Regaining Control Over Unmanaged GenAI Apps: New Microsoft Purview Enhancements in Edge

Many organizations are growing increasingly concerned about the widespread use of unsanctioned Generative AI (GenAI) tools. These apps, often accessed through unmanaged browsers, pose significant risks to data security and compliance. To help with this, Microsoft is now updating some features in  Microsoft Purview that will enhance policy enforcement for unmanaged cloud apps accessed via the Edge browser.  What’s Changing? Previously, enforcing Purview Data Loss Prevention (DLP) and Collection policies required manual creation of Edge configuration policies. These policies were often complex and needed to be scoped correctly to block unsupported browsers or apply protections. With this update, Microsoft automates much of that process: Collection Policies now apply directly within Edge without needing a separate blocking configuration. DLP Policies automatically generate Edge configuration policies that align with the scope of the DLP rules. DLP policies can operate in two mode...

Email OTP Verification coming to Teams Meetings

Microsoft introducing a new security feature in Teams that will enable enforcements of Email OTP verification
for meetings. This new policy, "Anonymous users can join a meeting after verifying," will be available in the Teams Admin Center for all organizations.

This feature is available only for meetings created by organizers with a Teams Premium license.

The feature is in public preview, but should be rolling out in GA any time soon. The update will roll out automatically.
Admins should consider to update the new meeting policy setting from “By e-mail code” to “No” by mid-February if they wish to continue blocking all unverified users (If "No" is the current setting). The policy is described in this article.