Tagged: Collaboration
Microsoft Teams Security and Compliance Video Playlist
In this post I like to reference to a comprehensive video playlist regarding Microsoft Teams Security and Compliance. It contains eight short videos covering different and important topics for your collaboration security focusing on Microsoft Teams. The author of the YouTube videos is Matt Soseman, Security Architect at Microsoft.
Basically, Microsoft 365 services are secure by design, however there are settings and configuration aspects which might not yet be enabled by default. That’s why it is important to know what’s available to set it up to make your collaboration even more secure. Please find the link at the bottom Security & Compliance in Microsoft Teams [YouTube Playlist].
The following Teams related topics are covered in the the playlist:
- Identity and access management
- Advanced Threat Protection (ATP)
- Intune Mobile Application
- Data Loss Prevention (DLP)
- (Windows) Information Protection
- Cloud App Security and third party storage
- Cloud App Security and Azure Active Directory (AAD)
- Unified SecOps w/ Microsoft Threat Protection
Conclusion, opinion and summary
The duration for each video is below six minutes although the most important aspects are mentioned. These videos are an impressive summary for security and compliance capabilities related to Microsoft Teams and Microsoft 365.
In my opinion the videos are very good to get an overview on what security capabilities are available and to get a glimpse on how it works to help you.
Additional resources
- Security & Compliance in Microsoft Teams [YouTube Playlist]
- Matt Sosemann on YouTube [YouTube Channel]
- Security and compliance in Microsoft Teams [docs.microsoft.com]
Enable Microsoft Outlook Spaces (Preview)
In this post I describe what Microsoft Outlook Spaces (Preview) aka Project Moca is and how to enable the preview of it. Recently, Microsoft made Outlook Spaces available as preview.
What are Microsoft Outlook Spaces?
Spaces is a new way and service to manage and organize yourself and others at a central placed and in a more appealing look and feel.
Key capabilities are as follows:
- organize different things in one space in buckets
- take notes, define tasks and track targets
- save and manage files in OneDrive and other 3P storage services
- create links, contacts and mails
- manage and integrate Outlook tasks, Microsoft To Do, Teams and Office documents (Excel, Word, PowerPoint) centrally
- manage calendars/appointments
- add some gimmicks like locations and weather
How to enable Outlook Spaces (Preview)?
To enable Outlook Spaces you can connect to Exchange Online by using PowerShell and enable the feature for the default or better a certain OwaMailboxPolicy.
Please note: In case you want to test this you might want to create a new OwaMailboxPolicy and assign to a test user (group) and enable it than. I recommend to test this in your test environment first.
#https://docs.microsoft.com/powershell/module/exchange/set-owamailboxpolicy Connect-ExchangeOnline Get-OwaMailboxPolicy | fl name, *moca* Set-OwaMailboxPolicy OwaMailboxPolicy-Default -ProjectMocaEnabled $true #check user OwaMailboxPolicy assignment Get-CASMailbox erik...@domain.tls | fl *owa* Disconnect-ExchangeOnline
After enabling the preview it can take some time until you are able to test it. So, if you open Outlook Spaces you might see “Under construction”, which means that you need to be patient and check it again later.
Additional resources
Microsoft 365 Adoption – Modern Collaboration Architecture (MOCA)
In this post I like to describe the Modern Collaboration Architecture (MOCA) and how it can help to embrace adoption of Microsoft 365 services for collaboration.
What’s MOCA?
Can I drink it? No, it’s not mocca, the coffee which you might have heard of. Sorry, it does not mean that coffee boosts user adoption. MOCA is short for Modern Collaboration Architecture and it is intended to support in the question “Which tool when” based on Microsoft 365. MOCA is thought to be one part of a Modern Collaboration Practice in the business transformation to change the culture and mindset towards a digital business and organization. The Modern Collaboration Practice consists of four components:
- Attention | “Helping employees manage their attention”
- MOCA | “Using the right tool for the right job”
- Communications | “How communications flow in an organization”
- Customers | “Customer stories”
MOCA describes the dynamic of how we collaborate as individual, as part of a team, as part of a community and as part of an organization. The whitepaper explains this in more detail. Although MOCA points out what tool you can use when but it also says that this is not enough. On the contrary, it might cause an information overload for users just because there is so much (irrelevant) information and tools available.
To improve productivity the right tool must be available but also the mindset and culture in an organization must be ready for this. All the Microsoft 365 collaboration services and tools will definitely not solve all problems by itself, no, it provides the tool-set for users to be more productive and deliver business outcomes but to achieve this goal a organization must endeavor a cultural change towards a modern and digital organization.
Conclusion, opinion and summary
To sum it up, MOCA is a guiding approach for Microsoft 365 collaboration to learn “what use when” but it is incomplete. It’s supportive but the organizational change process must be triggered and initiated as well. The latter is something which is a long term goal and journey, which you probably heard before many times if not already working on it.
Additional resources
Microsoft 365 safe documents configuration
In this post I describe what safe documents in Microsoft 365 are, how you can configure it and why you should enable this in your Microsoft 365 tenant.
If you are not yet familiair with safe attachments and safe links you might want to read my previous post Safe attachments and links to protect your Office 365 collaboration first.
What are safe documents?
Safe documents are a Microsoft 365 Advanced Threat Protection (ATP) feature. It protects your users from opening malicious documents which might harm your users data, privacy or even your complete IT infrastructure depending on what malicious document content is opened. ATP checks before opening it and avoids a user to open a document or leave the protected view in case ATP has recognized anything potentially malicious.
Why safe documents?
It adds another valuable layer of security for your users and infrastructure which kicks in even if someone opens a document which was not caught or categorized as malicious before by other security mechanisms. It might be the last barrier and defense if someone (accidentally) opens a document in your company to avoid a security incident with corresponding consequences for your company.
What’s required to use this capability in Microsoft 365?
Safe documents are an advanced security feature which requires the following:
- Microsoft 365 E5 or Microsoft 365 E5 Security
Microsoft emphasizes that it is not in Office 365 ATP plans - Organization Management or Security Administrator role in M365 (for configuration)
- Office Version 2004 (12730.x) or later
How to configure it?
If the requirement are met you can configure and test it. By default it is turned off.
Please note configuring this will enable this for your complete Microsoft 365 tenant and therefore for your complete organization.
Enabling it via Admin Center
Maybe DON’T tick the checkbox “Allow people to click through Protected View even if Safe Documents identifies the file as malicious”.
That’s it now it’s live.
Enabling it via Shell
Alternatively, you can also enable this using Exchange Online PowerShell. Example:
#Install Module
Install-Module -Name ExchangeOnlineManagement
#Check Module availablity on system
Get-Module ExchangeOnlineManagement
#Update Module
Update-Module -Name ExchangeOnlineManagement
#Import Module
Import-Module ExchangeOnlineManagement
#Connect to EXO with MFA enabled
Connect-ExchangeOnline -UserPrincipalName <UPN> -ShowProgress $true
#Enabling safe documents but prevents users from leaving protected view
Set-AtpPolicyForO365 -EnableSafeDocs $true -AllowSafeDocsOpen $false
#Check values
Get-AtpPolicyForO365 | Format-List *SafeDocs*
#Disconnect from EXO
Disconnect-ExchangeOnline
#Uninstall Module
Uninstall-Module -Name ExchangeOnlineManagementValidating it with Shell
Due to the fact that I’ve configured this in the Admin Center I’m just checking if the settings is set as expected.
And there we go, it’s set.
Conclusion, opinion and summary
It’s very easy to configure however the licensing and client requirements are quite high. In case you met the licensing requirements you can enable it (with previous planning and testing).
Also note, you should check what your antivirus (av) client might do. In case you running a third-party av client. I did not test this having a third-party av client plus this enabled. I’d assume there should be no conflicts but there can be conflicts. So, I would not directly enable this in production without previously testing this maybe in a test tenant and a test client to ensure it works as expected before going live with safe documents.
Additional resources
G Suite security controls overview [May 2020]
Due to the increased and still increasing number of people working from home the requirement to keep users’ identities and devices secure and up-to-date is a must. Recently, I wrote some blog posts on Microsoft 365 communication and collaboration security. This time, I’d like to share what Google provides to secure its G Suite platform for communication and collaboration on an high level.
Basically, it doesn’t matter what kind of solution and service you provide, it must be secure by design to cope with more and more advanced threats for your company assets and user identities. To do so, you need to be alert, but not only just maintain your as-is security standards and architecture, no, moreover you must steadily enhance the security capabilities as there are always new threats on the rise.
To keep your company assets secure if you rely on G Suite you might want to know what you can do.
- Fundamental device management
- Reports/view all devices which access corporate data
- Reports on devices accessing corporate data
- Remediation actions, e.g. remotely sign out a user
- Context-aware access control, e.g. allow access to corporate data/services only under defined circumstances like only device storage must be encrypted etc.
- Enhanced security for Windows 10
- login with Google credentials because Google can be used as a credential provider for Windows
- Single Sign-On (SSO) for Windows 10 devices, apps and services
- identity and account protection (detection of anti-hijacking, suspicious login detection)
- compliance checks for Windows 10 devices (checking if the device is secured and updated)
- device management to roll out device configuration updates and wipe a device
- New G suite security capabilities
- data protection insights [for data loss prevention (DLP)]
- automated classification with labels for DLP
- iOS copy/paste protection for DLP
- context-aware access with group-based policies
- context-aware access for SAML apps
- monitor logs with third-party monitoring
Conclusion, opinion and summary
I must admit that I haven’t checked for some time what’s new and which capabilities are offered lately with G Suite. By what I’ve read so far, a lot has changed and was added for good. I recognize that the features and capabilities regarding communication and collaboration security have been growing very well, too. It’s interesting to see how G Suite also evolves over time regarding communication and collaboration security, to keep users and things secure.
Additional resources
- 6 new device, data, and user controls to help G Suite customers stay secure
- Fundamental device management brings basic coverage to all desktop computers
- Enhanced security for Windows 10 devices now generally available
- Dynamic, context-aware access control for G Suite now generally available
- Google Credential Provider for Windows
- Data protection insights
- Automated classification
- iOS copy/paste protection
- Context-aware access
- Google BeyondCorp
- Work from home checklist
Modern Meetings with Microsoft Teams
In this post I provide an overview on key capabilities with modern meetings with Microsoft Teams. It enables you and your fellow co-workers for modern meetings [almost] anywhere, anytime and on [almost] any device.
Key capabilities
Microsoft Teams offers you the following key capabilities for meetings but are not limited to these:
- online meetings
- audio conferencing
- video conferencing
- interactiv application and desktop sharing
- dialin phone numbers from 65+ countries around the world
- versatile clients and devices (mobiles, rooms, browsers, Windows, Linux)
- recording
- recording – transcript – for many languages (speech-to-text to transcript)
- calendar integration (Outlook, Exchange, Teams)
Do more with Microsoft Teams Meetings
Microsoft Teams enables for modern meetings so that you can easily communicate and collaborate, either in a planned or scheduled meeting. No matter if you are in transit, in a meeting room, at a desk or any other space. The things you need are the right equipment as well as a sufficient connection, i.e. Internet or in case you are in transit at least cell coverage to dialin by phone.
Microsoft and partners offer many certified devices for Microsoft Teams depending on your needs and requirements to get that modern meeting experience for your users. Therefore you can get a glimpse on the “Microsoft Teams enabled devices” page to explore and discover what kind of devices are available and what devices are suited for which meeting space or scenario.
Basically, there you can find
- Headsets | user devices
- Speakerphones | lightweight and compact user/room equipment
- Desk phones | IP phones for users, lobby or other user cases
- Room systems | for collaboration in meeting rooms and spaces
- Conference phones | for conference rooms
- Cameras | for users, rooms and other spaces
Conclusion, opinion and summary
Modern meetings with Microsoft Teams are easy and offer all the above key capabilities which are important to users today. Users get enabled to do more with Teams meetings and make meetings more productive and more fun, too, because client and device capabilities are available and easy to use and access with no frills and unhandy controls or preparation tasks for a Teams meeting. You can just meet, collaborate and focus on what you need to do.
Additional resources
Cisco Live 2020
Cisco Live 2020 is ahead. Cisco Live 2020 takes places in each world region (EMEA, NOAM, LATAM, APAC) and it is for customers, experts and partners. It’s the annual Cisco event to learn, explore and connect all around Ciscos’ products and services. And of course if you are not able to attend onsite you can watch certain live streams or afterwards session recordings.
In 2020 the events takes places at the following cities
- 27.-31.01.2020 Barcelona Spain, EMEA
- 03.-06.03.2020 Melbourne, Australia, APAC
- 31.05.-04.06.2020 Las Vegas, USA, NOAM
- 27.-29.10.2020 Cancun, Mexiko, LATAM
Conclusion, opinion and summary
I’m not going to attend the event but I’ll probably find some time to watch the key notes and some overview sessions regarding communication and collaboration to see what Cisco is planning in this space. Especially, what’s on the road map for 2020 and beyond.
To me, it’s important to observe the communication and collaboration market to stay up-to-date and to know (different) communication and collaboration services’ capabilities. Knowing helps in discussions regarding pros and cons.
Additional Resources
Google Cloud Next ’19 live stream
For market observers, in this post I want to notify about Google Cloud Next. The event begins at April 9th, 2019 in San Francisco. However, you can watch it online at April 9th, 19:00 h (CET) on YouTube. The event is about news all around Google’s cloud services. There are “special” tracks you can stream which are regarding communication and collaboration services with the G Suite. I added the links to these communication and collaboration sessions at the bottom of this post.
Conclusion, opinion and summary
Why do I share this? In my opinion it’s important to observe the communication and collaboration market and always stay up-to-date. To know (different) communication and collaboration services’ capabilities helps in discussions regarding pros and cons plus adds more value to advisory services.
Additional Resources
What’s new in Microsoft Teams for September 2018?
There are a some interesting news regarding Microsoft Teams for this/past month (August/September 2018) which I’d like to sum up and share with you:
- Skype for Business Online and Teams feature-parity is reached based on the official roadmap (pretty nice!)
(Cp. external source: https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-is-now-a-complete-meeting-and-calling-solution/ba-p/236042, roadmap https://skypeandteams.blob.core.windows.net/artefacts/Skype%20for%20Business%20to%20Teams%20Capabilities%20Roadmap.pdf)- Messaging feature-parity (for details see above external links)
- Meetings feature-parity (for details see above external links)
- Calling feature-parity (for details see above external links)
- Replace Skype for Business Online over time with Teams
- You can now choose your mic and speaker (headset) before joining a Microsoft Teams Call/Conf
(Cp. external source: https://www.petri.com/microsoft-fixed-one-annoying-aspects-teams) - Microsoft Teams Launches Canada, Australia and Japan Data Residency
(Cp. external source: https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-Launches-Australia-and-Japan-Data-Residency/ba-p/237827, https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-Launches-Canada-Data-Residency-Australia-and/ba-p/227178) - I’m also looking forward to Microsoft Ignite 2018 to get some Team news and insights …
Enjoy working with Teams and the extended rich feature set.
Get Microsoft Teams for free to enhance your collaboration expierence if you haven’t yet tried
Do you want to try Microsoft Teams? You can now easily get Teams and evaluate some basic communication and collaboration features for up to 300 people. E.g. unlimited chat, search, 10 GB for storing your team data, 2 GB per person, audio/video meetings (P2P, multiparty), Office Online apps, third party apps and of course internal as well as external communication and collaboration.
For more details go and visit the Microsoft Teams Blog Post: https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Introducing-a-free-version-of-Microsoft-Teams/ba-p/214592
