Azure Weekly is a summary of the week’s top news to help you build on the Microsoft Azure Platform. From AI to Zero Trust, it aims to keep you on top of the latest Azure developments
Power BI Weekly is a collation of the week’s top news and articles from the Power BI ecosystem. From Power Query to Copilot, it aims to keep you on top of the latest Power BI developments
(Note: Both Azure Weekly & Power BI Weekly are independent newsletters not affiliated with Microsoft. Both newsletters are the creation of Endjin, a London-based Microsoft Solutions Partner that curates posts & content largely from the official Microsoft Azure blog & other sources but is not limited to Microsoft sources alone.)
Comments Off on INFO: Microsoft Weekly Newsletters for Azure & Power BI
If you’ve got Microsoft 365 E3, the good news is that you do have access to “Purview Data Security Posture Management for AI” – the tool that allows IT to monitor the use of all AI solutions, including 3rd parties like Anthropic Claude, Perplexity.ai, Google Gemini, OpenAI ChatGPT, etc., however it is designed to provide foundational functions, and limited capabilities for more advanced functions.
Microsoft 365 G5 provides the FULL compliment of capabilities for “Purview DSPM for AI”. See below for a comparison of what is available in “Purview DSPM for AI”, depending on the Microsoft 365 suite that you own.
Are your executives & managers asking about training geared more for their roles as leaders of your Public Sector organization?
Microsoft has sessions like, AB-731T00: Drive AI Transformation in Your Organization(formerly AI-3017 AI for business leaders) for sponsored organizations that are members of the Enterprise Skills Initiative, however often times leaders have concerns about finding the time for live, instructor-led sessions – preferring pre-recorded training sessions that they can take advantage of at their own pace and schedule.
Well, you’re in luck! Direct them to our digital skills site for Public Sector:
Public Sector Center of Expertise and Digital Skills Tools and insights to drive digital innovation within the public sector. Discover valuable lessons, expert insights, skill-building resources, and best practices designed to accelerate your AI and digital transformation journey.
Additionally, we provide various on-demand trainings for management & executives via Microsoft’s LinkedIn Learning at no cost to Government leaders:
FREE LinkedIn Learning training courses for Public Sector customers
AI for Managers by Microsoft and LinkedIn In this learning path, managers at all levels of the organization will learn practical ways to enhance their effectiveness with generative AI—from making team and one-on-one meetings more effective to giving feedback that gets results. You’ll also learn how to have meaningful career conversations with employees in an AI context, build a collaborative team culture with generative AI, and use AI responsibly.
AI for Organizational Leaders by Microsoft and LinkedIn In this learning path, you’ll learn how to make informed decisions about AI adoption and application as an organizational leader. You’ll evaluate the business implications of generative AI and learn how to integrate AI into business strategy, lead responsible AI, build organization-wide AI aptitude, and drive long-term business growth in the age of AI.
Build Your Generative AI Productivity Skills with Microsoft and LinkedIn Learn the art of prompt engineering, and how AI can automate tasks and enhance creativity. Discover how to use tools like Copilot, ChatGPT, and DALL·E to craft effective prompts, make presentations, and perform data analyses.
Career Essentials in Cybersecurity by Microsoft and LinkedIn Discover the skills needed for a career in cybersecurity. Gain a solid understanding of commonly used cybersecurity terms. Explore the current threat landscape and learn the core concepts of cybersecurity.
And we have two repositories for training that may also be relevant to them:
Public Sector Training Library Our entire collection of training for Public Sector customers is available here:
Level up your public sector tech skills by role and task Get Microsoft 365 training tips for roles like admin officer, contact center agent, health commissioner, police officer, policy advisor, social worker, and more.
Save the date: Windows Server Summit – May 11-13, 2026
Windows Server Summit 2026 builds on the strong momentum of last year’s event—where you told us you want less marketing and more practical, engineering‑led guidance. If you’re responsible for keeping Windows Server environments secure, resilient, and up to date, this year’s summit is designed with you in mind.
What you’ll learn
Windows Server Summit 2026 returns with a deeper, more forward‑looking agenda focused on real-world operations, security, and hybrid scenarios. Across three days of expert‑led sessions, Microsoft engineers and product leaders will share scenario‑based deep dives, architecture guidance, and actionable takeaways you can apply immediately.
The content is organized around three core pillars:
What’s new in Windows Server – Get a practical walkthrough of recent innovations and updates in Windows Server 2025, including hotpatch updates, management improvements, security enhancements, and what’s coming next. Find out what’s changed, why it matters, and how to operationalize it in production environments.
Windows Server + Azure: Better together – Explore real hybrid and multicloud scenarios enabled by Azure Arc, with guidance that goes beyond theory. Learn how to extend management, security, and governance across on‑premises and cloud infrastructure—and get clear, experience‑based advice for planning migrations and modernization paths that fit your organization’s technical and business needs.
Hands‑on technical depth and operational excellence – Expect best practices, operational insights, and hard‑earned lessons from the field—covering topics like security hardening, resiliency, lifecycle management, and keeping environments compliant and current.
The 2026 Summit will also serve as an early engagement moment for Windows Server v.Next, giving you visibility into Microsoft’s direction and upcoming investments. Just as importantly, it provides a dedicated forum to share feedback directly with the product team, continuing the Summit’s role as a trusted, two‑way conversation between Microsoft engineering and the Windows Server community.
We’ll reveal the full agenda here on March 20, 2026.
Designed for enterprise IT professionals, architects, and technical decision‑makers, Windows Server Summit 2026 delivers actionable, scenario‑driven content to help you secure, modernize, and extend your Windows Server environments—on‑premises, in Azure, and across hybrid infrastructure. We hope to see you there!
Dates: May 11, 2026, 7:00 AM – May 13, 2026, 12:00 PM
Jukka Niiranen just shared this infographic he generated based of the Entra Chat podcast episode with Ewelina Paczkowska and Daniel Bradley. Per Merill Fernando’s podcast:
Passkey Profiles Are Becoming the Default
Starting March 2026:
Passkey profiles will be auto-enabled
Tenants that haven’t configured profiles will be migrated
Registration campaigns will shift from Authenticator-first to passkey-first
This is a major shift toward phishing-resistant authentication.
You’ll now be able to:
Separate hardware-backed vs synced passkeys
Apply granular group-based controls
Enforce stronger authentication for privileged users
Read & listen to Merill’s Entra Chat episode here:
Updated March 11, 2026: We have updated the content. Thank you for your patience.
Introduction
Starting in March 2026, Microsoft Entra ID will introduce passkey profiles and synced passkeys to General Availability (GA). This update allows administrators to opt in to a new passkey profiles experience that supports group-based passkey configurations and introduces a new passkeyType property.
Important: Only tenants that already have Passkeys (FIDO2) enabled are affected by this update.
The passkeyType property enables admins to configure:
Device-bound passkeys
Synced passkeys
Both
If your tenant already has Passkeys (FIDO2) enabled and you do not opt in to passkey profiles during the initial rollout window, your tenant will be automatically migrated to the passkey profiles schema at the date range specified below. When this occurs:
Existing Passkey (FIDO2) authentication method configurations will be moved into a Default passkey profile.
The passkeyType value will be set based on the tenant’s current attestation settings.
For tenants that have synced passkeys enabled, Microsoft-managed registration campaigns will update to target passkeys.
No new authentication methods are enabled as part of this migration.
For tenants with passkeys (FIDO2) enabled and active Authentication methods registration campaign set to “Microsoft-managed” state, the registration campaign settings may change after passkey profile automatic migration.
When this will happen
General Availability (Worldwide): Rollout begins in early March 2026 and is expected to complete by late March 2026.
Automatic migration for existing Passkeys (FIDO2) enabled tenants (Worldwide): Rollout begins in early April 2026 and is expected to complete by late May 2026.
General Availability (GCC, GCC High, and DoD): Rollout begins in early April 2026 and is expected to complete by late April 2026.
Automatic migration for existing Passkeys (FIDO2) enabled tenants (GCC, GCC High, and DoD): Rollout begins in early June 2026 and is expected to complete by late June 2026.
How this affects your organization
Who is affected: Microsoft Entra ID tenants with Passkeys (FIDO2) enabled
What will happen:
If you have not opted in to passkey profiles by your automatic enablement period, your tenant will be migrated to passkey profiles.
Your existing Passkey (FIDO2) configurations will be migrated into a Default passkey profile
New passkeyType property will be auto-populated
If enforce attestation is enabled, then device-bound allowed
If enforce attestation is disabled, then device-bound and synced allowed
Any existing key restrictions will remain intact
Any existing user targets will be assigned to the Default passkey profile
Who is affected for Authentication Methods Registration Campaign changes:
Microsoft Entra ID tenants with passkeys (FIDO2) enabled and active Authentication methods registration campaign set to “Microsoft-managed” state.
What will happen:
If your tenant has passkey profiles that allow both device-bound and synced passkeys, does not have attestation enforcement, and does not have AAGUID‑specific key restrictions, your Microsoft-managed registration campaign settings will be updated.
“Targeted authentication method” will change from Microsoft Authenticator to “passkeys (FIDO2)”.
“Days allowed to snooze” setting will change from 3days to “1 day”. This setting will no longer be configurable.
“Limited number of snoozes” setting will change from Enabled to “Disabled”. This setting will no longer be configurable.
The default user targeting will be updated from voice call or text message users to all multifactor authentication (MFA) capable users.
What is the end user impact:
Once the above changes have taken effect, users targeted in the registration campaign will begin to receive passkey registration nudges during sign-in flows after they have completed multifactor authentication.
What you can do to prepare
If you want a configuration different from the migration defaults, review the timeline above and opt in to passkey profiles before your tenant’s automatic enablement window begins. Then configure the Default passkey profile’s passkeyType to your preferred values.
We also recommend:
Review your registration campaign configuration, especially if its set to Microsoft-managed. If you want synced passkeys enabled in your tenant but do not want registration campaign to target passkeys, you can:
Switch the registration campaign state to Enabled and continue targeting Microsoft Authenticator, or
Set the registration campaign state to Disabled.
Update runbooks and help content so your help desk and end users understand any changes in passkey availability or behavior.
Mondays in March. Deep dives. AMAs. Windows 11, Intune, Windows 365, and Azure Virtual Desktop.
Join us for Microsoft Technical Takeoff 2026 for Windows + Intune! This FREE virtual technical skilling event takes you deep inside the latest features, capabilities, and scenarios for commercial organizations and the IT professionals that support them. Skill up and get answers to your questions from the engineering and product teams behind the features.
Go to the event page. Create your own agenda. Select “Add to Calendar” on a session page to save the date, then click the “Attend” button to save your spot, receive event reminders, and participate in the Q&A. If you can’t make the live session, don’t worry. You can post your questions in advance and catch up on the answers and insights later in the week. All sessions for Tech Takeoff will be recorded and available on demand immediately after airing.
Don’t see the “Attend” button or the ability to post Comments? Make sure to first sign in on the Tech Community! (You cannot attend or post comments with logging in first)
Accelerate innovation and successful cloud adoption
Accelerate your path to becoming an AI-powered organization. Learn how intelligent databases, applications, infrastructure, and agentic tooling can turn your AI ideas into real business impact. See how Microsoft Azure Copilot and GitHub Copilot help organizations of all sizes reduce complexity and implement AI solutions more efficiently. Explore new product announcements, watch demos, hear real-world customer examples, and get guidance directly from Microsoft experts.
Join us to learn how to:
Save on licensing costs by migrating VMware to cloud-native solutions on Azure.
Scale efficiently and prepare for AI innovation with managed SQL and PostgreSQL solutions.
Become AI-ready with modernized .NET and Java applications on Azure.
Stay resilient, compliant, and align with your company’s sovereignty requirements.
Secure, observe, and optimize your workloads with purpose-built agents for IT and DevOps.
Agenda:
Global Keynote AI is reshaping how businesses imagine their future—and how they modernize to reach it. Microsoft is redefining modernization by embedding AI agents directly into the journey, helping you eliminate technical debt and unlock AI readiness. Join us to hear real world customer successes and see demos of our latest innovations with Azure Copilot and GitHub Copilot.
Regional Keynote: Database Modernization for AI: Trends & Best Practices Join this interactive conversation with Sales and Customer Success leaders across the Americas as they share what they’re seeing firsthand with customers modernizing their database estates. The discussion will explore cross‑industry trends, common challenges, and proven best practices for migrating and modernizing data platforms to support AI, analytics, and cloud innovation. Learn how organizations are moving beyond lift‑and‑shift, where customers are finding the most value in PaaS modernization, and how teams are positioning data as the foundation for AI readiness, operational agility, and long‑term business impact.
Breakout: Reimagine application and database modernization with agentic tools Agentic AI is drastically saving developers time on their modernization projects. Join us to learn how to modernize legacy apps at scale, update and migrate mission critical databases, and remediate security vulnerabilities with agentic developer tools.
Breakout: Accelerate & simplify planning, migration, and operations using AI agents: Discover how AI agents transform your cloud journey, from automated discovery and large-scale execution to post-migration optimization. See how Azure Copilot accelerates modernization of infrastructure, databases, and apps with less.
Date/Time: Thursday, April 23, 2026, 9:00 AM – 11:15 AM PT (GMT-07:00)
Microsoft Build 2026, the premier Enterprise conference for Developers, Data & AI Builders, & Solutions Architects is back… this year in San Francisco, CA!
If you are interested in attending in-person in San Francisco OR if you’d simply like to join the FREE virtual/digital streaming experience, please take the time to register ASAP!
Over two days, you’ll get hands-on with cutting-edge tools, dig into real code, and connect with the engineers shaping the future of AI. Request to attend for a chance to:
Get trusted guidance for secure, reliable deployments.
Explore real-world customer stories.
Take part in deep-dive technical sessions and hands-on labs.
Engage with product and engineering leadership.
Network with your peers and technology leaders.
Plus, hear from:
Satya Nadella, Chairman and CEO
Jared Palmer, VP of CoreAI, SVP of GitHub,
Scott Hanselman, VP, Member of Technical Staff, Microsoft/GitHub
Simon Willison, AI Researcher and Creator, Datasette
The Power Platform & Copilot Studio Advocacy team has released 2 comprehensive “Agent Development” training courses for Copilot Studio with both instructional content & videos for free!
Agent Academy: Recruit A foundational learning path designed to help makers and developers get started with building agents in Copilot Studio. https://aka.ms/agent-academy-recruit
Agent Academy: Operative The next level of training for people who already understand the basics of Copilot Studio and want to go deeper. It walks through building a complex multi-agent hiring process agent. https://aka.ms/agent-academy-operative
If you’re ready to get started learning Copilot Studio Agents, proceed to either the “Recruit” section for beginners or the “Operative” section for folks that know the basics.
VIDEOS: Copilot Student Agent Academy: Recruit – YouTube Master the art of building agents using Microsoft Copilot Studio in this comprehensive course by Power Platform Advocacy. This hands-on training is your entry point into the world of agents: from grounded prompts to Adaptive Cards and agent flows, you’ll learn how to build, scale, and deploy intelligent agents using real-world tools and use cases. https://www.youtube.com/playlist?list=PLi9EhCY4z99XP2cKtQXnq9U-II16ae0k_
Your organization’s Microsoft 365 unified audit log captures, records, and retains thousands of user and admin operations performed in dozens of Microsoft services and solutions.
Security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization can search audit records for these events. This capability provides visibility into the activities performed across your organization.
For Microsoft 365 GCC customers, there are 2 audit logging retention durations available, depending on the license subscribed to:
Microsoft 365 G3 (GCC) licensed customers are entitled to 180 days of audit logging by virtue of their entitlement to Purview Audit Standard.
Microsoft 365 G5 (GCC) licensed customers are entitled to 1 year of audit logging by virtue of their entitlements to Purview Audit Premium.
Reference:
Audit Standard 180-day audit log retention. When a user or admin performs an audited activity, the system generates an audit record and stores it in the audit log for your organization. In Audit (Standard), the system retains records for 180 days, which means you can search for activities that occurred within the past six months.
“Default audit log retention policy in Audit (Premium)”: “The default retention period for Audit (Standard) changed from 90 days to 180 days. Audit (Standard) logs generated before October 17, 2023 are retained for 90 days. Audit (Standard) logs generated on or after October 17, 2023 follow the new default retention of 180 days.”
“Before you create an audit log retention policy“: “To retain an audit log for longer than 180 days (and up to 1 year), the user who generates the audit log (by performing an audited activity) must have an Office 365 E5 or Microsoft 365 E5 license or a Microsoft Purview Suite (formerly known as Microsoft 365 E5 Compliance) or E5 eDiscovery and Audit add-on license.”
Audit Log Retention beyond 1 year For government customers licensed for Microsoft 365 GCC that require audit log retention for longer than 1 year, customers are required to have, for the user that requires auditing for longer than 1 year:
Microsoft 365 G5 license
Advanced Audit 10 Year GCC license
Reference:
“Before you create an audit log retention policy“: “To retain audit logs for 10 years, the user who generates the audit log must also have a 10-year audit log retention add-on license in addition to an E5 license.“
Licensing SKU The licensing SKU for government customers to request from their LAR for the “10 year Purview Audit GCC license” is:
8LF-00001 Advanced Audit 10 Year GCC Sub Add-on (Licensed per user, per month)
Comments Off on INFO: 10-year audit log retention for Microsoft 365 GCC
kurtsh
Kurt Shintaku's Blog 
You must be logged in to post a comment.