Saturday, March 18, 2017

SharePoint Framework is GA

SharePoint Framework now GA
The SharePoint Framework went generally available (GA) in Feb 2017.  I am personally very excited to see the next evolution of SharePoint development be made available to Office 365.

One of the toughest discussion with organizations transitioning to Office 365 is how to transition SharePoint to SharePoint Online.  For organizations with complex deployments, SharePoint Online is transition could be challenging.  The biggest challenge was what to do with Full Trust code that was either developed internally or part of a third-party solution that was acquired.  Over the years since SharePoint Online has been released, organizations and third-party solution providers have transitioned over to the APIs and the SharePoint Apps model.  However, there was still gaps in what could achieve with SharePoint Online.  With the introduction of the new SharePoint Framework, these gaps have been closed.

What is the SharePoint Framework?
Simply put, the SharePoint Framework is a new web page and web part development model that supports open source tools providing new flexibility in the creation of apps using modern web technologies.  This framework works for either SharePoint on-premises or SharePoint Online.  The new SharePoint Framework will give you a smooth transition from .Net development to Javascript development using this new method.

Up this point, SharePoint Online development options were:
  • Full Trust Code: Not supported in SharePoint Online.
  • Sandbox Solutions: Limited set of Full Trust code APIs available however this solution is being deprecated; so it was not recommended to invest time in Sandbox Solutions.
  • SharePoint Apps:  Was first introduce in SharePoint 2013 days and was used by many to transition complex solutions to SharePoint Online.  This solution moved complex code to other locations and then provided a user experience through a iFrame that was integrated into SharePoint Online.  This approach had many benefits however iFrame boundary created some barriers for building an integrated solution with the SharePoint user experience.
  • Script Editor: Has been and will continue to be as a solution to inject javascript and customizations into web pages.  This solution has several limitations around configuration and its ability to integrate deeply into the SharePoint API. 

How have things changed from the old way?
With the new SharePoint Framework, we can get back to writing web-parts the way we used to; which is truly exciting.
  • Development Environment – The first big change is that Visual Studio is no longer required to do development.  Yeoman generator is used to create your project artifacts that can then be used to do your development is Visual Studio, Subline, Atom, etc.
  • API – Instead of using server side code using .NET, you will use Node.js.
    Strongly Typed Scripting – Even though development is done in Javascript; Typescript is the primary language providing developers the ability to do object-oriented development that they were used to do with .NET.
  • Build – Instead of using MSBuild to compile and build your solutions, you will use Gulp which is operating agnostic.  It will build solutions using Node.js.
  • Deployment – Deployment of code is no longer pushed out to the GAC.  With the SharePoint Framework code is built and then deployed to any CDN service.  For instance a public CDN used to make the solution publicly available or can be deployed in a SharePoint CDN only make the solution available to a tenant.


References
I highly recommend you start reviewing these articles.

SharePoint Framework GA Announcement - https://blogs.office.com/2017/02/23/sharepoint-framework-reaches-general-availability-build-and-deploy-engaging-web-parts-today/
Overview from Ignite - https://myignite.microsoft.com/videos/2723
Overview - https://dev.office.com/sharepoint/docs/spfx/sharepoint-framework-overview
Enterprise Guidance - https://dev.office.com/sharepoint/docs/spfx/enterprise-guidance

Friday, February 3, 2017

2007 Products Nearing End of Support

I saw that there was a reminder going around that some software was coming end of extended support in Calendar Year 2017.  For instance:
  • Office 365 ProPlus client using 2013 rich client is coming to an end 2/18/17.  This means you need to finish your transitions to Office 365 ProPlus 2016 client as soon as possible.
  • Exchange 2007 will be ending 4/11/2017.
  • Office 2007, Project Server 2007, and SharePoint 2007 are also coming to end of extended support.  I still see customers with SharePoint 2007 sitting out there.
  • OCS R2 (2007) has a little bit more time, 1/9/18.
I just call this out because in my mind, these 2007 releases was the first year where you could start seeing Microsoft’s vision of bringing together Exchange, SharePoint and OCS into a single collaboration platform.  That little presence “jellybean” was the start of something great.  Seeing what we have now with Office 365 where productivity is delivered as a SaaS service where Exchange, SharePoint, OneDrive, Skype, Office, Groups, Teams, etc., etc. are delivered in a fully integrated and seamless user experience brings a smile to my face. 

Here are some references:https://support.microsoft.com/en-us/lifecycle/selectindex
https://support.microsoft.com/en-us/help/3198497/office-2007-approaching-end-of-extended-support
https://blogs.technet.microsoft.com/exchange/2016/04/11/exchange-server-2007-t-1-year-and-counting/

Advanced Threat Protection adds URL Detonation and Dynamic Delivery

Every time I think there is something cool that is released, some even more interesting is going to be released into Office 365.  Let’s focus on Advanced Threat Protection (ATP).  Back in November there was announcement made that ATP was being expanded to protect Office, SharePoint Online and OneDrive for Business; I blogged about it here - http://www.astaticstate.com/2016/11/new-atp-features-for-office-sharepoint.html

Well there are some more features being released to ATP that are truly exciting.

First URL Detonation is being added.  What this will do is protect you against links to files.  If a user clicks on a link like below, what ATP will do is scan the file for anything malicious prior to providing the user access to the file.  This is in addition to what ATP already does with the Safe Links feature (checking the reputation of the URL).


Second, Dynamic Delivery is being added to the Safe Attachments feature.  What this will do is continue to send an email to a user which the attachments are being scanned.  The user will see a stub in Outlook telling them that their attachments are being scanned, and once scanning has been completed, they will be provided access to the email attachments.  Users will not have to wait as long now for getting their emails that are going through Safe Attachment analysis.
If the user clicks on the stub, they will be given a progress of the analysis.
It is truly existing to see these types of features being released in the ATP service.

Reference
https://blogs.office.com/2017/01/25/evolving-office-365-advanced-threat-protection-with-url-detonation-and-dynamic-delivery/

Friday, January 20, 2017

Location Based Conditional Access for SharePoint Online and OneDrive for Business

I have been waiting for this capability to be released for some time now – Location Based Conditional Access.

SharePoint Online and OneDrive for Business has released a new solution that will allowing admins to control where data is synchronized to.  Specifically, you can create policy that can block synchronization of SharePoint Online and OneDrive for Business data based on IP address ranges. 

Why this is important?  For instance, there are many enterprise organizations that do not want their documents and files to be synchronized to non-managed devices or non-managed networks.  In many cases, administrators may only allow browser based access to documents when the user access documents from non-managed devices or non-managed networks.

Note if you have, Azure Active Directory Premium (AADP) configured, AADP will enforce its policy first and then the new SharePoint / OneDrive policy will be enforced.

Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Introducing-Conditional-Access-by-Network-Location-for/ba-p/39274

Saturday, January 14, 2017

Office 365 and Azure Granted DoD L5 Provisional Authority (PA)

There was a major announcement this week.  Both Microsoft Office 365 and Azure have been granted a DoD Provisional Authority (PA) at Level 5 (L5) to store and process unclassified data.  This is a significant achievement which no other cloud vendor has been able to achieve across SaaS, PaaS and IaaS.  This is driven by the Office 365 US Government Defense and Azure Government (DoD Region) clouds.

The DoD Cloud Computing (CC) Security Requirements Guide (SRG) defines controls that Cloud Service Offerings (CSO) must adhere to beyond controls defined by FedRAMP (NIST 800-53).

Public Announcement - DOD Level 5 PA granted to Microsoft Azure and Office 365 - https://enterprise.microsoft.com/en-us/industries/government/dod-level5-p-ato-granted-microsoft-azure-office-365/

Public Announcement - Azure DoD Regions Accredited at Impact Level 5 and Now Generally Available - https://blogs.msdn.microsoft.com/azuregov/2017/01/13/azure-dod-regions-accredited-at-impact-level-5-and-now-generally-available/

Public Announcement - Microsoft Azure Government is First Commercial Cloud to Achieve DoD Impact Level 5 Provisional Authorization, General Availability of DoD Regions - https://azure.microsoft.com/en-us/blog/microsoft-azure-government-is-first-commercial-cloud-to-achieve-dod-impact-level-5-provisional-authorization-general-availability-of-dod-regions/

Not all clouds are created equal - https://enterprise.microsoft.com/en-us/industries/government/check-the-facts/

Microsoft Trust Center - Department of Defense (DoD) Provisional Authorization - https://www.microsoft.com/en-us/TrustCenter/Compliance/DISA#

Monday, December 26, 2016

Office 365 Advacned Data Governance

There was an announcement for a new feature of E5 being called Advanced Data Governance.  It was buried in an announcement back in Sept 2016.

Some time ago, Office 365 made several announcements for being able to consume corporate data from other major platforms.  There is a new Advanced Data Governance feature that will be coming to Office 365 that will provide you a dashboard that will give insight to the type of data you have, how it is classified, and how it is going to be retained.  There will also be tools to assist you with the data import process to filter out data that you do not need to retain, and you will have a tool that will allow you to set a central retention policy across all Office 365 solutions.  This is super exciting and I highly recommend you watch the session on this at the Ignite Conference.

Announcement - https://blogs.office.com/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/

Ignite Conference Video - https://myignite.microsoft.com/videos/1323


Sunday, November 20, 2016

Office 365 Third-Party Security App Management

There are several new features coming to Office 365 through Advanced Security Management (ASM), which is part of E5 which will give admin much more visibility and control of how Office 365 data is flowing out to third-party applications.

Productivity App Discovery
A new feature is being released to Advanced Security Management called Productivity App Discovery.  This solution will provide admins the ability to understand their organization’s usage of Office 365 and other productivity services.  This will help you understand how data from Office 365 or should be stored in Office 365 is being sent to outside applications that are not in your administrative control.


Apps Permission
Additionally, a new feature is being added that will allow Office 365 Admins to better monitor and approved third-party applications that are integrated with Office 365.  This again is part of Office 365 Advanced Security Management.

Users can connect a third-party application with Office 365.  When they do this, the user is provided information about what that integration means, however it may be common that the end user does not full ramifications in the security risk they may or may not be taking.


What App Permissions will do will provide the administrators the ability to review which third-party applications have access to Office 365 data.  Admins have the ability to approve or revoke access plus notify the users that access to the third-party application is revoked.




Resources
Productivity App Discovery - https://blogs.office.com/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/

Third-party Apps with Office 365 - https://blogs.office.com/2016/10/31/enhanced-control-over-third-party-apps-now-available-in-office-365/

Overview of Advanced Security Management in Office 365 - https://support.office.com/en-us/article/Overview-of-Advanced-Security-Management-in-Office-365-81f0ee9a-9645-45ab-ba56-de9cbccab475