Happy March Madness everyone! Although we’re not much for trying our luck in College Basketball, we are looking forward to warmer weather, sunshine, and trees that don’t look like they are out of a Tim Burton movie. Spring doesn’t seem to be the season of change just for the weather, but also with our cloud solution partners.

In an effort to help everyone keep up, we are launching our update newsletter to communicate announcements and changes not just coming from Improving CSP, but from our cloud product vendors as well.

There's a solid chance you already received our first newsletter from our new platform, BeeHiiv... and an equally solid chance it is currently vacationing in your Junk folder.  Rookie move, we know.  To give our debut newsletter a fair shot, we're resending it from our direct CSP mailbox.  Going forward, all newsletters will come from [email protected], so if you'd like to keep hearing from us, please add this address to your allow-list.

Acronyms are easy to collect. Understanding them? That’s the hard part.

That’s why we are launching our brand-new webinar learning series on CSPM (Cloud Security Posture Management) and we are starting at the very beginning. No buzzwords, no assumptions, no “you should already know this.” Just a clear, practical introduction to what CSPM actually is and why it exists in the first place.

From there, we’ll go beyond definitions and diagrams and dive into how CSPM fits into real-world cloud environments, the tangible benefits it brings to security and compliance teams, and why it’s become a critical part of a modern cloud strategy. We’ll also share practical insights on what it really takes to implement CSPM in your environment - what works, what doesn’t, and what to plan for.

Whether CSPM is brand new to you or something you’ve heard already mentioned one too many times, this series is designed to turn an acronym into something useful.

Because an industry movement just doesn’t feel real until it has a name.

Cloud computing wasn’t just servers in someone else’s datacenter; it was Digital Transformation.

Requiring strict validation to pass security wasn’t just not trusting anything; it was Zero Trust Architecture.

Whether you know it or not, you’ve probably been testing the waters with using AI but have now reached the point where you want it to be more operational and autonomous to show value rather than amusing ourselves by generating anime-style caricatures of our coworkers. Welcome to the Frontier Transformation!

This week, Microsoft officially introduced Microsoft 365 E7, the new all inclusive license suite to replace that old and boring all inclusive Microsoft 365 E5. And surprise, it has been branded as The Frontier Suite.

In short, the new Frontier Suite combines Microsoft 365 E5, Microsoft 365 Copilot and Microsoft Agent 365 services. This new license will become generally available on May 1st. With Microsoft’s fiscal year coming to an end, can you guess what they’ll be talking our ears off with in FY2027?

Read more directly from Microsoft here.

Despite the positive spin Microsoft is trying to put on price increases coming July 1 as “Advancing Microsoft 365,” the reality is the most visible change is really just Microsoft asking for more money. In their defense, Microsoft 365 E5 debuted in October 2015 at $57, and in July this will be its first increase in over 10 years. How many of you still are still using a computer from back in 2015, excluding those of you with severe nostalgia attachment to antique hardware?

In addition, Microsoft is rolling in new capabilities into most of these affected services, but whether or not those additions justify to new price may be an individual and personally deep reflection for each of you.

Although new pricing goes live starting July 1, annual commit subscription terms will not be affected until their specific renewal dates. Therefore, anyone with an upcoming renewal of any of these subscriptions prior to July 1 may want to consider the longer 3-year commitment term where available to lock in the current lower prices for a longer duration. This also applies to anyone with monthly-term subscriptions. We can combine different subscription terms for a single product to help maximize cost efficiency.

Read more about the change from Microsoft here and reach out to us if you would like to discuss options on possible ways for position your licensing to be as cost-effective post July 1.

In Azure time, retired is not a binary state… it’s more of a vibe.

Years ago (back in 2022 to be exact), Microsoft announced the retirement of Basic SKU Public IP Addresses. The message was simple and clear:

“To avoid any potential service disruptions, upgrade to Standard SKU public IP Addresses by 30 September 2025.”

Perfectly clear and straight forward. And so, we all did what we were supposed to do and logged into the Azure portal and clicked the Upgrade button (even if we waited until the Summer of 2025).

Then, quietly… very quietly… Azure whispered back:

“Oh… Except those…”

In all fairness, Microsoft did retire most Basic Public IP usage, but not all of it. Specifically, Basic SKU Public IPs attached to Basic SKU VPN Gateways slipped through the great retirement event horizon, surviving like that legacy Windows NT PC under a desk in the maintenance closet that non one dares unplug.

Originally slated for retirement on September 30, 2025, Microsoft has since revised the deprecation timeline to March 31, 2026 and now simply end of June 2026… all while still stating a migration workflow will be made available March 2026. Given the migration workflow is yet to be deployed, Microsoft has instilled as much confidence in this new timeline as hold music promising your call is important.

The good news is that until the migration workflow is released, it’s business as usual. Basic SKU Gateways will continue to work with Basic SKU IP addresses, so that gentle aroma of a recently extinguished candle is not a precursor to a five-alarm fire… yet.

See the current change timeline from Microsoft here.

For years, Azure Virtual Networks have been quietly doing customers a favor. If you forgot to think about outbound internet connectivity, Azure would shrug, smile, and provide it anyway through Default Outbound Access.

Microsoft has announced changes to how outbound internet connectivity works in Azure Virtual Networks. The short version: new and existing deployments will no longer get free, implied outbound internet access by default. If a workload needs to talk to the internet, you now have to be intentional about how it does that.

This change was originally announced back in 2023, but thanks to Microsoft providing a surprisingly generous lead time (and on extension back in September 2025), most of us collectively nodded, bookmarked the notice, and went back to pretending it was a future problem. Well, sadly, it’s become a now problem as this change goes into effect at the end of this month.

Luckily, the change only impacts newly created VNETs and all existing VNETs and the VMs attached to them will continue to work without any impact. As far as updating all those pesky existing VNETs, chalk that up as another future problem for another time.

Read the Azure announcement here.

As March comes to an end, that means it’s Cloud Security Assessment time! Did you know that you do not have to wait until our quarterly reviews of the Cloud Security Assessments to pick our collective brain power on anything cloud services related?

Our monthly checkpoints are your all-access pass to asking all the cloud questions you may have. Whether that is bouncing new ideas off of, looking for guidance on specific solutions, learning more about upcoming capabilities, diving deeper into a technical issue, or simply just being your monthly emotional support human. If you don’t have a monthly team checkpoint already scheduled, don’t be shy, drop us a message and let’s get one scheduled!