsoft’s Jha acknowledged in his Barclays conference remarks. This integration could manifest as soon as 2024, starting with the rumored Windows vNext/”Windows 12″ release, some Microsoft watchers are speculating. Jha said the deep integration of natural language in the OS is key to “a new paradigm for user experiences.”

Microsoft also will be rolling out previews of its promised Copilot in SharePoint and Copilot in OneDrive in the first part of 2024, officials told me when I asked for an update on their whereabouts. A spokesperson described these as “additional application experiences” for Copilot for Microsoft 365. (No word yet on whether there will be extra charges or how these will be licensed.)

At some point in 2024, Microsoft is expected to make good on its previous promise to allow Microsoft 365 Business Standard and Business Premium customers to buy Copilot for Microsoft 365. Starting in January 2024, Microsoft will make Microsoft 365 Copilot available to faculty for purchase if they have Microsoft 365 A3/A5 subscriptions. Microsoft officials also have said Copilot for Microsoft 365 will be available to consumers, not just businesses, in 2024.

It’s not guaranteed smooth sailing for Microsoft’s Copilot family, however. Besides generative AI hallucinations and AI ethics and safety concerns, there are other factors which potentially could impact how Microsoft rolls out its Copilots in the coming months and years.

There are signs that Microsoft’s cozy relationship with OpenAI is triggering scrutiny by not just the UK Competition and Markets Authority but also U.S.-based regulators with the Federal Trade Commision, according to published reports. Microsoft has invested an estimated $13 billion in OpenAI and OpenAI runs its models exclusively on Azure. OpenAI’s decision to give Microsoft a non-voting, observer board position following the unexpected firing/rehiring of OpenAI chief Sam Altman seems to have increased regulatory concerns.

Copyright issues also loom large for OpenAI and Microsoft. In late December, The New York Times became the latest to sue for copyright infringement, claiming OpenAI copied millions of The Times’ articles to train the large-language models powering ChatGPT and Microsoft Copilot.

Everything you need to know about Microsoft Copilots

Our Directions on Microsoft members and customers have told us they’ve had challenges keeping up with all the Microsoft Copilots. They’ve had trouble determining which Copilots are still just previews (or even demo-ware) and which are generally available. They’ve been stymied when trying to figure out which Copilots Microsoft is bundling into products and often turning on by default, and which are only free to those with particular licenses.

The Directions on Microsoft analysts have been collecting information about the burgeoning Microsoft Copilot family, with the intent to bring some method to the AI madness. We’ve come up with a handy chart that lists the key Copilots the company has announced, descriptions of each, and as much pricing and licensing information as we can find. We will be updating and refreshing this chart on a regular basis, since Microsoft keeps adding new ones, changing branding and release dates, and adding new pricing and licensing wrinkles.

To download a free copy of the Directions on Microsoft Copilot infographic, go here.

Related Resources

Directions on Microsoft’s Copilots Kit (Directions members only)

Microsoft blog post: Continued AI Innovation in Copilot

Transcript of Microsoft EVP Rajesh Jha at Barclay’s (Dec. 7, 2023)

Microsoft’s OpenAI Investment Risks Scrutiny from US, UK Regulators

New York Times Sues OpenAI and Microsoft Over Use of Copyrighted Work

Copilots! A Directions on Microsoft Brainstorm podcast

It’s not every day — or, in fact, almost any day — that Microsoft gives customers a price break. But it looks as if that’s what Microsoft is doing with some newly announced additions to its Microsoft Defender line-up, specifically targeted at frontline workers.

As outlined in the Microsoft January 1, 2024, product terms, Microsoft added several new SKUs to its Defender and Entra (formerly Azure Active Directory) families. The newest members:

The move seems similar to an April 2020 announcement, when Microsoft added a more granular way for Microsoft 365 E3 users to gain access to E5-level regulatory and legal compliance features by adding new, less-pricey SKUs for F3 and F1 users. Microsoft documented and made these new SKUs available in June 2022.

There’s a key difference between the legal and regulatory SKU additions with the new security-focused Frontline ones unveiled this week.

“The weird twist is that the three individual compliance sub-SKUs for Frontline announced in 2020 required users to have M365 F1/F3. The security related pieces announced January 1, 2024, don’t,” said Directions on Microsoft analyst Rob Horwitz.

Horwitz speculated there could be some “corner-cases that Microsoft is trying to accommodate, such as retail devices protected by Microsoft Defender for Endpoint.”

“In some cases, the users might not even have a Frontline Suite,” he added. “And Microsoft is apparently trying to avoid any per device licensing.”

According to the January 2024 price list, these newly announced frontline security SKUs are approximately two-thirds the price of the P1/P2 SKUs. This is the same “discount” as Microsoft provided in June 2022 with the F5 compliance SKUs, Horwitz noted. The newly announced Microsoft Defender for Cloud Apps F1 (User SL) costs about $2.40 (USD) per user per month, rather than the $3.50 per user per month Microsoft charges for Defender for Cloud Apps P1, for example.

For some odd reason, when I asked Microsoft for comment on these new SKUs — specifically about their pricing and licensing reasons for introducing them — the company said, via a spokesperson that “Microsoft doesn’t have much to share on these questions.” (Actually, the spokesperson shared nothing.)

Cleaning up AIP Premium Plan 1 residuals

In other product term news from January 1, Microsoft announced it has removed all references to Azure Information Protection (AIP) Premium Plan 1 from its documentation. Microsoft dropped AIP Premium Plan 2 in 2020, with its functionality folded into various Purview sub-suites.

When I asked Microsoft for details on what will happen to the functionality that’s in AIP Premium Plan 1, a spokesperson said he could confirm the product is “being retired” on April 11, pointing us to this Microsoft blog post from April 11, 2023, that noted the AIP Unified Labeling add-in for Office will be retired this April. The spokesperson declined to provide more about the end of AIP Premium Plan 1.

This November 2022 Microsoft blog post, however, notes that the AIP Scanner capability in AIP Premium Plan 1 will be moving to the Purview compliance portal. AIP tools on Windows will be rebranded under Purview. The AIP Viewer for IoS will continue to be supported, but specifics have yet to be announced.

Related Resources

Microsoft Product Terms summary of changes

O365 Advanced Compliance and AIP Premium P2 SKUs discontinued, features repackaged (Directions members only)

Retirement notification for the Azure Information Protection Unified Labeling add-in for Office

Update on the future of AIP features

Microsoft officials are reticent to admit proactively when products are on the deprecation, retirement or graveyard lists. But there are several signs customers can monitor to determine if Microsoft is likely to drop a particular product or service on which they were counting. One of these “omens of doom” is the perpetual preview.

We’ve already written (and podcasted) about several Microsoft on-premises products that could be in the discontinuation danger zone, including Access, Visio, Project. Office Professional Plus, and more. The rule of thumb: Don’t invest in a Microsoft product in which Microsoft itself is lessening its investment.

But it’s not just on-prem legacy products that have an uncertain future. In preparing our various Microsoft enterprise product and service roadmaps here at Directions on Microsoft, we monitor the duration of Microsoft product previews, especially those with few, if any prospects of moving to the general availability (GA) phase. We’ve found the longer a Microsoft preview, the less likely a technology will reach GA.

In the consumer product space, it often matters less whether a product falls into the perpetual preview category. Many cloud services, including Google Search, Bing, and Xbox Cloud Gaming (which is still in “beta”), remained in preview for years, without many users being wiser.

In the enterprise world, however, customers often are unwilling or not permitted to roll out broadly technologies that have not reached GA. Many times, the vendors behind these products don’t support them to the level required by organizations. A preview never has a Service Level Agreement (SLA) associated with it. There may be Microsoft licensing clauses explicitly warning customers they should not be relying on these preview services in production, and if they do, they do so at their own risk.

Further complicating matters, it’s not always an entire product or service that’s in preview, but only specific features within it that may be. This can be confusing because it’s not always clear when a feature is in preview; it might be noted with an easily missed label in the UI or only in documentation or a blog post. There’s no consistency. So, the overall service is marked as GA, and customers adopt it, but they don’t realize they’re using a preview feature.

In some cases, overly long previews can be attributed to strategy and priority changes at Microsoft. (These days at Microsoft, if there’s no AI angle to your Microsoft product, it seems less likely to get internal support or promotion.) Some company watchers also have wondered if Microsoft still releases previews that never become commercially shipping products to try to freeze a market, rather than concede it to a competitor.

“Long previews may occur because there are critical customers that have requested certain features and are using them, but Microsoft doesn’t feel comfortable enough to support those features for everyone. Other times, priorities change before a product reaches general availability, and teams could be dissolved or refocused,” said Directions on Microsoft analyst Rob Sanfilippo.

Perpetual previews: A few examples

Here are a few examples of Microsoft cloud services that were/are in overly long previews

Azure Internet Analyzer: Microsoft announced the public preview of Azure Internet Analyzer in November 2019. Internet Analyzer is a network modeling and measurement tool that collects performance data to help determine whether a different network configuration will offer application performance improvements. In September 2023, Microsoft posted an update to its Azure Updates page acknowledging that Internet Analyzer will be discontinued and all customer data in the service deleted on March 15, 2024. In that update, Microsoft admitted “this tool didn’t achieve the level of customer traction we had hoped for.” Azure Monitor Network Insights seems to be the Microsoft-preferred replacement for Internet Analyzer.

Azure Service Shared Plan: Azure App Service has two base tiers — free and shared — which run an app on the same Azure VM as other App Service apps. These tiers were intended to be used only for development and testing purposes. After many years in preview, we asked Microsoft a while back when the Shared Plan would go GA. The answer: Never (although Microsoft still does charge users for shared CPU compute for the preview.)

Azure Blueprints: Microsoft launched a preview of Azure Blueprints in 2018. The idea behind Azure Blueprints was to enable IT to define a repeatable set of Azure resources that could be applied across an organization. In a note on the Microsoft Learn page about Azure Blueprints, Microsoft acknowledged on July 11, 2026, the Blueprints preview will be deprecated. Microsoft’s guidance is to migrate existing blueprint definitions and assignments to Template Specs and Deployment stacks.

One tool which could be used to monitor the state of Microsoft previews was a Microsoft-developed Web app called Azure Charts. Azure Charts helped track the availability status of various Azure services. But it seems the app is no longer functional due to “budget restrictions” as of just a week or so ago.

Does GA really mean anything anymore?

As we’ve noted, some orgs are unwilling and unable to deploy Microsoft products and services until Microsoft grants them the official GA label. But increasingly, the Directions on Microsoft analysts have been wondering what GA means anymore — especially when Microsoft seems willing to deem a product or service GA after seemingly little testing.

A prime example here is Copilot for Microsoft 365. After a few months of private testing by about 500 to 800 paying selected customers, Microsoft announced Copilot for Microsoft 365 was GA on November 1. On that date, it was available to a small subset of Microsoft’s customer base: Those with Microsoft 365 E3 or E5 who were willing to pay $30 per user per month for 300 seats (minimum) and who purchased it through their Microsoft reps, since it was not on the company price list. There was and is no public beta or free trial for the product. As of today, Microsoft has not gone public as to when it plans to broaden general availability.

Windows is another area where the GA label seems next-to-meaningless anymore. New features are rolled out to customers who aren’t protected by enterprise policies and services after relatively little testing by self-designated Insider testers. The first wave of unmanaged-device customers then test Windows 11 features for a few more weeks or months before Microsoft deems a feature update as ready for business deployment.

Related Resources

Podcast: When should you walk away from a Microsoft product

Microsoft’s Azure updates and changes feed

Internet Analyzer shutdown

Azure App Service Shared preview details

What’s next for Azure Blueprints

Goodbye, Azure Charts. We hardly knew you

Ten things you need to know before buying Microsoft 365 Copilot

Duration of Azure Tech Previews Can Indicate Risk (Directions members only)

Azure Roadmap (Directions members only)

Microsoft finally is going public on November 15 with one of the industry’s worst-kept secrets. For years, Microsoft has been rumored to be developing its own chips, including some based on the Arm architecture. Today at the company’s annual Ignite conference, officials are talking about what they’ve built and how Microsoft expects to use these chips to improve its own and its customers’ performance — and, hopefully, at some point, reduce both of their costs.

On Day one of Ignite, Microsoft is showing off its “Azure Maia” AI accelerator chip designed for cloud-based training and inferencing for AI workloads, as well as its “Azure Cobalt” chip based on Arm, meant to improve performance, power efficiency, and cost for general-purpose workloads. These chips will be incorporated into Azure’s infrastructure in 2024.

Officials said the in-house designed Cobalt 100 CPU, the first of a planned series, is a 64-bit 128 core chip that delivers up to 40% performance improvement over current generations of Azure Arm chips. Company officials said Cobalt 100 already is being used, in test, to run parts of Teams, Azure Communications Services, and Azure SQL Database.

Besides using Cobalt 100 in-house, Microsoft plans to make the ASIC Cobalt VMs available to customers for their own use some time in 2024, officials said. Microsoft has offered Arm-based VMs to Azure customers since 2022 via a deal with startup Ampere Computing, but these VMs were designed to run Windows 11 and various Linux distributions, specifically.

Microsoft execs said they have been testing Bing Chat (the consumer AI assistant service just rebranded to “Copilot”), Microsoft’s Phone AI services, as well as GitHub Copilot on the Maia 100 accelerator chips. Plans call for Microsoft to support not just first-party workloads, but third-party ones, like OpenAI’s ChatGPT 3.5 Turbo, and more on Maia, officials said.

More than just chips

In addition to showcasing its own silicon, Microsoft is making generally available as of today its Azure Boost system that is designed to speed up storage and networking by moving those processes off host servers onto customized hardware and software. It also plans to add AMD MI300X accelerated VMs to Azure that are designed to speed up AI workload processing, and it is delivering a preview of the NC H100 v5 VM series built for NVIDIA H100 Tensor Core GPUs, meant to improve mid-range AI training and generative AI inferencing.

Before Ignite this week, Microsoft already had been making numerous investments in Azure infrastructure that centered around the company developing its own chip, server, rack, networking and other physical components (rather than buying them off-the shelf). Years ago, it open-sourced its “Project Cerberus” cryptographic microcontroller, as well as its “ Project Olympus” datacenter server design.

In 2022, Microsoft bought Lumenisity, a British startup that was working on a new form of optical fiber, called “hollow core,” designed to improve long-distance data-transfer speeds. In 2023, it bought Fungible, a developer of data processing unit (DPU) technology which can be used for a variety of network interface card enhancements.

Microsoft also has been pioneering work in two-phase liquid-immersion cooling. Microsoft implemented this technology in its Azure datacenter in Quincy, Wash., starting in 2021.

In other Azure-related Ignite news, Azure AI Studio, which Microsoft originally announced at its Build conference in May 2023, is now in public preview. Azure AI Studio provides a UI to help create customized AI-enabled chats, including enhancing the chat with organizational data. Windows AI Studio, a complementary product “available in the coming weeks,” will allow developers to run their AI models on the cloud in Azure or on the edge, locally on Windows.

Related Resources

Ignite 2023: Microsoft introduces new chips, Azure infrastructure

Microsoft hardware acquisitions target its datacenter infrastructure (Directions members only)

To cool datacenter servers, Microsoft turns to boiling liquid

From 2022: Azure Virtual Machines with Ampere Altra Arm–based processors—generally available

From 2020: Microsoft is designing its own Arm chips for datacenter servers: Report

Microsoft will no longer provide support for Windows 10 after October 14, 2025. However, the company will make available a yearly subscription for critical or important security fixes for Windows 10 customers who can’t or won’t be off Windows 10 by that date. As was the case with Windows 7, these ESUs for Windows 10 will be available for purchase for three years.

In addition to making ESUs for Windows 10 available to businesses, Microsoft also plans to make them available to individuals who enroll their PCs in the paid Extended Security Updates (ESU) subscription program. Microsoft officials said they will provide more details on how this will work for both businesses and individuals “at a later date.”

As Microsoft announced earlier this year, Windows 10 22H2 is the final version of Windows 10. Customers running this version will get monthly security updates (and, on rare occasions, new features, such as Windows Copilot) through October 14, 2025. Those running Windows 10 IoT Enterprise and Windows 10 IoT Enterprise Long-Term Servicing Channel will remain in support longer as those editions have different life cycles.

Microsoft is encouraging customers with PCs that don’t support the hardware requirements for Windows 11 to buy new PCs now or subscribe to Windows 365/Cloud PC. Those subscribed to Windows 365 will be able to continue to use Windows 10 on their local devices with security updates provided for no additional cost three years beyond the October 14, 2025, support cutoff. Those running a Windows 10 instance in an Azure Virtual Desktop also will get ESUs for no additional charge.

ESUs will provide a Microsoft-chosen set of security updates designated as important or critical but will not include any customer-requested non-security updates or technical support.

Microsoft officials said they’d provide more licensing and pricing details closer to the Windows 10 end-of-support cutoff date. In the case of Windows 7 ESUs, Microsoft charged an annual per-device fee that doubled each year, starting at $50 USD per device for coverage from January 2020 to January 2021. Customers with Windows Enterprise User Subscription Licenses and those with active Software Assurance on Windows Enterprise Per-Device licenses got a 50 percent discount on these prices.

But What About ‘Windows 12’?

Microsoft is believed to be providing ESUs for Windows 10 because a substantial number of businesses and consumers are still running it. Whether it was due to Microsoft’s more stringent hardware requirements or change in UI/UX (or both) with Windows 11, adoption of Windows 11 is believed to be slow. Microsoft has not released any official numbers on how many PCs are running Windows 11 two years after its release. Windows Central reported in October 2023 that about 400 million PCs were running Windows 11, meaning more than half are still running Windows 10.

Microsoft officials didn’t offer any guidance today about what comes after Windows 11. There are growing rumors that Microsoft will release some kind of new version of Windows in 2024 — something which may (or may not) be called “Windows 12.” This could affect organizations’ Windows 10 upgrade plans, as some might think they can save a step by going straight from Windows 10 to Windows 12.

I asked Microsoft again this week if it would offer customers any guidance on whether a new version of Windows will ship next year and whether it will supersede Windows 11. A spokesperson said the company “has nothing further to share.” The latest Windows 12 rumors indicate that Microsoft could deliver a version of Windows tailored for “AI PCs” with neural processing units (NPUs). Could this mean the alleged new version of Windows might exist alongside Windows 10 and 11? Maybe?

Despite the availability of ESUs, Directions on Microsoft Analyst Michael Cherry recommends that organizations and people do not look at ESUs as a mechanism to extend the life of all the devices they have, but rather, use them sparingly for those devices that cannot be upgraded due to some critical or unique circumstance. There are risks and costs for not staying current that ESUs do not address, and organizations still need to watch that new devices they acquire can run Windows 11 as well as address coming features that may need additional processing power.

Related Resources

Microsoft: Prepare for Windows 10 End of Service with ESUs

Windows 10: T-24 and Counting (Directions Members Only)

How Microsoft Handled Windows 7 ESUs (Directions Members Only)

Report: Windows 11 is active on almost half a billion devices

We’re kicking off a new feature on our blog that we’re calling “Answer This.” We’ll be posting some of the many customer questions about Microsoft enterprise technology and licensing that we receive here at Directions on Microsoft, along with our analysts’ answers. If you want a chance to have one of your enterprise questions answered, fill out this form and we might tackle your query next.

Our second “Answer This” post pertains to Dynamics 365 licensing, particularly when multiplexing is involved. Customers often walk away from Dynamics because there are no reasonable solutions when it comes to licensing for multiplexing. The pricey reality, as Oprah might say: “You need a license; you need a license; everyone needs a license!”

Customer Question

We have a number of scenarios where we are wondering whether we need Dynamics 365 licenses. Several of these scenarios involve multiplexing. Is there a simple explanation as to when we do and don’t need some kind of Dynamics license for these scenarios?

Back Story

Multiplexing is how Microsoft makes sure that everyone pays to see the data. Their definition is that when internal users and devices use hardware or software to pool connections, reroute or indirectly access information, and/or reduce the number of devices or users that directly access a product, they are multiplexing.

In the Dynamics 365 ERP/CRM world, in particular, multiplexing is a big issue and comes into play when users are integrating their Dynamics data with other (often third-party and/or line-of-business applications). It is not uncommon for customers to use a Dynamics 365 CRM or ERP solution and want to feed that data into another company system. Like using the Dynamics 365 Sales application and feed new customer information and orders into an SAP or Oracle ERP solution.

In this case, the customer asked about using an automated process to export data from the Dynamics 365 Finance application to a third-party app they used for financial consolidation and reporting. They also asked about transferring the data into Azure Data Lake where they want to transform the Dynamics 365 data and feed it into a data warehouse for reporting and archive.

In both of these cases, the answer was pretty clear. Anyone who sees the Dynamics 365 data in the financial consolidation app (or reports generated from it) or in the Data Lake or Warehouse (or any reports generated from it) requires at least a Dynamics 365 Team Member license. It does not matter how many layers or systems the data goes through.

The Dynamics 365 multiplexing rules state that any time an automated process (called a pooling device in Dynamics licensing) electronically copies Dynamics 365 data to another location, anyone who sees that data still requires a Dynamics 365 license, regardless of how many systems it goes through and how it is transformed.

The only time multiplexing is not an issue is if the data is copied manually, which defeats the goal of “digital transformation.”

Don’t Forget

Multiplexing does not reduce the number of licenses a customer needs.

Customers who try to reduce the number of licenses for devices or users they need simply because the data they’re sending automatically to another location doesn’t come back to Dynamics are not compliant with Microsoft’s licensing terms. And because so many different systems are integrated with Dynamics, it’s often near impossible to figure out where a piece of data came from originally.

Our Recommendations

Don’t try to reduce required subscription licenses just because some users and devices are indirectly or automatically accessing Dynamics 365 data. Even if that data is read-only, users still need a Team Member license.

Power Apps Premium licenses are more expensive than Team Member licenses, but they are a less expensive alternative to full user Dynamics 365 licenses. Consider them when the following conditions apply:

Related Resources

Microsoft’s Dynamics 365 Licensing Guide

Microsoft 365: When to Upgrade to a Full Power Platform Plan (Directions Members only)

Submit your own enterprise tech/licensing question to Directions on Microsoft here

This is a guest post from Directions on Microsoft analyst Michael Cherry, who covers Windows Client OS, corporate governance and more.

When some anniversaries come along, my immediate thought is there’s no way that event happened that long ago. Other anniversaries that I learn happened a long time in the past seem in my mind as if they occurred yesterday. That is how I feel about Oct. 14. While today I take Patch Tuesday for granted, I would not have guessed that I’ve been participating in Patch Tuesday for 20 years.

Initially, Microsoft attempted to honor its commitment to customers to only include patches that fixed issues, including security issues. But soon, just as it had with its commitment to only include fixes in service packs, features began to find their way into the patches delivered on Patch Tuesdays. It became necessary to at least examine a patch to see what impact it might have on problems that you knew or didn’t know about, and how the patch might change Windows in some way you didn’t necessarily want or need.

Looking back, those early Patch Tuesdays were simpler times.

Although there were threats, such threats were not on the order of the malicious software that has evolved to mostly be some form of ransomware. There did not seem to be any need to rush to apply the patches delivered on Patch Tuesday. Directions on Microsoft used to advise enterprises to let the patches age for at least a couple of days to ensure the patch fixed existing issues without creating new problems. This was because patches — even patches that were not mixed with features — are subject to the law of unintended consequences. This meant it was prudent to allow someone else to be the lab rat. If after a day or two I hadn’t heard or read of problems with the patches, I’d feel safe to go ahead and begin to roll them out to my devices and the devices I managed for Directions.

Today’s Patch Tuesdays aren’t like yesterday’s

But no more. Today, zero-day vulnerabilities and exploits that come under immediate attack mean that on the 20th anniversary of Patch Tuesday, the prudent approach is to patch quickly and live with the risk of problems, including whatever a “blue screen” is called today.

This change, more than any other, should be seen by Microsoft as reason enough for the company to slow the cadence of feature changes to Windows and stop co-mingling security fixes with new features on Patch Tuesday. People need to have a good known state with the Windows OS to assist in monitoring for malware that has made it past their defenses.

Although the technology to deliver, stage, and deploy patches has improved greatly from Microsoft’s investment in a software update and servicing infrastructure, at the end of the day, disciplining its release management system and its rules about what goes into the patch package remains the single most important element of building a safe and secure Windows environment — or as Microsoft once dubbed it — Trustworthy Computing. If only Microsoft were willing to put the trust back in “Trustworthy” by making the next 20 years of Patch Tuesdays exclusively about security fixes….

Michael analyzes and writes about Windows client OS, Office communication services, corporate governance. Before joining Directions on Microsoft in 2000, Michael worked at Microsoft for more than 10 years where he held a variety of technical and marketing positions, including program manager for Windows Embedded and Windows 2000 IntelliMirror.

Related Resources

Microsoft Security Update Guide FAQs

From 2003: Microsoft releases its first monthly security fixes

Marking ten years of Patch Tuesday

Windows Client OS Timeline (members only)

Many Wall Street analysts are tripping over themselves to find evidence in Microsoft’s quarterly earnings reports that Microsoft AI tools and services already are taking off. However, one of the company’s potentially biggest (and best demo’ing) AI assistant, Microsoft 365 Copilot, still is available to a very small set of paying preview customers and is a week away from general availability.

On November 1, Microsoft will make the first iteration of Microsoft 365 Copilot available for purchase by business customers for $30 per user per month. On that date, Microsoft 365 Copilot will be available for purchase only for those willing to commit to 300 seats minimum. There will be no free trial for Microsoft 365 Copilot. And from what I’m hearing, on November 1, Microsoft 365 Copilot will only be available to those with Microsoft 365 E3 and E5 subscriptions — not Business Standard and Business Premium ones (which Microsoft originally claimed it would).

Some components of Microsoft 365 Copilot and some of the related server copilots still will carry the “preview” tag on November 1. As detailed in the Microsoft 365 Roadmap, SharePoint Copilot will be in preview in November and not be designated as “generally available” until March. Microsoft 365 Copilot in Excel will still be in preview as of November and not declared “generally available” until February 2024.

The Viva Goals and Viva Engage copilots won’t start rolling out until December. It turns out that there will be copilot support not just for the new Outlook for Windows, but also the “classic” Windows version — at least with a “summarize by Copilot” capability — but it won’t be available in preview until January 2024 and generally available in March 2024, the Microsoft 365 Roadmap says.

A few of Microsoft’s already announced copilots are commercially available, including GitHub Copilot, Bing Chat and Bing Chat Enterprise (both recently renamed Microsoft Copilot), an early version of Copilot for Windows, and some of the Power Platform and Dynamics 365 copilots. Microsoft’s Security Copilot just entered a broader, paid Early Access Program (EAP) pilot last week.

This staggered rollout didn’t stop Microsoft CEO Satya Nadella from trumpeting the potential of the company’s copilots during the Q1 FY’24 earnings call on October 24. Nadella said a substantial number of workload starts on Azure were AI-related during the quarter.

“With copilots, we are making the age of AI real for people and businesses everywhere,” said Nadella. “We are rapidly infusing AI across every layer of the tech stack and for every role and business process to drive productivity gains for our customers.”

Azure AI growth as a leading indicator

During Microsoft’s Q4 FY’23 earnings call in July, Chief Financial Officer Amy Hood predicted that roughly two points of Azure growth would come from AI in the Q1 quarter. In fact, this ended up being three points, “primarily driven by increased GPU (graphic processing units) capacity and better than expected GPU utilization of our AI services, Hood said.

Azure revenues (which Microsoft still does not disclose publicly) were up 29 percent for Q1, which was better than company watchers were expecting. Nadella said 18,000 organizations are now using Azure OpenAI, Microsoft’s implementation of OpenAI, up from 11,000 announced in July.

Microsoft execs also have been encouraging customers to use Microsoft services such as Syntex, Fabric, Purview and Defender to get their data-storage and -access strategies in order before turning on its various copilots in order to try to reduce inadvertent data leaks.

The company’s overall “Microsoft Cloud” revenues (a category which includes Microsoft 365, Azure, Dynamics 365, GitHub, some LinkedIn revenues and other cloud-centric products) hit $31.8 billion, up 24 percent over the previous year’s quarter. Microsoft revenues for the quarter were $56.5 billion, and earnings hit $2.99 per share.

While AI exuberance is in the air among Microsoft management and many on Wall Street, it’s still worth asking whether Microsoft might be overinvesting in AI, either by spreading itself too thin or by completely ignoring necessary non-AI features in its products,” noted Directions on Microsoft analyst Barry Briggs.

“To put a finer point on it, could Microsoft actually fall behind competitively by directing too many resources at AI?” Briggs added.

Related Resources

Microsoft’s Q1 FY’24 earnings

Microsoft 365 Copilot: Coming to Office apps near you for $30 per user per month

M365 Roadmap for copilots

Q1 FY’24 earnings call transcript

Today’s the day. After publicly showing the first public demos of Microsoft 365 Copilot in March, Microsoft is making it generally available for a subset of its commercial customers.

M365 Copilot is one of Microsoft’s AI assistant tools that coordinates large-language models, customer content in the Microsoft Graph and Microsoft 365 apps in a way meant to increase users’ productivity.

Here are a few of the key points you should consider when evaluating whether to wade into the M365 Copilot waters:

1. M365 Copilot — generally available as of November 1 for those in the Microsoft 365 Current Channel — requires a minimum purchase of 300 seats. (Those in the M365 Monthly Enterprise Channel will be able to take advantage of the M365 Copilot features starting in December 2023.) Microsoft is telling enterprise customers interested in buying M365 Copilot that they need to “call their Microsoft account rep” in order to purchase.

2. M365 Copilot costs $30 per user per month for an annual commitment. There’s no free trial and no volume discount at this point (as far as we know). Enterprise customers who buy M365 Copilot now are committed up until their next Enterprise Agreement contract anniversary, after which point, they can drop or renew M365 Copilot for 12 months.

3. Only M365 E3 and E5 commercial subscribers are eligible to purchase M365 Copilot right now. If you’re running Office 365 E3 or E5, you need to upgrade to Microsoft 365 E3 or E5 before buying M365 Copilot. Also: Even though Microsoft officials said earlier this year that M365 Business Standard and Business Premium subscribers also would be eligible to purchase M365 Copilot when it became generally available, this does not seem to be the case. Microsoft officials say they plan to make M365 Copilot available to Business Standard and Premium users but are not saying when.

Microsoft also plans to make M365 Copilot available for Government and Education customers but has not provided a date as to when. Some invited consumer and small-business M365 subscribers are testing M365 Copilot now in a private preview.

4. There are many different Microsoft copilots, not just one. Even though the growing family of Microsoft copilots use the same underlying architecture, they are built using different reasoning and data and are designed for different purposes. Some cost money and some are available for no additional cost for certain customer groups.

GitHub Copilot, which has been commercially available for more than a year, is up to 1 million paying subscribers, Microsoft says. Windows Copilot, which, at this point, is not much more than Bing Chat with a few custom capabilities, is in preview and just starting to roll out to Windows 11 customers now. The various Dynamics 365 and Power Platform copilots are coming online; some customers get these for no additional charge.

Microsoft 365 Copilot: Not the ‘E5 of Copilots’

5. M365 Copilot is not the “E5 of Copilots.” A M365 Copilot subscription does not include Microsoft’s other paid Copilot-branded and AI-related services. For example, Teams Premium remains an add-on license for Teams with its own $10/user/month subscription. Despite Microsoft’s proclamations of how well M365 Copilot and Team Premium work together, Teams Premium isn’t included in M365 Copilot nor is there any discount for buying both together.

6. Not all pieces of M365 Copilot are actually generally available as of November 1. Copilot for Excel is still in preview. Copilot for OneNote is only available right now on Win32 desktops; Microsoft is targeting sometime during its fiscal 2025 (!) for Web, Mac and mobile OneNote Copilot variants. The Copilot for SharePoint preview kicks off in November and Copilot for OneDrive in December.

7. M365 Copilot has been in very limited and tightly controlled testing up to this point. It has been tested inside Microsoft by some employees. It was available earlier this spring to a very small group of companies (around 50) as part of Microsoft’s “AIX00” program. It also has been in a paid, private, invitation-only Early Access Preview since July with hundreds of customers (800 at its high point). There has been and will be no public beta program.

8. Microsoft focused on certain key scenarios for this first iteration of M365 Copilot. These include content generation; “commanding” (how to use Microsoft’s own products like Excel and PowerPoint); comprehension (summarize, ask questions); collaboration (combining Copilot actions using M365 Chat); and proactive suggestions/notifications. In short, M365 Copilot enables Microsoft to expose capabilities that have existed in its products and expose them to people via natural language.

9. Microsoft is strongly advising customers to make sure their data storage and access strategies are in order before deploying M365 Copilot in order to lower the risk of data leaks. Microsoft has suggested customers use the company’s services and tools such as Intune, Defender, Syntex and Purview ahead of their M365 Copilot rollouts. Microsoft also is suggesting, but not requiring, customers to have Microsoft Unified Support in place before using M365 Copilot.

Admins will be able to assign licenses and onboard employees to M365 Copilot in the M365 Admin Center (under Billing > Licenses). Once a user is assigned a M365 Copilot license, s/he gets to use copilot across all the M365 apps; admins cannot assign users M365 Copilot for only certain Office apps.

10. There’s some new language in Microsoft’s November Product Licensing Terms (published Nov. 1) for M365 Copilot specifically around location of data processing:

Location of Data Processing

Notwithstanding the Location of Data Processing provision in the Universal Terms applicable to Microsoft Generative AI Services, when the Customer uses the Microsoft 365 Copilot, the Customer Data storage commitments applicable to Office 365 Services in the section of the Product Terms Privacy & Security Terms entitled Location of Customer Data at Rest for Core Online Services remain in effect.

This seemingly is in line with what Microsoft has stated previously: “Microsoft 365 Copilot doesn’t change existing data processing and residency commitments that are applicable to Microsoft 365 tenants. Microsoft 365 Copilot calls to the LLM (large language model) are routed to the closest data centers in the region, but also can call into other regions where capacity is available during high utilization periods. For European Union (EU) users, we have additional safeguards to comply with the EU Data Boundary. EU traffic stays within the EU Data Boundary while worldwide traffic can be sent to the EU and other countries or regions for LLM processing.”

This policy is different from the one associated with Bing Enterprise Chat, which uses global data center for processing and, according to Microsoft, “may process data in the United States. Optional, Bing-backed connected experiences don’t fall under Microsoft’s EU Data Boundary (EUDB) commitment.”

Microsoft plans to provide more information about M365 Copilot, including how enterprises should prepare for adoption; ways to customize it with line-of-business plug-ins and more, during its Ignite conference in mid-November.

Related Resources

Microsoft guidance on how to prepare for M365 Copilot

General M365 Copilot information on Microsoft Learn

Microsoft Copilot Adoption Center

Microsoft 365 Copilot architecture

November 2023 Product Terms: M365 Copilot added

M365 Copilot and the EU Data Boundary

It’s been a while since Microsoft announced a company-wide security initiative. Remember Security Development Lifecycle back in 2004, post-Blaster? Or Trustworthy Computing in 2002?

Microsoft’s newest imperative, unveiled both internally and publicly on November 2, is called the Secure Future Initiative (SFI). It’s focused on revamping how Microsoft designs, builds, tests, and maintains its services and software.

It’s probably no coincidence Microsoft is unveiling SFI after widespread outcry — and calls for government regulation — following the Storm-0558 China hack. Via that breach, bad actors infiltrated a number of business and government Outlook email accounts, all stemming from access to a Microsoft Account consumer key.

Storm-0558 is hardly the only big cybersecurity incident that’s hit Microsoft and its customers in recent months. Phishing, ransomware, malware as a service and other security issues are cropping up non-stop. And as more companies bring generative AI technology in-house, even more sophisticated security problems will, no doubt, be added to the mix. At the same time, big tech companies increasingly are finding themselves on the “failure to inform” end of a sharp legal stick, giving Microsoft even more incentive to be proactive in cleaning up its security act.

Unsurprisingly, AI plays heavily into Microsoft’s proposed security solution (as it does with every Microsoft announcement these days). Microsoft is working on an AI assistant tool called Security Copilot that is meant to help IT pros more quickly and easily see what’s happening from a security standpoint in their organizations. Microsoft recently broadened its private, paid testing program for Security Copilot ahead of its expected 2024 general availability.

As part of the SFI initiative announced today, Microsoft said it will improve its own software development and vulnerability remediation activities. Specifically, Microsoft execs said they will:

“The Trustworthy Computing push happened because (Microsoft founder Bill) Gates recognized that security problems were slowing PC sales, which hurt Microsoft sales. It could be that it is seeing similar limiting effects in the cloud business, with customers so under siege that they can’t adopt new technologies,” said Directions on Microsoft analyst Rob Helm.

“And in that business, Microsoft can’t ignore the problems that a customer is having with security, because Microsoft is effectively a big part of the customer’s IT department,” Helm added.

Whatever happened to Trustworthy Computing?

Speaking of Trustworthy Computing, Microsoft’s last major cross-divisional security initiative, Directions on Microsoft analyst, Michael Cherry, wondered whatever became of it.

“The questions that should be asked of Microsoft is, ‘if you were doing Trustworthy Computing correctly, and this assumes you are still doing it, then what about your secure by design, secure by deployment, and secure by default isn’t working?’” Cherry said. After all, with Cloud based services Microsoft has responsibility for aspects of all three Trustworthy Computing pillars.

“If Microsoft was doing Trustworthy Computing — and there is no good reason that it would have ever stopped doing it — then one would think they should be on top of and adapting to new threats and threat actors. Is the reality that Microsoft, as an organization, doesn’t have the discipline to really address security and identity because the race to get products to market and meet the continual fast-pace of updates required to drive the Microsoft ‘As- a-Service’ subscription engine? If so, that means product teams have all abandoned secure by design, secure by deployment, and secure by default.”

“Maybe instead of a new initiative, Microsoft should just quietly get back to first principles of Trustworthy Computing and wait until it has the fundamentals down pat before adding AI,” Cherry said.

Related Resources

Announcing Microsoft Secure Future Initiative

Microsoft to broaden access to cloud security logs following China e-mail hack

Understanding Security Copilot (Directions members only)

Trustworthy Computing Report (Directions members only)

Microsoft has spent much of calendar 2023 announcing new Copilot AI assistants across its product line. At its Ignite 2023 conference, Microsoft continued this trend by announcing plans for several more Copilots, some of which are now in preview, and others still just promises.

Microsoft also used Day 1 of its annual conference for IT pros and business decision makers to try to solidify its Copilot branding. As the company indicated in September, officials are trying to promote the idea of a single “Microsoft Copilot” experience that works across its software and services. However, the reality of what Microsoft’s Copilots are and how they work is more complex.

At Ignite, Microsoft officials stated again that “Microsoft Copilot” is the brand it will use across the various AI assistants on the consumer side of the house. Bing Chat’s new official name is “Copilot.” Bing Chat Enterprise’s new official name also is “Copilot.” (Yeah, this makes no sense to us, either, as the two are different things.) Bing Chat Enterprise is not free and includes data protection that Bing Chat does not. Bing Chat Enterprise is available to those with a Microsoft 365 F3, E3, E5, A3/A5 (faculty only), Business Standard and Business Premium users for no additional cost and is US$5 per user per month for those without those licenses.

Microsoft officials also want to change the way people refer to its commercial Copilots such as Microsoft 365 Copilot and Dynamics 365 Copilot, too. The new branding: “Microsoft Copilot for Microsoft 365” and “Microsoft Copilot for Dynamics 365.”

Trying to simplify the complex can be good, but here’s the problem: There are multiple different Microsoft Copilots. And GitHub Copilot and the Copilots used in Windows or Microsoft 365 apps have very little in common.

“Each Copilot is trained on different data to perform different functions and has different security permissions. And the big one: Each has different licensing requirements,” said Directions on Microsoft analyst Andrew Snodgrass.

Bring on more Microsoft Copilots

Here’s a list of the new Copilots and Copilot-related services Microsoft is announcing at Ignite. (I’ve included any availability, pricing and licensing information I could find.):

Copilot for Fabric: Announced in May, includes several AI assistants, each using the Fabric analytics platform but designed for a different Fabric “experience” is now in preview.

Copilot for Azure: Now in preview, this AI assistant is meant to help Azure customers with designing, operating, optimizing and troubleshooting Azure apps and infrastructure.

Copilot for Cosmos DB: Focused on helping developers write NoSQL queries, this is embedded in the Cosmos DB Data Explorer. It’s free for developers.

Copilot for Service: Public preview coming in December 2023 and general availability in Q1 of calendar 2024. This new Copilot connect Office applications with third-party CRM and contact-center solutions. Pricing will be US$50 per user per month (including a built-in Copilot for Microsoft 365 license).

Copilot in Dynamics 365 Guides: This Copilot connects users wearing a HoloLens 2 AR headset with Dynamics 365 data to help field workers complete tasks.

Microsoft Copilot Studio: This low-code tool is meant to help customers build their own copilots and plug-ins to Microsoft’s Copilots by integrating business data in copilots for internal or external use. It works with connectors, plug-ins and OpenAI’s newly announced GPTs. It also includes Power Virtual Agents for developers connecting to Dataverse-based applications. Copilot Studio is included in Microsoft Copilot for Microsoft 365 licenses.

Microsoft Copilot Dashboard: Now in public preview, this dashboard is meant to help IT pros with Copilot in Microsoft 365 usage across apps, impact on productivity and the like. In early 2024, customers with Viva Insights licenses will get more advanced dashboard capabilities.

Copilot for Viva: Microsoft announced plans to provide copilots across its Viva employee experience suite back in April. These are finally starting to arrive for testing:

Microsoft is using Ignite to continue to try to whet customers’ appetites for its various Copilots by talking up a bunch of features that are coming soon. For example, in early 2024, Copilot in Teams will add the ability to give “Copilot a seat at the meeting table” in Teams meetings by taking notes or capturing specific content. And in December this year, intelligent recap will be added to Copilot in Teams, as well.

Just a reminder: Copilot for Microsoft 365 may be designated by Microsoft as “generally available,” but it’s actually only purchasable right now by a fairly small set of users. To get it, customers must have a Microsoft 365 E3 or E5 license, buy it through their Microsoft account rep (since it’s still not on the price list), purchase a minimum of 300 seats, and pay $30 per user per month for it on top of their M365 license fees.

Related Resources

Introducing Microsoft Copilot Studio

Ten Things You Need to Know Before Buying Microsoft 365 Copilot

September 2023: Microsoft takes a first stab at ‘Microsoft Copilot’ rebrand

Copilot Brand Expands, Not a Cohesive Toolset (Directions members only)

Copilot Plugins Bring Customer-Specific AI

Microsoft is updating its OneDrive for Business service with user-interface tweaks, support for a Copilot AI assistant, and IT pro admin tools. Microsoft’s goal with this update is to make it easier for customers to access the files they’ve created, as well as files shared with them, Microsoft officials said.

Microsoft announced most of the next-generation OneDrive UI updates back in early May, but business customers are just starting to see them now (at least in OneDrive for Business) in early October. Copilot support for OneDrive is slated for December, and other new features for file access and creation are “coming soon,” officials said on October 3.

A new OneDrive home experience for OneDrive for Web; Meeting View; People View; Shared View and simplified sharing are available to commercial customers now. The ability to open any file in the appropriate Office desktop app; an updated OneDrive Files app in Teams; and a OneDrive app for Outlook for Windows and Outlook for the Web are all slated for December 2023.

Support for offline file access and sync via Files On-Demand for Web and offline mode are both early 2024 deliverables, according to the company.

Copilots scheduled to land later this year

Officials said this week that those with a Microsoft 365 Copilot license (which costs $30 per user per month on top of certain Microsoft 365 business plans) will be able to use Copilot to manage files in OneDrive and SharePoint. Support for Copilot in OneDrive is slated for December 2023. According to the Microsoft 365 Roadmap, the Copilot for SharePoint rollout will begin in November 2023. (Microsoft 365 Copilot is going to be generally available for purchase on November 1, 2023, Microsoft officials said.)

Initially, Copilot functionality in OneDrive will be limited. But Microsoft officials said in the future, Copilot in OneDrive could handle tasks, like showing users all relevant files, suggesting that they get added to a new folder, recommending possibly related files, generating summaries to include with shared links, etc.

“Copilot for OneDrive appears to be a natural language version of existing search capabilities. Customers will have to decide whether it’s worth licensing their entire estate for Microsoft 365 Copilot to get these capabilities,” said Directions on Microsoft analyst Joshua Trupin.

Microsoft officials highlighted OneDrive management tools that are part of the SharePoint Advanced Management (SAM) add-on for security and governance. These tools will be able to fine-tune conditional access policies; blocking people from accessing shared files by limiting group access; moving OneDrive accounts across tenants and more.

SAM is a part of Microsoft SharePoint Syntex content processing and management product. To use SAM, customers must have a license for each user in their organization. (It’s not required for guests.) Users must also be licensed for SharePoint K, P1, or P2 via standalone or a Microsoft 365 suite.

“Microsoft’s planned set of administrative features could help secure content, but will involve several controls and a learning curve,” Trupin noted.

Related Resources

October 2023: Unveiling the Next Generation of OneDrive

May 2023: Microsoft announces plans for the ‘New OneDrive’

Microsoft outlines plans to refresh SharePoint’s UX and add Copilot AI capabilities

We’re kicking off a new feature on our blog that we’re calling “Answer This.” We’ll be posting some of the many customer questions about Microsoft enterprise technology and licensing that we receive here at Directions on Microsoft, along with our analysts’ answers. If you want a chance to have one of your enterprise questions answered, fill out this form and we might tackle your query next.

Our first installment is timely, as it focuses on the Extended Security Updates (ESUs) that Microsoft is making available to Windows Server 2012 and 2012 R2 customers that will provide them with important security updates even after the October 10, 2023, end-of-support date for those products.

Customer Question

Can legacy virtual machines (VMs) running in on-premises Windows Server version 2012/R2 — regardless of the underlying Windows Server licensing — be licensed individually with extended security updates (ESUs)?

Back Story

Windows Server 2012/R2 leaves extended support on October 10. For on-premises scenarios, customers must purchase security patches in the form of ESU core licenses. The open question is “how many ESU core licenses do I need?” The answer: It depends… based on which Microsoft source you consult and how you interpret it.

In October 2022, Microsoft changed Windows Server licensing rules. Prior to that date customers needed to cover all the physical cores in a server (typically via Windows Server Datacenter core licenses). Starting October 2022, customers could instead use an alternative “license-by-VM” option (typically using Standard edition core licenses). That means customers have two options for allocating Windows Server core licenses.

Up until October 2022, Microsoft’s official ESU licensing rule was that if a customer ran ESU-patched workloads on a server, they had to purchase the same number (and edition) of ESU core licenses as they did for Windows Server core licenses for that physical server. At that time, Microsoft didn’t bother to amend its policy to clarify whether changes to the underlying Windows Server licensing had any effect on ESU licensing (since the then-active ESUs for Windows Server 2008/2008 R2 were on their way out and were already prepaid by customers).

It wasn’t until recently that ESU licensing rules resurfaced as an issue. On Oct. 10, 2023, Windows Server 2012 and 2012 R2 are exiting support and ESUs become available for purchase. Many organizations are curious if — since they can choose between two Windows Server core license allocation options — can they also choose between parallel ESU options? Or is it the case that they must only use the option chosen for Windows Server as the one they use for ESUs?

Why is this question material? In certain cases, an inability to mix options makes a monumental difference in ESU licensing costs. Customer datacenters commonly comprise Windows Servers clustered together allowing the VMs to move across servers for load balancing. Each physical core in the cluster is licensed with Windows Server Datacenter. Having to purchase an ESU Datacenter license for each physical core in the cluster can be 50 or more times as expensive as licensing the small set of Windows Server 2012/2012 R2-based VMs requiring ESUs using the license-by-VM option.

There’s another problem: Microsoft’s own documentation around this is ambiguous. In some places, the company indicates that customers can mix and match when licensing ESUs (although possibly only when registering their servers with Azure Arc and paying a monthly fee, rather than the traditional ESU annual fee).

From a September 2023 Microsoft blog post marking general availability of the Windows Server 2012/R2 ESUs: “Customers can mix and match Standard and Datacenter licensing, and virtual core and physical core models, eliminating the need to match SKUs with their underlying host.”

Don’t Forget

Whether mixing options or not, ESUs are extremely expensive — basically the equivalent of buying the full Windows Server license all over again for each of the three years of ESU coverage. Further, ESUs are cumulative, meaning you must buy all preceding years (if you buy in year 2 you must also buy year 1, if you buy in year 3, you must buy years 1 and 2).

Customers could try to reconfigure their IT setups on-premises and reallocate licenses to try to save money when matching their physical licensing with ESUs. But that process is going to take significant IT resources, exactly what customers running legacy workloads want to avoid.

Customers who agree to migrate their VMs to Azure can get ESUs at no cost. However, moving from on-prem to Azure also soaks up IT resources and may be impractical for various reasons. And with the end-of-support timebomb looming, the Azure option may not be feasible in a timely manner.

Customers who connect their VMs to Azure Arc and subscribe to monthly ESUs do have flexibility. When purchasing and provisioning a set of ESU core licenses, the Azure Arc interface requires the IT administrator to specify either the license-by-physical-host or license-by-VM options. However, the interface has no way to know whether the underlying Windows Server core licensing matches.

Microsoft Says

We asked Microsoft for clarification on the ambiguity of its documentation. We also asked whether there are specific cases where customers can mix their licensing options when it comes to ESUs for Windows Server 2012/2012 R2 and for SQL Server 2012. We received a response we didn’t find to be overly enlightening.

What was far more helpful is the seemingly freshly updated FAQ to which Microsoft pointed us:

Directions’ takeaways from the FAQ

Monthly (Azure Arc) and annual ESUs are available via EA and CSP

For Windows Server

For SQL Server

Our Recommendations

We still hope that Microsoft may, at some point, modify its licensing rule by allowing the individual VMs that require ESUs to be licensed regardless of how the underlying Windows Server is licensed.

If that doesn’t happen, customers will need to decide if they are willing to go the Azure Arc route for their ESUs for VMs. If they are not, organizations must evaluate whether they’ve got the funds and time to try to migrate VMs running Windows Server 2012/R2 to Azure or to reallocate their on-premises workloads to make purchasing ESUs for VMs more affordable.

The good news is that VMs eligible for disaster recovery, Visual Studio and dev/test benefits can receive ESUs at no additional cost.

Related Resources

Microsoft adds another way to get Windows Server 2012 and 2012 R2 Extended Security Updates

Microsoft’s Extended Security Updates Frequently Asked Questions

Generally Available: Windows Server 2012 and 2012 R2 Extended Security Updates enabled by Azure Arc

Extended Security Updates for Windows Server (Directions members only)

Submit your own enterprise tech/licensing question to Directions on Microsoft here

Timed with the HLTH 2023 conference this week, Microsoft is taking the wraps off some of its coming healthcare-focused AI and data offerings. The company’s Fabric unified analytics platform, announced in May, is at the heart of a number of these offerings.

Microsoft officials said they are working on industry-specific data solutions in Fabric, and the healthcare data solutions — now available in preview — are the first of these.

Microsoft says these solutions will help customers avoid having to try to integrate the currently disconnected set of health data sources, including text, images and video. Sources like electronic health records, Picture Archiving and Communications Systems (PACS), lab systems, claims systems and medical devices, which support structured, unstructured, imaging and medical device data, can all be stored using open data standards in Fabric’s OneLake. These new healthcare solutions will be part of Microsoft’s Cloud for Healthcare bundle.

“Fabric has lots of interesting analytics and productive capabilities, but customers should tread lightly, because most the features in preview and some components (especially Fabric security) is still under construction and won’t be generally available until the middle of next year,” cautioned Directions on Microsoft analyst Andrew Snodgrass.

Nonetheless, today’s announcements show that “Microsoft’s next big push, after AI and Copilot calm down, is pushing customers to Fabric,” Snodgrass noted.

New Azure AI additions

As part of its HLTH 2023 announcements today, Microsoft announced new models for its Azure Cognitive Service API called Azure AI Health Insights (formerly Project Health Insights). Three new models are now in preview, including patient timeline; clinical report simplification; and radiology insights. There’s also a new preview capability in the Azure AI Health Bot that uses answers from a healthcare organization’s own content sources plus publicly available sources to customize and connect to existing healthcare organization’s workflows.

Microsoft also is continuing to build on technologies it acquired via its Nuance Communications in 2022. In late September, Microsoft announced general availability of the Dragon Ambient eXperience (DAX) Copilot (the product formerly known as DAX Express, and not to be confused with Power BI’s DAX). One of Microsoft’s growing family of Copilot AI assistants, the DAX Copilot uses voice and generative AI to help physicians more quickly and easily create medical documentation.

Microsoft isn’t the only one of the big enterprise cloud companies to be focused on applying AI and data resources to healthcare workloads. On October 9, Google announced plans for new AI-powered search capabilities aimed at pulling clinical information from different types of medical records. The new features will be for health and life sciences organizations using Google’s vertex AI Search platform. And AWS and AWS customer Medisafe announced on October 5 plans to collaborate on AI-powered medication-management built with AWS’ Bedrock AI platform.

Related Resources

Microsoft introduces new data and AI solutions for healthcare organizations

Microsoft Fabric Components: A technical overview (Directions members only)

Microsoft Cloud for Healthcare explainer (Directions members only)

Azure AI Health Insights

DAX Copilot’s debut

Microsoft officials announced at an event in New York City on September 21 that the company will make the Microsoft 365 Copilot AI assistant technology available for purchase by enterprises for $30 per user per month starting November 1. Microsoft 365 Copilot has been in a paid private test with 600 companies since June. There will be not be another beta or preview program before the product hits general availability, officials said.

Microsoft officials also announced the rebranding of some but not all of its various other Copilots that have been announced over the past year. The AI assistants in Windows, Edge and Bing will all simply be called “Microsoft Copilots,” going forward. But Microsoft 365 Copilot, the Dynamics 365 Copilots, Power BI Copilot, and GitHub Copilot will not be renamed to Microsoft Copilot. Even though all of these Copilots from Microsoft use the same underlying architecture, they are built using different reasoning and data and are designed for different purposes.

In other rebranding news, Microsoft officials also said the cross-Office-app AI assistant technology that is built into Microsoft 365 Copilot is being renamed to “Microsoft 365 Chat” instead of “Business Chat.” Microsoft 365 Chat is not a separate product. It is built into the base Microsoft 365 Copilot assistant.

Don’t forget the Microsoft 365 prerequisites

Microsoft 365 Copilot, which Microsoft announced in March 2023, is meant to work with Word, Excel, PowerPoint, Teams, the new Outlook for Windows (“Monarch”), Loop, OneNote and OneDrive. It will be available for purchase by customers running Microsoft 365 E3, E5, Business Standard and Business Premium. Microsoft 365 Copilot will not be available to customers running Office 365 E3 or E5; a move to Microsoft 365 is required as the price for entry, in addition to the $30 per user per month charge for the Copilot itself. There’s no word when or if Microsoft will provide volume discounts for Microsoft 365 Copilot.

Microsoft has cautioned customers that they need to make sure they have secured any sensitive corporate data in a way that won’t enable leaks of private company information once Microsoft 365 Copilot is implemented. This is no trivial task. Properly secured data means ensuring all users and the security groups are configured for minimal access and all data, especially sensitive data, has access controls defined. Copilots’ ability to access data stores is extensive.

I had heard from some who had seen the private preview of Microsoft 365 Copilot that neither Excel nor PowerPoint were working well (if at all). But a Microsoft official said today that the company had gotten Copilot in Excel and PowerPoint to a more stable, working place within the past two weeks. A number of testers seem to think that the Copilot capabilities in Teams, especially the ability to summarize happenings in meetings, could be the killer application of the Microsoft 365 Copilot technology.

Microsoft execs said this week that they have started privately testing Microsoft 365 Copilot with select consumers and small-business users. The consumer version of Microsoft 365 Copilot is not expected to be available until sometime in 2024. Microsoft officials have not discussed publicly how much the company will charge for Microsoft 365 Copilot for consumers and small businesses.

Copilot for Windows preview arrives soon for Windows 11 users

A preview of Microsoft Copilot for Windows will be available as of September 26 as part of a Windows 11 22H2 Update and will be part of Windows 11 23H2 when it starts rolling out in October 2023. Microsoft execs also said today that previews of Copilots for Paint (called CoCreator, for some reason), Photos, Snipping Tool, and the Shopping feature that is built into Bing and Edge also are coming soon. The Copilot for Windows feature will be on by default, but admins will be able to turn off access using Intune policies or Group Policy.

Copilot isn’t the only feature that will be part of the September 26 Update non-security feature update for Windows 11 22H2. Organizations also will get more passwordless security options. Specifically, they will be able to set a policy that enforces usage of phish-resistant credentials on Entra-joined devices. They also will get support for passkeys that are powered by Windows Hello for Business, giving them passwordless sign-in capabilities like face, fingerprint and/or PIN support on websites that support those features. And two new Windows 365 features will be part of the update, too: Windows 365 Boot and Windows 365 Switch.

Microsoft is expected to start rolling out the Windows 11 23H2 update in October, most likely on Patch Tuesday, October 10, and via the usual staggered release approach.

Related Resources

Announcing Windows 365 Copilot general availability

Microsoft: How to get ready for Microsoft 365 Copilot

Microsoft’s Copilot rebranding across its ‘most used’ consumer apps

How Microsoft is bringing Copilots to Microsoft 365 (Directions members only)

The next Windows 11 ‘moment’ update will feature Copilot (in preview) and more

On October 5, Microsoft is making a new virtual events experience known as Town Halls available in Teams for commercial customers. Teams Town Hall is replacing Teams Live Events, which will be discontinued fully by September 30, 2024.

Microsoft made the announcement about Town Hall replacing Live Events just a few days ago, on September 28, via a blog post. However, as Directions on Microsoft analyst Jim Gaynor noted in February this year, Microsoft already was moving away from hosting Live Events in Stream and Yammer in favor of Teams.

The move to Town Hall makes sense, Gaynor said. “Live Events were a Stream thing, Stream is no longer a service but a feature, and Live Events were already moving to Teams.”

Live Events are video broadcasts designed for simulcasting events like keynotes, announcements or all-hands addresses. They enable streaming of audio and video to audiences of up to 20,000 attendees (up to 100,000 when customers use Microsoft’s Live Events Assistance program).

Live Events were able to accommodate bigger audiences than Teams meetings and webinars, especially in the early days of Teams when meetings were limited to as few as 150 people, but this was accomplished by streaming the event video with interaction limited to text-based Q&A. Teams meetings are now able to accommodate up to 10,000 attendees. The Azure Media Services that support Live Events are being retired for customers in June 2024, squeezing Live Events out of the picture.

Some Town Halls features require Teams Premium

Town Halls in Teams are designed to host and deliver large-scale internal and external events. They feature advanced production capabilities and more attendee-engagement options. Town Halls in Office and Microsoft 365 will host up to 10,000 attendees (and up to 20,000 if an organization is using the $10 per user per month Teams Premium option). Events can last up to 30 hours and organizations can run up to 15 simultaneously hosted events across a tenant (and up to 50 concurrent events if using Teams Premium).

Town Halls supports RTMP-in and external encoders, enabling organizations to live-stream a custom RTMP source – similar to the current “Teams Encoder” capability in Teams Live Events. Using RTMP-out, customers can stream events out to a custom app or different endpoint outside Teams, allowing events to be viewed on LinkedIn, Twitter/X, Meta Workplace and more.

As of launch this week, Town Halls will not have full feature parity with Teams Live Events, specifically around event roles, external presenter support, DVR support and Viva Engage integration. Some of this missing functionality should be available in the coming months.

This shift from Live Events to Town Halls feels rather sudden. Just a month ago, Microsoft was extolling the capabilities of Teams Live Events in a blog post focused on using Live Events to stream virtual events, playing up its functionality vs. Teams Meetings and Webinars. However, Microsoft’s ambitions to build up a digital-events business and presence have been building since the COVID-19 pandemic began in 2020. Town Halls may be just another step in that direction.

Related Resources

Introducing Town Halls in Microsoft Teams

Live Events Leave Stream, Focus on Teams Broadcasting (Directions members only)

Microsoft blog post: 20 Tips for using Teams Live Events to deliver your virtual event

Microsoft overview of meetings, webinars, and live events (as of Oct. 3, hasn’t been updated for Town Halls)

Azure Media Services Retiring in June 2024 (Directions members only)

Even though only a subset of the many different Microsoft Copilot AI assistants are available to its commercial customers, Microsoft is trying to get ahead of some of the potential roadblocks facing customers adopting this new AI technology. The company went public one of its strategic weapons, its new Copilot Copyright Commitment, on September 7.

The Copilot Copyright Commitment builds on Microsoft’s IP indemnification coverage, company officials said, to include copyright claims connected to the use of its Copilots, including those for GitHub, Dynamics 365, Power Platform, Windows, Microsoft 365, Power BI, and its commercial Security suite of products, plus the related Bing Chat Enterprise assistant. Microsoft officials said this commitment includes the output these Copilots generate.

“Some customers are concerned about the risk of IP infringement claims if they use the output produced by generative AI. This is understandable, given recent public inquiries by authors and artists regarding how their own work is being used in conjunction with AI models and services,” Microsoft officials acknowledged in a blog post outlining the copyright commitment.

“As customers ask whether they can use Microsoft’s Copilot services and the output they generate without worrying about copyright claims, we are providing a straightforward answer: yes, you can, and if you are challenged on copyright grounds, we will assume responsibility for the potential legal risks involved,” the blog post added.

That means if a third party sues a commercial customer for infringing their copyright by using the various Microsoft business-focused Copilots or Bing Chat Enterprise, Microsoft will pay any legal damages.

Last year, Microsoft was hit with a class-action lawsuit over GitHub Copilot’s alleged code-scraping violations. And a number of authors and entertainers have sued OpenAI, Meta and others for allegedly using copyrighted material to train their AI language models.

Not so fast…

“But are these commitments outlined in a blog post enforceable before they are incorporated into the terms of service and other contractual agreements between Microsoft and its customers?” asked Directions on Microsoftanalyst Michael Cherry.

Microsoft’s latest changes to its service agreement, published in June 2023 and effective on September 30, include a section on “AI services to set out certain restrictions, use of Your Content and requirements associated with the use of the AI services,” but these terms were published prior to the announcement of the copyright indemnification.

Cherry also noted that a clause in Microsoft’s new commitment may act like a “Get Out of Jail Free” card for Microsoft. Microsoft officials said, “customers must use the content filters and other safety systems built into the product and must not attempt to generate infringing materials, including not providing input to a Copilot service that the customer does not have appropriate rights to use.”

Cherry explained: “Many times a person will not understand they don’t have a right to use some content—particularly under exceptions to copyright which are hard to interpret such as the concept of ‘fair use,’ of a small amount of material.”

In short, “copyright is hard,” Cherry said. That said, this new commitment by Microsoft “is likely enough to assuage most customer concerns. Customers simply may assume ‘we are indemnified; we can go ahead and use Copilot as much as we want,'” he added.

So many Copilots, so few generally available

Microsoft still has not rolled out all the Copilots it has announced and demonstrated and has not provided general-availability target dates, either.

The Microsoft 365 Copilot, which is slated to add assistive natural-language capabilities to Word, Excel, PowerPoint, and other Office apps, is still only in testing with 600 companies which are paying roughly $500 per user per year to test-drive the product. (That $500 number is based on information provided by some Microsoft customers during the various Ask Me Anything M365 Copilot sessions that Microsoft has held during the summer). Microsoft officials have said Microsoft 365 Copilot will cost $360 per user per year once it is generally available.

Microsoft’s Copilots for SharePoint and OneDrive don’t yet exist, as far as we know, although maybe there will be news on this front on October 3, given Microsoft’s tease for some major OneDrive AI-related news. And the Security Copilot that Microsoft announced in March is still only in very limited testing with roughly 20 customers. That preview program should expand substantially this fall, Microsoft officials have said.

Related Resources

Microsoft announces new Copilot Copyright Commitment for customers

The latest changes to the Microsoft Services Agreement, effective Sept. 30, 2023

Podcast: Generative AI – Where Customers Need to Look Before They Leap

Microsoft 365 Copilot and Bing Chat Enterprise pricing revealed

How Dynamics 365 CRM Is Adopting Copilot (Directions members only)

Microsoft, OpenAI still fighting Github Copilot copyright lawsuit

Directions on Microsoft analysts often use the phrase “batteries not included” to refer to features and functionality that one would assume to be in an E3 or E5 subscription bundle, but which instead are sold separately. The Directions analysts have noticed that in recent months, Microsoft is making more and more services available as add-ons rather than including them in existing bundles — which means customers’ overall subscription bills are going even higher.

Directions analyst Wes Miller’s theory is we’re approaching the day when Microsoft will introduce a new, high-end bundle which will include a number of these add-in services. If Microsoft sticks with its established naming convention, such a bundle could be called E7.

E7 could roll up all the features of E5, plus at least some add-ins, such as Entra ID Governance; Intune Plan 2 and Intune Suite and/or Microsoft Defender Vulnerability Management, suggested Miller.

These add-on services are not cheap, especially when purchased by customers who need hundreds or thousands of seats. Entra ID Governance, which is an add-on to either Entra ID (the service formerly known as Azure Active Directory) P2 or Entra ID P1. It costs $4 per user per month when added to Entra ID P2 and $7 per user per month when added to Entra ID P1. Defender Vulnerability Management costs $2 per user per month on top of Microsoft Defender Endpoint P2 or $3 per user per month when licensed alone to use with a third-party endpoint detection and response product.

Teams Premium is another add-on bundle Microsoft introduced this year. Teams Premium, which costs $10 per user per month on top of an existing commercial Teams subscription, includes several features which Microsoft had announced previously as being included in the current paid Teams offering for no additional charge.

Microsoft also could opt to fold its still-in-preview Microsoft 365 Copilot AI assistant technology into some kind of new bundle. Microsoft officials have said Microsoft 365 Copilot, whenever it goes GA, will cost $30 per user per month. (It currently is available to a small group of invited preview customers for a rumored $50 per user per month.) Microsoft officials haven’t said whether they’ll make volume discounted pricing available for M365 Copilot, but they could also/instead go with a subscription bundle of services that includes M365 Copilot.

The Counter Argument to an Imminent E7

Microsoft officials have not hinted or mentioned publicly anywhere I’ve seen that a new E7 SKU is waiting in the wings. In fact, its sales emphasis seems to be on driving more customers to go with E5, which costs $57 per user per month. Microsoft used its M365/O365 price hike for E3 earlier this year as a way to try to convince more customers to go with E5 (which didn’t get a price increase above the $57 rate).

Microsoft hasn’t revealed a recent number around what percent of its customer base is on E5. But in July 2022, Microsoft officials said the E5 SKU of Microsoft 365/Office 365 accounted for 12% of the commercial installed base. In 2021, that number was 8%. I’d assume Microsoft would try to grow the E5 percentage before introducing an even pricer E7, or possibly add some of the newer, separate add-ins to the existing E5 and up the price for E5 in the process.

Directions analyst Rob Helm said he didn’t expect Microsoft to roll out a new high-end M365 bundle until one of its competitors introduced something similar which would force Microsoft’s hand.

“The key signal to bundle is hearing footsteps from a more focused competitor like Slack,” Helm said. “Bundling made Teams ‘free’ for Microsoft 365 customers to head Slack off.”

“But without that competition, it can make sense to keep a focused product separate and maximize its own revenue. Look at Visio, which never got bundled until Web-based competitors started to look troublesome.”

Whether Microsoft rolls out a new subscription bundle in the naming of helping customers “do less with more,” or sticks with its current add-in launch madness, customers said they need some relief. The additional cost of services they assumed would be included in a premium SKU like E5 is causing their budgets to grow at an alarming rate.

Related Resources

Services Increasingly Expanding Beyond Microsoft 365 Suites (Directions members only)

Podcast: Fourteen Years of Microsoft Licensing Rule Changes – Looking Back and Forward

Microsoft concedes that some existing Teams features will become part of pricier Premium edition

July 2022: Microsoft says O365/M365 E5 is just 12 percent of its commercial installed base

Windows Server 2012 and 2012 R2 will no longer be supported after October 10, 2023. This means organizations still using these server editions won’t be eligible for security updates after that date — unless they acquire Extended Security Updates (ESUs).

ESUs provide up to three years of security updates rated “critical” or “important” by Microsoft. Until recently, customers had two options to buy ESUs for Windows Server 2012 and 2012 R2: Maintain Software Assurance (SA) and pay for each year of coverage or move their Windows Server 2012/2012 R2 workloads to Azure to get ESUs for no additional cost (beyond the costs associated with Azure).

Customers who want to run Windows Server 2012/2012 R2 on premises and in hosted environments are charged 100 percent of the full license price annually for each of the three years in addition to SA, which is a change from Windows Server 2008/2008 R2 which was 75%, 100%, and 125% for years one, two and three respectively. Customers interested in the Azure option can opt to use Azure VMs, Azure Dedicated Host, Azure VMware Solution or Azure Stack HCI.

In July, Microsoft added another option to get ESUs for Windows Server 2012 and 2012 R2. By enrolling their servers in Azure Arc, organizations can buy and activate their ESUs via the Azure portal and pay monthly rather than annually, if they choose. They also can manage the enrollment of ESUs in the Azure portal and forego keys to activate them.

A couple of caveats worth noting: This new Arc option requires customers to have Enterprise Agreements and active SA and is not available via the CSP program. Customers should also make sure that the ESU core licenses required match how the underlying Windows Server is licensed (in terms of physical cores or virtual cores).

Microsoft is advising customers to onboard their Windows Servers to Arc by September 2023 to be ready for the end-of-support date.

SQL Server 2012: Arc to the ESU Rescue

It’s not just Windows Server 2012/2012 R2 customers who have the option to get ESUs by going the Azure Arc route. SQL Server 2012 exited support on July 12, 2022. In July this year, Microsoft announced it would allow users still holding onto this version to purchase ESUs for year 2 onwards. The SQL Server 2012 ESUs are only available for download through Azure Arc, but connecting the SQL Server instance to Azure is not required.

With ESUs for Windows Server and SQL Server, Microsoft continues to add more reasons to use Azure Arc, and customers could find it increasingly difficult to avoid the Azure-connected service in the years to come.

Update (September 11): It looks like Microsoft has been making some quiet changes to its policies around how organizations can get ESUs. A spokesperson sent me this statement today when I asked whether Enterprise Agreement customers can still buy ESUs without going the Azure Arc route.

“Extended Security Updates enabled by Azure Arc is a new, primary offering we recommend for most customers. While the traditional, licensing ESU is no longer listed on the EA Price List, it is still available for sale directly through Microsoft for EA customers. Additionally, the licensing ESU will be made available via CSP, starting October 1, 2023, and the ESU enabled by Azure Arc has been available via CSP since September 1, 2023. The licensing ESU is recommended only for customers with workloads that need to be completely air-gapped or cannot connect to Azure Arc.”

Related Resources

New options for Extended Security Updates enabled by Azure Arc

Microsoft: Plan your Windows Server and SQL Server end of support

Windows Server 2012 and 2012 R2 ESUs available for purchase (Directions members only)

SQL Server ESUs Require Azure Arc, Not Azure Connection (Directions members only)

Extended Security Updates Depend on Hosting Platform (Directions members only)

Starting October 1, Microsoft will make available cheaper versions of its Microsoft 365 and Office 365 suites that do not include Teams as part of the bundle to customers in the European Economic Area (EEA) and Switzerland. Microsoft is doing this in the hopes of appeasing the European Commission, which is investigating the effects of Microsoft bundling Teams with Microsoft 365 and Office 365, based on a complaint filed by Slack in 2020.

Microsoft officials said they believe these changes will address two of the European Commission’s concerns: That customers should be able to choose a business suite without Teams for less than if Teams were included; and that Microsoft needs to do more to make interoperability easier between rival communication and collaboration solutions and Microsoft 365 and Office 365 suites.

Microsoft announced its updated pricing for the Teams-free suites on August 31. These Teams-free versions are available for purchase by customers with enrollments in EEA countries and Switzerland; from the EEA/Switzerland pricelists; and/or for deployment on EEA/Switzerland tenants out of datacenters in those geographic areas.

The Teams-free versions of Microsoft 365 and Office 365 will cost two euros less per month (24 euros less per year) for its core enterprise customers. Teams still will be available for new enterprise customers to buy standalone at 5 euros per month/60 euros per year.

Existing enterprise customers who already have a suite with Teams included can opt to stay with the version with Teams included or move to a Teams-free option. New commercial customers of M365/Office 365 business suites who still want Teams will need to purchase two SKUs: A version without Teams bundled along with a separate Teams EEA SKU. New small/mid-size business (SMB) customers in the EEA and Switzerland will have the option to buy the existing M365 Business Basic, Standard and Premium suites with Teams or the new EEA versions without Teams.

An updated price list for the various versions of Office 365, Microsoft 365 and the frontline suites is here. Education and consumer customers are not affected by these new policy/pricing changes, according to Microsoft’s Frequently Asked Questions (FAQ) guide.

Will Office Customers Bite?

“This is sure to be as relevant in time as the Windows N and K editions,” said Directions on Microsoft analyst Wes Miller. “It’s a pure regulatory appeasement move, although you might save a few bucks as a customer if you somehow don’t need Teams for your European employees.”

Windows N and K(N), for those needing a Microsoft history refresher, are the versions of Windows sold to European and South Korean customers which did not include certain bundled programs, including Messenger, Windows Media Player, Video, Voice Recorder and Skype. They were created to appease European antitrust regulators in 2004, and were not popular, to put it mildly.

Microsoft also will enable Windows 11 customers in the EEA to use their default browser to open links in Outlook and Teams chats. Currently, web links in Outlook and Teams chats open by default in Edge regardless of the default browser setting in the client OS. Microsoft is making this change because of requirements in the EU enforced by the Digital Services Act and the Digital Markets Act. Customers outside of these geographies will continue to have their links in Outlook and Teams redirected by Microsoft to open in Edge.

Related Resources

Microsoft announces changes to Microsoft 365 and Office 365 to address European competition concerns

New Teams-free M365/Office 365 price list

Microsoft bends to European regulators on browser links 

As Microsoft continues to roll out more add-ons for its Microsoft 365 suites, the complexity of its product-licensing and support matrices continue to grow. The result? Microsoft needs to come up with new ways to try to guide its customers to the appropriate licensing documentation.

On the first of September, as the company does each month, Microsoft rolled out the latest set of new product licensing terms for its enterprise customers. The September terms didn’t include much new of significance. The company did, however, add a new section worth noting to its Product Terms site.

Microsoft Security Portfolio Product Terms mapping section, found under (and tacked onto) “Other Legal Terms” section of the Product Terms site. This new section groups Microsoft’s growing number of security and compliance product offerings by Microsoft’s brand families; Defender, Entra, Intune, Priva, and Purview, plus the E5, F5, and G5 Microsoft 365 suites. The applicable terms for the nearly 50 individual products listed are hot-linked within the chart.

Microsoft links quite a few of the listed security products and services into the sprawling “Azure” service terms bucket. And even in cases where products like Defender for IoT actually do have their own, distinct Product Terms entry, the chart still confusingly advises customers to look through the Azure section for the applicable terms.

At best, a ‘partial patch’

“I suspect Microsoft must have been getting beaten up regarding ‘where can I find the licensing terms for XYZ,’ especially for the ‘batteries not included’ stuff,” said Directions on Microsoft analyst Rob Horwitz. However, “the huge ‘Microsoft Azure” section has become a dumping ground, including for terms related to ‘batteries not included’ stuff for M365.”

In Directions on Microsoft parlance, “batteries not included’ refers to add-ons that one might assume would be included in a Microsoft E3, E5 or other licensing plan, but instead are available as separate paid add-ons. The not-included features are like the missing batteries in an appliance or toy; often discovered too late and resulting in some angry customers (and maybe even bawling children — or licensing managers).

The new Security Portfolio Product Terms mapping chart isn’t really a fix, Horwitz notes. “At best, it’s a partial patch.”

In other September product terms news, there are a couple of product name changes of potential interest.

Microsoft has rebranded the product formerly known as “Microsoft Viva Sales” to “Microsoft Sales Copilot.” Viva Sales/Sales Copilot provides Outlook and Teams add-in applications that help users add and update Dynamics 365 data without accessing Dynamics 365 separately or copying data manually.

Microsoft also has made changes to the Dynamics 365 services line-up by switching up what constitutes “Dynamics 365 Customer Insights.” The existing Customer Insights customer data capabilities are being relabeled “Customer Insights—Data,” while the real-time marketing capabilities (previously known as Dynamics 365 Marketing) now are called “Customer Insights—Journeys.”

Related Resources

Microsoft Product Terms main site

Microsoft Product Terms RSS feed

Microsoft Security portfolio Product Terms mapping

How Dynamics 365 CRM is Adopting Copilot (Directions members only)

Microsoft has been working on consolidating its Outlook mail and calendar client apps for Windows since at least 2021. The planned replacement, which was formerly codenamed “Project Monarch,” looks a lot like the current Outlook web client for Windows. Despite years of development, the new unified Outlook is still missing some key features, including offline support, PST support and a way of handling legacy COM add-ins.

Despite this, Microsoft is forging ahead. In September, Microsoft will begin auto-migrating those using the Mail & Calendar app that is built into Windows to the new Outlook — with an option to go back if they choose. Given the incomplete/still-in-development state of the new Outlook, admins may understandably be leery. But Microsoft officials this week published a new YouTube video that outlines the long and detailed rollout process planned for the new Outlook, possibly as a way to try to appease organizations’ fears.

Microsoft officials said that while there is no exact cutover date for dropping the current Win32/classic Outlook client, the likely date is roughly two years out and will be determined by readiness of the product, as assessed by customers and Microsoft.

Microsoft officials publicly have committed to replacing the built-in Mail & Calendar app in Windows with the new Outlook by late 2024. But that isn’t the date when the standalone Win32/classic Outlook will be phased out, Microsoft execs said in the September 5 YouTube video.

Currently, the new Outlook preview is at the “production opt-in” stage. Sometime relatively soon, Microsoft will provide customers with a formal “notification of disruptive change” via the Microsoft 365 Message Center, tenant admin dashboards and other channels. After that, Microsoft will launch an “opt-out” beta, then an opt-out preview. One or more years after the opt-out preview, Microsoft will drop the classic Win32 version of Outlook for Windows.

COM add-ins support: A no go

Despite the existence of such a detailed and lengthy rollout plan, enterprise customers still could be queasy and with good reason, says Directions on Microsoft analyst Rob Helm

“Missing features and lack of backward compatibility (especially lack of COM object model APIs) is going to break tools and processes for handling e-mail on the user’s desktop,” Helm said. “To minimize enraged support calls, you have to predict which desktops will get the New Outlook, when. That means figuring out what update channel is being used by every Outlook client device in the firm, and then work out when the New Outlook arrives in that channel for you and your users.”

In terms of COM add-in support, Microsoft has drawn a line in the sand and decided they will not be supported by the new Outlook. Officials said these add-ins are often unstable and don’t work cross-platform. To try to appease customers who are dependent on tools and line-of-business apps that require legacy COM add-ins, Microsoft officials said they are “actively expanding” the capabilities of the web add-ins platform. They also said they will work directly with customers to figure out which add-ins are not supported. Microsoft officials maintain that most of the really great add-ins are not just COM-based and exist in other formats.

Microsoft officials said they are continuing to work through customers’ top priorities for features that are still missing from the new Outlook. Third-party account support (beyond Gmail, Outlook.com); offline access; PST/OFT/MSG/ICS file support; and the ability to search folders are all “in progress,” Microsoft execs said. And the ability to open files in native apps; custom folder ordering; profiles; sharing with native apps and custom formatting are all on the “planned” list.

Related Resources

Microsoft 365 YouTube channel video on the state of the new Outlook

Microsoft’s New Outlook for Windows preview site

Microsoft 365 Roadmap entries for the new Outlook

The August 1 Microsoft product licensing terms are out. And they include a small but noteworthy concession for organizations stung by Microsoft licensing changes dating back to 2019 which made running Microsoft software on certain non-Microsoft clouds more expensive.

By design, Microsoft’s 2019 changes around its bring-your-own-license (BYOL) terms made contracts more expensive for those interested in running Microsoft software on anything but Azure. Microsoft designated AWS, Google and Alibaba as “listed providers.” And customers who ran Windows, Office, SQL Server and other Microsoft software on those listed providers’ clouds would need to pay substantially more than they would if they ran those same applications and operating systems on Azure.

A number of customers didn’t realize the extent of the impact until their contracts with Microsoft were up for renewal. Once they did, some customers and partners took to legal channels, both in the EU and the U.S., to try to force Microsoft to level the playing field.

Microsoft announced, with much fanfare, its European Cloud Principles in 2022, which Microsoft officials said would provide customers and partners who wanted to run Microsoft software on certain non-Microsoft clouds, with some concessions. But again, customers who wanted to use AWS, Google and/or Alibaba were left out.

This year, in the U.S., the Federal Trade Commission has been soliciting public comments on the business practices of cloud computing providers which could impact competition and security. Google, various trade associations, and a number of customers and partners used the commenting opportunity to complain about Microsoft’s licensing changes.

On August 1, Microsoft made public, as it does on the first day of each month, a number of licensing changes. And whether prompted by the FTC commenting process or not, Microsoft made a concession to those running Office on AWS. The change:

“Beginning August 1, 2023, users with specific licenses may run Microsoft 365 Apps for enterprise/business, Microsoft Project, and Microsoft Visio on Amazon WorkSpaces. The licenses that will be eligible under this revised policy include Microsoft 365 E3/E5/A3/A5 and Microsoft 365 Business Premium. If you currently have any of these licenses, starting from August 1, you will be able to utilize these Microsoft applications on Amazon WorkSpaces virtual desktop infrastructure.”

Directions on Microsoft analyst Wes Miller said, “this gives customers a very premium way to run ‘Office’ on WorkSpaces, partially addressing some issues with Microsoft on AWS.”

However, it’s still a pricey solution, Miller noted.

“You’ll need a Microsoft 365 E3 or E5 subscription for every user accessing Microsoft 365 Apps for enterprise (Office) on WorkSpaces,” he explained. “Not Microsoft 365 licensed separately. Not Office 365 E3. You need Microsoft 365 E3+, even if you don’t need EMS (Enterprise Mobility and Security). And you still need VDA (Virtual Desktop Access) for your WorkSpaces users.”

In short, Microsoft is still offering far better terms with Azure Virtual Desktop (AVD) or Windows 365 than they do for AWS, Google or Alibaba, Miller said.

What Options Do Customers Have?

What can and should customers affected by the 2019 licensing changes do at this point? Miller said most customers failed to act between 2019 to 2022, which was when they had any chance to contractually fight these changes during their Enterprise Agreement renewals. Currently, organizations can stay and pay more; leave and go to a hosting provider that isn’t a “listed provider” (but which still is likely more expensive than going with Microsoft); or do what Microsoft is hoping and move to Azure.

“The reality is that if an organization is staying on AWS, GCP, or Alibaba, they should have a software asset management process in place for all of their Microsoft software in those three clouds, understand what the rules are today, be prepared to pay more to stay there, and have evidence to show Microsoft that they’re staying above board,” Miller advised.

Customers running Microsoft software on Microsoft’s biggest competitors’ clouds should anticipate costs will rise significantly through 2025, Miller said. They also should expect confusion over how to do what’s right, as fewer people understand how to navigate “the old way,” and auditors don’t know how to get it right.

“After October 2025, Office, in particular, will get harder to obtain, as SPLA (Service Provider License Agreement) rules tighten again,” Miller warned.

Related Resources

Microsoft’s 2019 outsourcing rules changes explained (Directions members only)

October 2022: Microsoft makes some outsourcing and hosting concessions

FTC Seeks Comment on Business Practices of Cloud Computing Providers that Could Impact Competition and Data Security

Publicly submitted comments responding to the FTC’s request

Microsoft Product Licensing Terms Changes for August 1, 2023

Microsoft 365 Apps OK for Amazon VDI (Directions members only)

As of the week of August 17, Microsoft will be making a new Edge browser mode the default version of Edge for some of its business customers. Those who sign into Edge using Azure Active Directory (now known as Microsoft Entra ID) will be moved automatically to this new mode, known as Microsoft Edge for Business. Edge for Business will provide a separation of syncing and browser history between Edge personal and Edge work sites — something which could bring privacy and possibly security benefits to organizations that rely on the Edge browser.

The Edge for Business mode, which has been available in preview for the past couple of months, will be part of Edge Stable Version 116 browser release, which is scheduled to begin rolling out the week of August 17. Additionally, the new Edge for Business mode will be coming to macOS and Linux; I asked Microsoft when this would happen but have not heard back. Officials also said the Edge for Business mode will be available on mobile devices at some point in the future.

Update (August 14): A spokesperson said Edge for Business also would come to Mac and Linux as of Edge Stable Version 116, the week of August 17. It also will be available on mobile the week of the 17th, but the updated icon, automatic switching, and management via the Edge management service in the Microsoft 365 admin center will be available for mobile “in the future,” the spokesperson clarified.

Customers will know they’ve been automatically transitioned to the Edge for Business mode because the updated Edge icon will include a briefcase in the lower left corner. (Individuals will be able to change the briefcase to their work profile picture in Edge settings, if they’d prefer to do so.) Edge for Business also will support company branding and customization.

Customers should not experience any disruption from the addition of Edge for Business, Microsoft officials claim. Edge for Business is not a new browser; it’s just a mode in Edge. It will maintain the policies, settings and configurations previously set by an organization, Microsoft said.

How the new Edge for Business mode will work

When using Edge for Business, organizations will have the option to set separate work and personal Edge profiles between which customers will be switched depending on the type of URL they are accessing. For this to work, customers need to have at least one Azure Active Directory/Entra profile and one Microsoft Account (MSA) profile, whether existing or new. Switching from the personal browser window to the work browser window will be on by default, with users having the option to turn the feature off. Switching from the work browser window to the personal browser window will be off by default with users having the option to turn it on. “In a future release,” the switch from work to personal will be on by default, officials said.

Currently, Microsoft has enabled Edge for Business to recognize whether some sites are “personal” or “work.” For example, a log into Microsoft 365 apps and services would trigger the work profile, while an Amazon or Target log-in would trigger the personal mode. Right now, there is no group policy for organizations who want to customize the work and personal URL lists. Customers can go to Edge settings and choose preferred browser for sites to be turned off or to select a preferred profile (work or personal) for an applicable site, however.

According to Microsoft, IT will maintain control over the security and compliance of both regular Edge and Edge for Business and will be able to control which features are available to users. Edge for Business will support both managed and unmanaged bring-your-own-PC devices.

Microsoft officials maintain that Edge for Business will benefit customers in terms of privacy and security. The new mode ensures a separation of syncing and browser history between work and personal sites by maintaining separate caches ans storage locations for the two types of sites users access. In terms of security, Microsoft’s argument for Edge for Business is it could help companies from having to support multiple browsers, which increases the surface area for cyberattacks. Allowing users to switch between different profiles within a single browser lessens the risk, Microsoft officials said.

A week after disclosing that a China-based hacking group (“Storm-0558”) infiltrated some individual and government Outlook email accounts for a month, Microsoft announced it will broaden access to security logs to include Microsoft 365 customers who are not paying for pricey premium security services.

“In the coming months,” Microsoft plans to broaden access to cloud security logs for no additional cost, according to a blog post the company published on July 19. While this transition happens, Microsoft is advising customers to use Microsoft Purview Audit in order to see more types of cloud log data.

Log data doesn’t prevent customers from getting hacked, but it does give them a way to try to proactively respond to issues. Some customers and company watchers believe log data should not be considered a premium feature, as it is fundamental to security. But Microsoft is not going as far as to make logging data free for all business customers.

Microsoft officials said they decided on the newly announced strategy “in close coordination with” government and commercial customers and the Cybersecurity and Infrastructure Security Agency.

The company is going to enable Purview Audit Standard customers to see detailed logs of e-mail access, along with more than 30 other types of log data that previously were only available to Purview Audit Premium subscribers. Microsoft also will increase the default retention period for Audit Standard customers from 90 days to 180 days.

Under the revised plan, Purview Audit Premium customers with E5/G5 licenses still will maintain more audit logging access. This includes the ability to use Audit log search in the Purview compliance portal and the Office 365 Management Activity programming interface; longer default retention periods; and automation support for importing log data into other analytics tools.

Restoring trust

“In some ways Microsoft finds itself back where it has a trustworthy computing problem,” said Directions on Microsoft analyst Michael Cherry. “Its latest actions surrounding an incident by a sophisticated bad actor raises serious doubts. Can Microsoft Azure and Office 365 customers count on these services being secure by design, secure by default, and secure by deployment, as well as providing fully transparent communications about any vulnerabilities and steps companies must take to mitigate exposure? If Microsoft partitions its security services and information to entice customers to pay more for better or for full security, then is the answer no—maybe they shouldn’t be trusted? Full access to logs, and the tools to spot problems in the myriad of log entries would be a good starting point to begin restoring some trust.”

In the case of the recent China e-mail hack, logging information that would have allowed detection of the incident was only available to those Microsoft 365 customers who purchased the premium E5 plan. Those running E3 were unable to see the required logging information.

As The Wall Street Journal noted, executives with the U.S. federal government, including the State Department and Commerce Department, were victims of the attack, leading some government officials to call for Microsoft to make cloud logs more widely available.

Update (September 11) On September 6, Microsoft posted more information about how the bad actor Storm-0558 acquired a Microsoft Account (MSA) consumer key to get enterprise access to business/government accounts. But its technical investigation findings are unlikely to ease business customers’ worries.

“Microsoft is telling customers that they should examine logs between April 2021 and June 2023 to make sure they weren’t sideswiped too. But only customers with M365 E5 and Advanced Audit and who had configured logs correctly before April 2021 (or had started sending them all out to Splunk or Sentinel back in 2021) would even have all those logs to peruse,” noted Directions on Microsoft analyst Wes Miller. “E3 customers wouldn’t even be able to look back before June at this point. E5 customers would be able to look back to September 2022. “

Related Resources

Expanding cloud logging to give customers deeper security visibility

Microsoft’s latest email hack: M365 E3 subscribers beware

CISA: When Tech Vendors Make Key Logging Info Available for Free, Everyone Wins

Not a day goes by when we don’t hear about a new AI-based innovation in the Microsoft ecosystem: Copilots for everything, Azure ML, Azure OpenAI, to name a few.

But…amid all the AI hype has Microsoft deprioritized the thing many of us depend on every day?

Now before I go on: I use Microsoft software every single day. I’ve used Microsoft OS’s since DOS 1.0. I love Office. Adore Visual Studio. And I worked for Microsoft for nearly 14 years. I’m not at all a Microsoft hater.

That said…

Your C: Drive is a Mess

Recently I wrote about my year-long travails in updating my beast of a desktop to Windows 11. (TL;DR – it’s a 12-core i9-based Alienware/Dell machine with 64GB of RAM, a 256GB C: drive, and somewhere in the neighborhood of 12TB of storage on other drives.)

The crux of the problem boiled down to this simple fact: over the three years of owning this machine, so much flotsam and jetsam had accumulated on the C: drive that there was literally insufficient room to install Windows 11. And that was after doing all the obvious housekeeping tasks like clearing out temp files, and some not so obvious stuff like moving Visual Studio to another drive, and so on.

Ultimately a friend recommended this wonderful little utility called Wiztree which graphically shows what’s taking up space on your drive.

Wow.

Some amazing discoveries include:

Now, you can turn off hibernation which will return the space (after a reboot). This finally allowed me to install Windows 11. But then the new version of Windows thoughtfully turned it back on again. (Incidentally you can theoretically move the swapfile off of the C: drive – which IMHO is a very bad idea – but you cannot move the hibernation file, which doesn’t make sense.)

There are lots of utilities out there that can help you understand what’s taking up space on your C: drive, and there are apps that can help you remove stuff you don’t and won’t ever need.

My question is: how did Microsoft ever let it get this way?

Please Give Me Time Machine

I get it: backup is mundane, surprisingly hard, and yet absolutely positively essential in a world where the OS alone cannot protect against ransomware, among other scary concerns. Windows 10 had this slow, awful, and unreliable File History-based backup which no longer appears to be present in Windows 11 and good riddance to File History as far as I’m concerned.

Now, I complained on Twitter that Windows doesn’t have a good backup, and a Very Famous Evangelist informed me I was wrong.

So I was very excited to see what Windows 11 provided, and disappointed to learn that out of the box Windows 11 will back up to…OneDrive, taking up cloud storage not to mention bandwidth (I have 12TB, I’m not uploading that!).

Macs have a truly wonderful backup program called Time Machine that I use on my MacBook with an external USB drive. I want that on my PC. Why is this so hard?

Apps, Apps Everywhere

When you install an application on Windows where does it go?

Well, all over the place.

Now, I don’t think any user cares whether or not an app is 32-bit or 64-bit, but of course we still have C:Program Files and C:Program Files (x86).

But apps can also be in C:Users[your name here]AppData which has its own complex folder tree. (Visual Studio Code, for example, installs to AppDataLocal.)

Why isn’t there just a simple Applications folder?

Has Microsoft Lost Interest?

To this passionate Windows user it feels like Microsoft has lost interest in, or deprioritized, Windows — which has resulted in both a loss of control and discipline over their product. ISVs, partners, and Microsoft itself write applications that collect data forever, that install anywhere they like, and leave logs, dumps, installers, and other rarely used files all over your system. While individual capabilities in Windows are brilliantly conceived, the overall experience is unintegrated, inefficient, and wasteful.

As I said, I’m anything but a “Microsoft hater.” I mean all these criticisms constructively. But…can Microsoft fix any of these issues? Do they care? Or will we have to wait until a new version of Windows?

Barry covers Azure, Windows Server, enterprise architecture and corporate governance topics at Directions on Microsoft. Before joining Directions 2020, Barry worked at Microsoft for 12 years in a variety of roles, including as Chief Technology Officer for Microsoft’s own IT organization for 5 years. Prior to Microsoft, Barry spent several years as CTO for several successful startups, and before that, 11 years at Lotus Development, where he was the lead developer for Lotus 1-2-3, the best-selling application of its time, and a Lotus Fellow.

A lot of the interest in Microsoft’s AI copilots revolves around the still-elusive Microsoft 365 Copilot. However, Dynamics 365, not Microsoft 365, will be one of the first places that Copilot capabilities surface. And these Dynamics Copilots will be available to some Dynamics 365 customers for no additional cost and to others as a paid add-on, company officials confirmed.

On June 15, Microsoft went public with plans for new copilot capabilities in Dynamics Project Operations, Finance, and Supply Chain Management. Public preview for these Copilots begins today in English for customers in the U.S. (for Supply Chain Management) and North America (for Finance and Project Operations). A spokesperson said once they are generally available, they will be available to some licensed Dynamics 365 users at no extra cost.

“The (Dynamics 365) copilots announced today will be available for customers with licenses in premium offers such as D365 Sales Enterprise, D365 Sales Premium, and D365 Customer Service Enterprise, D365 Finance, D365 Supply Chain Management, D365 Project Operations and sell it as an add-on to other plans, most likely for Professional licenses.  We will have more details to share at GA (general availability),” the spokesperson told me.

I asked if there would be any prerequisites for these Dynamics 365 Copilots, such as Azure OpenAI, and was told that is not the case.

A quick check of the handy Dynamics 365/Power Platform Release Planner from Microsoft shows that some of the already-disclosed Dynamics 365 Copilot capabilities already are in preview and/or will be available in public preview starting June 23. These include capabilities such as the ability to summarize conversations in Customer Service using Copilot; use SharePoint as a knowledge source for Copilot, and the ability to view Copilot analytics on a company’s business.

The Query Assist feature in Dynamics 365 Marketing (also under the Copilot banner) is listed as hitting general availability this summer, as is Content Assist for assisting with Marketing emails. Several of the Dynamics 365 Copilot capabilities Microsoft announced earlier this year — such as turning a prompt automatically into a SQL query which can be run on Azure Synapse Analytics — are slated for general availability in August 2023, according to the Release Planner.

Even though Microsoft isn’t yet ready to talk pricing details for the Dynamics 365 Copilot add-ons, this is a lot more clarity than we have around any pricing/licensing/availability for Microsoft 365 Copilot. Microsoft has been very slowly seeding select customers with an early preview of Microsoft 365 Copilot. It expanded that private preview program to 600 invited, paid customers starting in June. There is no date when more customers will be able to test-drive Microsoft 365 Copilot, when it will hit GA or how it will be priced and licensed. Officials have said only that Microsoft 365 Copilot will be a paid add-on to Microsoft 365 E3/E5 and likely to be released via a model similar to GitHub Copilot.

At least part of the reason that the Dynamics copilots are ahead of some other promised enterprise ones is Microsoft slapped the Copilot label on a number of Dynamics 365 AI-based features that already were in preview and scheduled for release as part of the Dynamics 365 Wave 1 release kick-off in March, as Directions on Microsoft analyst Andrew Snodgrass has pointed out.

With each AI announcement it makes, Microsoft executives are honing how they define Copilot and the way they describe the many different copilots that the company is readying across its enterprise and consumer offerings. During the Build developer conference last month, Microsoft officials said copilots are “applications that use modern AI and large language models to assist you with a complex cognitive task.”

Key here is the word “assist.” Most Copilots are application-specific plugins that provide a chat window where users key in a request. The Copilot plugin interprets the request and then calls the appropriate application API/command to perform the task for the user. This turns it into a productivity feature that relieves the user from going through a mountain of menu items to do the same thing. For other Copilot features, the plugin calls an external process, like with Copilot in GitHub, where it calls another OpenAI model, Codex, to generate code.

Microsoft is even releasing Copilot Stack that will allow customers to build their own Copilot plugins, which some partners have already done.

Sometimes Microsoft officials talk about a unified, single Copilot system that underlies the various copilot capabilities coming to market, but more recently, it’s common to hear Microsoft execs talk about lots of different copilots for different apps, services and modules that are based on a common “platform.”

As Directions analyst Snodgrass pointed out back in April, “Microsoft’s Copilot brand does not represent a cohesive set of tools and features but rather is a label that various Microsoft product groups are using to describe advanced machine learning features, primarily based on natural language processing.”

Microsoft: AI on track to hit $10 billion annual run rate

Microsoft has plans to bring copilot capabilities to not just some, but all of its cloud services, as spelled out earlier this week by Microsoft Chief Financial Officer Amy Hood and Chief Technology Officer Kevin Scott. The pair held a virtual briefing for Wall Street investors about Microsoft’s AI strategy.

Microsoft’s public storyline around its AI push this year is that it happened really suddenly, starting in late 2022/early 2023. However, as Scott told analysts this week, “We started a transformation inside of Microsoft about a year before we even did the partnership with OpenAI” (which happened in 2019).

Microsoft doesn’t have all of its new business models for copilots figured out yet, but already is predicting its AI business “will be the fastest growing $10 billion business (meaning $10 billion in annualized revenue) in our history,” in Hood’s words. Where will the money come from? Both from tools and services that customers will use to build AI apps and services (using Azure OpenAI interfaces and running on Azure) and built “into every Microsoft Cloud solution,” Hood said “whether it’s named Copilot or not.”

Scott elaborated: There are “the people who want to come use our infrastructure, whether they’re training their own models, whether they are running an open source model they’ve got, or whether they are making API calls into one of the big frontier models that we’ve built with OpenAI. It’s like all of these products, each of which has a slightly different potential for business model. So, like the way that we are going to be able to just sort of monetize all of this.”

(A related aside: Remember the skunkworks Microsoft Singularity AI infrastructure service that leaked back in February 2022? That project is now known as “Project Forge” — something that Azure Chief Technology Officer Mark Russinovich discussed at Build last month. Project Forge helps Microsoft run its own AI workloads using transparent checkpointing, coupled with a global GPU capacity scheduler. GitHub Copilot currently uses Forge under the hood. Russinovich said “we’re working on making it directly available to customers in the near future.” Monetization, ahoy!)

Microsoft is OpenAI’s exclusive cloud provider, but ChatGPT and other OpenAI models are not exclusively for use by Microsoft. However, Hood told analysts that Microsoft has a “broad perpetual license to all the OpenAI IP developed through the term of this partnership, that means even if the partnership were to end, we would still have those license rights to all the IP, up until AGI.” AGI, or artificial general intelligence refers to the idea that AI can solve any cognitive or human task.

After disruptions to its Office, Outlook, OneDrive and Azure services from June 5 to June 9, Microsoft acknowledged via a blog post late last week that distributed denial-of-service (DDoS) attacks from threat actor “Storm-1359” were to blame. The multi-day incident no doubt will raise a lot of questions among Microsoft customers, especially enterprise customers who are increasingly reliant on Microsoft to power their business operations.

On the plus side, Microsoft officials said they had seen no evidence that customer data was accessed or compromised as part of the DDoS attacks. However, the quiet way Microsoft disclosed this information doesn’t inspire confidence.

The company opted to post about its findings late in the day on June 16, the Friday before what is a long holiday weekend for many in the U.S. (In the media, we call this a “Friday news dump.”) As security expert (and former Microsoft employee) Kevin Beaumont noted on Twitter, they also didn’t point to the blog on their usual social channels or name Azure or Microsoft 365 as being affected, while both appeared to be.

When various news outlets asked Microsoft earlier this month why services like the Azure portal were down, the “official” answer was an unusual spike in traffic. On Friday, however, a Microsoft spokesperson said in response to an AP request for comment that the group called “Anonymous Sudan” was behind the attacks.

Microsoft’s blog post about the attacks, entitled “Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks,” noted that the early June DDoS incidents were likely due to a collection of botnets and tools that allowed Storm-1359 to launch attacks from multiple cloud services and open proxy infrastructures. The types of attacks included HTTP(S) flood attacks, cache bypasses and “Slowloris,” or attacks which can cause a web server to keep a connection open longer than it should be. The intent of the attacks “appears to be focused on disruption and publicity,” officials said.

As the Azure Firewall Turns

Microsoft is recommending customers use Layer 7 protection services such as Azure Web Application Firewall, which is available with Azure Front Door and Azure Application Gateway, to protect web applications. Its blog post unsurprisingly didn’t specify what Microsoft itself did and is doing to try to stop these kinds of attacks.

Many customers assume once they commit to Azure or Microsoft 365 that Microsoft will keep them safe (or at least safer than they can keep themselves) from attacks, given the company’s sizeable investments in security. Additionally, customers may have a false expectation that cloud services like Azure, Microsoft 365, and similar offerings can continue to deliver resilient services for customers under all conditions and simply absorb large-scale attacks like this. Microsoft does continue to make adjustments to try to stay ahead of all kinds of bad actors. But these kinds of DDoS attacks highlight that even a cloud vendor with vast resources is still vulnerable, and its customers are, in turn.

“Although Microsoft has focused on Azure Active Directory (AAD) resilience a lot in the past several years, the reality is that key Azure services like AAD are at the core of all Microsoft services. And even when designed for high resilience, malicious attacks like this can take down large chunks of services for customers around the world,” said Directions on Microsoft analyst Wes Miller.

Microsoft was scheduled to hold a press event focused on its Entra security and identity products and strategy on June 20, but on Friday abruptly announced the virtual event was postponed until July 11. A coincidence? I’m doubtful. I also don’t think it’s a coincidence that my increasingly growing problem with spam flooding my Outlook and Outlook.com accounts almost entirely has tapered off since Microsoft assumedly made changes to battle these DDoS attacks…. but I digress. (Or do I?)

Microsoft publicly disclosed last week that a China-based hacking group (“Storm-0558”) infiltrated some individual and government Outlook email accounts for a month. Via several blog posts, Microsoft officials shared details about how the breach of approximately 25 organizations happened and some of the steps it has taken to remedy the issue.

But there was one key bit of information that Microsoft did not disclose about the hack of which Microsoft enterprise customers should be aware. In its write-up, The Wall Street Journal noted that customers who were using Microsoft 365 E3, rather than E5, didn’t realize they were being hacked.

From the WSJ:

“Companies detect and investigate attacks by using logging software that keeps records of activity on their servers. But in this latest Chinese espionage campaign, critical logging information required to detect the attack was only available to purchasers of Microsoft’s top-tier cloud service, said officials at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.”

E3 offers some logging information but does not keep track of specific mailbox data which would have revealed the attack. Microsoft 365 and Office 365 E3 (and other plans below) do not log read-access to individual Exchange Online mailbox items.

E5 includes advanced information protection, premium e-discovery, advanced threat protection and threat intelligence — all capabilities not included as part of E3. There are also limits on the age of Entra identity and access ID sign-in logs, which is where failed sign-ins show up. In Office 365, for instance, the limit is seven days.

“Many capabilities that Microsoft 365 Enterprise tenants need to operate safely and comply with regulations require the more expensive license suites. It’s like going to a car lot and being told you have to buy the premium option package to get the Check Engine light,” said Directions on Microsoft analyst Rob Helm.

Microsoft 365 E5 costs substantially more than E3. Before volume discounts, E3 costs $36 per user per month and E5, $57 per user per month. To date, relatively few Microsoft customers have purchased E5. Officials said during fiscal 2022 (the period between July 1, 2021, and June 30, 2022) that E5 represented about 12 percent of the total M365/O365 base. In Microsoft’s FY’23 Q’1, officials didn’t provide an update on E5 growth, other than to say more than half of the $10-million-plus Microsoft 365 bookings in the quarter came from E5.

Microsoft officials have been touting the growing size of the company’s security business — a boast which doesn’t sit well with some customers, competitors and critics, who argue that Microsoft should not be making money from insecurities in its own software and services. Recently, a leaked internal report meant for Microsoft’s board noted that Microsoft is aiming to grow its security and identity management (SCIM) business to $50 billion by FY’25 and possibly to $100 billion by FY’30. However, Microsoft officials also acknowledged in that report that deployment is lagging subscriptions.

As Directions on Microsoft analysts have noted before, customers need to use extreme care when mixing and matching Microsoft 365 E3 and E5 together. As a general rule, organizations should ensure that they do not deploy and enable Microsoft 365 E5 security and compliance services unless all knowledge workers are licensed for the entire Microsoft 365 E5 suite (or F5 equivalent). Related but different issues can occur if the organization partially licenses E5 subcomponents on an à la carte basis and not all users are licensed for all the services deployed as a part of those subcomponents.

Even though it unveiled its Microsoft 365 Copilot AI assistant technology in March, Microsoft until now has not released pricing, licensing or availability information for the AI-assistant tool, much to the annoyance of many of its customers, partners and company watchers. However, on July 18, the opening day of its annual Inspire partner show, officials finally revealed pricing plans for Microsoft 365 Copilot: It will be $30 per user per month add-on to E3, E5 and a couple of SMB-focused plans.

Microsoft looks to be attempting to offer those who consider $360 per year to be too pricey an alternative. Today, Microsoft officials also took the wraps off Bing Chat Enterprise, another generative AI service aimed at businesses, which will be available for no additional cost for some enterprise users, and for $5 per user per month for others.

Directions on Microsoft analysts were split on how they believe Microsoft 365 Copilot pricing will fly with customers (a number of whom have continued to assume wrongly that Microsoft would make M365 Copilot available for free)).

At $30 per user per month, Microsoft 365 Copilot will cost almost as much as a Microsoft 365 E3 license (at $36 per user per month) — a fee some Directions analysts considered exorbitant. But if Microsoft 365 Copilot really does perform as has been demonstrated, some customers might buy in, others said.

“The pitch of a dollar a day to significantly increase the productivity of an employee might work,” said Directions on Microsoft analyst Rob Sanfilippo.

Microsoft still is not disclosing how or when it plans to roll out Microsoft 365 Copilot beyond some fairly vague statements. Microsoft officials have said that Microsoft 365 Copilot will help customers learn how to use its apps and features — for example, to turn a report into a 10-slide PowerPoint deck. Microsoft 365 Copilot also could assist users in drafting emails and documents; creating spreadsheets based on natural-language commands, and, via a capability called “Business Chat,” combining information from Microsoft 365 apps and data to do more complex tasks, such as “Tell my team how we updated our product strategy last week.”

Currently, Microsoft 365 Copilot is in private preview with up to 600 invited, paying customers, officials have said. Officials have declined to say when and if Microsoft plans to broaden the private preview or open up a public preview ahead of releasing Microsoft 365 Copilot commercially.

In an interview published in June this year, Microsoft Corporate Vice President Jared Spataro did say “you should expect people to have them (M365 Copilots) in production easily this fall. By the end of this summer, we’ll be showing some of what customers are doing with it. The tech is there.” When I asked whether Microsoft would support customers using preview versions of Microsoft 365 Copilot in production with something like a “Go Live”-type license, a spokesperson said Microsoft had “nothing to share.”

In last week’s virtual Microsoft 365 Copilot “Ask Me Anything” (during which Microsoft officials barred questions on pricing, licensing and availability), officials reiterated that Microsoft 365 Copilot will be an add-on license requiring users to have Microsoft E3, E5, Business Standard or Business Premium. Organizations will be able to assign Copilot licenses to specific users who have a base license. Initially, Microsoft 365 Copilot will work for Microsoft Word, Excel, PowerPoint, Loop and Teams. Microsoft plans to integrate Microsoft 365 Copilot directly into the UI for these apps.

The only Microsoft “Copilot” that is currently generally available is GitHub Copilot. Microsoft sells GitHub Copilot, its developer-focused AI pair-programming technology, for US$10 per user per month (or US$100 per user per year) for individuals. GitHub Copilot for Business is US$19 per user per month. For that price, developers get everything in Copilot for Individuals, plus license management, organization-wide policy management, privacy capabilities, and VPN support.

The (Dynamics 365) copilots which Microsoft announced earlier this year are next in line to go GA. They will be available for no additional charge for customers with licenses in premium offers such as D365 Sales Enterprise, D365 Sales Premium, and D365 Customer Service Enterprise, D365 Finance, D365 Supply Chain Management, D365 Project Operations. Dynamics 365 Copilot will be sold as an add-on to other plans, most likely for Professional licenses. 

At the Inspire show today, Microsoft also announced Sales Copilot, which officials are calling “a seller companion.” (If that sounds familiar, it should, as this is how Microsoft branded its Viva Sales product announced a year ago.) Viva Sales is now considered part of Sales Copilot, the new AI-specific capabilities will be part of a standalone subscription, as well as made available in Dynamics 365 Sales Enterprise and Premium licenses for no additional cost.

Bing Chat’s enterprise play

In other related news announced on Day 1 of Inspire, Microsoft officials also said they are bringing to market a version of Bing Chat for business users. Called “Bing Chat Enterprise,” this version of Microsoft’s AI-enhanced Bing chat bot will be available in preview starting today for organizations with Microsoft 365 E3, E5, Business Premium and Business Standard. It will be available to these customers for no additional cost. Microsoft also plans to make Bing Chat Enterprise a standalone subscription at some point in the future, priced at $5 per user per month.

Meant to work similarly to the Bing Chatbot for consumers, which is powered by Microsoft’s adaptation of OpenAI’s ChatGPT large language model (LLM) technology, Bing Chat Enterprise will provide “AI-powered chat for work with commercial data protection,” according to the company. (I’m assuming this means it will rely on the security and privacy controls baked into the Microsoft 365 E3/E5/Business Premium services that are required to prevent organizations’ data from “leaking,” but Microsoft never actually spelled this out. Officials said Bing Chat Enterprise won’t save chats and Microsoft will not be privy to the results of searches done with it.) Update: I was wrong. Bing Chat Enterprise does not rely on the Microsoft 365 security and privacy services; it only offers the aforementioned “commercial data protection” guarantees. It does require Azure Active Directory (newly renamed “Entra ID”).

Bing Chat Enterprise has nothing directly to do with the aforementioned and similarly named “Business Chat” capability that Microsoft is building into Microsoft 365 Copilot. Microsoft Search in Bing, which also provides a “work” vertical in Bing search results for those who sign into Bing with their work and school accounts, will continue to be supported. Unlike Bing Chat Enterprise, Search in Bing does not have an AI chatbot front end.

“Bing Chat Enterprise lets you use the power of generative AI at work, with commercial data protection. Microsoft 365 Copilot takes this to the next level and adds a superset of features that enable people to be productive and creative at work in a whole new way by grounding answers in your business data like documents, emails, calendar, chats, meetings and more to deliver incredibly rich and actionable responses to your questions,” said a spokesperson when I asked for the differences between Bing Chat Enterprise and Microsoft 365 Copilot — besides the price.

Deprecated vs. discontinued. End of support vs. end of life. It’s a tough job trying to keep track of when Microsoft software, services and features are “retiring,” to use the company’s euphemism for being dropped.

Lately, it feels to many of us here at Directions on Microsoft that Microsoft is stepping up the pace of moving products and features out to pasture. Maybe it’s because, like many of the company’s customers, Microsoft is trying to support fewer products and features in the name of “doing more with less.” Whatever the reason, it’s a good opportunity for organizations to reflect on what these phase-outs can mean beyond the obvious and how to try to reduce their impact.

Many customers were hoping moving to Microsoft’s cloud would magically remove (or at least diminish) the impact of upgrades. But technology moves forward and just like the on-premises days of old, advancements mean major components are retired and replaced and customers must perform upgrades themselves. The big difference now is the timing. Under the Modern Lifecycle Policy, Microsoft (the vendor) dictates when upgrades happen, rather than the customer. And it’s on a schedule that benefits Microsoft, rather than the customer.

Here’s a recent example: There’s a fairly key feature in Dynamics 365 Customer Service called Intraday Insights which Microsoft is retiring very soon. On April 28, officials contacted users telling them the feature would be deprecated sometime in the future. Three days later, on May 1, the feature was deprecated. Surprise! Although customers can continue using the feature for the next year, on October 31, 2023 — six months from now — Microsoft is ending support.

Did Microsoft do anything counter to its promise of giving customers 12 months’ notice about a feature going away? No. In fact, Microsoft has a replacement product at the ready: It’s new Omnichannel Real-Time Analytics Reports product, which it just happened to release in late April (the time Microsoft originally contacted Intraday Insights users about the planned obsolescence of the product.)

Customers now have an unplanned, and unbudgeted IT project to migrate from one reporting solution to another in a service they are already using. This migration is going to take both IT and business staff away from other business-focused efforts that are probably more important to their companies for several weeks. Try explaining the value of that to executives. Welcome to the Modern Lifecycle.

Directions on Microsoft analyst Jim Gaynor notes that under Microsoft’s Modern Lifecycle Policy, Microsoft must provide a minimum of 12 months’ notification prior to ending support “if no successor product or service is offered — excluding free services or preview releases.”

The Modern Lifecycle Policy also states: “For products and services governed by the Modern Lifecycle Policy, unless otherwise noted, Microsoft’s policy is to provide a minimum 30 days’ notification when customers are required to take action in order to avoid significant degradation to the normal use of the product or service.”

In the case of Intraday Insights, Microsoft checks both boxes.

Does this mean the company’s policies in these cases are pro-customer? Definitely not.

The devil is in the details when it comes to deprecation and discontinuation announcements. “Deprecate” might not mean what a customer thinks and/or may be used inconsistently by Microsoft. Organizations need to dissect whether a service is no longer being “improved,” whether it will eventually be shut off entirely or in part; and whether there is a viable substitute (and how much effort, time and money is required to make it work).

Some companies have policies in place that specify they cannot run unsupported software. That means regardless of whether a product or feature is still present, if it’s not supported, that can mean it’s a no-go. Six months isn’t a long period to decide on a successor product, test and validate it and migrate to it. This kind of rapid change is disruptive and costly.

Organizations need to remember “it’s Microsoft’s cloud and you’re just relying on it for your entire business,” says Directions analyst Gaynor. “Live in fear and keep that wallet open.”

Customers need to be aware that at any time, you may be given a 30-day notice to take action such as changes to supporting systems, loss of compatibility with interoperating services, or refactored deployment practices or established business processes, to avoid “significant degradation” to your use of a Microsoft product/service, Gaynor noted.

And at any time, you may be given only 12 months’ notice that a Microsoft product/service you rely on will be discontinued without a replacement. While you may be able to continue using unsupported products, services are likely to be shut down and no longer available, giving you only 12 months to evaluate, select, implement, and migrate to a replacement service, he added.

Directions on Microsoft analyst Michael Cherry adds customers should keep these realities in mind when negotiating their licensing contracts with Microsoft.

“The problem is that few if any of these ‘policies’ get implemented as specific clauses or amendments to the contracts,” Cherry said. “These ‘promises’ should be incorporated into the service level agreements specifically, with both the promise and the consideration.”

Microsoft’s Build developers conference is happening this week, starting on May 23. This year’s event is “hybrid,” again, with attendees participating in person in Seattle or watching virtually. Unsurprisingly, there are lots of announcements around Microsoft’s Copilot AI assistance technology this week. But there also are other product and strategy reveals that likely will have more near-term and widespread customer impact.

Microsoft wants Build attendees to take away one big thing from the show: Copilots and plug-ins are here! (Except, in reality, they’re not — other than in Bing and GitHub.)

Microsoft has been pre-announcing a range of Copilot assistants for just about every consumer and commercial product in its line-up since the start of 2023. The business-focused Microsoft Copilots —> which Microsoft now officially defines as “applications that use modern AI and large language models to assist you with a complex cognitive task” &mash;> are in private preview for a (very) select few at this point. Microsoft still hasn’t said when they’ll be commercially available, how they’ll be licensed, or how much they’ll cost to use.

At Build, officials will continue to tout the productivity benefits of Copilots and the company’s decision to back the same plug-in standard that OpenAI is using for ChatGPT. The plug-ins we’ve seen demoed to date are almost all consumer ones, such as OpenTable and Instacart. But Microsoft is promising that corporate developers will be able to build their own custom plug-ins using Visual Studio and the Teams Toolkit for Visual Studio Code to provide users help with tasks such as processing contracts or managing corporate travel expense reports. Microsoft also is labeling Teams message extensions and Power Platform connectors as plug-ins, going forward. Officials said the 20 customers currently in the M365 Copilot Early Access program have access to more than 50 plug-ins from Microsoft, as well as Atlassian, Adobe, ServiceNow, Thomson Reuters and other vendors.

(I’m thinking that Microsoft execs are busily re-making the “Power House” Power Platform apps, which are customizable, template-like apps for specific business functions that we wrote about a few months ago, to fit into this Copilot/plug-in story. Maybe we will hear more on that this summer.)

Because no Microsoft event these days is complete these days without the announcement of EVEN MORE Copilots, Microsoft is bringing a Copilot to Windows 11(with a preview coming in June, assumedly to Windows Insiders) in the name of helping users navigate commands and work with multiple apps simultaneously. The Microsoft Edge browser is getting the Microsoft 365 Copilot. The newly announced Microsoft Fabric data platform will be getting a Fabric Copilot “soon.” Power Platform’s Power Pages Copilot is now in public preview and the Power BI Copilot for Data Analysis Expressions (DAX), announced today, is in public preview now, too.

Fabric, Azure Linux and Win32 Isolation (Oh, my!)

Enough AI smoke. Here are the other top announcements of potential interest to Microsoft business customers from Build:

Microsoft Fabric “Fabric” is the new end-to-end data and analytics platform Microsoft is unveiling at Build. It’s a combination of updated versions of existing tools, plus a few new ones, delivered in the form of Software as a Service (SaaS). The platform is built on top of a common data lake based on the open delta/parquet format, which Microsoft has dubbed “OneLake.” Microsoft’s goal with Fabric is to provide cross-suite integration. A bunch of the pieces of Fabric, including Data Factory; Synapse Data Engineering, Data Science, Data Warehousing and Real Time Analytics; as well as OneLake are in public preview now.

“Azure Linux”: Listen at Build for mentions of something called “Azure Linux” this week. We already knew that Microsoft has its own Linux distribution, called CBL-Mariner (CBL = Common Base Linux), but officials repeatedly have pointed out that Mariner is for Microsoft’s own internal use and not a commercial Linux distribution. Microsoft has disclosed previously that it used Mariner as the base for the Linux virtual machine that is in Azure Kubernetes Service (AKS) for edge devices. But until this week, officials have called this “AKS-Lite VM.”

When I asked about the name-change, I got the following statement: “Azure Linux is the commercial product for CBL-Mariner, and it is supported as a container host OS for AKS. Mariner (CBL-Mariner) as an AKS container host has been renamed to Azure Linux container host for AKS. Microsoft does not provide broad commercial support for Azure Linux as a server operating system,” said Jim Perrin, Principal Program Manager Lead, Linux Systems Group. My interpretation: Mariner has graduated beyond an internal-use-only skunkworks project to more of a commercial Linux, even if limited. I’ll be curious if Microsoft goes further in making Azure Linux a “real” Linux distribution at some point.

New Win32 app isolation technology: Microsoft previewed plans to add new Win32 app isolation technology to Windows 11 back at the BlueHat conference in April. This update will be in public preview on May 24 for both consumers and commercial customers. Microsoft is presenting this capability as a step on its journey to making Windows “adminless” in the name of security. Many Win32 “classic” apps don’t run with least privilege, and isolation could help contain security issues and reduce damage if an app is compromised. Win32 app isolation in Windows 11 will rely on the “Helium” container tech that lives on top of the existing registry and file system, which is used by the MSIX Windows app package format. Microsoft isn’t providing information on when this isolation capability will be available commercially or how it will be priced/licensed.

Even more Windows goodies: After a few years of making Windows an afterthought at Build, it seems Microsoft is making quite a few Windows-related announcements at the show this year. In addition to the Win32 app isolation announcement, Microsoft is showing off a new Dev home app (in preview) that will let developers more easily set up Windows as their dev machine with WinGet configuration, GitHub integration and more built in. Microsoft also is announcing officially “Dev Drive,” which is a new virtual hard disk (VHD) storage volume tailored for developers that is based on ReFS (Resilient File System). And Win365 Boot, the capability allowing Windows 365 users to log directly into their Win365 Cloud PCs and designate them as their primary Windows experience (with no interim steps required after the initial log in) is finally going to preview.

Microsoft Mesh and Teams avatars: Before it was all-in on AI, Microsoft was gearing up to hop on the metaverse train. The company gave its Mesh mixed-reality collaboration platform and avatars for Teams lots of promotional love in 2021 and 2022. Both technologies get a small nod at Build this year. Mesh is (finally) in private preview for those who want to build virtual experiences for town halls, employee training, onboarding, and virtual tours. And the avatars for Teams will be generally available for all Microsoft 365 Business and Enterprise customers in the Teams desktop app on Windows and Mac starting this week.

Entra External ID: Microsoft’s customer identity and access solution, Entra External ID, which Microsoft announced earlier this year, will hit preview this summer. (Entra is the brand for a set of services built on top of Azure Active Directory for identity management.) While Microsoft made Entra Verified ID generally available in 2022, allowing users to share proof of employment, education and similar personal information, the External ID component lets organizations employ an identity provider to manage their IDs and then manage access to apps with Azure AD or Azure AD B2C.

Whether you like or loathe Microsoft’s Edge browser, it’s worth knowing about some changes Microsoft is making regarding how Edge works and is managed. Microsoft officials say they are making these adjustments in the name of giving users a smoother, more productive experience. But the way the company is going about implementing these shifts is anything but smooth.

Microsoft has begun notifying some customers that it plans to make web links in Outlook and Teams open by default in the Edge browser, regardless of the browser on which organizations have chosen to standardize. Earlier this year, this seemed to be a change that would affect only those with Microsoft 365 Personal or Family subscriptions. But now, Microsoft has made it clear that it plans to also make this change for commercial customers with Azure Active Directory and Microsoft Accounts.

In a message in the Microsoft 365 admin center, as noticed by Petri.com, Microsoft has started informing some customers that web links from emails in the Outlook for Windows app will open side-by-side with the email message in Microsoft Edge to spare customers from having to switch back and forth between apps. This will happen in Edge even if it’s not the organization’s default browser in Windows.

In Teams, web links shared in chat messages will also open in Edge, though there’s seemingly no published date as to when this is going to happen. And in Outlook for iOS and Android in the coming months, users will see a prompt asking them to choose their default browser and configure that option in their Outlook mobile settings, even if they’ve already made a choice (Edge or otherwise).

Only links set to open in a web browser will be affected; those set to open in a client app or in Outlook itself will continue to work as usual. Reports say the Message IDs detailing these changes are MC548092 and MC541626 and not every commercial M365 admin can see them yet.

Microsoft’s official justification for these changes, according to a spokesperson, is improved usability.

“This change is designed to create an easier way for Outlook and Microsoft Teams users to reduce task switching across windows and tabs to help stay focused. By opening browser links in Microsoft Edge, the original message in Outlook or Teams can also be viewed alongside web content to easily access, read and respond to the message, using the matching authenticated profile. Customers have the option to disable this feature in settings,” the spokesperson said in an emailed statement.

Microsoft is telling admins this week they have 30 days’ notice that this change will be rolling out in Outlook for Windows for all business customers. IT pros can configure policies to manage this for Microsoft 365 apps. But those with Microsoft 365 Business plans need to control this on individual client PCs can do this by going to Outlook, File > Options >Advanced > Link handling and selecting their preferred browsers from the drop-down menu, according to a report from Neowin.net.

Update: The Microsoft spokesperson added this bit about how admins can control this setting: “Organizations who do not want web links from the Outlook for Windows app or Teams to open in Microsoft Edge can manage this change using the Choose which browser opens web links policy in the Group Policy Management Console or in Cloud Policy service for Microsoft 365.”

If this weren’t enough, Microsoft also has added a new setting in the April Patch Tuesday updates for Windows 10 and 11 which results in the Default Apps Settings page popping up every time a web link opens with Google Chrome. While customers still can make Chrome their default (at least for now), Microsoft has made the process more difficult. I asked the aforementioned spokesperson why Microsoft opted to do this but did not hear back.

These kinds of strongarm tactics aren’t the only way that Microsoft is trying to convince users to adopt its Bing search engine and Edge browser. Microsoft has been touting new AI capabilities delivered via the new Bing and Bing chatbot, powered by OpenAI’s GPT and ChatGPT, as lures to win over new customers, too. On May 4, Microsoft announced more new Bing and Edge AI capabilities to sweeten the deal further.

Among today’s announcements:

There are some interesting capabilities that using the new Bing, Bing chatbot and Edge together can unlock, but Microsoft’s attempts to force customers to use Edge could end up backfiring.

While AI announcements are expected to get top billing at Microsoft’s Build developer conference next week, its data platform reveals are going to get a lot of time in the limelight, too. The new “Microsoft Fabric” platform, built to make data access and insights more easily accessible and integrated, will be the subject of more than a few Build sessions, based on what’s in the conference’s online session catalog.

On May 17, Microsoft sleuth “WalkingCat” on Twitter posted what look to be pre-recorded video excerpts from the coming Microsoft Fabric announcements. In those segments, Arun Ulag, Corporate Vice President of Azure Data, outlines the coming Fabric data platform “for the era of AI.”

In the video, Ulag says Fabric will be an end-to-end data and analytics platform, based on updated versions of existing tools, delivering a unified architecture, security and data-sharing experience in the form of Software as a Service (SaaS). The Fabric platform will be built on top of a common SaaS data lake, based on the open Delta Parquet format, accessible by all components. He calls this platform “OneLake,” which he says is “almost like OneDrive, but for your data.”

The Fabric platform will deliver data analytics directly to users in the Office apps by leveraging a new, integrated version of Power BI, Microsoft’s business intelligence offering.

Microsoft Fabric, which was codenamed “Trident,” will consist of seven core workloads or apps, each built for particular personas and tasks, according to the videos. The seven:

All of these workloads will store and access data in OneLake via workspace folders, and all the data will be in the Delta Parquet open-source data file format. (Ulag touts the decision to go with open-source formats in Fabric as a major differentiator between Microsoft and Snowflake, Google and AWS.) All data across the Fabric platform will be automatically provisioned with the tenant and be organized in a hierarchical namespace. The data will be automatically indexed for discovery, governance, compliance and more, according to the videos.

So what’s the AI piece of this? (Given Microsoft seemingly has decided no product or service can be announced without an AI component, there must be at least one.) Microsoft is expected to to add its Copilot AI assistant technology to Power BI. Sources of mine say Copilot will be coming to all the other pieces of Microsoft Fabric, too, at some point, which will enable customers to use natural language to code, create reports, glean insights and more. Additionally, in the leaked videos, Azure OpenAI is mentioned as a key binding service across the Fabric platform, although there are few details as to what that actually will bring to the Fabric data platform party.

Last year at Build, Microsoft announced the Microsoft Intelligent Data Platform, which included everything already in the Azure Data space (Azure Data Factory, Azure Data Explorer, SQL Server 2022, Azure SQL, Cosmos DB, etc.) to the Synapse Analytics products, to Power BI, to the newly rebranded Purview compliance/governance product family. Microsoft officials said the unification was meant to weave analytics more tightly into the other components of customers’ data estates.

With only these few details about the Build news available publicly at this point, it’s hard to know for sure whether Microsoft Fabric is yet another marketecture-type announcement, or a major revamp of some of the company’s most important data assets.

Information on what these changes mean to the existing platforms that make up Fabric and how that will affect existing customer deployments is unknown. Most of the Fabric components appear to be further enhancements and integrations of existing capabilities. On paper, at least, the idea of a common back-end storage platform and more open APIs sounds like a potentially big customer win. But more needs to be known about how easy it is to migrate from Microsoft’s existing tools and how much it will cost organizations to do so.

Based on what we know so far, “Fabric feels more like an important evolution of Microsoft’s cloud analytics and data lake service, rather than a wholesale change. And that bodes well for customers already using the underlying services like Power BI and Data Lake and Synapse Analytics,” said Directions on Microsoft analyst Andrew Snodgrass. “Fabric should help existing customers improve what they’re already doing and open the door to orgs that haven’t adopted the individual services because it’s hard to combine them all.”

Microsoft has used the first several months of this year to blast its AI messaging on the business and consumer fronts. While its Bing chatbot and Microsoft Designer consumer Copilot AI assistants are in public preview — and even shipping commercially in the case of its developer-focused GitHub Copilot — its other business-focused Copilots are in private preview with a small set of customers. Microsoft officials have continued to decline to talk about plans for public previews, pricing, and licensing for Microsoft 365 Copilot and Dynamics 365 Copilot.

But during the company’s Q3 FY’23 analyst call on April 25, Microsoft executives dropped a few hints about the company’s thinking about pricing and licensing for its Microsoft 365, Dynamics 365, Viva and Security Copilot capabilities. And just because Directions on Microsofthas been asked this several times already: These Copilot capabilities definitely are not going to be free. They will be priced as add-ons on top of existing subscriptions like Microsoft 365 E3 and/E5.

“When we believe we’re adding a lot of value, and frankly, that’s what the Copilots are doing and some productivity improvement, you can expect that we will have a list price for those,” said Microsoft Chief Financial Officer Amy Hood in response to a Wall Street analyst’s question during yesterday’s call.

CEO Satya Nadella added that the model Microsoft is using with GitHub Copilot is a good indicator of where the company will likely go with its other business-focused Copilot capabilities. (Nadella did not say if Microsoft would match the GitHub Copilot pricing exactly, however.)

Nadella told analysts:

“The Copilot that’s priced, and it is there, is GitHub Copilot. That’s a good example of incrementally how we monetize the price lists out there, and others are to be priced, because we are in preview mode. But you can expect us to do what we’ve done with GitHub Copilot pretty much across the board.”

Microsoft sells GitHub Copilot, its developer-focused AI pair-programming technology, for US$10 per user per month (or US$100 per user per year) for individuals. GitHub Copilot plugs directly into developer’s’ editors. And GitHub Copilot for Business is US$19 per user per month. For that price, developers get everything in Copilot for Individuals, plus license management, organization-wide policy management, privacy capabilities, and VPN support.

Nadella said yesterday that Microsoft has had more than 10,000 organizations “sign up” for GitHub Copilot for Business since it became broadly available close to three months ago. Microsoft has announced it will be adding more Copilot AI assistant capabilities to GitHub Copilot via its GitHub Copilot X initiative, which is now in technical preview.

Microsoft has demonstrated publicly via various demos how Copilot could improve customers’ experiences with everything from security analysis to PowerPoint deck creation. Microsoft officials have insisted that Copilot is more than just OpenAI’s ChatGPT embedded into Microsoft 365. The official description of the Microsoft 365 Copilot “System”: “It’s a sophisticated processing and orchestration engine working behind the scenes to combine the power of large language models (LLMs), including GPT-4, with the Microsoft 365 apps and your business data in the Microsoft Graph — now accessible to everyone through natural language.”

Unsurprisingly, Microsoft focused heavily on its AI investments during its Q3 earnings announcement. Officials said the company has more than 2,500 customers for its Azure OpenAI service, which builds on top of its customer OpenAI’s GPT-3/4 technology. In March 2023, Microsoft execs said they had more than 1,000 customers using Azure OpenAI. While Azure growth continues to slow, as Microsoft had warned it would, Azure and “other” cloud services grew 27 percent compared to the year-ago quarter. (One year ago, that Azure growth number was 46 percent.)

Microsoft officials didn’t say on the call when the company will release its business-focused AI Copilots in public preview or commercially. Recently, officials said to expect the Viva Copilot capabilities to ship later this year. And a closer look at the Dynamics 365 release plan roadmap notes that several of the announced Dynamics Copilot capabilities have begun moving into public preview and are slated to ship this summer. The near-term delivery date for the Dynamics 365 Copilot features could be due to them being more of a rebranding of announced and in-preview features with the Copilot name, as Directions has noted.

Microsoft currently uses a large number of different domains for its various Microsoft 365 apps and services. On April 26, officials announced plans to reduce fragmentation by bringing its authenticated, user-facing Microsoft 365 apps and services onto a unified “cloud.microsoft” domain.

Microsoft opted for the cloud.microsoft name because it plans to bring more than just the Microsoft 365 services to the name at some point, officials noted. The company’s goal with this change is to reduce sign-in prompts, redirects and other issues when navigating across apps. For admins, the consolidation should help reduce complexity of allowed-lists.

To start, only net-new services will be deployed on the new cloud.microsoft domain.

“In most cases,” no customer action will be required to keep using Microsoft 365 apps and services, officials said. Microsoft already has added “.cloud.microsoft” to the official list of Office 365 URLs and IP address ranges.

Microsoft officials said they will notify customers at least 30 days in advance before changing the domain for any existing service which requires customer network configuration. For any domain changes requiring updates to customer apps or other more complex customer actions, officials said they will provide “targeted communications” and “ample time” for adjustments.

This sounds, at least in theory, like a change that shouldn’t have a lot of negative impact on Microsoft cloud-services customers. However, customers should stay vigilant in case there are any infrastructure, software and firewall issues which potentially could arise with the introduction of any kind of new top-level domain.

Microsoft is giving Windows users a bit more information about what’s planned for Windows 10 and Windows 11 via some updates to its lifecycle support pages this week.

Windows 10 Enterprise, Enterprise IoT and Education will remain supported by Microsoft until October 14, 2025, as we’ve known for a couple of years. What we didn’t know for sure until today, April 27, was that Windows 10 22H2, which Microsoft released last fall, will be the “final version of Windows 10.” All editions of Windows 10 will remain in support with monthly security updates through that date. But they won’t be getting any more new features, based on today’s update from Microsoft.

Existing Windows 10 Long Term Servicing Channel (LTSC) releases will continue to get updates beyond that date, based on their specific lifecycles. Depending on the edition and release, these dates range from January 2027 to January 2032.

LTSC releases of Windows are designed for special-purpose devices and environments. Their feature sets remain constant for the supported lifetime of the release, which has led some customers who don’t want the constant disruption of feature updates to adopt them, in spite of Microsoft’s cautions against using LTSC for this reason.

Microsoft also announced today that it will deliver the promised LTSC version of Windows 11 in the second half of 2024. There will be a Windows 11 Enterprise LTSC and a Windows 11 IoT Enterprise LTSC edition released at that time. Officials said they will provide more details closer to availability.

In addition to continuing to provide security updates for Windows 11, Microsoft also has moved to a pattern of “continuous innovation” for the product. This means in addition to getting a single “major” feature update each year, usually in the fall, Microsoft also is delivering other new features and updates for Windows 11 throughout the year without a set schedule.

There have been reports that Microsoft is planning to release a new Windows variant, which may (or may not be) christened Windows 12 in the latter half of 2024. It’s hard to know at this point whether this release will be more than Windows 11 with a bunch of “AI”-labeled features added and/or more virtualization capabilities delivered via Windows 365 — or something more.