Microsoft Cloud Overview

Scott SampleSr. Cloud Strategist, State & Local Government

Cloud You Can Trust

CRM Online

Azure

Office 365

Enterprise Mobility Suite

Government Clients that Trust MS Cloud

Respond to customer feedback through agile development

Deliver new features and value Build trust and compliance

Continuous innovation with confidence and control

Continuous release cadenceMinor & major updatesUp-to-date, no patching

Insights to help manage changeDirect to customer communications | Organizational readiness content

Security comes firstEvolving standards

Direct feedbackReal-time informationCommon support issues

uous release cadence

p

rity comes first

g p

db k

SSecurity Best-in-class security with over a decade of experience building Enterprise software & online services

• Physical and data security with access control, encryption and strong authentication• Security best practices like penetration testing, defense-in-depth approach to protect against cyber-threats• Unique customer controls with Rights Management Services to empower customers to protect information

Office 365 TrustBuilt-in capabilities and Customer Controls

Compliance Commitment to industry standards and organizational compliance

• Enable customers to meet global compliance standards in ISO 27001, IRS 1075, HIPAA, FEDRAMP• Contractually commit to privacy, security and handling of customer data through Data Processing

Agreements• Admin Controls like Data Loss Prevention, Legal Hold, E-Discovery to enable organizational compliance

Privacy Privacy by design with a commitment to use customers’ information only to deliver services

• No mining of data for advertising• Transparency with the location of customer data, who has access and under what circumstances, ISO/IEC

27018• Privacy controls to regulate sharing of content and communications with external parties

Large mailboxes

Site mailboxes ***

Rich Outlook inbox experience, including enhanced conversation view and MailTips

Outlook Web App (Internet Explorer, Firefox, Chrome, and Safari support)

Mobile phone access (through EAS)

Apps for Outlook and Outlook Web App

Exchange ActiveSync mobile management policies

Anti-virus and anti-spam (through Exchange Online Protection)

Hosted voice mail (Exchange Unified Messaging)

Retention policies **

In-Place Archive **

Multi-mailbox search

In-Place Hold

Data Loss Prevention (DLP) **

eDiscovery Center ****

●

●

●

●

●

●

●

●

●

●

●

●

●

Advanced

●

●

●

●

●

●

●

●

●

●

●

*** SharePoint Online Plan 1 required for Site Mailboxes**** SharePoint Online Plan 2 required for eDiscovery Center

Exchange Online features

* Includes primary mailbox (50 GB) plus unlimited In-Place Archive** Site Mailboxes, Outlook DLP PolicyTips, and In-Place Archive require Office Professional Plus / ProPlus 2013

Apps

Collaboration

Search

Content Management

Business Intelligence

Business Solutions

App Catalog & MarketplaceTeam SitesWork ManagementOneDrive for BusinessSocial*External sharingBasic SearchStandard Search*Enterprise Search*Content Management Records Management E-discovery, ACM, Compliance*Excel Services, PowerPivot, PowerViewScorecards & DashboardsAccess ServicesVisio ServicesForm Based Applications (InfoPath)*SharePoint 2013 WorkflowBusiness Connectivity Services**

●●

●●

●

●●

●●●●●●●●

●●

●

●

●●●●●●●●●●●●●

●●●●●

Consolidate multiple vendor services and solutions

Single unified client for all conferencing – scheduled & spontaneous

Skype for Business Meetings are accessible to all information workers

Escalate a simple IM or phone call to a Skype for Business Meeting anytime

Initiate Skype for Business Meetings directly from within Outlook, SharePoint and other business apps

Share PowerPoint and Word documents directly from within the apps

Quickly join and contribute from anywhere

Confidently create and lead a meeting

Multiparty HD video conferencing brings life and expression to Skype for Business Meetings

Join Skype for Business Meetings from multiple types of smartphone and tablet form factor devices

Browser-based meeting client for rapid access to scheduled meetings

Joining a Skype for Business Meeting requires only a single click or touch

Skype for Business Features●●

●

●

●●

●

●●●●

●●

●●

●●●●●

●

●●●●●●

●

●●

●

●●●●

Rich Presence, IM (1:1 and multiparty), Office interoperabilitySkype federation for Presence/IM/voicePersistent Group ChatLync to Lync calling (voice and HD video,1:1)Skill Search (requires SharePoint)Content Collaboration (desktop sharing, application, etc.)Multiparty (3+) audio/video/content collaboration (scheduled and ad hoc)Meeting Controls (Organizer, Lobby Experience, Join From)Enhanced in-meeting note takingInteroperability with 3rd party video systemsLync audio conferencingInteroperability with 3rd party audio conferencing providersLync Multi-view VideoPSTN CallingLync PBX Replacement Functionality (Malicious Call Trace, E911, call park)Automated call distribution (unassigned number, attendant console, queuing)Lync Mobile ClientsLync Web App

Deploy Office fast without giving up control

ProPlus

Integrated Social Networking

Groups in Office 365

Shared computer activationFastTrack for Faast aacc oo

Office for Android tablet

Multi-factor Authorization for

Video Federation

Power BI forPPoowwweerr BBII ffoorrOffice Graph and Delve

iPhone & Android phones

Phhoonnee &&Phh &&

New Office for Mac

for Business unlimited storage

Office universal apps

Office for iPad

upgrade

upgrade

Professional Plus 2013

Outlook for iOS and Android

Skype for Business

A Government Cloud You Can Trust

CRM Online Government

Azure Government

Office 365 Government

24

25

The Microsoft Cloud

MicrosoftIntune

200+ cloud services 1+ million servers $15B+ infrastructure investment

1 billion customers 127 countries worldwide

A Cloud You Can Trust

26

At Microsoft, we never take your trust for granted

We collaborate with industry and governments to build trust in the cloud ecosystem.

We are serious about our commitment to protect customers in a cloud first world.

We live by standards and practices designed to earn your confidence.

Strong security protects content and safeguards from hackers and unauthorized access by using state-of-the-industry technology, processes, and certifications

Security

Customers control their content, as well as permissions. They can always access their data, take it with them when they terminate an agreement, and delete it upon request

Privacy & Control

Customers know what is happening with their content. Microsoft explains in clear, plain language how the cloud provider uses, manages, and secures content

Transparency

gCustomers can store and manage their content in compliance with their obligations, applicable laws, regulations, and key international standards

Compliance

The aspirational “north star” that guides the way we do business in the cloud

27

Trusted Cloud Principles

Earning Your Trust

28

A mandatory program that standardizes an approach to security and monitoring of

cloud services.

A series of accounting standards that measure the control of financial information for a service organization. Standards certificates that demonstrate the implementation

internationally recognized controls and standards.

IRS 1075

CJIS

DISA Enterprise Cloud Service Broker (ESCB)

PCI

HIPAA

Secures fingerprints, background checks and other criminal justice information

Confidentiality of federal tax returns and related information

Prevents credit card fraud

Keeps student school records private

Protects health care information

FERPA

Ensures the security of DoD data

SOC1, SOC2, SSAE 16SOC1, SOC2, SSAE 16SOC1, SOC2, SSAE 16FedRAMP ISO 27001: 2013,ISO/IEC 27018:2014

The #1 Government Cloud

29

Transforming government with the Microsoft CloudCitizens except their leaders to be productive, collaborative and responsive.That’s why governmental agencies across the U.S. use our cloud solutions to meet these high expectations, as well as rigorous compliance and security demands to further help protect the public.

More than 3 million government users.

More than 5,000 federal, state and local agencies.

CJIS agreements covering >50% of U.S. population including California,New York and Texas.

More at Microsoft Government CloudMap.

Majority of U.S. Cabinet Agencies including DOJ, USDA, HHS and Commerce.

8 of 10 largest cities including New York, Chicago and Houston.

Explore the collaboration benefits of moving your government organization to the cloud.

More than 3 millionU.S. Government workers use Office 365.

Law enforcement agencies inCalifornia, New York and Texas can easily use Office 365 because it meets the latest Criminal Justice Information Services (CJIS) requirements in those states.

Microsoft is the only VendorThat can offer a complete hybrid cloud platform approach.

629 U.S. federal government agencies and 3,866 state and local government agencies use Microsoft Office 365.

Los Angeles Police Department

3030

“Microsoft has exceeded the LAPD's expectations in this regard by taking on the difficult requirements of the CJIS regulatory regime and meeting them head-on.”

Sanjoy Datta, Information Security Officer

Q&A

Large mailboxes

Site mailboxes ***

Rich Outlook inbox experience, including enhanced conversation view and MailTips

Outlook Web App (Internet Explorer, Firefox, Chrome, and Safari support)

Mobile phone access (through EAS)

Apps for Outlook and Outlook Web App

Exchange ActiveSync mobile management policies

Anti-virus and anti-spam (through Exchange Online Protection)

Hosted voice mail (Exchange Unified Messaging)

Retention policies **

In-Place Archive **

Multi-mailbox search

In-Place Hold

Data Loss Prevention (DLP) **

eDiscovery Center ****

●

●

●

●

●

●

●

●

●

●

●

●

●

Advanced

●

●

●

●

●

●

●

●

●

●

●

*** SharePoint Online Plan 1 required for Site Mailboxes**** SharePoint Online Plan 2 required for eDiscovery Center

Exchange Online features

* Includes primary mailbox (50 GB) plus unlimited In-Place Archive** Site Mailboxes, Outlook DLP PolicyTips, and In-Place Archive require Office Professional Plus / ProPlus 2013

Exchange integration with Outlook and SharePoint helps solve one of email’s oldest pain points: working with attachments

Sharing documents

Receiving and editing documents

Tame email overload with tools that help you focus on what’s important and work more efficiently

Faster, easier search

Inbox enhancements

Extensibility

Manage your email with tools that help you focus on what’s important and work more efficiently

Significantly faster search performance

Outlook and Exchange consistencyMore accurate results More complete results

Get valuable results – informed by youSearch suggestions with fuzzy matchingSearch refiners

Improved HTML rendering One-click archiveCommon typos/suggestionsContact linking improvementsImport contacts from csv Better formatting controls Smarter actions buttonBetter attachment view

Additional enhancements for Outlook on the web

Pin UndoSweepWeather view EmojisSingle line view Inline reply Insert images

Inline previews for URLsInline video playerIntelligent recipient selection and people searchGeneral

enhancements

Tame email overload with tools that help you focus on what’s important and work more efficiently

Accomplish more on the go, with rich Outlook experiences on phones, tablets, desktop, and the Web

Outlook for Windows 10

Outlook for iOS and Android

Outlook 2016

Outlook on the web

Outlook for Mac

Security and compliance

It is estimated over 904 million records were exposed in the first nine months of 2014, including credit card numbers, email addresses, log in credentials, and social security numbers.https://otalliance.org/system/files/files/resource/documents/dpd_2015_guide.pdf

92% of corporations surveyed had lawsuits filed against them in the preceding 12 months.Norton Rose Fulbright Annual Litigation Trends Survey, April 15, 2014

Tame email overload with tools that help you focus on what’s important and work more efficiently

Protect your organization’s data and comply with legal requirements using tools that are integrated and easy to use

Auditing

Data loss prevention

eDiscovery and archiving

Security and compliance features

• Archive mailboxes in Exchange Online• In-Place Hold, Litigation Hold, and In-Place eDiscovery• Inactive mailboxes in Exchange Online• Data loss prevention (DLP)• Exchange auditing reports• Messaging records management (MRM)• Information Rights Management in Exchange Online• Office 365 Message Encryption• S/MIME for message signing and encryption• Journaling• Transport rules

Compliance Center• Administer compliance features across Exchange, SharePoint, and Skype

for Business from one location• Intuitive management of DLP, eDiscovery, legal holds, auditing, and

encryption• Give legal and compliance specialists the right tools with the right

permissions

Archive mailboxes in Exchange Online

With an integrated In-Place Archive, users save time because they can manage their archive in the same way that they manage their mailbox

OutlookOutlook

Web App

Retain folder hierarchy

Retention Policies

Help preserve data granularly and transparentlyPolicies can be centrally managed or user-assignedAutomates data retention and deletion

Policy details are displayed to the end user

Right-click to assign a policy to an item, to a folder, or to all email

In-Place Hold and In-Place eDiscovery

Estimate, preview, and copy search results

Hold and preserve mailbox items without changing them In-Place

eDiscovery and In-Place Hold

Inactive mailboxes

• Address the need to preserve former employees’ email after they leave the organization.

• You can archive former employees’ mailboxes without incurring a monthly subscription cost for the mailbox

New DLP sensitive information types added to Exchange

DLP capabilities extended to include documents in SharePoint

PolicyTips added to Excel and other Office applications

SharePoint and OneDrive searchInitial release Mobile Policy Tips,

Doc. fingerprinting

• TTwo types of audit logging: • Administrator audit logging• Mailbox audit logging – needs to be enabled

• Reports can be exported

• Predefined reports through EAC• non-owner mailbox access report• administrator role group report • per-mailbox litigation hold report• in-place discovery and hold report• admin audit log report• external admin audit log report

iOS & Android AppsInitial Release One Time Passcode

• Similar to the Inbox rules• Take action on messages

while they’re in transit• Contain a richer set of

conditions, exceptions, and actions

• Provides flexibility to implement policies

Conditions

Actions

Exceptions

Office 365 Admin Center

Service health and planned maintenance

Management tools

Role-based access control

Exchange Administration Center (EAC)

Manage mailboxes

Mailbox management

Manage Groups

Group management

Manage migration

Migration management

Migration flow

IMAP

mig

ratio

n

Cuto

ver m

igra

tion

Stag

ed m

igra

tion

2010

hyb

rid20

13 h

ybrid

Exchange Server 5.5Exchange 2000 Server Exchange Server 2003Exchange Server 2007Exchange Server 2010Exchange Server 2013Notes/DominoGroupWiseOther

Additional options are available with tools from migration partners

Summary of migration options

Simpl

e m

igra

tions

Hybr

id

IMAP MigrationSupports a wide range of email platformsEmail only (no Calendar, Contacts, or Tasks)

Cutover Exchange Migration (CEM)Good for fast, cutover migrationsNo migration tool or computer is required on-premises

Staged Exchange Migration (SEM)No migration tool or computer is required on-premisesRequires the DirSync tool with on-premises Active Directory

Hybrid DeploymentYou can manage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding

Q&A

What is SharePoint Online?

Mobile Simple Secure

Features

Enterprise Search Office Delve

Experiences

SharePoint Online vs SharePoint Server

Easily access documents and data online without operational overhead or infrastructure investment

Provide everyone on the team with access to critical business information when

and where they need it (through browser or

mobile phone)

Share information with employees, partners, and customers in a way that prioritizes security and

reliability

Why SharePoint Online?

SHARE

COLLEAGUES

PARTNERS CUSTOMERS

What can I do with SharePoint Online?

Simple Collaboration

Office Online

Project Web App

Versioning

Drag and drop upload

Edit, Share, and Follow Documents with a single click

Live document previews

See who documents are shared with

Microsoft Word

Microsoft Excel

PowerPoint

OneNote

Create and Edit documents in the browser with Office Online

Rich workbook editing and viewing in the browser

Office Online allows multiple people to view and edit

documents simultaneously

Changes are highlighted within the document

Use the Project Center in PWA to see and act on all types of task

lists and projects in your portfolio

Stay informed and make better decisions by using the portfolio,

project, and timeline views in PWA See and manage all of the projects in your portfolio in

Project Online

Version control to track and manage changes

Share documents with customers and partners

Single location for email and documents

Team aliases keep communications organized

Create, share, and publish apps for your organization

SharePoint Online is connected to the Office Graph and sharing actions are

reflected in Delve to make it easy to find and discover useful and relevant content

Rich and immersive people experiences powered by the

Office Graph

Organize and discover people and information

Share your expertise with simple, ready-to-go blogs

Use Yammer document conversations inline to collaborate

on documents—ask questions, exchange ideas and find expertise

Follow, Documents, Tags, People, and Sites

Keep up to date with community posts and more…

See preview and popular videos throughout your organization

Organize, create, and discover videos with Channels

Participate in conversations, schedule meetings and events

and store Group files

Discover Groups across your organization

Synchronize online documents in OneDrive for

Business or other SharePoint library with your local device

Quickly get started with offline and data mobility

Browse and create Sites, Files, and more…

Keep up with important discussions online from anywhere

Easily navigate between the newsfeeds that are important to you

Capture and share information that is relevant to several of your peers

Easily get to everything you are following

Interact with your organization’s SharePoint social network

eDiscovery

Identify and Hold sensitive content on demand

Manage existing holds

Secure and protect artifacts as records across the organization

Records Management

Auditing

Rich auditing reports across the site and document lifecycle

Compliance

Unified compliance center for applying compliance policies across Office 365 workloads

Document Policies

Create and manage site and document retention policies

across the organization

Office 365 Trust

Recovery of deleted items

ListsLibrariesList itemsDocumentsWeb Part pagesSite collections

Farm Administrations

SharePoint Online Administration

Service Administration

Quickly see the health status of SharePoint Online within the

Office 365 admin center

Create, manage, and recover site collections

Manage existing site collections: storage, ownership,

and external sharing

Site Collections

User Profiles

Place company-wide sites on everyone’s Personal Site

Adjust user profile properties and the level of user

self-management

Term Store

Upload and manage company-wide sets of terms

Assign Term Store administrators

Create and manage send-to connections for the powerful, rules-based Records Centers

Records Management

SearchManage all aspects of the Search

experience for end users, and improve the relevancy of results according to your content and

metadata

Apps

Monitor app usage and errors, and manage how apps access

SharePoint Online

Manage the Apps Catalog to create a tailored experience for

approved apps and app requests

Enable and configure self-service site creation so users

can create new sub-sites directly from their Personal Site

Enable Information Rights Management (IRM) to help further protect documents stored in SharePoint Online

document libraries

Manage external sharing for external access to sites, and

manage guest links for sharing individual documents, even

anonymously

General Settings

Windows PowerShell

Browser Supported Not supported

Internet Explorer 11 X

Internet Explorer 10 X

Internet Explorer 9 X

Internet Explorer 8 X

Internet Explorer 7 X

Internet Explorer 6 X

Google Chrome (latest released version) X

Mozilla Firefox (latest released version) X

Apple Safari (latest released version) X

Browser Support

Migrate remote users physically distant from On-Premise deployment to Online for better experience

Host certain data in particular locations Online for Compliance or data sovereignty reasons

Advantage of moving to cloud infrastructure ((TCO) where ever possible

Migration to the cloudMigrate at your own pace to the cloud with little or no disruption to existing service

Pilot Online Services with a subset of users

Maintaining a hybrid modelContinue to maintain hybrid model providing services on-premises or online based on the organization needs

Continue to use existing customizations on-premises

Enrich traditional on-premises scenarios with cloud innovation such as Delve, search, data loss prevention, and Extranets

Hybrid Scenarios

Core Identity Scenarios with Office 365Cloud identity

Single identity in the cloud, suitable for small organizations, with no integration with on-premises directories

Cloud identity with directory synchronization

Single identity, suitable for medium and large organizations without federation

Federated identity

Single, federated identity and credentials, suitable for medium and large organizations

Office 365 provides data protection to help prevent the loss of SharePoint Online data. Backups are performed every 12 hours and retained for 14 days Service continuity management

SLA, RPO, and RTO

SharePoint Online is hosted in Microsoft-managed, enterprise-level data centers that are designed to operate highly available online services. Because of this, the Microsoft service-level agreement (SLA) with SharePoint Online subscribers is 99.9% availability

For updated information, see:http://microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=37

SharePoint Online has a recovery point objective (RPO) and a recovery time objective (RTO) for use in the event of a disaster:

12-hour RPO: Microsoft provides a copy of an organization’s SharePoint Online data that is no more than 12 hours old

24-hour RTO: Microsoft provides an RTO to help organizations resume service within 24 hours after a service disruption if a disaster incapacitates the primary data center

Office 365 [http://www.microsoft.com/en-us/office365/enterprise-home.aspx]

Office 365 Trust Center [http://www.microsoft.com/en-us/office365/trust-center.aspx]

Office Frequently Asked Questions[http://www.microsoft.com/office/preview/en/faq]

Office 365 Service Descriptions[http://technet.microsoft.com/en-us/library/jj819284.aspx]

Related Information

Corporate

Complete mobile application management• Securely access corporate information using

Office mobile apps, while preventing company data loss by restricting actions such as copy/cut/paste/save in your managed app ecosystem

• Extend these capabilities to existing line of business apps using the Intune app wrapper

• Enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps

Manage all of your corporate apps and data with Intune’s mobile device and application management solution

Personalal

Managed Browser & Viewer Apps

d

Mobile device management• Deploy certificates, WiFi, VPN, and email profiles

automatically once a device is enrolled for management

• Enable bulk enrollment of task-worker devices to set policies and deploy applications on a large scale

• Provide a self-service Company Portal for users to enroll their own devices and install corporate apps

PC management• Provide lightweight, agentless management from the

cloud• Connect Intune to System Center 2012 R2 Configuration

Manager to manage all of your devices including PCs, Macs, Unix/Linux Servers, and mobile devices from a single management console

• Provide real-time protection against malware threats on managed computers

• Collect information about hardware configurations and software installed on managed computers

• Deploy software based upon policies set by the administrator

User

Devic

e co

nfig

urat

ion Inventory mobile devices that access corporate applications

Remote factory reset (full device wipe)

Mobile device configuration settings (PIN length, PIN required, lock time, etc.)

Self-service password reset (Office 365 cloud only users)

Offic

e 36

5

Provides reporting on devices that do not meet IT policy

Group-based policies and reporting (ability to use groups for targeted device configuration)

Root cert and jailbreak detection

Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe)

Prevent access to corporate email and documents based upon device enrollment and compliance policies

Prem

ium

mob

ile

devic

e &

app

man

agem

ent

Self-service Company Portal for users to enroll their own devices and install corporate apps

Deploy certificates, VPN profiles (including app-specific profiles), and Wi-Fi profiles

Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management)

Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune

Remote device lock via self-service Company Portal and via admin console

PC

man

agem

ent PC management (e.g. inventory, antimalware, patch, policies, etc.)

OS deployment (via System Center ConfigMgr)

PC software management

Single management console for PCs and mobile devices (through integration with System Center ConfigMgr)

Typical EMM stack

Containers

Depends on specific DMZ infrastructure

Works on-premises only

SharePointServer

Exchange Server

Corporate network

Active Directory

Firew

all

Firew

all

DMZ/Perimeternetwork

SDK/wrapper, managed browser, managed viewers

Custom SDK/wrapper enables line-of-business apps to be managed

Mobile applicationmanagement

Custom data container provides mobile productivity apps integrated with content and access systems

Custom email app

Custom file app

Custom collab app

Native device MDMStandard MDM provides device configuration and management

Microsoft’s EMM stack

Standard on-premises integration

SharePointOnline

ExchangeOnline

Cloud integration

Intune App SDK Intune App Wrapping Tool

Extensibility based on Azure AD and Intune Enable business apps to interoperate with Office mobile apps SharePoint

ServerExchange

Server

Corporate network

Active Directory

Firew

all

Firew

all

DMZ/Perimeternetwork

Managed Office productivity and moreOffice 365: Mobile productivity

Azure AD: Access control to Office 365 and SaaS apps

Intune: App restrictions for Office mobile and LOB apps

Azure Rights Management: Information protection at the file layer

Native device MDMIntune: Cross-platform MDM

ITUser

Protect corporate data accessed from devices

On-premises

Protect corporate data stored on devices

Conditional access policies

IP Range

Device State

Advanced Windows 10 options

User Group

Conditional access with EMS

User

On-premises

Cloud

Corporate apps