Kurt Shintaku's Blog

We are pleased to announce that all Microsoft 365 users can now access Microsoft Copilot Academy to improve their AI and Copilot skills. This academy – curated by Microsoft experts – provides a comprehensive, structured learning experience designed to help users master the use of Copilot through hands-on learning activities and experiences. Click here to learn more about what Copilot Academy includes.

Last year, we announced the academy was available to all Microsoft 365 Copilot users. We have now lifted the Copilot license requirement, giving immediate access to any user with a Microsoft 365 license. No additional registration or administrative action is required to start using Copilot Academy. Please see appendix 1 for an updated table that lists the licenses that grant access to Copilot Academy.

Use Copilot Academy to train users before assigning Copilot licenses
The new licensing structure for Copilot Academy unlocks a new scenario for administrators – ensuring users commit to Copilot training through the academy before receiving a Copilot license. Administrators can now use Copilot Academy as a tool to teach users how to leverage Copilot before a license has been assigned. This allows users to see the value of Copilot and learn how it can maximize their productivity throughout the workday. Upskilling before receiving a license encourages faster time-to-value with Copilot and helps identify workstreams where Copilot will have the greatest impact.

Read about Copilot Academy from the Viva Learning blog:

• Microsoft Copilot Academy now available to all Microsoft 365 users
  https://techcommunity.microsoft.com/blog/viva_learning_blog/microsoft-copilot-academy-now-available-to-all-microsoft-365-users/4408101

(Government customers: Unfortunately, Copilot Academy is not available yet for GCC cloud instances. I am talking to the Program Manager for the solution to identify a timeline for availability.)

This is a list of 2025 Microsoft conferences that I maintain for my customers, along with discount codes for ones that I have them available to our customers.

Did you miss the Windows Server Summit 2025 this past April?  Don’t worry – we recorded all the sessions for you!

Watch all the sessions on-demand at your leisure through the links below.  (Don’t miss the session on the new “Hotpatching” capability – server patching without reboots – only available with Windows Server 2025 with Azure Arc!)

Keynote

• Day1:7:00AM Welcome to Windows Server Summit 2025! (1 hour)

Upgrade & Migration

• Day1:8:00AM Upgrades made easy with Windows Server 2025
• Day1:11:00AM Assess cloud-readiness of your applications with Azure Migrate
• Day2:7:30AM Migration and modernization: From VMware to the cloud

Security & Identity

• Day1:9:00AM Harden security and build resiliency with Windows Server 2025
• Day1:9:30AM Securing Active Directory
• Day1:11:30AM AD CS enhancements, innovations, and security

Core Services

• Day1:10:00AM From on-premises to cloud with Azure File Sync
• Day1:10:30AM What’s next for advanced storage
• Day2:7:00AM Windows Server Hyper-V architecture, features, GPUs, and more!
• Day2:8:00AM SDN magic: Windows Server 2025 innovations
• Day2:8:30AM Fine-tuned host networking for Windows Server 2025
• Day2:11:30AM Highly available, always scalable: Failover clustering and S2D

Server Management

• Day1:8:30AM Modernize server management and connectivity with Azure Arc
• Day2:9:00AM Azure Arc-enabled management and pay-as-you-go for Windows Server
• Day2:9:30AM Hotpatching and update management for Windows Server with Azure Arc
• Day2:10:00AM What’s new in 2025 with Windows Admin Center

Training & Support

• Day1:12:00PM Beyond the MCSE: Windows Server training and certification
• Day2:10:30AM The support case files: Windows Server troubleshooting tips
• Day2:11:00AM The support case files: Windows Server troubleshooting tips (continued)

Windows 11 is secure by design and secure by default, with layers of defense enabled on day one to enhance your protection without the need to first configure settings. This secure-by-design approach spans the Windows edition range including Pro, Enterprise, IoT Enterprise, and Education editions. 

Support for Windows 10 is ending soon on October 14, 2025. Upgrading or replacing outdated devices before Windows 10 support ends is a critical priority for building a strong security posture. Discover why organizations of all sizes, including 90% of Fortune 500 companies, are relying on Windows 11.

The following online-only “Windows 11 Security Book” covers:

• Hardware security
• Operating System security
• Application security
• Identity protection
• Privacy
• Cloud services
• Security foundation

This edition includes updates with Windows 11, version 24H2, features and enhancements. Read at:

• Windows 11 Security Book – November 2024 Update
  https://learn.microsoft.com/en-us/windows/security/book/

Are you an Azure Government customer planning on using Azure Arc-enabled Windows Management services? PLEASE READ THIS POST!

If you have Software Assurance on your Windows Server core licenses & want to enable Windows Management features like Azure Update Manager, Azure Policy, Azure Change Mgmt & Inventory, etc. without getting billed for these Windows Mgmt services in Azure Government (as you are entitled to by virtue of your Software Assurance on your Windows Server cores) you must use the Powershell script written by Scott Metzel, and written about by John Kelbley on the Azure Advanced Migration blog. 

WHY?
This is because (at least as of April 2025) the Azure Portal UI in Azure Government is currently missing the “Windows Server SA attestation” checkbox that normally mitigates these Azure charges. To get by this, you need to “check the box” using Powershell instead to avoid being billed for these services.

Visit the following for more details & to download the script:

• BLOG: Azure Gov Arc is Different: Arc Software Assurance Attestation 
• SCRIPT: https://github.com/ScottMetzel/PowerShell_Scripts/tree/main/Azure_Arc

The M365 Copilot Audit Report displays interactions your employees are having with M365 Copilot.

This report uses data from the Purview Audit log and Entra ID exports that get saved into 2 CSV files. The first csv file is storing Copilot Interaction events and other csv is exporting user details (Display Name, UPN, Position, City, Country) for users that have M365 copilot license assigned.

Power BI report is reading data from those these two files and can display users Display names or anonymize them. Report contains Overall and Adoption pages that allow M365 Champs to monitor behavior of M365 Copilot licensed users.

Five Power BI reports are included in this download: Overall, Impact, Decomposition, Adoption & Trend. The image above is a snapshot of the “Overall” report. Information available includes:

1. Time of the day interaction
2. Application ratio
3. Monthly interactions
4. Weekly Interactions
5. Top active users
6. Top sources
7. Time spent in minutes
8. Time spent in hours and minutes
9. Time decomposition by departments and positions
10. Employee names anonymizer
11. Active vs total licenses assigned
12. Trend comparison between two departments
13. Slicers
    • Time range
    • Application
    • Employee
    • Position
    • Departments

REQUIREMENTS:
The reports use Power BI Desktop & the rest of the prerequisites including required permissions are listed in the README of the GitHub repository. The reports work with GCC cloud instances for government institutions (who don’t have the “Copilot Dashboard” available through Viva Insights yet) so get the Power BI reports from the GitHub repository below for free:

• DOWNLOAD: M365 Copilot Audit Power BI Report
  https://github.com/BojanBuhac/M365-Copilot-Audit-Report

April 2025 version of MCRA is out!  This release of the Microsoft Cybersecurity Reference Architectures (MCRA) focuses heavily on updates related to standards and mappings, products and technology changes, and more.
 
Key changes since the previous December 2023 release:

• Updated main capabilities diagram to add Microsoft Security Exposure Management, Windows LAPS, passkeys, and Microsoft Entra Verified ID as well as to show Microsoft Security Copilot as a broad capability.
• Replaced several references of Secure Score with Exposure Management
• Clarified representations of Microsoft Security Copilot to show broader capabilities beyond Security Operations
• Added Microsoft Entra ID Governance to Adaptive Access diagram
• Updated several slides in introduction sequence and added new “Security must be integrated everywhere” slide.
• Updated slides in Artificial Intelligence (AI) section
• Added ‘Standards Mapping’ section and included proposed drafts of Zero Trust Reference Model standard from The Open Group (and Microsoft product mapping to them)
• Added roles list from The Open Group to people section
• Added Prioritization slide to the Threats section from upcoming draft Security Matrix standard from The Open Group
• Updated threat intelligence daily signals to 78+ Trillion and updated links/resources on various slides.
• Updated closing slides to show the full security modernization journey and associated Microsoft Unified engagements

Download the PowerPoint file (including slide notes) from the usual site:

• https://aka.ms/MCRA

(All hail Mark Simos, Microsoft Principal Cybersecurity Architect, Program Manager, and creator of the MCRA!)

The Microsoft Report Message and Report Phishing add-ins are now in maintenance mode and will eventually be deprecated.

We recommend transitioning from the add-ins to the built-in Report button. The Report button is supported in virtually all consumer and enterprise Outlook clients.

For more information, see the Frequently asked questions section in this article.

• DOCS: Transition from the Microsoft Report Message or the Report Phishing add-ins
  https://learn.microsoft.com/en-us/defender-office-365/submissions-users-report-message-add-in-configure