Monday, December 30, 2019

Office 365 Identity Posters

I have been getting tons of questions on Office 365 identity.  I definitely recommend people refresh themselves using these new posters.

Office 365 Tenancy Considerations

I have been receiving a lot of questions lately around Office 365 tenancy.

My simple answer is:
  • Multiple tenants are ok, and are completely necessary for complex organizations.
  • It is best to plan out tenancy as best as you can up front to avoid merging or divesting tenants only when necessary.
  • Microsoft is investing in building solutions for complex organizations such that multiple tenants can work with each other in a B2B relationship.
Here is a great video on the futures for cross tenant collaboration - 

Here is a poster on tenant-to-tenant migration scenarios you should be thinking about -

Friday, November 22, 2019

Zero Trust Architecture and Office 365

If you are not thinking about leveraging Zero Trust principles when connecting to the Office 365 cloud, you should be.

The industry and customer shift from traditional on-premises application delivery to the cloud as well as the rapidly growing consumption of SaaS services has inverted network and security paradigms, shifting the focal point to the identity, device, application and data, and away from relying solely on traditional network perimeters, which are becoming less effective in reasoning and securing rich and complex application scenarios. Extending legacy network perimeter architectures into the cloud is becoming impractical, requiring customers to transform network and security architectures for the needs of the cloud.  Such transformation is captured in the Zero Trust Architecture models that are being adopted by the private industry (Implementing a Zero Trust security model at Microsoft) and DoD (The Road to Zero Trust (Security)).

Office 365 incorporates Zero Trust principles in its internal service design and operations as well as allows customers to natively achieve Zero Trust outcomes in consuming the service by taking advantage of built-in features which apply continuous validations across identity, device, service, and data layers.  This allows customers to achieve the same or better security outcomes with Office 365 natively, compared to security outcomes that are achievable with legacy network perimeter controls.  Implementing Zero Trust principles allow customers to modernize and in many cases simplify their network perimeter dependencies, particular for Office 365 application experiences and use a more differentiated and scaled-out connectivity approach. This shortens the network distance between the user and Office 365, reduces processing overhead at the enterprise network perimeter, thus improving user experience.

Highly recommend reading the following.
The Road to Zero Trust (Security)
Implementing a Zero Trust security model at Microsoft

Sunday, October 27, 2019

Which Office 365 Gov Cloud Should I use???

I get lots of questions on which cloud is right for me?  Specifically there are Office 365 GCC, GCCH and DoD.  A colleague of mine wrote this really good article to help you with this -

It goes through all the standards and accreditations and will help you make the right decision on which cloud to go to.

Wednesday, August 28, 2019

Audio Conferencing via Direct Routing for Office 365 GCCH and DoD

We had several customers waiting for Audio Conferencing with direct routing to be released in Office 365 GCCH and DoD.  I was recently announced in our roadmap.

“Audio Conferencing via Direct Routing for GCC High and GCC DoD enables participants to join your organization’s meetings using a standard phone number. Participants choose to use a phone to join meetings for scenarios where Internet connectivity is limited, are in transit, or don't have access to a Teams application. Participants can join the meeting either by using the dial-in access numbers of your organization or by having the meeting dial out to a phone number. Configuring this feature requires your organization to use its own numbers for dial-in access and all meeting dial-outs to phones are via Direct Routing. To enable the service, organizations need to set up Direct Routing and configure phone numbers that can be used for dial-in access. GCC High and DoD customers should note that the requirement to use direct routing is different from the Audio Conferencing service that is offered to commercial organizations where the dial-in access numbers are provided by Microsoft. Please be sure to review the correct documentation for this offering. We expect the documentation to be available at the same time as General Availability for the feature.”

Tuesday, July 30, 2019

Skype for Business Online Retirement

There was an important announcement that Skype for Business Online will be retired on July 31, 2021.  The Skype consumer service and Skype for Business Server are no associated to this announcement.

Microsoft Teams will be the service moving forward that is replacing Skype for Business Online.  Customers should start planning now on this transition.  Please review the announcement for getting details for that planning.

Announcement -

Monday, July 22, 2019

Office 365 ProPlus Activation Improvements

There is are interesting improvements coming out for Office 365 ProPlus.  As many of you know, users can install ProPlus on 5 devices.  Today when they exceed that a user, is prompted and the user is forced to make a decision on which other device to deactivate ProPlus on.

Now the users can install ProPlus on new devices without getting prompted.  Now when the user reaches their sign-in limit, the user will be automatically signed out of ProPlus on the least used device.  Next time the user goes back to that device, they will be prompted to re-activate.

Announcement -

Sunday, June 23, 2019

Microsoft Teams and Information Barriers

A feature that I have always been fascinated with is Information Barriers and it has been expanded to Microsoft Teams (in Preview).

Information Barriers is a feature of Office 365 that can be used to restrict conversation and communications between groups of people to avoid conflicts of interest.

For Microsoft Teams this means:
  • Adding users to a Team could be restricted
  • Private chats can be restricted
  • Inviting other users to meetings
  • Performing screenshare between users
  • Placing a phone call between users
Here are some references:

Wednesday, May 22, 2019

Microsoft Teams DLP

Microsoft Teams is releasing new Data Loss Prevention (DLP) capability.  It is very similar in concept to SPO DLP.  Users could potentially have chat conversations on topics between users or in channels that are not appropriate.  Teams DLP can be configured centrally with all your DLP policy and then used to protect information.  Please use the information to get started.

Video -
TechNet -

Tuesday, April 23, 2019

Office 365 Network Onboarding tool

A lot of questions have questions when onboarding into Office 365 around networking.  There is a new proof of concept tool that is available to help you with this planning.  Go here for more information -

Monday, March 25, 2019

Windows Virtual Desktop Preview

Windows Virtual Desktop is a new solution that is in preview.  This solution:
  • Delivers a Windows 10 experience
  • Provide an experience with Office 365 ProPlus
  • Supports your ability to move your Windows Server desktops to Azure

For some more information about this – read this -

Saturday, February 23, 2019

New Updates Coming for Office 365 Security and Compliance Centers

If you have not been watching, there are some new changes to the Microsoft Office 365 Security and Compliance Center.

This new portal experience is bringing together all the information being collected by Office 365, Windows 10, EMS and Azure.  Security administrators will be able to see a singular view and have the ability to drill in on areas that they need to investigate.  Additionally, features will be highlighted that you can use to help mitigate risk.

The new compliance center provides information about our current compliance with reminders on areas where customer configuration is required to stay in compliance.

Announcement -

Saturday, January 12, 2019

Microsoft Teams Support when user mailbox is in Exchange On-Premises

I have been asked a lot lately, it is possible to use Microsoft Teams while still having your mailbox located on Exchange On-Premises.

The answer is yes, this is a supported scenario.  Microsoft Teams has a strong dependency on Exchange Online because all of your personal discusses are stored in Exchange Online.  If the user’s mailbox is still on-premises, a cloud-based storage area will be created for that user called a “cloud-based mailbox for on-premises user”.  This solution will only store Teams conversations and the user cannot directly log into this mailbox.

To support this, you must have Exchange Hybrid configured and you must be using AAD Sync.
To enable this, there is a request process you must go through, defined in the references below.

Additionally, if the on-prem mailbox is ever migrated to Exchange Online later, the Teams chat data will not be lost, the data will be migrated over to the primary mailbox in the cloud.

Microsoft Teams Government Cloud Service Descriptions

Microsoft Teams has published out Service Descriptions for GCC, GCCH and DoD cloud deployments.  Please review this closely as the accurately convey what capabilities are available and not available in the respective clouds.

Sunday, January 6, 2019

K2 Blackperl Wrox Book 10 Years Later

On a personal note, it was brought to my attention that 10 years ago the K2 Blackpearl Wrox book that I co-authored was published.  Ten years seems like ages ago given how may career has gone.  When I started out of college, I would have never dreamed I would be in a position to co-author a Wrox book.  At the time, blogging was not really around, and the way many of us learned was through "books" 😊  Yes books.  Wrox at the time published some of the best software books out there.

Reflecting, it was the blogging that I started that put me in a position to write the book.  I will admit, if you read my blog, at times my work could use grammar edits.  However, learning how to write and communicate like this has really helped me advance in my career.  Sitting down and writing a whitepaper about Office 365 is something that I actually find fun to do.