Microsoft 365 Lighthouse – Simple M365 Management for MSPs

At Ignite 2020, Microsoft announced a new Lighthouse solution for Microsoft 365. Designed for Managed Service Providers (MSPs) this offers a central console where you can manage all your Microsoft 365 (M365) clients in a single dashboard. In this article we breakdown what was announced and why this is a big deal for MSPs.

There isn’t much to go on, apart from a Microsoft blog post, and a short breakout session from Ignite 2020 but the concept is very interesting, especially for MSPs managing clients with high numbers of M365 users and frequent onboarding.

We have also covered more on Microsoft Ignite 2020 – check out our analysis on Satya Nadella’s keynote.

What is Microsoft 365 Lighthouse?

It’s quite straightforward – it’s a single place to onboard new M365 clients, monitor their compliance state across different metrics, and standardize automation and auditing across all of your clients. It relies on the MSP having set up Delegated Access Permission (DAP) with Global Administrator permissions in their client’s tenants and devices being enrolled in Intune.

Microsoft 365 Lighthouse Device Compliance across five clients

Device Compliance across five clients

What Does Microsoft 365 Lighthouse do?

In the preview, there are three main areas of focus, starting with device compliance. You can see what policies are applied to devices in each client, how many devices are compliant at each client and you can compare policies across clients.

Microsoft 365 Lighthouse Compliance policy list

Compliance policy list

The second solution on offer looks at threats across all of your clients and the protection status of Microsoft Defender Antivirus on all Windows 10 devices. This gives you a single console to see whether there are any active threats, which devices have it deployed and if there are pending actions (scans, required OS updates, reboots etc.) as well as if there were threats that were blocked or quarantined. Also, you can see Conditional Access policies across clients.

Microsoft 365 Lighthouse Threat management dashboard

Threat management dashboard

Finally, you can manage user access management across all clients. Resetting passwords, blocking access, setting up delegated access to a mailbox or OneDrive for Business, adding a user to a group is done in a single pane of glass. This one feature could be worth it for many MSPs, today you either have to create custom PowerShell scripts to automate these tasks or login to each client’s individual management portal to do this.

As Microsoft gets feedback from MSPs participating in the preview, expect more features to be added such as the ability to see M365 service health across different clients and support requests.

Is Microsoft 365 Lighthouse a Gamechanger for MSPs?

As an MSP I find the concept intriguing but given the scant information, I’m cautious. Microsoft will need to add a lot of features to make this a worthy competitor to existing MSP management solutions on the market. But that may not be their aim, at least not initially, it might just be an additional tool to make it easier to manage multiple M365 tenants in a standardized way.

Further, I find the focus on Microsoft Defender worrying, many MSPs don’t use the otherwise excellent Endpoint Detection and Response tool due to its high cost. I’m really looking forward to seeing how this service evolves over the coming months.

If you’re an MSP and you’re interested in trying out M365 Lighthouse when they expand the preview you need to fill in the form.

More info on Microsoft 365 Lighthouse

Are you looking forward to Microsoft 365 Lighthouse? Let us know in the comments.

September 24, 2020 by Paul Schnackenburg