Subscribe: K2 and MOSS Collaboration Distillery
http://k2distillery.blogspot.com/feeds/posts/default
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
azure  business  data  https  microsoft stream  microsoft  new  office  online  sharepoint online  sharepoint  skype business 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: K2 and MOSS Collaboration Distillery

A Static State





Updated: 2017-12-10T19:11:12.990-08:00

 



New Microsoft Cloud Compliance Manager

2017-11-23T07:27:25.518-08:00

I would like to draw your attention to the announcement about the new Compliance Manager Preview which as recently announced.

Announcement - https://blogs.office.com/en-us/2017/11/16/microsoft-365-helps-businesses-increase-trust-and-innovation-through-compliance-with-compliance-manager-preview/

The new Compliance Manager is a new cross-Microsoft Cloud services solution that is focused on helping customers protecting their data.  The Compliance Manager provides real-time risk assessment that reflects your entire compliance position for data protection.

The Compliance Manager gives you insight to controls you have implemented versus controls that Microsoft has implemented.  Over the years this is something that I have discussed extensively with Microsoft Office 365 cloud customers.  Microsoft does all the work on our side to implement all the required controls defined in such standards FedRAMP (NIST 800-53), FedRAMP+ (DoD CC SRG IL5), ISO, HIPPA, etc. yet there are still controls that are required customer implementation and configuration.  Microsoft gives you the features and capabilities to complete customer owned configurations, yet these configurations remain the responsibility of the customer.  This Compliance Manager will give you better insights, recommendations and guidance.



For more information about the Compliance Manager, please go here - https://servicetrust.microsoft.com/

How to Launch the Compliance Center - https://support.office.com/en-us/article/Go-to-the-Office-365-Security-Compliance-Center-7e696a40-b86b-4a20-afcc-559218b7b1b8
https://support.office.com/en-us/article/Go-to-the-Office-365-Security-Compliance-Center-7e696a40-b86b-4a20-afcc-559218b7b1b8

Office 365 Secure Score – Another good tool focused on Office 365 - https://support.office.com/en-us/article/Introducing-the-Office-365-Secure-Score-c9e7160f-2c34-4bd0-a548-5ddcc862eaef?ui=en-US&rs=en-US&ad=US



Going to Office 365 Product Group

2017-11-23T06:37:08.357-08:00

I am super excited yet again.  When I started this blog a little over 10 years ago, I was a fledging developer goaled on writing efficient code and helping others out.  The blog evolved over the years as I transitioned into technical sales at Microsoft.  I was focused on Office 365 government technical sales for past 7 years.  As of last week, I joined the Microsoft Office 365 engineering / product group directly supporting our delivery of Office 365 GCC, GCC High and DoD cloud.  I did not think an opportunity would ever come to me like this.  I have to truly thank all the great people around me that gave me an opportunity to excel.   Will continue to contribute to this blog about interesting topics as they come up.



Microsoft Azure Government Classified Cloud

2017-10-17T11:57:04.174-07:00


Microsoft Azure Government had a major announcement today that it will be expanding into the US Government Classified cloud - https://azure.microsoft.com/en-us/blog/announcing-new-azure-government-capabilities-for-classified-mission-critical-workloads/



Microsoft Intelligent Communications Announcement

2017-09-25T07:09:38.783-07:00

There was a big announcement today about Microsoft Teams and Skype for Business.

The big announcement is that Microsoft is uniting the Microsoft Teams and Skype for Business to bring together a new vision of intelligent communications.  Microsoft Teams is a core Microsoft’s vision for communications and bringing the Skype for Business capability into this solution will further enable communication within groups and teams of people.

So, what are some important facts?  This is what I picked up from the reference items below:
  • Skype for Business is not going away; Skype for Business is being incorporated and will remain a key solution for Microsoft.
  • Microsoft Teams will evolve as the primary client for intelligent communications for Office 365.
  • Skype for Business brand will not be removed, and that brand will be surfaced up in the Microsoft Teams client.
  • The integration of Skype for Business Online capabilities to the Microsoft Teams user experience will not occur immediately.  Features such as Cloud PBX and voice capabilities to Cloud PBX will not occur until late CY18.
  • Skype for Business clients will remain supported for a long-time, so customers have time to transition.  Running both Microsoft Teams and the Skype for Business client will remain supported.  Customer administrators have control and choice of how to transition users to this new experience.
  • Microsoft recommends to start using the core capabilities of Microsoft Teams sooner than later to prepare yourself for this transition.
  • They are bringing together “conversation can be captured, transcribed, and time-coded, with closed captioning and voice recognition for attributing remarks to specific individuals”.  From what I can tell they are leveraging services used to support the new Microsoft Stream service with this.  Brilliant!
  • Skype for Business Server will still have another on-premise release due out in CY18 H2.
References
Announcement - https://blogs.office.com/en-us/2017/09/25/a-new-vision-for-intelligent-communications-in-office-365/
Intelligent Communications - http://skypeandteams.fasttrack.microsoft.com/
FAQs - https://docs.microsoft.com/en-us/MicrosoftTeams/faq-journey




Celebrating 10 Years!

2017-09-10T13:44:09.196-07:00


I have reached a milestone; 10 years with 451 blog entries.  I started this blog in September 2007.  Over the years the blog evolved, starting out an app dev blog to now being focused on cloud strategy.  This blog has been truly valuable in my career development.  Learning about new solutions and communicating them outward has help me improve my writing and communication skills.  It has helped me learn new technologies and hone my thoughts.  In these 10 years, I have had two kids, worked at couple companies, landed at Microsoft for past 7 years, and have been part of Office 365 the entire time.  I am super excited to keep this going.



Office 365 Security Blog

2017-08-25T12:44:37.825-07:00

If you ever want to read some fascinating articles about how Microsoft security protects the Office 365 service itself, I high recommend you read the Office 365 Security Blog - https://blogs.technet.microsoft.com/office365security/

They recently had several articles on intrusion detection and DNS intrusion which were very interesting reads.



Office 365 Supervision

2017-07-03T06:31:54.578-07:00

If you did not now, there was a recent announcement for a feature called Office 365 Supervision.  This feature is a “gem” of a feature for enterprise organizations that have complex compliance or regulatory requirements.  Office 365 Supervision feature is part of the Office 365 Advanced Data Governance (E5) service.

What Supervision provides is the ability to review (“supervise”) inbound/outbound data for your organization.  This is not a data loss prevention (DLP) solution; DLP is already provided through the Office 365 service.  What Supervision does is provide you the ability to create policies to monitor communications and designate reviewers who perform that monitoring (“supervision”).  Supervision can be done on more than just Office 365 data; if there is inbound/outbound data (including data going to Facebook, Twitter, etc.), these reviewers can review data that meets criteria. 

When creating a policy you have the ability to scope it to users, groups of users, and specify complex search criteria to identify the data.  For instance, you may have scenarios where you need to monitor how different groups within your organization talk with each other (i.e. make sure conversations are being firewalled) or you need to monitor communications are that are going external from your organization. 

Reviewers then have the ability to review messages that fall within a policy and then mark them as compliant, non-compliant, questionable and resolved communications.  Then you use Supervision reports to review policy compliance.

Announcement - https://blogs.office.com/2017/06/22/new-in-office-365-security-and-compliance-june-update/

Announcement - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Announcing-GA-of-Supervision-in-Office-365-Advanced-Data/ba-p/69344

Supervision Policies - https://support.office.com/en-us/article/Configure-supervision-policies-for-your-organization-d14ae7c3-fcb0-4a03-967b-cbed861bb086?ui=en-US&rs=en-US&ad=US

Supervision Reports - https://support.office.com/en-us/article/Supervision-reports-2a762db5-e1c9-4c09-aa8e-bef49ce97209



Office 365 and SIEM Data Feeds

2017-07-03T06:28:18.374-07:00

Another announcement that was recently made is the SIEM connector service has not been added to Office 365 Advanced Security Management (E5).  SIEM stands for Security Information and Event Management.  Many customers who have complex security requirements require the ability to centralize monitoring of alerts and events to do monitoring.  With this solution, customers have the ability to analyze application logs/events and then do contextual analysis to their organization’s security using your own SIEM solution.

To deploy this solution, the organization is responsible for deploying a SIEM agent which will poll the Office 365 REST APIs.  All communications are over HTTPS/443.  Once data is retrieved from the SIEM agent, syslog messages will be sent to your local SIEM solution.

Announcement - https://blogs.office.com/2017/06/22/new-in-office-365-security-and-compliance-june-update/

SEIM Integration – with install instructions - https://support.office.com/en-us/article/SIEM-integration-with-Office-365-Advanced-Security-Management-dd6d2417-49c4-4de6-9294-67fdabbf8532?ui=en-US&rs=en-US&ad=US



Microsoft Stream has gone Generally Available

2017-07-03T06:25:08.339-07:00

What do you need to know about this release?Microsoft Stream is an enterprise video service that allows you to upload, share, manage and view videos.  Microsoft Stream can become the location to search and discover all video content for your organization.  Microsoft Stream can become a communication hub, training center, used to support business and drive better social communications.Some major capabilities of the Microsoft Stream service are:Create and organize content with channels and groups.View trending videos.Personal watch list of videos.Ability to upload, manage and share videos from a personalized home page.Like and comments on videos.Automatic closed captioning.Face timeline (using facial recognition) for better navigation of videos.Auto generated speech to text transcript; which help make videos more discoverable.Clickable time codes in comments section, transcript or table of contents allowing for easy video navigation.Ability to watch video across devices.Ability to manage permissions to videos.Ability to define metadata for classification of videos.Microsoft Stream is still highly integrated with the Office 365 service.  It has deep integration with SharePoint Online, Microsoft Teams, Office 365 Groups and Yammer.Office 365 Video - Microsoft Stream is a replacement solution for the Office 365 Video service.  Office 365 Video will still be around for a while so there is time to transition.Video Storage - Microsoft Stream uses pooled storage model for the entire tenant.  Each tenant is allocated pooled storage and then additional pooled storage is provided based on the number of licensed users.  The concept is identical to SharePoint Online storage.  Each tenant is provided 500 GB of video storage plus an additional 500 MB of storage per user.  If you need more storage, you can purchase more storage in 500 GB increments.Azure Media Services - Azure Media Services provides the power behind Microsoft Stream.  You do not need to purchase any additional Azure Media Services.  All you need to do is acquire Microsoft Stream.Microsoft Stream Plans - There are two plans for Microsoft Stream.  The big different between Plan 1 and Plan 2, is Plan 2 includes: A) Deep search based speech to text metadata and B) Interact with video content using face detection and audio transcripts.  Office 365 Plans - You can acquire Microsoft Stream in several ways as it is part of Office 365 plans or as a standalone service.  If you have an Office 365 Suite (E1 or higher) you have access for Microsoft Stream.  You also have the ability to purchase Microsoft Stream as an independent service.   If you have an Office 365 E1 or E3 Suite, you will get the Microsoft Stream Plan 1.  To get Microsoft Stream Plan 2, you have two options: purchase Microsoft Stream Plan 2 as an add-on or purchase Office 365 E5 suite.Public Announcement - https://blogs.office.com/2017/06/20/microsoft-stream-now-available-worldwide-new-intelligent-features-take-enterprise-video-to-new-heights/Microsoft Stream Document – all of the documentation associated to this service is located here - https://stream.microsoft.com/en-us/documentation/stream-overview/  Microsoft Stream Site - https://stream.microsoft.com/en-us/Microsoft Stream Licensing - https://stream.microsoft.com/en-us/pricing/ and https://stream.microsoft.com/en-us/documentation/stream-license-overview/  [...]



Skype for Business Online Ports Reduced

2017-06-14T11:40:06.539-07:00

Back in April 2017, I wrote about how Skype for Business Online IP address ranges and ports were planning on being reduced (http://www.astaticstate.com/2017/04/skype-for-business-online-ranges-and.html).

The most recent announcement is that this has been completed.

Recent Announcement - https://techcommunity.microsoft.com/t5/Skype-for-Business-Blog/Simplified-port-requirements-for-Skype-for-Business-Online/ba-p/77094

This is a very big change which I know many Skype for Business Online customers will be happy to hear about.  The big change is that UDP/TCP 50,000-59,999 port ranges are now options for Skype for Business Online.  The reason for the change is that given the quality of service that that can be delivered out of Office 365 and the performance Microsoft Network does not require these ports.  Some other facts are:
  • Must be on Skype for Business Online client.
  • UDP/TCP 50,000-59,999 is being marked as optional for Skype for Business Online.
  • If your organization is not blocking them today, still recommended that you keep them open.
  • This change is only for users in Skype for Business Online (in Office 365).  If you have a hybrid environment these ports are still required.
I highly recommend that you review the details of the announcement.

Here is a reference to all Office 365 URLs and IP address ranges - https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US&fromAR=1



Office 365 and Azure EMS Overlap

2017-06-13T10:14:34.396-07:00

I decided to create a simple cheat sheet for folks to help you understand how Office 365 suites such as E3 and E5 relate to Azure Enterprise Security + Mobile Suite (EMS).  There is a lot of cross-over and relationship between these capabilities.I will assume in this discussion we are an Office 365 customer trying to understand how does EMS overlap and extend Office 365.EMS SuitesFirst, we must first understand what is in the EMS Suites.  There are two EMS Suites E3 and E5.  Here is an overview site - https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-pricing EMS E3 is made up of:Azure Active Directory Premium P1 - Designed to empower organizations with more demanding identity and access management needs, Azure Active Directory Premium edition provides feature-rich enterprise-level identity management capabilities and enables hybrid users to seamlessly access on-premises and cloud capabilities. This edition includes solutions for the information worker and identity administrators in hybrid environments across application access, self-service identity and access management (IAM), and security in the cloud.  Solutions available are: Secure single sign-on to cloud and on-premises apps, Multi-factor authentication, Conditional access and Advanced security reporting.Azure Information Protection Premium P1 - Control and help secure email, documents, and sensitive data that are shared outside the customer walls with Azure Information Protection Premium (formerly known as Active Directory Rights Management Service (AD RMS)). From easy classification to embedded labels and permissions, enhance data protection at all times with Azure Information Protection—no matter where it’s stored or who it’s shared with.  Solution provides encryption for all files and storage locations and cloud-based file tracking.Microsoft Intune - Microsoft Intune provides mobile device management, mobile application management, and PC management capabilities from the cloud. Using Intune, customer can provide personnel access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep customer information secure.  With the increasing volume and diversity of both ‘bring your own device’ (BYOD) and corporate-owned devices being used in organizations today, a growing challenge for IT departments is keeping corporate information secure. Microsoft mobile application management (MAM) and mobile device management (MDM) solutions help minimize this complexity by offering management capabilities both on-premises and in the cloud, all from a single console.  Solution provides mobile device and app management to protect corporate apps and data on any device.Microsoft Advanced Threat Analytics (ATA) - Microsoft Advanced Threat Analytics (ATA) protect customer from advanced, persistent cyber threats.  From detecting known malicious attacks to uncovering abnormal activity with machine learning and behavioral analytics, identify advanced persistent threats to customer quickly and act swiftly with Microsoft Advanced Threat Analytics.  Solution provides protection from advanced targeted attacks by applying user and entity behavior analytics.EMS E5 is made up of:Azure Active Directory Premium P2 - Builds off Azure Active Directory Premium P1, enhanced with advanced identity protection and privileged identity management capabilities.  Solution includes risk-based conditional access and privileged identity management.Azure Information Protection Premium P2 - Builds off Azure Information Protection Premium P1 providing intelligent classification policies to classify and label data at time of creation or modification based on source, context, and content. Classification wi[...]



OneDrive On-Demand

2017-05-19T08:42:14.269-07:00

OneDrive On-Demand
There was a recent announcement of some new features coming for OneDrive for Business and SharePoint Online that I am very excited to see.  The new feature is called OneDrive On-Demand.

The OneDrive On-Demand capability allows you to access files without having to download them and use storage locally on your device.  Effectively, File Explorer has connectivity to data in the OneDrive for Business cloud just like it has with data on network attached storage.  When you select a file, that file will be synced locally and then opened in the app.

Additionally, there are reasons why some folders and files you will always want to ensure are available locally.  With this new capability, you have the ability to designate which files and folders you want to have as always available locally.

Benefits
A major benefit is not having to use local device storage.  This becomes important because storage available on a per user basis with OneDrive for Business in cloud can be more than what is available on the device itself.  So, if a user has 1TB of data of OneDrive Storage in the cloud, and they

Another benefit is more efficiency in data synchronization to a corporate network.  When lots of user sync a SharePoint Online site, all the files are synced to that device.  Additionally, when a file is updated, that update is pushed to all devices.  Now files are only synced at the user’s designation if the file must be available locally all the time.  This will reduce the amount of data being pushed.

Other Notes
OneDrive On-Demand is available as part of the Windows 10 Fall Creators Update.
This feature will work with OneDrive for Business, OneDrive (personal) and SharePoint Online.

What about Mobile?
Mobile Apps for OneDrive have always been on-demand.  A new solution is being introduced into the iOS and Android Apps which allow users to designate folders as “offline”.  This allows you to access those files while you have no internet connectivity.  Now we have some feature parity across devices.

References
https://blogs.office.com/2017/05/11/introducing-onedrive-files-on-demand-and-additional-features-making-it-easier-to-access-and-share-files/
https://blogs.office.com/2017/05/16/new-sharepoint-and-onedrive-capabilities-accelerate-your-digital-transformation/




Office 365 and Azure Government Support DFARS

2017-05-13T13:14:19.404-07:00

Azure Government services is not able to support DoD contractors and the Defense Industrial Base (DIB) by supporting for Defense Federal Acquisition Regulation Supplement (DFARS) requirements. Office 365 US Government Defense is also able to accept the flow down terms based on FedRamp+ requirements (as defined in the DoD Cloud Computing Security Requirements Guide (SRG)).  This allows DoD's mission partners to host Covered Defense Information (CDI) in Microsoft's secure, compliant cloud dedicated to US government workloads.

A lot of work had been completed by Microsoft and demonstrates a commitment to satisfy the stringent requirements for a major market segment to use compliant commercial cloud solutions.

For more information, please read this public announcement - https://blogs.msdn.microsoft.com/azuregov/2017/05/11/microsoft-azure-government-expands-support-for-defense-industrial-base-and-defense-contractors-announcing-support-for-dfars-requirements/



Advanced Threat Protection expands to Office 365 ProPlus

2017-04-14T12:41:19.789-07:00

I have been watching the Office 365 Advanced Threat Protection (ATP) service evolve over the past year.  Every time they add some new, I am just impressed.

In the most recent announcement, it was stated that ATP Safe Links is now being extended to the Office 365 ProPlus desktop clients.  That is super exciting.  So now embedded links that are in Word, Excel and PowerPoint files are protected by ATP Safe Links.

ATP initially started as an Exchange Online solution.  It has subsequently expanded to Office Online (browser).  The goal is to have ATP Safe Links uniformly applied to all Office 365 services.

Announcement - https://blogs.office.com/2017/04/04/announcing-the-release-of-threat-intelligence-and-advanced-data-governance-plus-significant-updates-to-advanced-threat-protection/
Other Advanced Threat Protection (ATP) feature releases - http://www.astaticstate.com/search/label/Advanced%20Threat%20Protection




Skype for Business Online Ranges and Port Changes are Coming

2017-04-13T06:23:26.511-07:00

For a long time, customers that have transitioned to Skype for Business Online have provided feedback on the number of IP ranges and ports that are required to be configured with an enterprise’s firewalls.  Microsoft Office 365 will be making some changes alleviate these challenges.

Recommend reading this and monitoring this as the changes are being rolled out -  https://techcommunity.microsoft.com/t5/Skype-Operations-Framework-Skype/Updated-IP-ranges-and-ports-for-Skype-for-Business-Online/ba-p/47470



SharePoint Framework is GA

2017-03-18T14:16:34.665-07:00

SharePoint Framework now GAThe SharePoint Framework went generally available (GA) in Feb 2017.  I am personally very excited to see the next evolution of SharePoint development be made available to Office 365.One of the toughest discussion with organizations transitioning to Office 365 is how to transition SharePoint to SharePoint Online.  For organizations with complex deployments, SharePoint Online is transition could be challenging.  The biggest challenge was what to do with Full Trust code that was either developed internally or part of a third-party solution that was acquired.  Over the years since SharePoint Online has been released, organizations and third-party solution providers have transitioned over to the APIs and the SharePoint Apps model.  However, there was still gaps in what could achieve with SharePoint Online.  With the introduction of the new SharePoint Framework, these gaps have been closed.What is the SharePoint Framework?Simply put, the SharePoint Framework is a new web page and web part development model that supports open source tools providing new flexibility in the creation of apps using modern web technologies.  This framework works for either SharePoint on-premises or SharePoint Online.  The new SharePoint Framework will give you a smooth transition from .Net development to Javascript development using this new method.Up this point, SharePoint Online development options were:Full Trust Code: Not supported in SharePoint Online.Sandbox Solutions: Limited set of Full Trust code APIs available however this solution is being deprecated; so it was not recommended to invest time in Sandbox Solutions.SharePoint Apps:  Was first introduce in SharePoint 2013 days and was used by many to transition complex solutions to SharePoint Online.  This solution moved complex code to other locations and then provided a user experience through a iFrame that was integrated into SharePoint Online.  This approach had many benefits however iFrame boundary created some barriers for building an integrated solution with the SharePoint user experience.Script Editor: Has been and will continue to be as a solution to inject javascript and customizations into web pages.  This solution has several limitations around configuration and its ability to integrate deeply into the SharePoint API.  How have things changed from the old way?With the new SharePoint Framework, we can get back to writing web-parts the way we used to; which is truly exciting.Development Environment – The first big change is that Visual Studio is no longer required to do development.  Yeoman generator is used to create your project artifacts that can then be used to do your development is Visual Studio, Subline, Atom, etc.API – Instead of using server side code using .NET, you will use Node.Strongly Typed Scripting – Even though development is done in Javascript; Typescript is the primary language providing developers the ability to do object-oriented development that they were used to do with .NET.Build – Instead of using MSBuild to compile and build your solutions, you will use Gulp which is operating agnostic.  It will build solutions using Node.Deployment – Deployment of code is no longer pushed out to the GAC.  With the SharePoint Framework code is built and then deployed to any CDN service.  For instance a public CDN used to make the solution publicly available or can be deployed in a SharePoint CDN only make the solution available to a tenant.ReferencesI highly recommend you start reviewing these articles.SharePoint Framework GA Announcement - https://blog[...]



2007 Products Nearing End of Support

2017-02-03T13:50:56.908-08:00

I saw that there was a reminder going around that some software was coming end of extended support in Calendar Year 2017.  For instance:
  • Office 365 ProPlus client using 2013 rich client is coming to an end 2/18/17.  This means you need to finish your transitions to Office 365 ProPlus 2016 client as soon as possible.
  • Exchange 2007 will be ending 4/11/2017.
  • Office 2007, Project Server 2007, and SharePoint 2007 are also coming to end of extended support.  I still see customers with SharePoint 2007 sitting out there.
  • OCS R2 (2007) has a little bit more time, 1/9/18.
I just call this out because in my mind, these 2007 releases was the first year where you could start seeing Microsoft’s vision of bringing together Exchange, SharePoint and OCS into a single collaboration platform.  That little presence “jellybean” was the start of something great.  Seeing what we have now with Office 365 where productivity is delivered as a SaaS service where Exchange, SharePoint, OneDrive, Skype, Office, Groups, Teams, etc., etc. are delivered in a fully integrated and seamless user experience brings a smile to my face. 

Here are some references:https://support.microsoft.com/en-us/lifecycle/selectindex
https://support.microsoft.com/en-us/help/3198497/office-2007-approaching-end-of-extended-support
https://blogs.technet.microsoft.com/exchange/2016/04/11/exchange-server-2007-t-1-year-and-counting/



Advanced Threat Protection adds URL Detonation and Dynamic Delivery

2017-02-03T13:47:41.011-08:00

Every time I think there is something cool that is released, some even more interesting is going to be released into Office 365.  Let’s focus on Advanced Threat Protection (ATP).  Back in November there was announcement made that ATP was being expanded to protect Office, SharePoint Online and OneDrive for Business; I blogged about it here - http://www.astaticstate.com/2016/11/new-atp-features-for-office-sharepoint.html

Well there are some more features being released to ATP that are truly exciting.

First URL Detonation is being added.  What this will do is protect you against links to files.  If a user clicks on a link like below, what ATP will do is scan the file for anything malicious prior to providing the user access to the file.  This is in addition to what ATP already does with the Safe Links feature (checking the reputation of the URL).


Second, Dynamic Delivery is being added to the Safe Attachments feature.  What this will do is continue to send an email to a user which the attachments are being scanned.  The user will see a stub in Outlook telling them that their attachments are being scanned, and once scanning has been completed, they will be provided access to the email attachments.  Users will not have to wait as long now for getting their emails that are going through Safe Attachment analysis.
If the user clicks on the stub, they will be given a progress of the analysis.
It is truly existing to see these types of features being released in the ATP service.

Reference
https://blogs.office.com/2017/01/25/evolving-office-365-advanced-threat-protection-with-url-detonation-and-dynamic-delivery/




Location Based Conditional Access for SharePoint Online and OneDrive for Business

2017-01-20T20:16:47.366-08:00

I have been waiting for this capability to be released for some time now – Location Based Conditional Access.

SharePoint Online and OneDrive for Business has released a new solution that will allowing admins to control where data is synchronized to.  Specifically, you can create policy that can block synchronization of SharePoint Online and OneDrive for Business data based on IP address ranges. 

Why this is important?  For instance, there are many enterprise organizations that do not want their documents and files to be synchronized to non-managed devices or non-managed networks.  In many cases, administrators may only allow browser based access to documents when the user access documents from non-managed devices or non-managed networks.

Note if you have, Azure Active Directory Premium (AADP) configured, AADP will enforce its policy first and then the new SharePoint / OneDrive policy will be enforced.

Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Introducing-Conditional-Access-by-Network-Location-for/ba-p/39274



Office 365 and Azure Granted DoD L5 Provisional Authority (PA)

2017-01-14T08:29:05.167-08:00

There was a major announcement this week.  Both Microsoft Office 365 and Azure have been granted a DoD Provisional Authority (PA) at Level 5 (L5) to store and process unclassified data.  This is a significant achievement which no other cloud vendor has been able to achieve across SaaS, PaaS and IaaS.  This is driven by the Office 365 US Government Defense and Azure Government (DoD Region) clouds.

The DoD Cloud Computing (CC) Security Requirements Guide (SRG) defines controls that Cloud Service Offerings (CSO) must adhere to beyond controls defined by FedRAMP (NIST 800-53).

Public Announcement - DOD Level 5 PA granted to Microsoft Azure and Office 365 - https://enterprise.microsoft.com/en-us/industries/government/dod-level5-p-ato-granted-microsoft-azure-office-365/

Public Announcement - Azure DoD Regions Accredited at Impact Level 5 and Now Generally Available - https://blogs.msdn.microsoft.com/azuregov/2017/01/13/azure-dod-regions-accredited-at-impact-level-5-and-now-generally-available/

Public Announcement - Microsoft Azure Government is First Commercial Cloud to Achieve DoD Impact Level 5 Provisional Authorization, General Availability of DoD Regions - https://azure.microsoft.com/en-us/blog/microsoft-azure-government-is-first-commercial-cloud-to-achieve-dod-impact-level-5-provisional-authorization-general-availability-of-dod-regions/

Not all clouds are created equal - https://enterprise.microsoft.com/en-us/industries/government/check-the-facts/

Microsoft Trust Center - Department of Defense (DoD) Provisional Authorization - https://www.microsoft.com/en-us/TrustCenter/Compliance/DISA#



Office 365 Advacned Data Governance

2016-12-26T08:20:03.025-08:00

There was an announcement for a new feature of E5 being called Advanced Data Governance.  It was buried in an announcement back in Sept 2016.

Some time ago, Office 365 made several announcements for being able to consume corporate data from other major platforms.  There is a new Advanced Data Governance feature that will be coming to Office 365 that will provide you a dashboard that will give insight to the type of data you have, how it is classified, and how it is going to be retained.  There will also be tools to assist you with the data import process to filter out data that you do not need to retain, and you will have a tool that will allow you to set a central retention policy across all Office 365 solutions.  This is super exciting and I highly recommend you watch the session on this at the Ignite Conference.

Announcement - https://blogs.office.com/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/

Ignite Conference Video - https://myignite.microsoft.com/videos/1323





Office 365 Third-Party Security App Management

2016-11-20T19:22:33.240-08:00

There are several new features coming to Office 365 through Advanced Security Management (ASM), which is part of E5 which will give admin much more visibility and control of how Office 365 data is flowing out to third-party applications.Productivity App Discovery A new feature is being released to Advanced Security Management called Productivity App Discovery.  This solution will provide admins the ability to understand their organization’s usage of Office 365 and other productivity services.  This will help you understand how data from Office 365 or should be stored in Office 365 is being sent to outside applications that are not in your administrative control.Apps PermissionAdditionally, a new feature is being added that will allow Office 365 Admins to better monitor and approved third-party applications that are integrated with Office 365.  This again is part of Office 365 Advanced Security Management.Users can connect a third-party application with Office 365.  When they do this, the user is provided information about what that integration means, however it may be common that the end user does not full ramifications in the security risk they may or may not be taking.What App Permissions will do will provide the administrators the ability to review which third-party applications have access to Office 365 data.  Admins have the ability to approve or revoke access plus notify the users that access to the third-party application is revoked.ResourcesProductivity App Discovery - https://blogs.office.com/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/Third-party Apps with Office 365 - https://blogs.office.com/2016/10/31/enhanced-control-over-third-party-apps-now-available-in-office-365/Overview of Advanced Security Management in Office 365 - https://support.office.com/en-us/article/Overview-of-Advanced-Security-Management-in-Office-365-81f0ee9a-9645-45ab-ba56-de9cbccab475 [...]



New ATP Features for Office, SharePoint and OneDrive

2016-11-20T18:38:32.009-08:00

There were some new ATP features being released.  For instance there is new reporting capabilities, better performance with lower latency for emails/attachments that are being scanned, deeper URL detonation, and intelligence sharing with Windows Defender.

However, what got be excited is that ATP is being extended beyond Exchange Online.  ATP will now include protection for SharePoint Online, OneDrive for Business, Word, Excel and PowerPoint.  I found this to be really exciting.


Reference
New ATP Features Coming - https://blogs.office.com/2016/09/26/applying-intelligence-to-security-and-compliance-in-office-365/



New OneDrive for Businss Admin and Compliance Management Capabilities

2016-11-20T08:51:46.169-08:00

Back at the Ignite conference, you may have heard or read up on all the new capabilities being released for OneDrive - https://blogs.office.com/2016/09/26/sharepoint-online-sync-preview-headlines-ignite-announcements-for-onedrive/

There are tons of new user experiences, updated / improved sync capabilities, better mobile capabilities, etc.

However, what I get very excited about is the enterprise and compliance features that are being added into OneDrive.  There are a few features that were buried down in the announcement that enterprise customers should pay attention to.
  • New OneDrive Admin Center – There is a new admin area being created just for OneDrive for Business.  It has been within SharePoint Online.
  • New User Level Controls – This new capability provides the ability to set things like storage quota and external sharing capabilities down to the specific user versus the entire organization.  External sharing can be set-up to be to whitelist of trusted business partner domains.
  • New User Support Features – There are new features that will assist the admin in supporting their end users to find files that they have misplaced or shared with the wrong people.
  • Remove User Access – There is new capability that will allow you to quickly sign a user out of the service quickly when the lost a device or you need to remove them from the service.
  • Retention After the User Leaves – Additionally when a user leaves or is terminated, there is new capability to assist you with moving or copying data to other locations.  There is additionally capability that will allow you to preserve files in a deleted user’s OneDrive for Business up to 10 years.  This is fairly consistent with the Inactive Mailbox feature of Exchange Online.






Updated Office 365 Administration

2016-11-20T12:15:40.824-08:00

If you have not been watching, the Office 365 administration experience has been getting overhauls and new capabilities in the Fall of 2016.  Tons of new capability and reporting is bring provided.  Much of this has been based on years of feedback that have been coming from customers.Here is the new home page that has been re-designed based on the most common tasks that are required.  There is also the ability to customize the homepage based on personal preference to the activities the administrator does the most.New activity reporting is available to give you insight into how the Office 365 service is being used.Plus the old service health dashboard has been redesigned.ResourcesAnnouncement plus a video - https://blogs.office.com/2016/09/27/office-365-administration-announcements-new-admin-center-reaches-general-availability-and-introducing-the-service-health-dashboard/Announcement - https://blogs.office.com/2016/10/31/whats-new-in-office-365-administration-october-update/Announcement - https://blogs.office.com/2016/09/13/new-usage-reports-for-sharepoint-onedrive-and-exchange/[...]