Unlock the full potential of your Office 365 subscription
Thomas Collier PreSales Consultant Office 356 Licenses
Standalone Plans Business Essentials Business Premium Enterprise E1 Enterprise E3 Enterprise E5 Secure Productive Secure Productive Enterprise E3 Enterprise E5 Exchange Online Plan 1 Exchange Online Plan 2 SharePoint Online Plan 1 SharePoint Online Plan 2 Skype for Business Plan 1 Skype for Business Plan 2 OneDrive for Bus. Plan 1 OneDrive for Bus. Plan 2 Yammer Enterprise Windows 10 E3 Windows 10 E5 Security + Mobility E3 Security + Mobility E5 Data Recovery in Exchange Online Data Recovery in Exchange Online
Single Item Recovery
• Enabled by default • Allows recovery (Default 14 -days) • Can be increased to 30 days
“Set-Mailbox
In-Place eDiscovery In-Place Hold
• Can be query based • Applies to all items • Granular Hold • Complete Hold • Multiple holds over a • Applied once and then mailbox. forward • Can be held indefinitely • Can be held indefinitely or time based or time based • Quota limit 100Gb applies • Quota limit 100Gb applies to all recoverable items to all recoverable items • Includes archive/public • Includes archive/public folders folders
New-MailboxSearch “Name"- Set-Mailbox
Deletions This subfolder contains all items deleted from the Deleted Items folder. This subfolder contains Single Item Recovery deletions. Versions If In-Place Hold or Litigation Hold is enabled contains original and modified copies of the deleted items. Purges If either Litigation Hold or single item recovery is enabled, this subfolder contains all items that are purged. Audits If mailbox audit logging is enabled for a mailbox, this subfolder contains the audit log entries. DiscoveryHolds Contains all items that meet the hold query parameters and are purged. Calendar Logging This subfolder contains calendar changes that occur within a mailbox. Data Recovery in Exchange Online
Inactive Mailbox
• Retain Mailbox Data even when a user/mailbox is deleted. • No license consumption • All Mailboxes can be retained and are exportable/searchable through eDiscovery • Data can be merged to a new mailbox or existing one or attached to user without mailbox. • Conditions are: • Litigation Hold or In-place hold enabled • MSOL object to be deleted • Online Archive as well • Mailboxes are inactive until: • Hold duration is reached • Hold is manually removed • MSOL Object is restored Multi Factor Authentication Multi Factor Authentication
Something you have – a phone, credit card or hardware token
Something you know (eg. Password)
Something you are – a fingerprint, biometric … Multi Factor Authentication
• Not all apps are Modern Authentication ready. Multi-Factor Authentication • Creates random generated 16 characters passwords Multi Factor Authentication
MFA for Office 365/Azure Azure Multi-Factor Authentication Administrators Administrators can enable/enforce MFA to end users Yes Yes Use mobile app (online and OTP) as second authentication factor Yes Yes Use phone call as second authentication factor Yes Yes Use SMS as second authentication factor Yes Yes Application passwords for non-browser clients (e.g., Outlook, Lync) Yes Yes Default Microsoft greetings during authentication phone calls Yes Yes Suspend MFA from known devices Yes Yes Custom greetings during authentication phone calls Yes Fraud alert Yes MFA SDK Yes • SecurityNot reportsall apps are Modern Authentication ready. Yes MFAMulti for on--Factorpremises applications/ Authentication MFA server Yes • OneCreates-time bypass random generated 16 characters Yes Block/Unblockpasswords users Yes Customizable caller ID for authentication phone calls Yes Event confirmation Yes Trusted IPs Yes Data Loss Prevention Data Loss Prevention
Exchange Online SharePoint / OneDrive
• Policy Tips in OWA and Mobile • Search for sensitive data OWA across SharePoint and OneDrive • Deep content analysis engine • Deep integration with content • Advanced Document processing pipeline Azure RMS Fingerprinting in Exchange, Outlook, and OWA • All 51 OOB sensitive types analyzed • 46 OOB sensitive information types and 40 OOB DLP • Identification and policy Templates application for sensitive content based on organization • Enhanced reporting interface policy and extended retention for detailed reports Data Loss Prevention
Azure RMS Azure Rights Management Azure Rights Management
The perimeter is moving… We need data to be born Mobile workforces, BYOD, encrypted and to maintain a personal apps, etc. persistent protection Azure RMS
Data privacy is important Encryption peering is not and is often mandated practical or scalable With GDPR, you want to know There has to be a better way what happens with your data Azure Rights Management
Content of the document does not move to Azure RMS, only the policy, authentication and authorization rules are stored.
Policy is applied, which Policy Authentication and contains usage rights authorization Rights and content key is Management applied to the document
Content key and rights
Content is Document can only Unprotected protected by an be decrypted by an content unique encryption authorized user key per tenant. Azure Rights Management
• Apps with build-in protection. – Enlightend Apps • Word, Excel, PowerPoint, Text, Images and PDF. Native • 3rd Party apps that use the Azure RMS API Protection • Files are fully encrypted and can be accessed within their native app • Usage rights and policies are fully enforced.
Generically • Encapsulate genereric files using the .pfile • Authentication is needed to “unwrap” the protected file. protected • Content itself is not protected, only when encapsulated. • Usage rights are not enforced (Do-not-print, Do-not-forward, etc) Azure Rights Management Azure Rights Management RMS for Azure Information Azure Information Feature Office 365 Protection P1 Protection P2
Manual document classification and consumption of classified documents Yes Yes Automated data classification and administrative support for automated rule sets Yes Hold Your Own Key (HYOK) that spans Azure RMS and Active Directory RMS for highly regulated scenarios Yes Protection for Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business content Yes Yes Yes Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle2 Yes Yes Yes Custom templates, including departmental templates Yes Yes Yes Protection for on-premises Exchange and SharePoint content via Rights Management Services (RMS) connector Yes Yes Yes RMS software developer kit for all platforms: Windows, Windows Mobile, iOS, Mac OSX, and Android Yes Yes Yes RMS connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector Yes Yes Document tracking and revocation Yes Yes Protection for non-Microsoft Office file formats, including PTXT, PJPG, and PFILE (generic protection) Yes Yes Yes RMS content consumption by using work or school accounts from RMS policy-aware apps and services Yes Yes Yes RMS content creation by using work or school accounts Yes Yes Yes Office 365 Message Encryption (OME) Yes Yes Yes Administrative control Yes Yes Yes Office 365 Message Encryption Office 365 Message Encryption
Admin Sender Recipient
• Simple configuration • Send encrypted messages • Notification by e-mail of • Create simple Transport to any SMTP address Secure Message Rules • Integr • Content is not stored on the • Portal and messages can be • Clientless architecture recipient side. branded with Company • Encryption portal has rich Name & Logo OWA controls for viewing • Allows for Enterprise and composing messages content inspection and • Replies from the portal are compliance also encrypted Office 365 Message Encryption
Sender (Office 365 User) Sender (Office 365 User)
Send e-mail Message
Interception Encryption is HTML Link to by Transport applied Notification is Encryption Rule Server-Side delivered Portal
Reply is User edit in decrypted by OWA-Like system style Office 365 Message Encryption
PowerShell
New-TransportRule –Name EncryptRule
New-TransportRule –Name DecryptRule
Plan Requires Price Office 365 E3, E5 Included Included Office 365 SPE E3, E5 Included Included Enterprise Mobility E3, E5 Included Included Exchange Online Plan 1, Plan 2 or Kiosk Azure RMS Option 2€ SharePoint Online Plan 1, Plan 2 Azure RMS Option 2€ Office 365 Business Essential, Premium Azure RMS Option 2€ Exchange OnPremise Azure RMS Option 2€ And more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more and more
Office 356 Features
Feature Business Essentials Business Premium Enterprise E1 Enterprise E3 Enterprise E5 Secure Productive Secure Productive Enterprise E3 Enterprise E5 Microsoft Bookings Microsoft Flow Microsoft Forms Microsoft Graph API Microsoft MyAnalytics Microsoft Planner Microsoft PowerApps Microsoft Staffhub Microsoft Teams Office Delve Office 365 Groups Office 365 Video Sway Advanced e-Discovery Cloud PBX Microsoft To-Do Preview
To-Do Preview
• Task list with adaptive My Day pane. • Delivered through web & mobile apps • Synced with Task from Outlook, Office 365 and Hotmail • Import from Wunderlist and ToDoIst (https://import.todo.micro soft.com/) Microsoft Bookings
Microsoft Bookings
• Customer Booking platform for the SMB • Integration with Facebook and web. • Complete branding possible. • Add your services to the bookings page. • Centralized console with overview of all bookings Microsoft Planner
Microsoft Planner
• When tasks are not enough, but MS Project is overkill • Certified (ISO, HIPAA, EU- US, Model Clause, etc.) • Integrated with Office 365 and Office 365 Groups. • Roadmap: External User Access Microsoft Staffhub
Microsoft Staffhub
• Schedule shifts for employees. • Create, update and maintain shift schedules • Mobile Apps with push notifications. • Users can switch shifts, request leave • Export data for HR integration. • Share documents Microsoft Flow
Microsoft Flow
• Automation application • Create a flow based on an event within an app. • Powered by LogicApps • 3rd Party apps are included with Custom API’s • +100 Templates for use in a flow Secure Score What else is new? Updates to Office 365 Pro Plus
Old Name New Name Frequency
Current Channel Monthly Channel Early Adopters
First Release for Deferred Semi-Annual Channel Pilot Users Channel Deferred Channel Semi-Annual Channel Broad
Type Valid for Valid for
Semi-Annual (Pilot) 4 Month 18 Months of Support Semi-Annual (Broad) 14 Month Available Outlook Customer Manager
Outlook Customer Manager
• Light CRM application for Small Business • Integrated in Office 365 and Outlook • Track open opportunities and follow-up • Mobile App Updates to K1 Plans
Used to include Added services Exchange Online (2GB) Microsoft Staffhub SharePoint Online OneDrive for Business (2GB) Yammer Enterprise Skype for Business Presence and IM Microsoft Teams Office 365 Video Microsoft Flow Microsoft PowerApp And many more…
Office 365 Video Office 365 Groups
Office 365 Stream Office 365 Teams
Office 365Delve Microsoft Forms
Office 365 MyAnalytics Microsoft PowerApps
Microsoft PowerBI