New Office 365 Activity Reporting

Small announcement but there are new reports being made available in the Office 365 Admin center.  Consider it a re-vamping and expansion of what you already had.  There are new activity dashboards that give you a cross service visibility into how Office 365 is being used by your end users.  Reports are available for the organization and can be taken down to the individual user view.

Here is the top level report.

Here is a drill down the email activity report. 

Right now there are reports on active users, email activity and Office ProPlus activations.  More reports are coming on SharePoint Online, OneDrive for Business Skype for Business Online, Yammer, etc.

Announcement - https://blogs.office.com/2016/03/15/new-reporting-portal-in-the-office-365-admin-center/

Office 365 Unified Audit Logging with SharePoint Online and OneDrive for Business

Introduction

SharePoint Online and OneDrive for Business audit logging as received an overhaul.  For the longest time, there were the following challenges:

• View/down log events were not possible in SharePoint Online.
• To turn on user event logs, you had to go to each site collection and turn it on.
• Getting user event logs out of SharePoint Online was not easy, especially if you wanted to do it in an automate fashion.

These issues were a problem over and over again for enterprise customers who needed access to these logs for compliance scenarios.

 

I am happy to say, this gap is now gone.  This has been on the public roadmap for some time and it is now rolling out.  I am really impressed with the solution that been put in place.

 

Unified Audit Logging

We not have a Unified Audit Logging solution across Office 365.  SharePoint Online and OneDrive for Business provide a rich logging experience and is no longer second class to something like Exchange Online (which always had mailbox audit logging and Exchange admin logs).  With the new Unified Audit Logging solution in Office 365, you have both a user interface and APIs to go obtain user event logs from:

• Exchange Online
• SharePoint Online
• OneDrive for Business
• Azure AD

For SharePoint Online and OneDrive for Business logs, you now have access to event logs on view, create, edit, upload, download and delete; sharing actions like invitation and access requests; and synchronization activity.  You now can see who has accessed or had had potential access to data which has been a big deal for enterprise organizations when they are performing compliance investigations.  Cannot underscore how big of a deal this is.  See reference below to a detailed listing of the events captured Unified Audit Logging.

 

Search Audit Log User Experience

Gaining access to these logs is super simple.  You do not have to be a super technical person to gain access to these logs and you do not have to go to multiple places.  All you need to do is go the Office 365 Compliance Center, and go to the audit log site.

 

 

From there all you need to do is identify the types of logs you are looking for, in what day range, for what users and where in Office 365.  It could not be any simpler than that.

Once you have the search results, you can filter them down to specific log events that you are looking for.  You have an export button right there to dump out that set of logs.  Having that easy to use export button makes life so easy if you have been asked to turn over user logs.

And remember this is Unified Audit Logs.  This means you are getting user event logs across Exchange Online, SharePoint Online, OneDrive for Business and Azure AD all at one time.  I am just happy to see this feature.

Other Things You Should Know

Here are some important facts that you should know:

• Exchange Online, SharePoint Online and OneDrive for Business audit logs are retained for 90 days.  Azure AD audit logs are retained for 180 days.
• SharePoint Online / OneDrive for Business corresponding logs start to appear in 15 minutes after the event.  Exchange Online and Azure AD logs appear after 12 hours.
• If you require longer term retention for audit logs, that are APIs and Web Services available (references below) which can be used to export that data and then retain that data for a longer period of time.  Microsoft ISV partners are building rich solutions around these APIs.
• You have the ability to create your own more complex reporting and analysis solutions using these APIs as well.

References
Announcement - https://blogs.office.com/2016/02/17/auditing-reporting-and-storage-improvements-for-sharepoint-online-and-onedrive-for-business/

Office 365 Management APIs - https://msdn.microsoft.com/en-us/library/office/dn707385.aspx

How to search the audit log - https://support.office.com/en-US/article/Search-the-audit-log-in-the-Office-365-Protection-Center-0d4d0f35-390b-4518-800e-0c7ec95e946c

Detailed listing of all the available log events across Exchange Online, SharePoint Online, OneDrive for Business, and Azure AD - https://support.office.com/en-US/article/Search-the-audit-log-in-the-Office-365-Protection-Center-0d4d0f35-390b-4518-800e-0c7ec95e946c#auditlogevents

Azure AD Audit Report Events - https://azure.microsoft.com/en-us/documentation/articles/active-directory-reporting-audit-events/

Azure AD Audit Reporting API - https://azure.microsoft.com/en-us/documentation/articles/active-directory-reporting-api-getting-started/  

SharePoint Online and OneDrive for Business Storage and File Size Increases

We have been waiting and they are finally in, SharePoint Online and OneDrive for Business max file size and storage has been updated.  Here is what has changed, and suspect a lot of people will be happy to hear it.

Max File Size Increase
File Size has now been increased to 10 GB per file; it was 2 GB.  This increase is for SharePoint Online and OneDrive for Business.  You can now store those bigger files and it really helps with storage of videos that can be used with Office 365 Video.

Additional Default Storage Per Tenant
More pooled storage has been added to the tenant by default.  Now every tenant will get 1 TB plus .5 GB per user for pooled SharePoint Online storage; it used to be 10 GB plus .5 GB per user.

OneDrive for Business Storage Increase
Unlimited storage is still going to be delivered for OneDrive for Business.  The first phase of that expansion was to increase OneDrive for Business storage per user from 1 TB to 5TB per user.  This increase has now been completed.

Announcement
https://blogs.office.com/2016/02/17/auditing-reporting-and-storage-improvements-for-sharepoint-online-and-onedrive-for-business/

Office 365 Groups is Expanding

Introduction
Office 365 Groups was a feature released some time ago.  Initially I had not played around with it too much because at the time as there were two things lacking:

1. It was not integrated into my rich Outlook experience which is where I do all my group messaging and group calendars.
2. It was lacking several of the enterprise capabilities I wanted to see.

These two issues have now been addressed and I see immense possibilities for Office 365 Groups for enterprise business. 

The game has changed and organizations should be taking a long, hard look at Office 365 Groups to change the way their users collaborate with each other.

What are Office 365 Groups?

In my personal opinion, Office 365 Groups is the replacement for distribution groups / lists with enhanced capabilities.  It brings together best of breed user experiences with email, calendar, OneDrive, and OneNote into a single unified user experience.  In the past:

• If you wanted to share files with a group of people, you could create a SharePoint site but there was not true integrated email capability.  SharePoint had alerts and discussion boards yet the messaging experience was not integrated.
• If you wanted a shared calendar SharePoint Online had one and its integration with the user’s Outlook calendar experience was ok, however the Outlook calendar capabilities were not available in SharePoint.  On the other side of the coin, you could create a shared group with an Outlook calendar yet all you had was a great calendar capability that was not integrated with messages and files.
• Distribution groups were not effective way for collaborating on files as you could email attachments to a group of people, however if you were trying to create a work product together there was no place to manage the files.
• Sharing thoughts and ideas with a group was limited to just what you could capture in an email message, or attach to a message.
• Even if you cobbled together a solution, access rights management always became a challenge across all the feature solutions.  You need to make sure the distribution group, shared calendar and SharePoint site were all using the same permissions.
• Etc.

This all changes with Office 365 Groups.  When you create a group you get unified experience across Exchange, SharePoint, OneDrive, Office, Office Online, OneNote, etc. built specifically to cater to the needs for productivity collaboration.

In Office 365, the Office 365 Groups feature is considered to be a suite feature.  It is only available if you purchase a suite because all of Office 365 is used to deliver this experience.

I see this as a true trend for Microsoft and Office 365.  We are going to continue to see best of bread features brought together to deliver “solutions” versus just stand alone applications.

I highly recommend you review some of the links below and some of the videos to learn more about Office 365 Groups.

What has changed?

So what changed that got me completely hooked on Office 365 Groups?  1) integration with Outlook 2016, 2) Enterprise compliance feature integration and 3) the list of features coming down stream.  Let’s look at each one.

Outlook 2016 Integration with Office 365 Groups

What I was waiting for was deep integration with Outlook rich client.  Outlook on the Web (OWA) had deep Office 365 Groups integration, however I prefer to work in Outlook rich client.  When the integration was announced publically I was ecstatic to talk about it.

Creating an Office 365 Group is super simple.  I just create a new Office 365 Group right there inside of Outlook 2016.  I do not need to navigate away to a browser to create a group.

When I am in an Office 365 Group, I have the ability to:

• Create new conversations or interact with existing ones.  Underneath the hood a mailbox was created for all users to access.
• Click over to the shared calendar.  Underneath the hood a shared calendar was dynamically created.
• Collaborate on files by clicking the Files button.  Underneath the hood a OneDrive for Business site was created and associated to the group.
• A OneNote book was created for everyone to collaborate thoughts and information through.  Underneath the hood, a OneNote book was created in the OneDrive for Business site.
• I have the ability to manage membership of the group right in Outlook and I have the ability to edit information about the group too.

The usage of this is endless.  You have the ability to quickly bring together groups of people to collaborate.  An experience SharePoint person may counteract by saying why not use a SharePoint Team Site?  My response would be SharePoint Team sites are great and still needed.  I would say if you know the level of communication and collaboration is more than file sharing, but needs to bring together email and calendar Office 365 Groups is the right feature.  Office 365 Groups are not a type of site that should I would use to bring in hundreds of users to access files and web content; in that case I would use a SharePoint Site.

What I find truly exciting about Office 365 Groups is that aligns to how I need to work in enterprise.  I am constantly working with tactical teams of people.  Everyone has specialties and we cross matrix with each other to complete critical timely tasks.  Office 365 Groups is a wonderful solution.  I can quickly create an Office 365 Group with a broad range of co-workers and we have an area where we can effectively work with each other.  I no longer have dig through email for that one-off conversation or file as I can quickly find it in the Office 365 Group.

Enterprise Compliance Integration with Office 365 Groups
Office 365 Groups when first released focused purely on the features and capabilities.  It was a rich solution but not all of the enterprise compliance features were available.  Now they are.  For instance:

• eDiscovery and litigation hold is now available on Office 365 Group mailbox and calendar stored in Exchange Online.
• eDiscovery and litigation hold is also now available on the Office 365 Group files that are stored in OneDrive for Business.
• IRM messages and files is not integrated into Office 365 Groups.
• Auditing events to group management events such as creation, updates, membership changes, etc. are available to see changes to the Office 365 Group over time.

Other Features Recently Added or being added soon

There are other recent features added to Office 365 Groups such as:

• Dynamic Group Membership was added such that rule-based membership can be used to manage access to an Office 365 Group.  For instance, maybe there are directory based attributes that dictated whether a user can have access.
• File quota management is now available.  Office 365 Groups utilize the shared storage of SharePoint Online and you have the ability monitor and control the size of Office 365 Group content.
• Multi-domain support is being added.  This is needed when organizations have multiple email domains associated to a single tenant.  With this new feature, you have the ability to control what domain the Office 365 Group is associated to.
• Office 365 Groups will comply with naming policies for emails alias set by the tenant administrators.
• There is now PowerShell available to manage Office 365 Groups (see link below).
• The ability to browse and join Office 365 Groups from Outlook 2016.
• Yammer integration with Office 365 Groups.
• Office 365 Admin app that will assist with central administration of Office 365 Groups.
• Ability to limit the creation of Office 365 Groups to a specific group of people.  This will be controlled through policy by the tenant administrators.
• Data Classification and customizable classification will be available for Office 365 Groups in the future.  This will allow you to create policy for groups that may be internal, unclassified, classified, corporate confidential, etc. and then allow you to manage policy to that content as appropriate.
• Office 365 Groups will soon have a deletion recovery feature which will allow end users and administrators to undelete an Office 365 Group in a single action.
• There will be a future feature to allow inactive Office 365 groups to be expired based on a configurable inactivity period.  This will be good for getting rid of stale groups no longer utilized.
• General Office 365 Groups admin reporting will be expanded to allow for analysis to determine how they are being utilized.
• Guest support will be added soon to Office 365 Groups to allow external users and team members to collaborate.
• Hidden membership is being added to soon to Office 365 Groups as sometimes it is not appropriate to share the members of group to end users who do not have access to the Office 365 Group.
• New Intune feature are being created to help with management of Office 365 Groups.
• Office Delve will soon be integrated with Office 365 Groups so you can see activity occurring within groups you are associated to.
• A new Office 365 Groups mobile app is being created to allow for rich mobile experiences.
• Usage guidelines will be added soon to Office 365 groups.  This will allow administrators to educate end users on how they should be used in the organization.
• There is a new project called Hummingbird which will help organizations migrate all of their distribution lists over to Office 365 Groups (see link below).
• Integration with Office 365 Planner is now available so you can do project management with Office 365 groups (see link below).

To read more about these features coming out, just go to the Office 365 public roadmap (http://fasttrack.office.com/roadmap) and search on the word “Groups”. 

The future is bright for Office 365 Groups.  I recommend that if you are not using them
Resources
Office 365 Roadmap - http://fasttrack.office.com/roadmap
Announcement – Outlook 2016 now has Office 365 Groups Integration - https://blogs.office.com/2015/09/22/introducing-availability-of-office-365-groups-in-outlook-2016/
TechNet – Outlook 2016 Integration with Office 365 Groups - https://support.office.com/en-us/article/What-s-new-in-Outlook-2016-for-Windows-51c81e7a-de25-4a34-a7fe-bd79f8e48647?ui=en-US&rs=en-US&ad=US
Announcement - Office 365 Compliance features being added to Office 365 Groups - https://blogs.office.com/2015/12/09/office-365-groups-now-supports-ediscovery-litigation-hold-dynamic-membership-and-more/
Office 365 Service Description for Office 365 Groups - https://technet.microsoft.com/EN-US/library/office-365-suite-features.aspx
Office 365 Groups Introduction - https://support.office.com/en-us/article/Learn-about-Office-365-groups-b565caa1-5c40-40ef-9915-60fdb2d97fa2
PowerShell to Manage Office 365 Groups - https://support.office.com/en-US/article/Use-PowerShell-to-manage-Office-365-Groups-aeb669aa-1770-4537-9de2-a82ac11b0540
Hummingbird Project - https://github.com/Microsoft/hummingbird
Office 365 Planner - http://www.astaticstate.com/2015/12/new-office-365-planner.html

Office 2016 Deferred Branch

There was a small change with the Office 365 ProPlus release of Office 2016.  Originally there was:

• Current Branch – monthly releases of updates would be received by the client.
• Current Branch for Business – feature updates would be limited to four months.

Apparently after a lot of feedback this was changed to:

• Current Channel – Formerly Current Branch
• Deferred Channel – Formerly Current Branch for Business

Public Notification of Name Change - https://blogs.office.com/2016/02/09/deferred-channel-build-now-available-for-the-office-365-client-apps/

My Posting on Office 2016 Release - http://www.astaticstate.com/2015/12/introduction-office-2016-upgrades-for.html

Exchange Online Protection Advanced Threat Protection

Introduction

Exchange Online Protection (EOP) Advanced Threat Protection (ATP) has been available for the past few months.  ATP is a new high-end security feature that is part of the new E5 suite for Office 365.

Exchange Online Protection Advanced Threat Protection has three core capabilities.  They are:

• Safe Attachments
• Safe Links
• URL Tracking/Reporting capabilities.

ATP was added as an option to the EOP service given the evolving sophisticated attacks that are occurring today in email.  Phishing, spear phishing and zero day threats are a real threat for enterprise customers and many organizations will seriously consider adding ATP to their Office 365 tenant.  ATP will provide organizations insight into users who are being targeted, attacked and compromised.

The new ATP capability is part of EOP service.  Email messages will continue to go through EOP and still go through malware and virus protection checks.  Once the message goes through the standard EOP protections, if an ATP policy applies to the email message it will go through the additional Safe Attachment and Safe Links checks.  ATP policies can be configured through the Exchange Admin Console (EAC) or through PowerShell.

It is worth noting that ATP can be used with Exchange Online, Exchange on-premises and in Exchange Hybrid scenarios.

Safe Attachments

Safe Attachments will help organizations protect against zero day exploits in email attachments by blocking messages.  Common unsafe attachments such as Office files, PDFs, executable file types, Flash files, etc. would be inspected.

Safe Attachments leverage sandboxing technology.  All attachments that do not have a known virus/malware signatures are routed to this special hypervisor environment where behavior analysis is performed using a variety of machine learning and analysis techniques to find malicious intent.  If a message’s attachment(s) is deemed unsafe, the email is blocked until the attachments have been detonated in the hypervisor.  Each attachment will be opened in a unique hypervisor which can result in an email delivery delay of 5 to 30 minutes while the attachment is being evaluated.

Here is the configure screen in EAC for the Safe Attachment Policy.  Here is where you can configure the behavior when unknown malware is discovered.  For instance, you can monitor message by allowing it to still go through and just get reporting.  You can completely block the message all together or allow the email to go through without the attachments.

Below is an example email that would be sent to an administrator based on the policy configuration you make.

Safe Links

Safe Links will help protect against malicious sites and content in phishing attacks.  A common threat is to try to hide malicious URLs in an email that seem to be safe but redirect users to unsafe sites. 

When Safe Links policy is configured, every time a user clicks a URL from an email message that click is inspected.  Specifically, URLs in the email are rewritten to proxy them through another server managed in ATP service.  If the URL is pointing to a good site, there is almost no latency in the click and the user go to the site.  If the URL points to a malicious site, a landing page will be presented to the user warning them are about to go to an unsafe site.

Here is the configuration screen for this policy in the EAC.  There is an option to track user clicks on malicious URLs.  You do have the option to not allow the user to click through to a known malicious URL.  You also have the ability to add your own custom list of blocked URLs.

The following is an example of what a user would see if they click a malicious URL in an email.  Depending on how you configured the policy, the malicious URL will not be presented to the end user so that they cannot click-through.

URL Tracking

Safe Attachments and Safe Links will provide organizations visibility to people who may be compromised.  With this reporting you can see how your organization is being targeted and whether you do need introduce new policies, more user training, etc. 

For Safe Attachments, you can see reporting of the unsafe attachments that were blocked. 

As part of Safe Links, you can also see who has been receiving malicious URLs and who has been clicking through to malicious URLs (if you allow it).

Resources
Advanced Threat Protection Service Description - https://technet.microsoft.com/en-us/library/exchange-online-advanced-threat-protection-service-description.aspx

Safe Links and Safe Attachments TechNet - https://technet.microsoft.com/en-us/library/mt148491(v=exchg.150).aspx

ATP Overview - https://products.office.com/en-us/exchange/online-email-threat-protection

Announcement of ATP - https://blogs.office.com/2015/04/08/introducing-exchange-online-advanced-threat-protection/

New Office 365 Planner

Introduction
There is a new capability being released to Office 365 called Office 365 Planner (also referred to as Work Management in Office 365).  Office 365 Planner will help organizations with teamwork.  With Office 365 Planner you have the ability to create new plans, create / assign / organize tasks, set due dates and update statuses.  Users have the ability to attach documents to tasks and have conversations around those tasks.  There are also visual dashboards to see overall progress of tasks for a plan or across plans.

I really like this new, easy to use application introduced into Office 365.  Office 365 Planner (Work Management) is an application that sits between standard Task Management that you get in Exchange Online / SharePoint Online and Project Online.  It provides users the ability to quickly create work areas to manage teamwork for ad-hoc projects and the tasks associated to them.  Yes, SharePoint Online has provided this type of capability for years, however the new Office 365 Planner capability provides a fresh, new spin to this.  It is really simple for an “every day” end users to use.  You will have the ability to create tasks quickly, work collaboratively and have visibility into these tasks.

 

 

Direction of New Office 365 Services

As you will notice, Office 365 Planner is a new Suite capability.  Several other services like these such as Office 365 Delve, Office 365 Groups, Office 365 Video, and Sway have been introduced as Suite capabilities.  These solutions cannot be purchased individually; they come part of the value of the Suite.  In many cases, you see these are like composite cloud applications that bring together Exchange Online, SharePoint Online, OneDrive, Office Online, Office 365 ProPlus, etc. to deliver a solution.  In this specific case, Office 365 Planner and Office 365 Groups are tightly integrated.  When you create an Office 365 Plan, an Office 365 Group gets created.  You can also add an Office 365 Plan to an existing Officer 365 Group.

This is the direction I see going with Office 365.  New cloud applications being introduced that bring together capabilities with consolidated user experiences and solutions.

Features of Office 365 Planner

Here is a quick walkthrough of this new Office 365 Planner capability.

To initiate the Office 365 Planner app, you simply need to go into Office 365, click the Launch Planner (the waffle) then select Planner.  Press the Planner tile and the app will be launched.

 

Once you are in, you will see the Planner Hub screen.  This where you will see all the plans that are participating in.  All of your plans are located on the bottom and you can also see your favorite plans (ones you are probably working on the most) along with a summary of those favorites on this screen.

 

Next you can click on My Tasks where you can see all of your tasks across Office 365 Planner.  There are grouped Progress or you can Pivot it to group by plans.  As you can see it is a simple interface that shows you all the tasks that you need to work on with a simple format.

 

To create a new Plan, you simple press the New Plan button.  You provide simple details.

As you will see the Office 365 Planner capability is directly hooked into Office 365 Groups.  When you create an Office 365 Plan, a corresponding Office 365 Group is created.  This brings in the power of Office 365 Groups which subsequently brings in a shared Notebook, Conversation, Calendar, Membership management, Files, etc.  So within each plan all of these other solutions can be used with the Plan to manage files, conversations calendars, share notes, etc.

 

Here is the Board View of an Office 365 Plan.  You can see all the tasks that have been created initially grouped by Progress.  On this screen you have the ability to quickly create a task for the Plan.

You also have the ability to drag tasks between status columns in this screen which will set the status of that task for you.

 

You have the ability to create your own custom buckets and then group tasks by those buckets.

It is really simple to see all to the members of the Office 365 Group that has access to this Plan.  You can quickly give people access to the Plan from this screen.

You can even quickly assign someone to a specific task by dragging their profile picture to the task for assignment.

 

Within a task you have the ability to do several things.  You can associate a task to a bucket of tasks, change the status, the dates of the task, enter a detailed description, assign a color tab indicator to the task to help you find important tasks, attach files, and have conversations about a specific task.

 

When you click on the Chart view for a Plan, you will be taken to this summary screen.  Here you can see a report of all the tasks, what is their status is and who needs to complete what.  You can visually see where tasks are running late and you can quickly take action on them from here.

 

If you have Outlook 2016 installed, you will have access to the Office 365 Plan and Group from Outlook.  You can access all the tasks, files, conversations, calendar items, etc. without having to go to the browser if you wish.

Additionally, there is a mobile experience for Office 365 Planner consistent with the web browser.  You do have the ability to create and manage tasks on the go from your mobile devices.

 

Is Customization Possible?

There is an API around this so there can be customer integration built to it.  You have the ability to create, assign, update tasks, create plans, etc. for integration to custom solutions.  For instance you have an application that needs to create task for someone to complete.

References

Office 365 Planner Announcement - https://blogs.office.com/2015/09/22/introducing-office-365-planner/

API - http://graph.microsoft.io/docs/api-reference/beta/resources/task

Office 365 Planner Service Description Reference - https://technet.microsoft.com/EN-US/library/office-365-suite-features.aspx