sr. cloud strategist, state & local government · sr. cloud strategist, state & local...
TRANSCRIPT
Microsoft Cloud Overview
Scott SampleSr. Cloud Strategist, State & Local Government
Cloud You Can Trust
CRM Online
Azure
Office 365
Enterprise Mobility Suite
Government Clients that Trust MS Cloud
Respond to customer feedback through agile development
Deliver new features and value Build trust and compliance
Continuous innovation with confidence and control
Continuous release cadenceMinor & major updatesUp-to-date, no patching
Insights to help manage changeDirect to customer communications | Organizational readiness content
Security comes firstEvolving standards
Direct feedbackReal-time informationCommon support issues
uous release cadence
p
rity comes first
g p
db k
SSecurity Best-in-class security with over a decade of experience building Enterprise software & online services
• Physical and data security with access control, encryption and strong authentication• Security best practices like penetration testing, defense-in-depth approach to protect against cyber-threats• Unique customer controls with Rights Management Services to empower customers to protect information
Office 365 TrustBuilt-in capabilities and Customer Controls
Compliance Commitment to industry standards and organizational compliance
• Enable customers to meet global compliance standards in ISO 27001, IRS 1075, HIPAA, FEDRAMP• Contractually commit to privacy, security and handling of customer data through Data Processing
Agreements• Admin Controls like Data Loss Prevention, Legal Hold, E-Discovery to enable organizational compliance
Privacy Privacy by design with a commitment to use customers’ information only to deliver services
• No mining of data for advertising• Transparency with the location of customer data, who has access and under what circumstances, ISO/IEC
27018• Privacy controls to regulate sharing of content and communications with external parties
Large mailboxes
Site mailboxes ***
Rich Outlook inbox experience, including enhanced conversation view and MailTips
Outlook Web App (Internet Explorer, Firefox, Chrome, and Safari support)
Mobile phone access (through EAS)
Apps for Outlook and Outlook Web App
Exchange ActiveSync mobile management policies
Anti-virus and anti-spam (through Exchange Online Protection)
Hosted voice mail (Exchange Unified Messaging)
Retention policies **
In-Place Archive **
Multi-mailbox search
In-Place Hold
Data Loss Prevention (DLP) **
eDiscovery Center ****
●
●
●
●
●
●
●
●
●
●
●
●
●
Advanced
●
●
●
●
●
●
●
●
●
●
●
*** SharePoint Online Plan 1 required for Site Mailboxes**** SharePoint Online Plan 2 required for eDiscovery Center
Exchange Online features
* Includes primary mailbox (50 GB) plus unlimited In-Place Archive** Site Mailboxes, Outlook DLP PolicyTips, and In-Place Archive require Office Professional Plus / ProPlus 2013
Apps
Collaboration
Search
Content Management
Business Intelligence
Business Solutions
App Catalog & MarketplaceTeam SitesWork ManagementOneDrive for BusinessSocial*External sharingBasic SearchStandard Search*Enterprise Search*Content Management Records Management E-discovery, ACM, Compliance*Excel Services, PowerPivot, PowerViewScorecards & DashboardsAccess ServicesVisio ServicesForm Based Applications (InfoPath)*SharePoint 2013 WorkflowBusiness Connectivity Services**
●●
●●
●
●●
●●●●●●●●
●●
●
●
●●●●●●●●●●●●●
●●●●●
Consolidate multiple vendor services and solutions
Single unified client for all conferencing – scheduled & spontaneous
Skype for Business Meetings are accessible to all information workers
Escalate a simple IM or phone call to a Skype for Business Meeting anytime
Initiate Skype for Business Meetings directly from within Outlook, SharePoint and other business apps
Share PowerPoint and Word documents directly from within the apps
Quickly join and contribute from anywhere
Confidently create and lead a meeting
Multiparty HD video conferencing brings life and expression to Skype for Business Meetings
Join Skype for Business Meetings from multiple types of smartphone and tablet form factor devices
Browser-based meeting client for rapid access to scheduled meetings
Joining a Skype for Business Meeting requires only a single click or touch
Skype for Business Features●●
●
●
●●
●
●●●●
●●
●●
●●●●●
●
●●●●●●
●
●●
●
●●●●
Rich Presence, IM (1:1 and multiparty), Office interoperabilitySkype federation for Presence/IM/voicePersistent Group ChatLync to Lync calling (voice and HD video,1:1)Skill Search (requires SharePoint)Content Collaboration (desktop sharing, application, etc.)Multiparty (3+) audio/video/content collaboration (scheduled and ad hoc)Meeting Controls (Organizer, Lobby Experience, Join From)Enhanced in-meeting note takingInteroperability with 3rd party video systemsLync audio conferencingInteroperability with 3rd party audio conferencing providersLync Multi-view VideoPSTN CallingLync PBX Replacement Functionality (Malicious Call Trace, E911, call park)Automated call distribution (unassigned number, attendant console, queuing)Lync Mobile ClientsLync Web App
Deploy Office fast without giving up control
ProPlus
Integrated Social Networking
Groups in Office 365
Shared computer activationFastTrack for Faast aacc oo
Office for Android tablet
Multi-factor Authorization for
Video Federation
Power BI forPPoowwweerr BBII ffoorrOffice Graph and Delve
iPhone & Android phones
Phhoonnee &&Phh &&
New Office for Mac
for Business unlimited storage
Office universal apps
Office for iPad
upgrade
upgrade
Professional Plus 2013
Outlook for iOS and Android
Skype for Business
A Government Cloud You Can Trust
CRM Online Government
Azure Government
Office 365 Government
24
25
The Microsoft Cloud
MicrosoftIntune
200+ cloud services 1+ million servers $15B+ infrastructure investment
1 billion customers 127 countries worldwide
A Cloud You Can Trust
26
At Microsoft, we never take your trust for granted
We collaborate with industry and governments to build trust in the cloud ecosystem.
We are serious about our commitment to protect customers in a cloud first world.
We live by standards and practices designed to earn your confidence.
Strong security protects content and safeguards from hackers and unauthorized access by using state-of-the-industry technology, processes, and certifications
Security
Customers control their content, as well as permissions. They can always access their data, take it with them when they terminate an agreement, and delete it upon request
Privacy & Control
Customers know what is happening with their content. Microsoft explains in clear, plain language how the cloud provider uses, manages, and secures content
Transparency
gCustomers can store and manage their content in compliance with their obligations, applicable laws, regulations, and key international standards
Compliance
The aspirational “north star” that guides the way we do business in the cloud
27
Trusted Cloud Principles
Earning Your Trust
28
A mandatory program that standardizes an approach to security and monitoring of
cloud services.
A series of accounting standards that measure the control of financial information for a service organization. Standards certificates that demonstrate the implementation
internationally recognized controls and standards.
IRS 1075
CJIS
DISA Enterprise Cloud Service Broker (ESCB)
PCI
HIPAA
Secures fingerprints, background checks and other criminal justice information
Confidentiality of federal tax returns and related information
Prevents credit card fraud
Keeps student school records private
Protects health care information
FERPA
Ensures the security of DoD data
SOC1, SOC2, SSAE 16SOC1, SOC2, SSAE 16SOC1, SOC2, SSAE 16FedRAMP ISO 27001: 2013,ISO/IEC 27018:2014
The #1 Government Cloud
29
Transforming government with the Microsoft CloudCitizens except their leaders to be productive, collaborative and responsive.That’s why governmental agencies across the U.S. use our cloud solutions to meet these high expectations, as well as rigorous compliance and security demands to further help protect the public.
More than 3 million government users.
More than 5,000 federal, state and local agencies.
CJIS agreements covering >50% of U.S. population including California,New York and Texas.
More at Microsoft Government CloudMap.
Majority of U.S. Cabinet Agencies including DOJ, USDA, HHS and Commerce.
8 of 10 largest cities including New York, Chicago and Houston.
Explore the collaboration benefits of moving your government organization to the cloud.
More than 3 millionU.S. Government workers use Office 365.
Law enforcement agencies inCalifornia, New York and Texas can easily use Office 365 because it meets the latest Criminal Justice Information Services (CJIS) requirements in those states.
Microsoft is the only VendorThat can offer a complete hybrid cloud platform approach.
629 U.S. federal government agencies and 3,866 state and local government agencies use Microsoft Office 365.
Los Angeles Police Department
3030
“Microsoft has exceeded the LAPD's expectations in this regard by taking on the difficult requirements of the CJIS regulatory regime and meeting them head-on.”
Sanjoy Datta, Information Security Officer
Q&A
Large mailboxes
Site mailboxes ***
Rich Outlook inbox experience, including enhanced conversation view and MailTips
Outlook Web App (Internet Explorer, Firefox, Chrome, and Safari support)
Mobile phone access (through EAS)
Apps for Outlook and Outlook Web App
Exchange ActiveSync mobile management policies
Anti-virus and anti-spam (through Exchange Online Protection)
Hosted voice mail (Exchange Unified Messaging)
Retention policies **
In-Place Archive **
Multi-mailbox search
In-Place Hold
Data Loss Prevention (DLP) **
eDiscovery Center ****
●
●
●
●
●
●
●
●
●
●
●
●
●
Advanced
●
●
●
●
●
●
●
●
●
●
●
*** SharePoint Online Plan 1 required for Site Mailboxes**** SharePoint Online Plan 2 required for eDiscovery Center
Exchange Online features
* Includes primary mailbox (50 GB) plus unlimited In-Place Archive** Site Mailboxes, Outlook DLP PolicyTips, and In-Place Archive require Office Professional Plus / ProPlus 2013
Exchange integration with Outlook and SharePoint helps solve one of email’s oldest pain points: working with attachments
Sharing documents
Receiving and editing documents
Tame email overload with tools that help you focus on what’s important and work more efficiently
Faster, easier search
Inbox enhancements
Extensibility
Manage your email with tools that help you focus on what’s important and work more efficiently
Significantly faster search performance
Outlook and Exchange consistencyMore accurate results More complete results
Get valuable results – informed by youSearch suggestions with fuzzy matchingSearch refiners
Improved HTML rendering One-click archiveCommon typos/suggestionsContact linking improvementsImport contacts from csv Better formatting controls Smarter actions buttonBetter attachment view
Additional enhancements for Outlook on the web
Pin UndoSweepWeather view EmojisSingle line view Inline reply Insert images
Inline previews for URLsInline video playerIntelligent recipient selection and people searchGeneral
enhancements
Tame email overload with tools that help you focus on what’s important and work more efficiently
Accomplish more on the go, with rich Outlook experiences on phones, tablets, desktop, and the Web
Outlook for Windows 10
Outlook for iOS and Android
Outlook 2016
Outlook on the web
Outlook for Mac
Security and compliance
It is estimated over 904 million records were exposed in the first nine months of 2014, including credit card numbers, email addresses, log in credentials, and social security numbers.https://otalliance.org/system/files/files/resource/documents/dpd_2015_guide.pdf
92% of corporations surveyed had lawsuits filed against them in the preceding 12 months.Norton Rose Fulbright Annual Litigation Trends Survey, April 15, 2014
Tame email overload with tools that help you focus on what’s important and work more efficiently
Protect your organization’s data and comply with legal requirements using tools that are integrated and easy to use
Auditing
Data loss prevention
eDiscovery and archiving
Security and compliance features
• Archive mailboxes in Exchange Online• In-Place Hold, Litigation Hold, and In-Place eDiscovery• Inactive mailboxes in Exchange Online• Data loss prevention (DLP)• Exchange auditing reports• Messaging records management (MRM)• Information Rights Management in Exchange Online• Office 365 Message Encryption• S/MIME for message signing and encryption• Journaling• Transport rules
Compliance Center• Administer compliance features across Exchange, SharePoint, and Skype
for Business from one location• Intuitive management of DLP, eDiscovery, legal holds, auditing, and
encryption• Give legal and compliance specialists the right tools with the right
permissions
Archive mailboxes in Exchange Online
With an integrated In-Place Archive, users save time because they can manage their archive in the same way that they manage their mailbox
OutlookOutlook
Web App
Retain folder hierarchy
Retention Policies
Help preserve data granularly and transparentlyPolicies can be centrally managed or user-assignedAutomates data retention and deletion
Policy details are displayed to the end user
Right-click to assign a policy to an item, to a folder, or to all email
In-Place Hold and In-Place eDiscovery
Estimate, preview, and copy search results
Hold and preserve mailbox items without changing them In-Place
eDiscovery and In-Place Hold
Inactive mailboxes
• Address the need to preserve former employees’ email after they leave the organization.
• You can archive former employees’ mailboxes without incurring a monthly subscription cost for the mailbox
New DLP sensitive information types added to Exchange
DLP capabilities extended to include documents in SharePoint
PolicyTips added to Excel and other Office applications
SharePoint and OneDrive searchInitial release Mobile Policy Tips,
Doc. fingerprinting
• TTwo types of audit logging: • Administrator audit logging• Mailbox audit logging – needs to be enabled
• Reports can be exported
• Predefined reports through EAC• non-owner mailbox access report• administrator role group report • per-mailbox litigation hold report• in-place discovery and hold report• admin audit log report• external admin audit log report
iOS & Android AppsInitial Release One Time Passcode
• Similar to the Inbox rules• Take action on messages
while they’re in transit• Contain a richer set of
conditions, exceptions, and actions
• Provides flexibility to implement policies
Conditions
Actions
Exceptions
Office 365 Admin Center
Service health and planned maintenance
Management tools
Role-based access control
Exchange Administration Center (EAC)
Manage mailboxes
Mailbox management
Manage Groups
Group management
Manage migration
Migration management
Migration flow
IMAP
mig
ratio
n
Cuto
ver m
igra
tion
Stag
ed m
igra
tion
2010
hyb
rid20
13 h
ybrid
Exchange Server 5.5Exchange 2000 Server Exchange Server 2003Exchange Server 2007Exchange Server 2010Exchange Server 2013Notes/DominoGroupWiseOther
Additional options are available with tools from migration partners
Summary of migration options
Simpl
e m
igra
tions
Hybr
id
IMAP MigrationSupports a wide range of email platformsEmail only (no Calendar, Contacts, or Tasks)
Cutover Exchange Migration (CEM)Good for fast, cutover migrationsNo migration tool or computer is required on-premises
Staged Exchange Migration (SEM)No migration tool or computer is required on-premisesRequires the DirSync tool with on-premises Active Directory
Hybrid DeploymentYou can manage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding
Q&A
Features
Enterprise Search Office Delve
Experiences
SharePoint Online vs SharePoint Server
Easily access documents and data online without operational overhead or infrastructure investment
Provide everyone on the team with access to critical business information when
and where they need it (through browser or
mobile phone)
Share information with employees, partners, and customers in a way that prioritizes security and
reliability
Why SharePoint Online?
SHARE
COLLEAGUES
PARTNERS CUSTOMERS
What can I do with SharePoint Online?
Simple Collaboration
Office Online
Project Web App
Versioning
Drag and drop upload
Edit, Share, and Follow Documents with a single click
Live document previews
See who documents are shared with
Microsoft Word
Microsoft Excel
PowerPoint
OneNote
Create and Edit documents in the browser with Office Online
Rich workbook editing and viewing in the browser
Office Online allows multiple people to view and edit
documents simultaneously
Changes are highlighted within the document
Use the Project Center in PWA to see and act on all types of task
lists and projects in your portfolio
Stay informed and make better decisions by using the portfolio,
project, and timeline views in PWA See and manage all of the projects in your portfolio in
Project Online
Version control to track and manage changes
Share documents with customers and partners
Single location for email and documents
Team aliases keep communications organized
Create, share, and publish apps for your organization
SharePoint Online is connected to the Office Graph and sharing actions are
reflected in Delve to make it easy to find and discover useful and relevant content
Rich and immersive people experiences powered by the
Office Graph
Organize and discover people and information
Share your expertise with simple, ready-to-go blogs
Use Yammer document conversations inline to collaborate
on documents—ask questions, exchange ideas and find expertise
Follow, Documents, Tags, People, and Sites
Keep up to date with community posts and more…
See preview and popular videos throughout your organization
Organize, create, and discover videos with Channels
Participate in conversations, schedule meetings and events
and store Group files
Discover Groups across your organization
Synchronize online documents in OneDrive for
Business or other SharePoint library with your local device
Quickly get started with offline and data mobility
Browse and create Sites, Files, and more…
Keep up with important discussions online from anywhere
Easily navigate between the newsfeeds that are important to you
Capture and share information that is relevant to several of your peers
Easily get to everything you are following
Interact with your organization’s SharePoint social network
eDiscovery
Identify and Hold sensitive content on demand
Manage existing holds
Secure and protect artifacts as records across the organization
Records Management
Auditing
Rich auditing reports across the site and document lifecycle
Compliance
Unified compliance center for applying compliance policies across Office 365 workloads
Document Policies
Create and manage site and document retention policies
across the organization
Office 365 Trust
Recovery of deleted items
ListsLibrariesList itemsDocumentsWeb Part pagesSite collections
Farm Administrations
SharePoint Online Administration
Service Administration
Quickly see the health status of SharePoint Online within the
Office 365 admin center
Create, manage, and recover site collections
Manage existing site collections: storage, ownership,
and external sharing
Site Collections
User Profiles
Place company-wide sites on everyone’s Personal Site
Adjust user profile properties and the level of user
self-management
Term Store
Upload and manage company-wide sets of terms
Assign Term Store administrators
Create and manage send-to connections for the powerful, rules-based Records Centers
Records Management
SearchManage all aspects of the Search
experience for end users, and improve the relevancy of results according to your content and
metadata
Apps
Monitor app usage and errors, and manage how apps access
SharePoint Online
Manage the Apps Catalog to create a tailored experience for
approved apps and app requests
Enable and configure self-service site creation so users
can create new sub-sites directly from their Personal Site
Enable Information Rights Management (IRM) to help further protect documents stored in SharePoint Online
document libraries
Manage external sharing for external access to sites, and
manage guest links for sharing individual documents, even
anonymously
General Settings
Windows PowerShell
Browser Supported Not supported
Internet Explorer 11 X
Internet Explorer 10 X
Internet Explorer 9 X
Internet Explorer 8 X
Internet Explorer 7 X
Internet Explorer 6 X
Google Chrome (latest released version) X
Mozilla Firefox (latest released version) X
Apple Safari (latest released version) X
Browser Support
Migrate remote users physically distant from On-Premise deployment to Online for better experience
Host certain data in particular locations Online for Compliance or data sovereignty reasons
Advantage of moving to cloud infrastructure ((TCO) where ever possible
Migration to the cloudMigrate at your own pace to the cloud with little or no disruption to existing service
Pilot Online Services with a subset of users
Maintaining a hybrid modelContinue to maintain hybrid model providing services on-premises or online based on the organization needs
Continue to use existing customizations on-premises
Enrich traditional on-premises scenarios with cloud innovation such as Delve, search, data loss prevention, and Extranets
Hybrid Scenarios
Core Identity Scenarios with Office 365Cloud identity
Single identity in the cloud, suitable for small organizations, with no integration with on-premises directories
Cloud identity with directory synchronization
Single identity, suitable for medium and large organizations without federation
Federated identity
Single, federated identity and credentials, suitable for medium and large organizations
Office 365 provides data protection to help prevent the loss of SharePoint Online data. Backups are performed every 12 hours and retained for 14 days Service continuity management
SLA, RPO, and RTO
SharePoint Online is hosted in Microsoft-managed, enterprise-level data centers that are designed to operate highly available online services. Because of this, the Microsoft service-level agreement (SLA) with SharePoint Online subscribers is 99.9% availability
For updated information, see:http://microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=37
SharePoint Online has a recovery point objective (RPO) and a recovery time objective (RTO) for use in the event of a disaster:
12-hour RPO: Microsoft provides a copy of an organization’s SharePoint Online data that is no more than 12 hours old
24-hour RTO: Microsoft provides an RTO to help organizations resume service within 24 hours after a service disruption if a disaster incapacitates the primary data center
Office 365 [http://www.microsoft.com/en-us/office365/enterprise-home.aspx]
Office 365 Trust Center [http://www.microsoft.com/en-us/office365/trust-center.aspx]
Office Frequently Asked Questions[http://www.microsoft.com/office/preview/en/faq]
Office 365 Service Descriptions[http://technet.microsoft.com/en-us/library/jj819284.aspx]
Related Information
Corporate
Complete mobile application management• Securely access corporate information using
Office mobile apps, while preventing company data loss by restricting actions such as copy/cut/paste/save in your managed app ecosystem
• Extend these capabilities to existing line of business apps using the Intune app wrapper
• Enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps
Manage all of your corporate apps and data with Intune’s mobile device and application management solution
Personalal
Managed Browser & Viewer Apps
d
Mobile device management• Deploy certificates, WiFi, VPN, and email profiles
automatically once a device is enrolled for management
• Enable bulk enrollment of task-worker devices to set policies and deploy applications on a large scale
• Provide a self-service Company Portal for users to enroll their own devices and install corporate apps
PC management• Provide lightweight, agentless management from the
cloud• Connect Intune to System Center 2012 R2 Configuration
Manager to manage all of your devices including PCs, Macs, Unix/Linux Servers, and mobile devices from a single management console
• Provide real-time protection against malware threats on managed computers
• Collect information about hardware configurations and software installed on managed computers
• Deploy software based upon policies set by the administrator
User
Devic
e co
nfig
urat
ion Inventory mobile devices that access corporate applications
Remote factory reset (full device wipe)
Mobile device configuration settings (PIN length, PIN required, lock time, etc.)
Self-service password reset (Office 365 cloud only users)
Offic
e 36
5
Provides reporting on devices that do not meet IT policy
Group-based policies and reporting (ability to use groups for targeted device configuration)
Root cert and jailbreak detection
Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe)
Prevent access to corporate email and documents based upon device enrollment and compliance policies
Prem
ium
mob
ile
devic
e &
app
man
agem
ent
Self-service Company Portal for users to enroll their own devices and install corporate apps
Deploy certificates, VPN profiles (including app-specific profiles), and Wi-Fi profiles
Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management)
Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune
Remote device lock via self-service Company Portal and via admin console
PC
man
agem
ent PC management (e.g. inventory, antimalware, patch, policies, etc.)
OS deployment (via System Center ConfigMgr)
PC software management
Single management console for PCs and mobile devices (through integration with System Center ConfigMgr)
Typical EMM stack
Containers
Depends on specific DMZ infrastructure
Works on-premises only
SharePointServer
Exchange Server
Corporate network
Active Directory
Firew
all
Firew
all
DMZ/Perimeternetwork
SDK/wrapper, managed browser, managed viewers
Custom SDK/wrapper enables line-of-business apps to be managed
Mobile applicationmanagement
Custom data container provides mobile productivity apps integrated with content and access systems
Custom email app
Custom file app
Custom collab app
Native device MDMStandard MDM provides device configuration and management
Microsoft’s EMM stack
Standard on-premises integration
SharePointOnline
ExchangeOnline
Cloud integration
Intune App SDK Intune App Wrapping Tool
Extensibility based on Azure AD and Intune Enable business apps to interoperate with Office mobile apps SharePoint
ServerExchange
Server
Corporate network
Active Directory
Firew
all
Firew
all
DMZ/Perimeternetwork
Managed Office productivity and moreOffice 365: Mobile productivity
Azure AD: Access control to Office 365 and SaaS apps
Intune: App restrictions for Office mobile and LOB apps
Azure Rights Management: Information protection at the file layer
Native device MDMIntune: Cross-platform MDM