Starting September 7, 2026, Microsoft Entra ID will require explicitly registered authentication methods for Self-Service Password Reset (SSPR) verification. This blog dives into the details of this security update and the critical actions admins must take to prepare.
Until now, organizations needed an Office 365 Extra File Storage add-on for additional SharePoint storage, which required fixed-capacity purchases that often led to unused costs. To address this, Microsoft has introduced a pay-as-you-go billing model for SharePoint storage in Microsoft 365. This allows organizations to pay only for the additional storage they consume beyond their included quota. In this blog, we’ll explore Microsoft’s pay-as-you-go SharePoint storage model and how it can help optimize costs.
The introduction of Device Soft Delete in Microsoft Entra ID (Public Preview) brings a much-needed recovery layer for device management. Instead of being permanently deleted, devices now move into a soft-deleted state, allowing admins a 30-day window to restore them when needed.
Starting in early June 2026, Microsoft Outlook will support external email tags within inbox rules, allowing users to automatically organize and categorize external emails for improved prioritization.
Microsoft has integrated the Power Automate workflow experience directly into SharePoint Online. This allows users to view, create, and manage workflows without leaving the SharePoint site interface. This also introduces a context-aware “Mad-Lib” style automation experience that automatically prefills trigger inputs such as SharePoint sites, lists, and libraries to simplify workflow creation.
Storm-2949 is a sophisticated identity-based attack campaign where a single compromised Microsoft 365 account can lead to wider access across Microsoft 365 and Azure environments. Instead of relying on malware, the attackers abused trusted Microsoft services, MFA workflows, tokens, and permissions to silently move deeper into the environment.
Struggling to automate secure monitor manage M365?
Try AdminDroid for Free!What’s new in Microsoft 365 – the latest announcements, features, and updates, delivered as quick reads.
Microsoft will require registered authentication methods for SSPR verification. Find unregistered users amd prepare for enforcement.
4 min read
Explore new pay-as-you-go billing for SharePoint Storage and learn how to enable consumption-based billing to pay for what you consume.
5 min read
Learn about Device Soft Delete in Microsoft Entra ID and how deleted devices can be recovered within a 30-day window before permanent removal.
4 min read
Microsoft adds external email tag support to help users move external emails to a folder using Outlook inbox rules.
3 min read
Explore the unified workflow experience in SharePoint Online to create and manage Power Automate flows directly from lists and libraries.
5 min read
The Storm-2949 attack shows how hackers use different approaches until they gain full Microsoft 365 cloud access.
9 min read
Learn how the new Security Detection Report in Teams admin center helps monitor malicious links, impersonation attempts, and unsafe files.
2 min read
Explore the new Microsoft 365 admin center dashboard bringing services, Copilot, and AI agents into one place for better visibility & management.
5 min read
Discover how the Shadow AI page in Microsoft 365 helps you identify, monitor, and block unauthorized AI tools to reduce risk and secure usage.
4 min read
Explore the Account Discovery feature that finds existing user accounts in Entra ID applications and helps you identify unmanaged identities easily.
4 min read
Explore Microsoft 365’s modern change management model, including audience-based releases, Message Center updates, and MCP servers.
6 min read
Block multi-tenant and consumer apps in Microsoft Entra using new sign-in audience restrictions in application policies.
5 min read