If you are looking to learn about what is Direct Routing with Microsoft Teams, recommend you start with the references below. Direct Routing allows customers to bring their trunk and then use a certified SBC to integrate with Microsoft Teams. You have the ability to host the SBC yourself or do partner hosted SBCs.
References
https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Direct-Routing-is-now-Generally-Available/ba-p/210359#M1277
https://docs.microsoft.com/en-us/microsoftteams/direct-routing-plan
https://www.youtube.com/watch?v=N478Sq1v7Ss
Friday, December 21, 2018
Direct Routing with Microsoft Teams
Labels:
Microsoft Teams,
Office 365
Terms of Use with Office 365
There is a new capability in AAD that is available Terms of Use which a lot of Office 365 customers may want to utilize.
An organization will want users to accept a Terms of Use agreement to access their environment. The Terms of Use solution can:
Here are some detailed articles about this capability.
https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Updates-to-Azure-AD-Terms-of-Use-functionality-within/ba-p/294822
https://docs.microsoft.com/en-us/azure/active-directory/governance/active-directory-tou
An organization will want users to accept a Terms of Use agreement to access their environment. The Terms of Use solution can:
- Required all users accept a terms of use agreement to access Office 365 services.
- There is a new feature that can be used for B2B scenarios for such services SharePoint Online and Microsoft Teams. If you invite in an external user that is on AAD, that external user will be required to agree to a Terms of Use.
- Can require users sign it once or every time they access.
- Can associate a Terms of Use document that is organization specific for users to review.
- Require users to expand and scroll through entire terms of use before accepting.
- Can expire the Terms of Use agreement after a specific amount of days or associated a frequency for when they must accept the Terms of use.
- Can enforce Conditional Access policies against the Terms of Use policy.
- Access to reports of who accepted and declined a Terms of Use.
- Works for browsers and mobile device scenarios.
https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Updates-to-Azure-AD-Terms-of-Use-functionality-within/ba-p/294822
https://docs.microsoft.com/en-us/azure/active-directory/governance/active-directory-tou
Labels:
Azure AD,
Microsoft Teams,
Office 365,
SharePoint Online
Wednesday, November 21, 2018
New Teams Admin and Management Capabilities
Personally, I have been doing more and more with Teams. I will admit, making the change from Email to Teams definitely requires some re-orientation and change in how I communicate and share information. I have to say even I am turning the corner, and the vision is so clear to me now.
With that said, there were some new Admin capabilities released into Teams.
New Microsoft Teams Administrator Roles
This one I was the most interested in learning about. There are new management APIs that have been released that allows you to automation around Team and Channel generation. You can control the entire life-cycle of that Teams generation. This just super interesting because there is opportunity to some really creative things. For instance, lets every time new sales lead is created, you initiate a new Team or Channel, and then drive all the users who need to participate in the sales lead to have all their conversation and collaboration directly to that Team or Channel. Your CRM can generate the Teams or Channel automatically.
Reference - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/New-Provide-a-great-Teams-experience-with-improved-manageability/ba-p/288059
With that said, there were some new Admin capabilities released into Teams.
New Microsoft Teams Administrator Roles
- There are four new admin roles that have been created that will provide finer granularity around how Teams are managed: Teams Service Administrator, Teams Communication Administrator, Teams Communications Support Engineering and Teams Communications Support Specialists.
- From my perspective, organizations will have specialists that may be more focused on the group chat features of Teams versus the Phone / PBX features. This level of administrator definition will allow you to break roles and responsibilities out.
- There is a new all up view that allows you to see every Team in your tenant.
- Within this new view, you have the ability to take actions across multiple Teams from a single view.
This one I was the most interested in learning about. There are new management APIs that have been released that allows you to automation around Team and Channel generation. You can control the entire life-cycle of that Teams generation. This just super interesting because there is opportunity to some really creative things. For instance, lets every time new sales lead is created, you initiate a new Team or Channel, and then drive all the users who need to participate in the sales lead to have all their conversation and collaboration directly to that Team or Channel. Your CRM can generate the Teams or Channel automatically.
Reference - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/New-Provide-a-great-Teams-experience-with-improved-manageability/ba-p/288059
Labels:
Microsoft Teams,
Office 365
Saturday, October 27, 2018
Office Productivity Server 2019
There is still lots of good reason why customers need to deploy Office Productivity Server builds either on-premises or in an IaaS cloud, in a hybrid mode with Office 365. If you did not see this week, Exchange Server, SharePoint Server, Skype for Business Server and Project Server all had GA releases of 2019 complete.
All of these builds continue with the investment in hybrid experiences with the Office 365 cloud. Recommend you read up on these releases and prepare your environments to get to 2019 as soon as possible.
Office All Up announcement - https://techcommunity.microsoft.com/t5/Office-365-Blog/Office-2019-servers-available-for-commercial-customers/ba-p/275879
Skype for Business Server 2019 What’s New - https://docs.microsoft.com/en-us/skypeforbusiness/whats-new
Skype for Business Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/skypeforbusiness/deprecated - XMPP and Persistent Chat are the biggies.
Exchange Server 2019 What’s New - https://docs.microsoft.com/en-us/exchange/new-features/new-features?view=exchserver-2019
Exchange Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/exchange/new-features/discontinued-features?view=exchserver-2019 – Unified Messaging is the big one.
SharePoint Server 2019 What’s New - https://docs.microsoft.com/en-us/SharePoint/what-s-new/new-and-improved-features-in-sharepoint-server-2019
SharePoint Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/SharePoint/what-s-new/what-s-deprecated-or-removed-from-sharepoint-server-2019 - Definitions, Access Services, Groove Sync Client, InfoPath Services, SharePoint Designer, PerformancePoint Services, Sandbox Solutions, etc. A lot of stuff I worked on over the years…
Project Server 2019 What’s New - https://docs.microsoft.com/en-us/Project/what-s-new-for-it-pros-in-project-server-2019
Project Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/Project/what-s-deprecated-or-removed-in-project-server-2019 - Resource plans, My tasks was some biggies
All of these builds continue with the investment in hybrid experiences with the Office 365 cloud. Recommend you read up on these releases and prepare your environments to get to 2019 as soon as possible.
Office All Up announcement - https://techcommunity.microsoft.com/t5/Office-365-Blog/Office-2019-servers-available-for-commercial-customers/ba-p/275879
Skype for Business Server 2019 What’s New - https://docs.microsoft.com/en-us/skypeforbusiness/whats-new
Skype for Business Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/skypeforbusiness/deprecated - XMPP and Persistent Chat are the biggies.
Exchange Server 2019 What’s New - https://docs.microsoft.com/en-us/exchange/new-features/new-features?view=exchserver-2019
Exchange Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/exchange/new-features/discontinued-features?view=exchserver-2019 – Unified Messaging is the big one.
SharePoint Server 2019 What’s New - https://docs.microsoft.com/en-us/SharePoint/what-s-new/new-and-improved-features-in-sharepoint-server-2019
SharePoint Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/SharePoint/what-s-new/what-s-deprecated-or-removed-from-sharepoint-server-2019 - Definitions, Access Services, Groove Sync Client, InfoPath Services, SharePoint Designer, PerformancePoint Services, Sandbox Solutions, etc. A lot of stuff I worked on over the years…
Project Server 2019 What’s New - https://docs.microsoft.com/en-us/Project/what-s-new-for-it-pros-in-project-server-2019
Project Server 2019 What’s Deprecated - https://docs.microsoft.com/en-us/Project/what-s-deprecated-or-removed-in-project-server-2019 - Resource plans, My tasks was some biggies
Tuesday, September 11, 2018
Disable Ability to create Microsoft Teams / Channels
I have seen a few situations now where customers are looking to transition from Skype for Business Online to Teams, yet they want to initially disable the Teams / Channel capability at the outset. The thinking is, first transition over some of the core IM, presence, and web capabilities first. Then later, once that has been adopted on Teams, start enable Teams / Channels.
There is a governance feature you have which will disable all user’s ability to create Teams / Channels. Basically, you will disable the ability to create Office 365 Groups. Here is a reference - https://support.office.com/en-us/article/manage-who-can-create-office-365-groups-4c46c8cb-17d0-44b5-9776-005fced8e618
There is a governance feature you have which will disable all user’s ability to create Teams / Channels. Basically, you will disable the ability to create Office 365 Groups. Here is a reference - https://support.office.com/en-us/article/manage-who-can-create-office-365-groups-4c46c8cb-17d0-44b5-9776-005fced8e618
Office 365 Data Delete
I receive lots of questions about how to remove data from Office 365. There can be lots of business scenarios: for instance, someone leaves the organization and you no longer want to retain data another instance is critical business or mission data needs to be deleted. If you are looking to build procedures for data deletion, recommend that you review these:
Deleting Personal Data - https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-office365#deleting-personal-data
eDiscovery solution series: Data spillage scenario - Search and purge - https://docs.microsoft.com/en-us/office365/securitycompliance/data-spillage-scenariosearch-and-purge?redirectSourcePath=%252fen-us%252farticle%252fediscovery-solution-series-data-spillage-scenario-search-and-purge-d945f7dd-f62f-4ca7-b3e7-469824cfd493
Deleting Personal Data - https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-office365#deleting-personal-data
eDiscovery solution series: Data spillage scenario - Search and purge - https://docs.microsoft.com/en-us/office365/securitycompliance/data-spillage-scenariosearch-and-purge?redirectSourcePath=%252fen-us%252farticle%252fediscovery-solution-series-data-spillage-scenario-search-and-purge-d945f7dd-f62f-4ca7-b3e7-469824cfd493
Sunday, August 26, 2018
Teams is Ready to replace SfBO, start your planning
There was an important announcement last week that Teams had completed porting over capability that is traditionally delivered in SfBO.
Announcement - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-is-now-a-complete-meeting-and-calling-solution/ba-p/236042
Start your planning now! Recommend you start reading here - https://docs.microsoft.com/en-us/MicrosoftTeams/Microsoft-Teams
Announcement - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-is-now-a-complete-meeting-and-calling-solution/ba-p/236042
Start your planning now! Recommend you start reading here - https://docs.microsoft.com/en-us/MicrosoftTeams/Microsoft-Teams
Wednesday, August 8, 2018
SharePoint Server 2019 Preview
SharePoint Server 2019 is now in Preview and available for customers to try out.
Investments for SharePoint 2019 are in:
1) user experiences for desktop and mobile,
2) scalable collaboration platform
3) institutive user experience.
There is new integration with PowerApps and Flow from the cloud.
Expanded support for hybrid configuration with SharePoint Online.
Integration with the new SharePoint Framework.
SharePoint 2019 will be going GA before the end of CY18.
Announcement and References - https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Announcing-Availability-of-SharePoint-Server-2019-Preview/ba-p/214427 - Instructions are here to obtain the Preview.
Investments for SharePoint 2019 are in:
1) user experiences for desktop and mobile,
2) scalable collaboration platform
3) institutive user experience.
There is new integration with PowerApps and Flow from the cloud.
Expanded support for hybrid configuration with SharePoint Online.
Integration with the new SharePoint Framework.
SharePoint 2019 will be going GA before the end of CY18.
Announcement and References - https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Announcing-Availability-of-SharePoint-Server-2019-Preview/ba-p/214427 - Instructions are here to obtain the Preview.
Labels:
SharePoint 2019
Saturday, July 14, 2018
Free Microsoft Teams
There was a big announcement by Microsoft Teams. Microsoft Teams is now being offered in a Free version worldwide. This capability is intended to provide Microsoft Teams to small businesses and groups of users who do not have access to an Office 365 subscription.
This new free version of Microsoft teams allows you:
References
Announcement - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Introducing-a-free-version-of-Microsoft-Teams/ba-p/214592
Comparison - https://products.office.com/en-US/microsoft-teams/free?ms.officeurl
This new free version of Microsoft teams allows you:
- Collaborate with up to 300 people.
- Audio and video calling.
- 10 GB of file storage
- 2 GB per person of personal storage
- Office Online
- Ability to communicate with other organizations using Teams
Anyone can use this free version of Microsoft Teams. However, if you use an identity that is associated to an instance of Office 365, the user will be routed to the Microsoft Teams user experience managed by Office 365.
References
Announcement - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Introducing-a-free-version-of-Microsoft-Teams/ba-p/214592
Comparison - https://products.office.com/en-US/microsoft-teams/free?ms.officeurl
Labels:
Microsoft Teams,
Office 365
Teams Live Events
Microsoft Teams had a recent important announcement. Live Events has gone into preview.
Live Events is a capability that allows for one to many content and video sharing to large audiences. Events can be scheduled through Teams, and then Stream delivers the webcast. This solution is intended to replace Skype Meeting Broadcast over time.
Organizers will have the ability to:
Live Events is a capability that allows for one to many content and video sharing to large audiences. Events can be scheduled through Teams, and then Stream delivers the webcast. This solution is intended to replace Skype Meeting Broadcast over time.
Organizers will have the ability to:
- Manage permissions to the event
- Choose production method
- Assigning production roles
- Manage event reports (recording and attendance)
- Real-time caption and translation options
Producers will have the ability to monitor the event itself. They will have the ability to start/stop, share video, share desktops, chat with event attendees, view live attendance data, moderate question / answer, manage captions, etc.
Presenters will have the ability to share content and moderate question and answers.
Attendees can attend the event from browsers, desktops and mobile devices. They have the ability to pause the stream and restart it on demand. They can interact through question and answer.
Other important facts:
- Max supported audience size is 10,000 users
- If you have SfBO and SfB hybrid, and you want to allow SfB on-prem users to attend Live Events, it is possible to configure this through hybrid
References
Announcement - https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Live-events-in-Microsoft-Teams/ba-p/214955
Technical Documentation - https://docs.microsoft.com/en-us/microsoftteams/what-are-teams-live-events
Enable Teams Live Events - https://review.docs.microsoft.com/en-us/MicrosoftTeams/teams-live-events-enable?branch=teams-live-events
Network Set Up for Live events - https://review.docs.microsoft.com/en-us/MicrosoftTeams/teams-live-events-set-up-your-network?branch=teams-live-events
Articles and Instructions on Live Event Configuration - https://review.docs.microsoft.com/en-us/MicrosoftTeams/teams-live-events-help?branch=teams-live-events
Best Practices - https://review.docs.microsoft.com/en-us/MicrosoftTeams/teams-live-events-best-practices?branch=teams-live-events
Labels:
Microsoft Stream,
Microsoft Teams,
Office 365
Saturday, June 23, 2018
Office 365 Event Driven Retention
There was interesting announcement last month for a new feature being released call Event Driven Retention. Microsoft has been making tons of investments into Data Governance, and there is a specific feature called Office 365 Labels. It is very exciting to see these mature, enterprise features being incorporated into the Office365.
So if you have content in Office 365 that has been labeled, when a business event occurs, retention will be applied based on that events occurrence. For instance, lets say there is a business rule that you have to keep all contact information for 5 years when the contract expires. With this solution, what that contract expires, the retention period will be enforced proactively for you.
If you dig a little deeper, there is really interesting capability within Office 365 Labels that automatically apply labels to content for you. This drives down the responsibility we have placed on users in the past to manually classify and set retention periods for files.
Overview of event-driven retention - https://support.office.com/en-us/article/Overview-of-event-driven-retention-dd851332-747b-45b9-82de-e3cd7d01c8a7
Overview of labels - https://support.office.com/en-us/article/Overview-of-labels-af398293-c69d-465e-a249-d74561552d30
So if you have content in Office 365 that has been labeled, when a business event occurs, retention will be applied based on that events occurrence. For instance, lets say there is a business rule that you have to keep all contact information for 5 years when the contract expires. With this solution, what that contract expires, the retention period will be enforced proactively for you.
If you dig a little deeper, there is really interesting capability within Office 365 Labels that automatically apply labels to content for you. This drives down the responsibility we have placed on users in the past to manually classify and set retention periods for files.
Overview of event-driven retention - https://support.office.com/en-us/article/Overview-of-event-driven-retention-dd851332-747b-45b9-82de-e3cd7d01c8a7
Overview of labels - https://support.office.com/en-us/article/Overview-of-labels-af398293-c69d-465e-a249-d74561552d30
Labels:
Advanced Data Governance,
Office 365
Saturday, May 5, 2018
Office 365 Mult-Geo goes Generally Available
Office 365 multi-geo has now gone GA. This is a significant feature release that allows a single Office 365 tenant to span across multiple Office 365 datacenter geographies. This allows companies and organizations to store data-at-rest, on-a-per-user-basis in a chosen geography.
This allows organizations to support data residency guidelines they have been asked to address in the cloud. To date, many organizations have had to address these solutions through cloud hybrid solutions and retaining locally hosted services on-premises within those countries. It worked, but customers were stilled required to invest in on-premises solutions.
This solution has been launched for the Exchange Online and OneDrive for Business services.
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Get-global-data-location-controls-with-Multi-Geo-Capabilities-in/ba-p/182710
Announcement - https://www.microsoft.com/en-us/microsoft-365/blog/2018/04/16/preparing-for-a-new-era-in-privacy-regulation-with-the-microsoft-cloud/
Product Home Page - https://products.office.com/en-us/business/multi-geo-capabilities
OneDrive Multi-geo Page - https://docs.microsoft.com/en-us/office365/enterprise/multi-geo-capabilities-in-onedrive-and-sharepoint-online-in-office-365
Exchange Online Multi-geo Page - https://docs.microsoft.com/en-us/office365/enterprise/multi-geo-capabilities-in-exchange-online
This allows organizations to support data residency guidelines they have been asked to address in the cloud. To date, many organizations have had to address these solutions through cloud hybrid solutions and retaining locally hosted services on-premises within those countries. It worked, but customers were stilled required to invest in on-premises solutions.
This solution has been launched for the Exchange Online and OneDrive for Business services.
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Get-global-data-location-controls-with-Multi-Geo-Capabilities-in/ba-p/182710
Announcement - https://www.microsoft.com/en-us/microsoft-365/blog/2018/04/16/preparing-for-a-new-era-in-privacy-regulation-with-the-microsoft-cloud/
Product Home Page - https://products.office.com/en-us/business/multi-geo-capabilities
OneDrive Multi-geo Page - https://docs.microsoft.com/en-us/office365/enterprise/multi-geo-capabilities-in-onedrive-and-sharepoint-online-in-office-365
Exchange Online Multi-geo Page - https://docs.microsoft.com/en-us/office365/enterprise/multi-geo-capabilities-in-exchange-online
Labels:
Office 365
Office 365 Privileged Access Management
There was a Preview announcement for the Privileged Access Management feature. This feature is super exciting to hear about and really demonstrates how mature Microsoft Office 365 is in its delivery of security services for their customers.
Privileged Access Management is a feature to help customers provide limited privileged rights to administrator functions. Doing this provides greater control, oversight and audit trail to what customer Office 365 administrators can do.
Since the beginning, Microsoft has had a solution called the Lockbox. This is a Just-in-time (JIT) access solution that manages all Microsoft administrator access to Office 365 itself. Microsoft has standing privileges to Office 365 and all our access to the environment is controlled through this. We even created a solution called Customer Lockbox, which allows customers to approve Microsoft to manage aspects of the Office 365 environment if access to their customer data was needed as part of a support operation.
Apparently, customers liked the Lockbox concept so much, they wanted a similar capability to manage their Office 365 Admin users. This is the new Privileged Access Management solutions. Customers have the ability to create policies where Office 365 Administrators can make requests to perform specific actions. This will initiate workflow approvals to allow them to perform those actions for a specified period of time. All of this auditable. Wow. This is huge.
Customers always have risks of insider threats, and this can help control that access.
Note this solution does required the Advanced Compliance Office 365 E5 SKU.
Reference - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Announcing-preview-of-privileged-access-management-in-Office-365/ba-p/183743
Privileged Access Management is a feature to help customers provide limited privileged rights to administrator functions. Doing this provides greater control, oversight and audit trail to what customer Office 365 administrators can do.
Since the beginning, Microsoft has had a solution called the Lockbox. This is a Just-in-time (JIT) access solution that manages all Microsoft administrator access to Office 365 itself. Microsoft has standing privileges to Office 365 and all our access to the environment is controlled through this. We even created a solution called Customer Lockbox, which allows customers to approve Microsoft to manage aspects of the Office 365 environment if access to their customer data was needed as part of a support operation.
Apparently, customers liked the Lockbox concept so much, they wanted a similar capability to manage their Office 365 Admin users. This is the new Privileged Access Management solutions. Customers have the ability to create policies where Office 365 Administrators can make requests to perform specific actions. This will initiate workflow approvals to allow them to perform those actions for a specified period of time. All of this auditable. Wow. This is huge.
Customers always have risks of insider threats, and this can help control that access.
Note this solution does required the Advanced Compliance Office 365 E5 SKU.
Reference - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Announcing-preview-of-privileged-access-management-in-Office-365/ba-p/183743
Labels:
Advanced Compliance,
Office 365
SharePoint Online Storage Increase!
Major announcement was made in late April that SharePoint Online storage allocation is increasing significantly.
Previously SharePoint Online storage was 1 TB plus .5 GB per user license purchased.
Now SharePoint Online storage is 1 TB plus 10 GB per user license purchased.
So, if you have 100,000 users in your organization, you have 1001 TBs of storage. Wow!
This is usage and it being driven by the usage and consumption of file storage in SharePoint Online.
Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Increase-in-SharePoint-Online-storage-allocation/ba-p/187617
Previously SharePoint Online storage was 1 TB plus .5 GB per user license purchased.
Now SharePoint Online storage is 1 TB plus 10 GB per user license purchased.
So, if you have 100,000 users in your organization, you have 1001 TBs of storage. Wow!
This is usage and it being driven by the usage and consumption of file storage in SharePoint Online.
Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Increase-in-SharePoint-Online-storage-allocation/ba-p/187617
Labels:
Office 365,
SharePoint Online
Monday, April 9, 2018
Office 365 Endpoint Management
Microsoft Office 365 just released a preview new capability that publishes end points using a new set of web services. This will make it significantly easier for organizations to evaluate, configure and stay up to date with changes to Office 365 endpoints. Today customers have had to watch a public webpage and sign-up for a RSS feed; which is not always the most efficient.
With this new solution customers will have the ability to automate endpoint changes with their environment.
Reference - https://techcommunity.microsoft.com/t5/Office-365-Blog/Announcing-Office-365-endpoint-categories-and-Office-365-IP/ba-p/177638
With this new solution customers will have the ability to automate endpoint changes with their environment.
Reference - https://techcommunity.microsoft.com/t5/Office-365-Blog/Announcing-Office-365-endpoint-categories-and-Office-365-IP/ba-p/177638
Labels:
Office 365
Monday, March 19, 2018
Azure Information Protection Scanner
I just learned about a really neat solution called Azure Information Protection Scanner. This is a solution that has the ability to scan on-premises file shares and SharePoint. This solution will discover, classify, label and protect files that are out there based on criteria you set. For instance, it can go out there and put protection policies against confidential data.
Azure Information Protection Scanner is an on-premises solution. There is a counterpart solution in the Office 365 service under Data Governance (E5) and Information Protection Plan 2 that will do the same for the cloud.
Preview Announcement - here
Tech Guide - here
General Availability Announcement - here
Azure Information Protection Scanner is an on-premises solution. There is a counterpart solution in the Office 365 service under Data Governance (E5) and Information Protection Plan 2 that will do the same for the cloud.
Preview Announcement - here
Tech Guide - here
General Availability Announcement - here
Labels:
Azure Information Protection,
Office 365
Sunday, February 11, 2018
Office 365 Customer Key
There have been many questions over the years many organizations have asked, is it possible for customers to apply their own encryption keys to data at rest stored in Office 365. Office 365 already utilizes several encryption at rest solutions for all data in Office 365, but sometimes customers have compliance regulations that they must support so that they can have control of an encryption key to their data in Office 365. Customer Key for Office 365 can be used to satisfy those requirements.
There are several considerations you should think about before using this solution. Read the FAQs on this solution. Key management becomes critical and there is a recovery key process.
Finally, this solution will provide encryption at the root and its intended purpose is for customers to use this key as a way to protect data if the customer ever intends to leave the Office 365 service. Customer keys can be destroyed when leaving the Office 365 service ensuring that no one has access to data will the data is going through it final deletion stages. This solution is not intended to change the dynamics of Online Service Terms for third-party data requests to Microsoft nor does it change access rules for customer data for Microsoft personnel who are supporting the service. There are other capabilities like Customer Lockbox which can mitigate a customer’s concern for how Microsoft personnel access customer data.
To get this solution, you must purchase Office 365 Advanced Compliance which is part of the E5 Suite, plus customers must purchase Azure Key Vault licenses.
Please read all these references.
Customer Key General Availability Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/GA-of-Customer-Key-in-Office-365-at-Ignite/ba-p/115134
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
Presentation from Ignite - https://myignite.microsoft.com/sessions/53748?source=sessions
Video of How it works with SPO - https://youtu.be/y-BSmEhdk7c?t=8m18s
Customer Key FAQs (highly recommend reading) - https://support.office.com/en-us/article/Customer-Key-for-Office-365-FAQ-41ae293a-bd5c-4083-acd8-e1a2b4329da6
Overview and Configuration Instructions - https://support.office.com/en-us/article/Controlling-your-data-in-Office-365-using-Customer-Key-f2cd475a-e592-46cf-80a3-1bfb0fa17697
Azure Key Vault Reference - https://docs.microsoft.com/en-us/azure/key-vault/
https://docs.microsoft.com/en-us/azure/key-vault/
There are several considerations you should think about before using this solution. Read the FAQs on this solution. Key management becomes critical and there is a recovery key process.
Finally, this solution will provide encryption at the root and its intended purpose is for customers to use this key as a way to protect data if the customer ever intends to leave the Office 365 service. Customer keys can be destroyed when leaving the Office 365 service ensuring that no one has access to data will the data is going through it final deletion stages. This solution is not intended to change the dynamics of Online Service Terms for third-party data requests to Microsoft nor does it change access rules for customer data for Microsoft personnel who are supporting the service. There are other capabilities like Customer Lockbox which can mitigate a customer’s concern for how Microsoft personnel access customer data.
To get this solution, you must purchase Office 365 Advanced Compliance which is part of the E5 Suite, plus customers must purchase Azure Key Vault licenses.
Please read all these references.
Customer Key General Availability Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/GA-of-Customer-Key-in-Office-365-at-Ignite/ba-p/115134
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
Presentation from Ignite - https://myignite.microsoft.com/sessions/53748?source=sessions
Video of How it works with SPO - https://youtu.be/y-BSmEhdk7c?t=8m18s
Customer Key FAQs (highly recommend reading) - https://support.office.com/en-us/article/Customer-Key-for-Office-365-FAQ-41ae293a-bd5c-4083-acd8-e1a2b4329da6
Overview and Configuration Instructions - https://support.office.com/en-us/article/Controlling-your-data-in-Office-365-using-Customer-Key-f2cd475a-e592-46cf-80a3-1bfb0fa17697
Azure Key Vault Reference - https://docs.microsoft.com/en-us/azure/key-vault/
https://docs.microsoft.com/en-us/azure/key-vault/
Labels:
Advanced Compliance,
Office 365
Office 365 Threat Intelligence Attack Simulator
Here is an interesting feature that I just learned about. Office 365 Threat Intelligence has new feature being introduced called Attack Simulator. This solution will allow administrators the ability to simulate different threat scenarios to assess how their end users would behave when a real attack would occur. This could result in the admins of the Office 365 tenant to do some additional configurations to the service.
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
What is Office 365 Threat Intelligence - https://support.office.com/en-us/article/Office-365-Threat-Intelligence-32405da5-bee1-4a4b-82e5-8399df94c512
As of the time of this writing, this feature is marked as under development in the Office 365 roadmap - https://products.office.com/en-US/business/office-365-roadmap
Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
What is Office 365 Threat Intelligence - https://support.office.com/en-us/article/Office-365-Threat-Intelligence-32405da5-bee1-4a4b-82e5-8399df94c512
As of the time of this writing, this feature is marked as under development in the Office 365 roadmap - https://products.office.com/en-US/business/office-365-roadmap
Labels:
Office 365,
Threat Intelligence
Advanced eDiscovery for Non-Office 365 Data
I have been asked a few times, is it possible to use the Office 365 Advanced eDiscovery service to analyze data that is not in Office 365.
The answer is yes; it is possible.
In many cases, organizations have legacy file shares, archives, other cloud services that have relevant data that needs to be made part of an eDiscovery case. With this solution you have the ability to import data for your case into an Azure container and then have Office 365 Advanced eDiscovery analyze this data. To use this feature, you must have the Advanced eDiscovery licenses, plus it will require additional Azure storage purchase for storing all the additional non-Office 365 data that is imported.
One side note – This feature does not work with PST files.
Here is the article on how to do this - https://support.office.com/en-us/article/Import-non-Office-365-content-for-Advanced-eDiscovery-analysis-0ee60763-a30b-495b-8543-971c3384a801
Announcement about this feature was in Sept 2017 - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
The answer is yes; it is possible.
In many cases, organizations have legacy file shares, archives, other cloud services that have relevant data that needs to be made part of an eDiscovery case. With this solution you have the ability to import data for your case into an Azure container and then have Office 365 Advanced eDiscovery analyze this data. To use this feature, you must have the Advanced eDiscovery licenses, plus it will require additional Azure storage purchase for storing all the additional non-Office 365 data that is imported.
One side note – This feature does not work with PST files.
Here is the article on how to do this - https://support.office.com/en-us/article/Import-non-Office-365-content-for-Advanced-eDiscovery-analysis-0ee60763-a30b-495b-8543-971c3384a801
Announcement about this feature was in Sept 2017 - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Bringing-deeper-integration-and-new-capabilities-to-Office-365/ba-p/109409
Labels:
eDiscovery,
Office 365
Saturday, January 13, 2018
Office Customization Tool for Click-to-Run Preview
There was an interesting product release that has gone into preview that I felt was worth sharing. For years, Office 365 ProPlus administrators had to use XML to write the configuration.xml file which is used with the Office Deployment tool to deploy Office 365 ProPlus client.
Microsoft has a new solution in Preview called the Office Customization Tool for Click-to-Run. This tool provides a nice GUI that will generate your configuration.xml file for the Office Deployment Tool. You can also input existing configuration.xml files to the tool to modify them.
Sometimes it is the small things that count, and doing this does not require you to memorize the configurations, and make mistakes within the XML file itself.
References
Announcement - https://techcommunity.microsoft.com/t5/Office-365-Blog/Customizing-Office-365-ProPlus-using-the-Office-Customization/bc-p/143275#M334
Office 365 Deployment Tool Reference - https://docs.microsoft.com/en-us/deployoffice/overview-of-the-office-2016-deployment-tool
Office Customization Tool for Click-to-Run (Preview) - https://config.office.com/
Microsoft has a new solution in Preview called the Office Customization Tool for Click-to-Run. This tool provides a nice GUI that will generate your configuration.xml file for the Office Deployment Tool. You can also input existing configuration.xml files to the tool to modify them.
Sometimes it is the small things that count, and doing this does not require you to memorize the configurations, and make mistakes within the XML file itself.
References
Announcement - https://techcommunity.microsoft.com/t5/Office-365-Blog/Customizing-Office-365-ProPlus-using-the-Office-Customization/bc-p/143275#M334
Office 365 Deployment Tool Reference - https://docs.microsoft.com/en-us/deployoffice/overview-of-the-office-2016-deployment-tool
Office Customization Tool for Click-to-Run (Preview) - https://config.office.com/
Labels:
Office 365,
Office 365 ProPlus
Subscribe to:
Posts (Atom)