Microsoft 365 Admins: What’s Changing in March 2026 — Key Updates, Retirements & Security Enhancements

by

March 2026 is another big month of change across Microsoft 365. Microsoft continues tightening security, modernizing collaboration experiences, and expanding AI-driven governance capabilities across the platform.

For Microsoft 365 administrators, this month brings a mix of retirements, new features, compliance enhancements, and several important action items that could impact authentication, Teams deployments, Conditional Access policies, and SharePoint resources.

If you manage Teams, SharePoint, Purview, Defender, Entra ID, or Exchange, now is the time to review what’s changing.

Let’s break down the most important updates.

Table of Contents

March 2026 At a Glance

CategoryCount
Retirements8
New Features13
Enhancements5
Functionality Changes4
Action Required6

Retirements: What’s Going Away

Several long-standing features across Outlook, SharePoint, Viva Engage, and security tooling are being retired this month.

Personal Account Integration in Outlook Web App

Users will no longer be able to connect personal email accounts or calendars inside Outlook Web App (OWA).

Existing linked personal accounts will automatically disconnect.

➡️ Recommendation: Users who need multi-account access should switch to Outlook desktop or manage accounts separately.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1226749

Web Image Search in SharePoint Pages

The Web Search image pivot used to insert Bing images into SharePoint pages is being removed due to the retirement of the Bing Search API.

Content creators can still insert images using:

  • Stock images
  • Uploaded files
  • Site assets
  • Tenant assets

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230452

Featured Links on SharePoint Start Page

The Featured Links capability on the SharePoint start page is being retired.

Admins should use alternatives such as:

  • Global navigation
  • Viva Connections dashboards
  • SharePoint navigation elements

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1197131

Viva Engage Legacy Export Options

Legacy export options in the Viva Engage admin center are being removed:

  • Include attachments
  • Include external networks

Admins can still retrieve exports via SharePoint download links.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230453

Microsoft Rewards Azure AD Linking

Users will no longer be able to link work accounts to Microsoft Rewards.

Existing reward balances remain unaffected.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234567

Defender for Android Personal Profile Protection

Microsoft Defender for Android will stop protecting personal profiles on MDM-managed devices, focusing solely on work profiles.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1221927

External Tokens for Actionable Messages

External access tokens used by Actionable Messages will be retired.

Organizations must transition to Microsoft Entra authentication.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1189663

Outlook Contact Masking

The Contact Masking feature that hid suggested recipients will be removed.

Admins may want to review:

  • Address Book Policies
  • GAL visibility settings
  • Information Barriers

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234566

New Features: Worth the Hype

March introduces several major capabilities spanning SharePoint security, Teams protection, Exchange scalability, and Purview governance.

SharePoint Content Security Policy Enforcement

SharePoint is enforcing Content Security Policy (CSP) to control which scripts, styles, and resources pages can load.

This dramatically improves protection against:

  • Cross-site scripting (XSS)
  • Code injection attacks
  • Clickjacking

Reference:
https://techcommunity.microsoft.com/blog/spblog/sharepoint-online-content-security-policy-csp-enforcement-dates-and-guidance/4472662

Defender for Office 365 URL Click Alerts in Teams

Microsoft Defender now detects malicious link clicks inside Teams messages, not just email.

Security teams will see alerts like:

  • User clicked potentially malicious URL
  • Suspicious link activity detected

Reference:
https://www.microsoft.com/microsoft-365/roadmap?searchterms=557549

New SharePoint Experience with AI

Microsoft is rolling out a redesigned SharePoint interface with AI-assisted capabilities.

New navigation includes:

  • Discover
  • Publish
  • Build
  • OneDrive
  • Home

This experience enters public preview in March.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1240699

Conditional Access for Account Recovery

Microsoft Entra introduces secure account recovery workflows protected by Conditional Access.

Users can regain access when authentication methods are unavailable.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?id=529855

High Volume Email (HVE) Now Generally Available

Exchange Online now supports High Volume Email (HVE) for sending internal system notifications and alerts without impacting normal mail flow.

Reference:
https://techcommunity.microsoft.com/blog/exchange/high-volume-email-continued-support-for-basic-authentication–other-important-up/4411197

DLP Rule Action to Trigger Power Automate

Microsoft Purview DLP policies can now trigger Power Automate workflows when violations occur.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?id=380721

File-Level Archiving in Microsoft 365 Archive

Admins will soon be able to archive individual SharePoint files, providing more granular storage lifecycle control.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?id=477371

Information Barriers v2

Information Barriers v2 introduces major improvements:

  • Up to 5,000 segments
  • Users in 10 segments simultaneously
  • Improved discoverability

Reference:
https://www.microsoft.com/microsoft-365/roadmap?id=402516

Passkey Profiles in Microsoft Entra

Microsoft Entra will support passkey profiles and synced passkeys for better passwordless authentication management.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1221452

Protection Reports in Teams Admin Center

Admins will now see user-reported suspicious messages and calls through new protection reports.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1227625

SharePoint Branding Governance via PowerShell

Admins can centrally manage SharePoint branding including:

  • Themes
  • Custom branding permissions
  • Branding audits

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1186372

Data Security Posture Agent in Purview

Purview introduces an AI-powered agent that continuously analyzes content to identify sensitive data risks.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1217155

Expanded DLP Enforcement for Microsoft 365 Copilot

DLP policies will now block Copilot from processing protected files across all storage locations.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234661

Enhancements

Several improvements focus on security visibility and communications management.

Teams Event Registration Policy

Admins can control whether event registration is allowed via Teams Events policies.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1226497

Defender Antivirus Registry Changes

Antivirus exclusions will no longer appear in the local registry for devices managed through Defender.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1227621

Organizational Messages for Hybrid Devices

Tenant messaging now supports Entra hybrid-joined endpoints.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?searchterms=503564

Organizational Messages via Email

Admins can deliver tenant-wide notifications via email.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?searchterms=503562

DLP Protection for Microsoft 365 Copilot

Purview DLP policies now extend to Copilot prompts and responses.

Reference:
https://www.microsoft.com/microsoft-365/roadmap?searchterms=515945

Existing Functionality Changes

Teams Call Quality Dashboard Meeting ID Change

Existing CQD queries using Meeting ID must be updated.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1228315

Conditional Access Policy Enforcement Improvements

Resource exclusions in Conditional Access policies will now be consistently enforced.

Reference:
https://techcommunity.microsoft.com/blog/microsoft-entra-blog/upcoming-conditional-access-change-improved-enforcement-for-policies-with-resour/4488925

Guest Governance Access Reviews Require Azure Subscription

Guest governance and access reviews now require a linked Azure subscription.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1225192

Decoupled DLP Policy Tips & Email Notifications

Admins can now configure policy tips and notifications independently.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC791114

Action Required

These changes require immediate administrative planning.

Teams App Retirement in Amazon Appstore

Organizations should move users to the Teams Android app or web client.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234560

Context IQ Retirement in Outlook

The / quick-insert feature for attachments is being removed.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1230455

Defender Identity Theft Classic Alert Retirement

Automation workflows referencing classic alerts must be updated.

Reference:
https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1234542

Conditional Access Control Deprecation

The Require approved client app control will be retired.

Use Require app protection policy instead.

Reference:
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-change-announcements-march-2023-train/ba-p/2967448

SharePoint CDN Domain Retirement

The legacy CDN domain is being replaced.

Old

publiccdn.sharepointonline.com

New

public-cdn.sharepointonline.com

Reference:
https://admin.cloud.microsoft/#/MessageCenter/:/messages/MC1184996

Android Version Requirement for Defender

Microsoft Defender for Android will require Android 11 or later.

Action Required: Advise users to upgrade their devices to Android 11.0 or later.

Reference: https://admin.cloud.microsoft/?#/MessageCenter/:/messages/MC1222977

Final Thoughts

March 2026 reflects Microsoft’s ongoing strategy:

Modernize security. Strengthen identity. Expand AI governance. Simplify collaboration.

For administrators, the key priorities this month should be:

  • Reviewing Conditional Access policies
  • Updating SharePoint CDN references
  • Preparing for Copilot-related DLP changes
  • Monitoring new Teams security alerts
  • Updating automation workflows

As always, staying ahead of these changes will help ensure security posture, compliance, and user experience remain intact.

Leave a Comment