Just-in-time (JIT) protection applies a candidate policy to onboarded Windows 10/11 devices. The candidate policy blocks all egress activities on monitored files until policy evaluation completes successfully.
We have updated this feature since our Public Preview announcement, the document will be updated once we release the change.
This message is associated with Microsoft 365 Roadmap ID 117493
[When this will happen:]
Rollout will begin in early September 2023 and is expected to be complete by mid-October 2023.
[How this will affect your organization:]
The definition of ‘JIT enforcement mode’ will be changed to ‘JIT fallback classification’ under the Settings > Just-in-time protection page.
All JIT-scope users will be considered as JIT Block mode candidates on the client machine. When JIT Block happens, end-users may see one of the following Windows dialogs:
[What you need to do to prepare:]
Please carefully select the user(s)/group(s) under Scope settings. For example, for the following setting, Endpoint DLP will apply JIT Audit every onboarded machine but apply JIT Block to the select user. For additional information on Endpoint DLP, please visit this documentation.
