As IT teams and managed service providers (MSPs) navigate increasingly complex hybrid environments, the pressure to scale efficiently while maintaining an ironclad security posture has never been higher.
The June release of AvePoint Elements delivers powerful new capabilities built to tackle these exact challenges. From enforced platform security and automated cost optimization to streamlined multi-tenant configurations, this release provides the centralized visibility and automation required to eliminate administrative bottlenecks and protect your entire digital estate.
Tenant Security & Multi-Tenant Operations
Mandatory MFA Architecture
To proactively harden account security and meet strict enterprise compliance standards, mandatory multi-factor authentication (MFA) enrollment is now enforced for all local users at login. This architectural update replaces disjointed legacy settings with a single process which cannot be bypassed, eliminating a primary attack vector and ensuring that every administrator and technician access point is locked down.
Streamlined App Profile Authorization
To simplify workflows when Global Admin access is unavailable, a new authorization framework allows partners to select multiple services at once to generate a single, secure customer app profile authorization link. This enables clients to complete app consent independently and accelerates the onboarding process.
Azure Virtual Desktop (AVD) Session Monitor
For teams managing diverse workloads, the new AVD Session Monitor is available in public preview. This centralized dashboard provides cross-tenant visibility into all host pool sessions, allowing teams to execute bulk management actions on active user sessions directly from the interface to improve service efficiency.
What’s New in User Management
New administrative tools allow governance teams to simplify hybrid directories, protect access levels, and optimize software spend based on real-world usage.
Granular Visibility and Permission Simulation
With the introduction of Permission Simulation, administrators can now utilize a real-time evaluation engine to simulate specific user identities or roles. This allows you to preview exactly what a user can see and do before access parameters are finalized, drastically reducing the risk of incorrect access configurations.
Centralized SharePoint Management
Complementing this visibility, governance teams can take advantage of a dedicated SharePoint management workspace to seamlessly create sites, monitor storage, adjust sharing settings, and access deeper insights into sub-sites and document libraries directly from the main navigation menu.
Resource Optimization and Directory Governance
To drive direct cost savings, new automated license management workflows automatically unassign or downgrade licenses based on actual user activity and manager approval, using sophisticated exclusion rules to protect new hires and executives.
Managing hybrid environments is similarly simplified through Shared Folder Management, a dedicated category that gives administrators full visibility into on-premises file share directory paths, user groups, and member permissions from a single location.
What’s New in Baseline Management
Securing tenants against modern threats requires consistent configuration standards. This module enables you to implement advanced baselines and granular deployment controls into your security strategy.
Standardized Out-of-the-Box Security Profiles (CIS Level 2)
Elements now features a built-in Center for Internet Security (CIS) Level 2 baseline, delivering advanced security controls built to fulfill high-security compliance benchmarks right away.
Intune App Configuration File Hub
To streamline Intune administration, the new App Configuration File Hub serves as a centralized repository where administrators can upload and store app package files for direct use in baseline configurations. By staging deployment files directly within Elements for baseline distribution, IT teams ensure highly consistent application setups across all managed tenants.
Multi-Tenant Baseline Deployment Wizard
Deploying these configuration standards at scale is faster than ever, thanks to the multi-tenant baseline deployment wizard. This guided wizard lets you map domains, configure policies, and define tenant-specific matching logic through structured workflows that support both manual reviews and fully automated deployments.
What’s New in Azure Security Management
Cloud infrastructure protection is now more precise with tailored compliance checks specifically designed to protect specialized cloud workloads.
Advanced database security rules are now live, engineered to safeguard Azure SQL, PostgreSQL, and Kubernetes environments. This update allows security teams to proactively monitor database configurations, restrict public access, and enforce least-privilege identities to ensure your critical cloud posture remains secure.
What’s New in Workspace Management
Managing organizational naming standards and policy violations is now more flexible, protecting tenant compliance without stalling user productivity.
- Flexible naming policies and remediations. A new dynamic name enforcement capability enhances the Groups and Teams name compliance policy by allowing legitimate name changes when updates meet specific business conditions. Additionally, administrators can now choose between auto-fix or manual-fix remediation methods to control precisely how workspace violations are handled.
- Automated admin and owner notifications. To improve communication and transparency during tenant cleanup efforts, new configuration settings allow you to automate violation notifications. These alerts can be routed directly to site collection administrators, site owners, and Group or Team owners the moment an issue is flagged.
- Advanced sensitivity label management. The platform has expanded its workspace protection capabilities by adding sensitivity label permissions via the Content.Writer Microsoft Rights Management Services permission to the core security app, allowing IT teams to seamlessly manage data labels for workspaces.
What’s New in App Management
App management is now available as a standalone service, granting administrators an independent workspace to oversee software deployment and track version histories. Decoupling this functionality simplifies the application lifecycle and reduces overhead for IT departments maintaining strict software version control across multiple environments.
Standalone Workspaces and Winget Integration
Within this new decoupled experience, teams can create and manage Winget applications directly. This integration enables administrators to use the Windows Package Manager repository seamlessly from within the platform, saving hours of manual setup by automating package discovery, installation, and software updates through a single interface.
Get Started Today!
Explore the latest capabilities in the Elements Platform and elevate your services approach. Log in now to experience these enhancements firsthand or visit our website to learn how these features can transform your service delivery model.
Want a deeper dive into the June 2026 release and what’s coming next?
Register now to watch the latest episode of AvePoint Innovates: Channel Edition on Thursday, May 7th 11:00 AM EST. Discover new capabilities, best practices, and insights to help you strengthen governance and scale operations.
Esther is AvePoint's Director of Technical Writing, with a specialization in communicating product updates and platform updates.