Microsoft 365CybersecurityWindows

Key Microsoft Updates and How We're Helping You Prepare

Regroove IT Consulting5 min read600 words

Microsoft regularly retires features, changes how products are licensed and managed, and introduces new requirements that affect how organizations run their environments. Three changes in 2025 and 2026 are significant enough that organizations should be actively preparing for them now.

Per-User MFA Retirement: September 2025

Microsoft is retiring the per-user multifactor authentication management method in Microsoft 365. Organizations that currently manage MFA by enabling it per-user account in the Microsoft 365 admin center need to migrate to Conditional Access Policies before September 2025.

Conditional Access Policies, available with Microsoft Entra ID P1 licensing, provide more flexible and controllable MFA enforcement. They allow organizations to require MFA based on sign-in risk, location, device compliance, and other factors rather than applying the same rules to all users universally.

For organizations on plans that do not include Entra ID P1, Microsoft's Security Defaults provide a simpler alternative that enforces MFA for all users. Verify which method your organization should move to based on your current licensing before the retirement date.

Windows 10 End of Life: October 2025

Microsoft is ending support for Windows 10 in October 2025. After this date, Windows 10 devices will no longer receive security updates. Running unsupported operating systems creates security risk because vulnerabilities discovered after the end-of-life date will not be patched.

Organizations should inventory their Windows 10 devices now and assess which can be upgraded to Windows 11 and which need to be replaced. Windows 11 has specific hardware requirements, including TPM 2.0, that older devices may not meet. Planning device upgrades before the deadline avoids the scramble of a forced replacement cycle under time pressure.

SMTP Basic Authentication Retirement: April 2026

Microsoft is retiring basic authentication for SMTP client submission in April 2026. Many organizations use SMTP basic authentication to send email from printers, scanners, line-of-business applications, and other non-interactive systems. These configurations will stop working after the retirement date.

The alternatives include using OAuth 2.0 authentication for SMTP, switching to Microsoft's direct send option for devices that do not support modern authentication, or using a third-party email relay service. Identifying all systems in your environment that use SMTP basic authentication now gives you the time to plan and test replacements before April 2026.

How We Are Helping Organizations Prepare

All three of these changes require assessment, planning, and action before the deadlines arrive. We are working with clients to audit their current configurations, identify what needs to change, and implement the required updates on a timeline that avoids last-minute disruption. If you are unsure where your organization stands on any of these, the best time to find out is now.

Regroove IT Consulting

Microsoft Solutions Partner specializing in Managed IT Services and Modern Work, covering Microsoft 365, Teams, SharePoint, Power Platform, and Azure. Helping organizations everywhere get lasting value from their Microsoft investment since 1993.

About Regroove →

Need help with your Microsoft environment?

We work with organizations everywhere. Tell us where you are and what you're trying to solve.

Talk to Regroove