Friday, April 14, 2017

Advanced Threat Protection expands to Office 365 ProPlus

I have been watching the Office 365 Advanced Threat Protection (ATP) service evolve over the past year.  Every time they add some new, I am just impressed.

In the most recent announcement, it was stated that ATP Safe Links is now being extended to the Office 365 ProPlus desktop clients.  That is super exciting.  So now embedded links that are in Word, Excel and PowerPoint files are protected by ATP Safe Links.

ATP initially started as an Exchange Online solution.  It has subsequently expanded to Office Online (browser).  The goal is to have ATP Safe Links uniformly applied to all Office 365 services.

Announcement - https://blogs.office.com/2017/04/04/announcing-the-release-of-threat-intelligence-and-advanced-data-governance-plus-significant-updates-to-advanced-threat-protection/
Other Advanced Threat Protection (ATP) feature releases - http://www.astaticstate.com/search/label/Advanced%20Threat%20Protection

Thursday, April 13, 2017

Skype for Business Online Ranges and Port Changes are Coming

For a long time, customers that have transitioned to Skype for Business Online have provided feedback on the number of IP ranges and ports that are required to be configured with an enterprise’s firewalls.  Microsoft Office 365 will be making some changes alleviate these challenges.

Recommend reading this and monitoring this as the changes are being rolled out -  https://techcommunity.microsoft.com/t5/Skype-Operations-Framework-Skype/Updated-IP-ranges-and-ports-for-Skype-for-Business-Online/ba-p/47470

Saturday, March 18, 2017

SharePoint Framework is GA

SharePoint Framework now GA
The SharePoint Framework went generally available (GA) in Feb 2017.  I am personally very excited to see the next evolution of SharePoint development be made available to Office 365.

One of the toughest discussion with organizations transitioning to Office 365 is how to transition SharePoint to SharePoint Online.  For organizations with complex deployments, SharePoint Online is transition could be challenging.  The biggest challenge was what to do with Full Trust code that was either developed internally or part of a third-party solution that was acquired.  Over the years since SharePoint Online has been released, organizations and third-party solution providers have transitioned over to the APIs and the SharePoint Apps model.  However, there was still gaps in what could achieve with SharePoint Online.  With the introduction of the new SharePoint Framework, these gaps have been closed.

What is the SharePoint Framework?
Simply put, the SharePoint Framework is a new web page and web part development model that supports open source tools providing new flexibility in the creation of apps using modern web technologies.  This framework works for either SharePoint on-premises or SharePoint Online.  The new SharePoint Framework will give you a smooth transition from .Net development to Javascript development using this new method.

Up this point, SharePoint Online development options were:
  • Full Trust Code: Not supported in SharePoint Online.
  • Sandbox Solutions: Limited set of Full Trust code APIs available however this solution is being deprecated; so it was not recommended to invest time in Sandbox Solutions.
  • SharePoint Apps:  Was first introduce in SharePoint 2013 days and was used by many to transition complex solutions to SharePoint Online.  This solution moved complex code to other locations and then provided a user experience through a iFrame that was integrated into SharePoint Online.  This approach had many benefits however iFrame boundary created some barriers for building an integrated solution with the SharePoint user experience.
  • Script Editor: Has been and will continue to be as a solution to inject javascript and customizations into web pages.  This solution has several limitations around configuration and its ability to integrate deeply into the SharePoint API. 

How have things changed from the old way?
With the new SharePoint Framework, we can get back to writing web-parts the way we used to; which is truly exciting.
  • Development Environment – The first big change is that Visual Studio is no longer required to do development.  Yeoman generator is used to create your project artifacts that can then be used to do your development is Visual Studio, Subline, Atom, etc.
  • API – Instead of using server side code using .NET, you will use Node.js.
    Strongly Typed Scripting – Even though development is done in Javascript; Typescript is the primary language providing developers the ability to do object-oriented development that they were used to do with .NET.
  • Build – Instead of using MSBuild to compile and build your solutions, you will use Gulp which is operating agnostic.  It will build solutions using Node.js.
  • Deployment – Deployment of code is no longer pushed out to the GAC.  With the SharePoint Framework code is built and then deployed to any CDN service.  For instance a public CDN used to make the solution publicly available or can be deployed in a SharePoint CDN only make the solution available to a tenant.


References
I highly recommend you start reviewing these articles.

SharePoint Framework GA Announcement - https://blogs.office.com/2017/02/23/sharepoint-framework-reaches-general-availability-build-and-deploy-engaging-web-parts-today/
Overview from Ignite - https://myignite.microsoft.com/videos/2723
Overview - https://dev.office.com/sharepoint/docs/spfx/sharepoint-framework-overview
Enterprise Guidance - https://dev.office.com/sharepoint/docs/spfx/enterprise-guidance

Friday, February 3, 2017

2007 Products Nearing End of Support

I saw that there was a reminder going around that some software was coming end of extended support in Calendar Year 2017.  For instance:
  • Office 365 ProPlus client using 2013 rich client is coming to an end 2/18/17.  This means you need to finish your transitions to Office 365 ProPlus 2016 client as soon as possible.
  • Exchange 2007 will be ending 4/11/2017.
  • Office 2007, Project Server 2007, and SharePoint 2007 are also coming to end of extended support.  I still see customers with SharePoint 2007 sitting out there.
  • OCS R2 (2007) has a little bit more time, 1/9/18.
I just call this out because in my mind, these 2007 releases was the first year where you could start seeing Microsoft’s vision of bringing together Exchange, SharePoint and OCS into a single collaboration platform.  That little presence “jellybean” was the start of something great.  Seeing what we have now with Office 365 where productivity is delivered as a SaaS service where Exchange, SharePoint, OneDrive, Skype, Office, Groups, Teams, etc., etc. are delivered in a fully integrated and seamless user experience brings a smile to my face. 

Here are some references:https://support.microsoft.com/en-us/lifecycle/selectindex
https://support.microsoft.com/en-us/help/3198497/office-2007-approaching-end-of-extended-support
https://blogs.technet.microsoft.com/exchange/2016/04/11/exchange-server-2007-t-1-year-and-counting/

Advanced Threat Protection adds URL Detonation and Dynamic Delivery

Every time I think there is something cool that is released, some even more interesting is going to be released into Office 365.  Let’s focus on Advanced Threat Protection (ATP).  Back in November there was announcement made that ATP was being expanded to protect Office, SharePoint Online and OneDrive for Business; I blogged about it here - http://www.astaticstate.com/2016/11/new-atp-features-for-office-sharepoint.html

Well there are some more features being released to ATP that are truly exciting.

First URL Detonation is being added.  What this will do is protect you against links to files.  If a user clicks on a link like below, what ATP will do is scan the file for anything malicious prior to providing the user access to the file.  This is in addition to what ATP already does with the Safe Links feature (checking the reputation of the URL).


Second, Dynamic Delivery is being added to the Safe Attachments feature.  What this will do is continue to send an email to a user which the attachments are being scanned.  The user will see a stub in Outlook telling them that their attachments are being scanned, and once scanning has been completed, they will be provided access to the email attachments.  Users will not have to wait as long now for getting their emails that are going through Safe Attachment analysis.
If the user clicks on the stub, they will be given a progress of the analysis.
It is truly existing to see these types of features being released in the ATP service.

Reference
https://blogs.office.com/2017/01/25/evolving-office-365-advanced-threat-protection-with-url-detonation-and-dynamic-delivery/

Friday, January 20, 2017

Location Based Conditional Access for SharePoint Online and OneDrive for Business

I have been waiting for this capability to be released for some time now – Location Based Conditional Access.

SharePoint Online and OneDrive for Business has released a new solution that will allowing admins to control where data is synchronized to.  Specifically, you can create policy that can block synchronization of SharePoint Online and OneDrive for Business data based on IP address ranges. 

Why this is important?  For instance, there are many enterprise organizations that do not want their documents and files to be synchronized to non-managed devices or non-managed networks.  In many cases, administrators may only allow browser based access to documents when the user access documents from non-managed devices or non-managed networks.

Note if you have, Azure Active Directory Premium (AADP) configured, AADP will enforce its policy first and then the new SharePoint / OneDrive policy will be enforced.

Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Introducing-Conditional-Access-by-Network-Location-for/ba-p/39274

Saturday, January 14, 2017

Office 365 and Azure Granted DoD L5 Provisional Authority (PA)

There was a major announcement this week.  Both Microsoft Office 365 and Azure have been granted a DoD Provisional Authority (PA) at Level 5 (L5) to store and process unclassified data.  This is a significant achievement which no other cloud vendor has been able to achieve across SaaS, PaaS and IaaS.  This is driven by the Office 365 US Government Defense and Azure Government (DoD Region) clouds.

The DoD Cloud Computing (CC) Security Requirements Guide (SRG) defines controls that Cloud Service Offerings (CSO) must adhere to beyond controls defined by FedRAMP (NIST 800-53).

Public Announcement - DOD Level 5 PA granted to Microsoft Azure and Office 365 - https://enterprise.microsoft.com/en-us/industries/government/dod-level5-p-ato-granted-microsoft-azure-office-365/

Public Announcement - Azure DoD Regions Accredited at Impact Level 5 and Now Generally Available - https://blogs.msdn.microsoft.com/azuregov/2017/01/13/azure-dod-regions-accredited-at-impact-level-5-and-now-generally-available/

Public Announcement - Microsoft Azure Government is First Commercial Cloud to Achieve DoD Impact Level 5 Provisional Authorization, General Availability of DoD Regions - https://azure.microsoft.com/en-us/blog/microsoft-azure-government-is-first-commercial-cloud-to-achieve-dod-impact-level-5-provisional-authorization-general-availability-of-dod-regions/

Not all clouds are created equal - https://enterprise.microsoft.com/en-us/industries/government/check-the-facts/

Microsoft Trust Center - Department of Defense (DoD) Provisional Authorization - https://www.microsoft.com/en-us/TrustCenter/Compliance/DISA#