check before: 2025-08-01
Product:
Intune, Microsoft 365 admin center, Windows 365
Platform:
Online, Windows Desktop, World tenant
Status:
Change type:
Admin impact
Links:
Details:
As part of Microsoft's Secure Future Initiative (SFI), Windows 365 is enhancing the default security of Cloud PCs by disabling clipboard, drive, USB, and printer redirections for all newly provisioned and reprovisioned Cloud PCs. This change minimizes the risk of data exfiltration and malware injections, providing a more secure experience by default. IT admins can enable these redirections as needed using either the Intune Settings Catalog or Group Policy (GPO).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-04-16
updated:
2025-04-16
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is enhancing security for Windows 365 Cloud PCs by locking features like clipboard, drive, USB, and printer redirections by default, requiring IT administrators to enable them manually through Intune or Group Policy if needed.
Direct effects for Operations**
Default Redirection Settings Change
Clipboard, drive, USB, and printer redirections will be disabled by default on first-time access to Cloud PCs, potentially disrupting workflows that rely on these features.
- roles: IT Admins, End Users
- references: https://learn.microsoft.com/windows-365/enterprise/manage-rdp-device-redirections, https://techcommunity.microsoft.com/blog/windows-itpro-blog/application-deployment-in-windows-365-recommended-practices/3915376
Manual Configuration Requirement
IT admins must manually enable redirections through Intune policies or GPO for users who require these features, leading to increased workload and potential delays in user access.
- roles: IT Admins, End Users
- references: https://learn.microsoft.com/windows-365/enterprise/automated-provisioning-steps, https://techcommunity.microsoft.com/blog/windows-itpro-blog/application-deployment-in-windows-365-recommended-practices/3915376
User Communication Needs
End users must be informed about the new default settings and how to request redirection enablement, which may lead to confusion and support requests if not communicated effectively.
- roles: IT Admins, End Users
- references: https://learn.microsoft.com/windows-365/enterprise/manage-rdp-device-redirections, https://techcommunity.microsoft.com/blog/windows-itpro-blog/application-deployment-in-windows-365-recommended-practices/3915376
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 4 weeks ago
