*For this entry exists the more relevant or more recent entry (MC1113663)
check before: 2025-08-01
Product:
Intune, Microsoft 365 admin center, Windows, Windows 365
Platform:
Online, Windows Desktop, World tenant
Status:
Change type:
Admin impact
Links:
(MC1113663)
Details:
As part of Microsoft's Secure Future Initiative (SFI), Windows 365 is enhancing the default security of Cloud PCs by disabling clipboard, drive, USB, and printer redirections for all newly provisioned and reprovisioned Cloud PCs. This change minimizes the risk of data exfiltration and malware injections, providing a more secure experience by default. IT admins can enable these redirections as needed using either the Intune Settings Catalog or Group Policy (GPO).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-04-16
updated:
2025-04-16
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Please, look at the most relevant linked item for details
explanation for non-techies**
Imagine your office as a secure building. In this building, there are various doors that lead to different rooms, each with its own purpose. Some doors lead to storage rooms, others to meeting rooms, and some to areas where sensitive information is kept. To ensure the security of the building, you decide to keep certain doors locked by default, allowing access only when necessary and to those who have the right keys.
In the digital world, Microsoft is doing something similar with Windows 365 Cloud PCs. They are locking the "doors" to certain features like clipboard, drive, USB, and printer redirections by default. This means that when a new Cloud PC is set up, these features won't be accessible unless specifically enabled. The goal is to minimize the risk of unauthorized data access or malware entering the system, much like keeping certain doors locked to protect sensitive areas in a building.
For IT administrators, this change means they will need to manually unlock these features if users need them, using tools like Intune or Group Policy. It's like giving a trusted employee a key to a locked room when they need to access it for their work. Microsoft will provide clear notifications and instructions in the Intune Admin Center to guide administrators through this process.
For end users, this change means that when they first access their Cloud PC, they won't be able to use these redirection features unless they have been enabled by an administrator. It's important for users to understand this change and communicate with their IT department if they need access to these features for their work.
Overall, this change is about enhancing security by default, much like keeping a building secure by controlling access to certain areas. By understanding and managing these settings, organizations can maintain a secure environment while still providing the necessary access for their employees to perform their tasks effectively.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 months ago ago
