Merge branch 'master' into repo_sync_working_branch

.openpublishing.redirection.json

@@ -84,6 +84,11 @@
       "source_path": "windows/security/threat-protection/microsoft-defender-atp/ios-privacy-statement.md",
       "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/ios-privacy",
       "redirect_document_id": true
+    },
+	{
+      "source_path": "windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios-privacy-information.md",
+      "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/ios-privacy",
+      "redirect_document_id": false
     },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure.md",

windows/security/threat-protection/TOC.md

@@ -8,6 +8,7 @@
 ### [Data storage and privacy](microsoft-defender-atp/data-storage-privacy.md)
 ### [Overview of Microsoft Defender Security Center](microsoft-defender-atp/use.md)
 ### [Portal overview](microsoft-defender-atp/portal-overview.md)
+### [Microsoft Defender ATP for US Government Community Cloud High customers](microsoft-defender-atp/gov.md)
 ### [Microsoft Defender ATP for non-Windows platforms](microsoft-defender-atp/non-windows.md)
 
 ## [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md)
@@ -277,7 +278,7 @@
 
 #### [Configure]()
 ##### [Configure iOS features](microsoft-defender-atp/ios-configure-features.md)
-#### [Privacy](microsoft-defender-atp/microsoft-defender-atp-ios-privacy-information.md)
+#### [Privacy](microsoft-defender-atp/ios-privacy.md)
 
 
 ### [Microsoft Defender Advanced Threat Protection for Linux]()

windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md

@@ -14,7 +14,7 @@ audience: ITPro
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 11/12/2020
+ms.date: 11/19/2020
 ---
 
 # Protect security settings with tamper protection
@@ -48,7 +48,7 @@ Tamper protection essentially locks Microsoft Defender Antivirus and prevents yo
 - Changing settings through PowerShell cmdlets
 - Editing or removing security settings through group policies
 
-Tamper protection doesn't prevent you from viewing your security settings. And, tamper protection doesn't affect how third-party antivirus apps register with the Windows Security app. If your organization is using Windows 10 Enterprise E5, individual users can't change the tamper protection setting; this is managed by your security team.
+Tamper protection doesn't prevent you from viewing your security settings. And, tamper protection doesn't affect how third-party antivirus apps register with the Windows Security app. If your organization is using Windows 10 Enterprise E5, individual users can't change the tamper protection setting; tamper protection is managed by your security team.
 
 ### What do you want to do?
 
@@ -72,7 +72,7 @@ Tamper protection doesn't prevent you from viewing your security settings. And,
 >
 > Once you’ve made this update, tamper protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors.
 
-If you are a home user, or you are not subject to settings managed by a security team, you can use the Windows Security app to turn tamper protection on or off. You must have appropriate admin permissions on your machine to do this.
+If you are a home user, or you are not subject to settings managed by a security team, you can use the Windows Security app to turn tamper protection on or off. You must have appropriate admin permissions on your machine to do change security settings, such as tamper protection.
 
 1. Click **Start**, and start typing *Defender*. In the search results, select **Windows Security**.
 
@@ -93,7 +93,7 @@ You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-
 1. Make sure your organization meets all of the following requirements to manage tamper protection using Intune:
 
     - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.)
-    - Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (See [Windows 10 release information](https://docs.microsoft.com/windows/release-information/) for more details about releases.)
+    - Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-information/).)
     - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above).
     - Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
 
@@ -132,7 +132,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release
 > [!IMPORTANT]
 > The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure.
 
-If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10 and Windows Server 2019 by using tenant attach. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices.
+If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10 and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices.
 
 1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions).
 
@@ -207,17 +207,6 @@ If you are an organization using [Microsoft Defender for Endpoint](https://www.m
 
 Your regular group policy doesn’t apply to tamper protection, and changes to Microsoft Defender Antivirus settings are ignored when tamper protection is on. 
 
-> [!NOTE]
-> A small delay in Group Policy (GPO) processing may occur if Group Policy settings include values that control Microsoft Defender Antivirus features protected by tamper protection.
-
-To avoid any potential delays, we recommend that you remove settings that control Microsoft Defender Antivirus related behavior using GPO and allow tamper protection to protect your Microsoft Defender Antivirus settings.
-
-Some sample Microsoft Defender Antivirus settings:
-
-- *Turn off real-time protection* <br />
-  Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Real-time Protection\\<br />
-  Value `DisableRealtimeMonitoring` = 0
-
 ### For Microsoft Defender for Endpoint, is configuring tamper protection in Intune targeted to the entire organization only?
 
 Configuring tamper protection in Intune or Microsoft Endpoint Manager can be targeted to your entire organization as well as to specific devices and user groups.

windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md

@@ -1,78 +1,96 @@
 ---
-title: Microsoft Defender ATP for iOS note on Privacy
+title: Privacy information - Microsoft Defender for Endpoint for iOS
 ms.reviewer:
-description: Describes the Microsoft Defender ATP for iOS Privacy
+description: Describes privacy information for Microsoft Defender for Endpoint for iOS
-keywords: microsoft, defender, atp, iOS, license, terms, application, use, installation, service, feedback, scope, 
+keywords: microsoft, defender, atp, ios, policy, overview
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: sunasing
+ms.author: macapara
-author: sunasing
+author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
-hideEdit: true
 ---
 
-# Microsoft Defender ATP for iOS - Privacy information
+# Privacy information - Microsoft Defender for Endpoint for iOS
 
 **Applies to:**
 
 - [Microsoft Defender for Endpoint](microsoft-defender-atp-ios.md)
 
->[!NOTE]
+> [!NOTE]
-> Defender for Endpoint for iOS uses a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device. Microsoft or your organization **does not see your browsing activity**.
+> Defender for Endpoint for iOS uses a VPN to provide the Web Protection feature. This is not a regular VPN and is a local or self-looping VPN that does not take traffic outside the device. **Microsoft or your organization, does not see your browsing activity.**
 
-Defender for Endpoint for iOS collects information from your configured iOS devices and stores it in the same tenant where you have Defender for Endpoint.
+Defender for Endpoint for iOS collects information from your configured iOS devices and stores it in the same tenant where you have Defender for Endpoint. The information is collected to help keep Defender for Endpoint for iOS secure, up-to-date, performing as expected, and to support the service.
 
-Information is collected to help keep Defender for Endpoint for iOS secure, up-to-date, performing as expected and to support the service.
+For more information about data storage, see [Microsoft Defender for Endpoint data storage and privacy](data-storage-privacy.md).
 
-## Required data
+## Required data 
 
-Required data consists of data that is necessary to make Defender for Endpoint for iOS work as expected. This data is essential to the operation of the service and can include data related to the end user, organization, device, and apps. Here's a list of the types of data being collected:
+Required data consists of data that is necessary to make Defender for Endpoint for iOS work as expected. This data is essential to the operation of the service and can include data related to the end user, organization, device, and apps. 
 
-### Web page / Network information
+Here is a list of the types of data being collected: 
 
-- Connection information
+### Web page or Network information 
-- Protocol type (such as HTTP, HTTPS, etc.)
 
-### Device and account information
+- Connection information only when a malicious connection or web page is detected. 
 
-- Device information such as date & time, iOS version, CPU info, and Device identifier
+- Protocol type (such as HTTP, HTTPS, etc.) only when a malicious connection or web page is detected. 
-- Device identifier is one of the below:
-    - Wi-Fi adapter MAC address
-    - Randomly generated globally unique identifier (GUID)
 
-- Tenant, Device, and User information
+### Device and account information 
-    - Azure Active Directory (AD) Device ID and Azure User ID: Uniquely identifies the device, User respectively at Azure Active directory.
-    - Azure tenant ID - GUID that identifies your organization within Azure Active Directory
-    - Microsoft Defender ATP org ID - Unique identifier associated with the enterprise that the device belongs to. Allows Microsoft to identify whether issues are impacting a select set of enterprises and how many enterprises are impacted
-    - User Principal Name - Email ID of the user
 
-### Product and service usage data
+- Device information such as date & time, iOS version, CPU info, and Device identifier, where Device identifier is one of the following: 
 
-- App package info, including name, version, and app upgrade status
+    - Wi-Fi adapter MAC address 
-- Actions performed in the app
-- Crash report logs generated by iOS
-- Memory usage data
 
-## Optional data
+    - Randomly generated globally unique identifier (GUID) 
 
-Optional data includes diagnostic data and feedback data from the client. Optional diagnostic data is additional data that helps us make product improvements and provides enhanced information to help us detect, diagnose, and fix issues. This data is only for diagnostic purposes and is not required for the service itself.
+- Tenant, Device, and User information 
 
-Optional diagnostic data includes:
+    - Azure Active Directory (AD) Device ID and Azure User ID - Uniquely identifies the device, User respectively at Azure Active directory. 
 
-- App, CPU, and network usage
+    - Azure tenant ID - GUID that identifies your organization within Azure Active Directory. 
-- Features configured by the admin
 
-**Feedback Data** is collected through in-app feedback provided by the user.
+    - Microsoft Defender for Endpoint org ID - Unique identifier associated with the enterprise that the device belongs to. Allows Microsoft to identify if there are issues affecting a select set of enterprises and the number of enterprises impacted. 
+
+    - User Principal Name - Email ID of the user. 
+
+### Product and service usage data 
+
+The following information is collected only for Microsoft Defender for Endpoint app installed on the device. 
+
+- App package info, including name, version, and app upgrade status. 
+
+- Actions done in the app. 
+
+- Crash report logs generated by iOS. 
+
+- Memory usage data. 
+
+## Optional Data 
+
+Optional data includes diagnostic data and feedback data from the client. Optional diagnostic data is additional data that helps us make product improvements and provides enhanced information to help us detect, diagnose, and fix issues. This data is only for diagnostic purposes and is not required for the service itself. 
+
+Optional diagnostic data includes: 
+
+- App, CPU, and network usage for Defender for Endpoint. 
+
+- Features configured by the admin for Defender for Endpoint. 
+
+Feedback Data is collected through in-app feedback provided by the user. 
+
+- The user's email address, if they choose to provide it.
+
+- Feedback type (smile, frown, idea) and any feedback comments submitted by the user. 
+
+For more information, see [More on Privacy](https://aka.ms/mdatpiosprivacystatement).
 
-- The user's email address, if they choose to provide it
-- Feedback type (smile, frown, idea) and any feedback comments submitted by the user
 
-[More on Privacy](https://aka.ms/mdatpiosprivacystatement)