unlock the full potential of your office 365...

Thomas CollierPreSales Consultant

Unlock the full potential of your Office 365 subscription

Office 356 LicensesStandalone Plans Business Essentials Business Premium Enterprise E1 Enterprise E3 Enterprise E5 Secure Productive

Enterprise E3Secure ProductiveEnterprise E5

Exchange Online Plan 1

Exchange Online Plan 2

SharePoint Online Plan 1

SharePoint Online Plan 2

Skype for Business Plan 1

Skype for Business Plan 2

OneDrive for Bus. Plan 1

OneDrive for Bus. Plan 2

Yammer Enterprise

Windows 10 E3

Windows 10 E5

Security + Mobility E3

Security + Mobility E5

Data Recovery inExchange Online

Data Recovery in Exchange Online

Single Item Recovery

• Enabled by default• Allows recovery (Default

14 -days)• Can be increased to 30

days

“Set-Mailbox <Alias> -RetainDeletedItemsFor 30”


In-Place eDiscovery

• Can be query based • Granular Hold• Multiple holds over a

mailbox.• Can be held indefinitely

or time based• Quota limit 100Gb applies

to all recoverable items• Includes archive/public

folders

New-MailboxSearch “Name"-SourceMailboxes "[email protected]" -InPlaceHoldEnabled $true

In-Place Hold

• Applies to all items• Complete Hold• Applied once and then

forward• Can be held indefinitely

or time based• Quota limit 100Gb applies

to all recoverable items• Includes archive/public

folders

Set-Mailbox <Identity> -LitigationHoldEnabled$True


DeletionsThis subfolder contains all items deleted from the Deleted Items folder. This subfolder contains Single Item Recovery deletions.VersionsIf In-Place Hold or Litigation Hold is enabled contains original and modified copies of the deleted items. PurgesIf either Litigation Hold or single item recovery is enabled, this subfolder contains all items that are purged. AuditsIf mailbox audit logging is enabled for a mailbox, this subfolder contains the audit log entries. DiscoveryHoldsContains all items that meet the hold query parameters and are purged.Calendar LoggingThis subfolder contains calendar changes that occur within a mailbox.


Inactive Mailbox

• Retain Mailbox Data even when a user/mailbox is deleted.• No license consumption• All Mailboxes can be retained and are exportable/searchable through eDiscovery

• Data can be merged to a new mailbox or existing one or attached to user without mailbox.• Conditions are:

• Litigation Hold or In-place hold enabled• MSOL object to be deleted

• Online Archive as well• Mailboxes are inactive until:

• Hold duration is reached• Hold is manually removed• MSOL Object is restored

Multi Factor Authentication


Something you know

(eg. Password)

Something you have – a phone,

credit card or hardware token

Something you are – a

fingerprint, biometric …


• Not all apps are Modern Authentication ready.Multi-Factor Authentication

• Creates random generated 16 characters passwords


• Not all apps are Modern Authentication ready.Multi-Factor Authentication

• Creates random generated 16 characters passwords

MFA for Office 365/Azure Administrators

Azure Multi-Factor Authentication

Administrators can enable/enforce MFA to end users Yes Yes

Use mobile app (online and OTP) as second authentication factor Yes Yes

Use phone call as second authentication factor Yes Yes

Use SMS as second authentication factor Yes Yes

Application passwords for non-browser clients (e.g., Outlook, Lync) Yes Yes

Default Microsoft greetings during authentication phone calls Yes Yes

Suspend MFA from known devices Yes Yes

Custom greetings during authentication phone calls Yes

Fraud alert Yes

MFA SDK Yes

Security reports Yes

MFA for on-premises applications/ MFA server Yes

One-time bypass Yes

Block/Unblock users Yes

Customizable caller ID for authentication phone calls Yes

Event confirmation Yes

Trusted IPs Yes

Data Loss Prevention

Azure RMS


Exchange Online

• Policy Tips in OWA and Mobile OWA

• Deep content analysis engine

• Advanced Document Fingerprinting in Exchange, Outlook, and OWA

• 46 OOB sensitive information types and 40 OOB DLP Templates

• Enhanced reporting interface and extended retention for detailed reports

SharePoint / OneDrive

• Search for sensitive data across SharePoint and OneDrive

• Deep integration with content processing pipeline

• All 51 OOB sensitive types analyzed

• Identification and policy application for sensitive content based on organization policy

Azure RMS


Azure Rights Management

The perimeter is moving…

Mobile workforces, BYOD, personal apps, etc.

We need data to be born encrypted and to maintain a

persistent protection

Encryption peering is not practical or scalable

There has to be a better way

Data privacy is importantand is often mandated

With GDPR, you want to know what happens with your data

Azure RMS



Policy

Unprotectedcontent

Policy is applied, whichcontains usage rights

and content key is applied to the document

Content is protected by an

unique encryptionkey per tenant.

Document can onlybe decrypted by an

authorized user

Rights Management

Authentication andauthorization

Content key andrights

Content of the document does not move to Azure RMS, only the policy, authenticationand authorization rules are stored.


Native Protection

Genericallyprotected

• Apps with build-in protection. – Enlightend Apps• Word, Excel, PowerPoint, Text, Images and PDF.• 3rd Party apps that use the Azure RMS API

• Files are fully encrypted and can be accessed within their native app• Usage rights and policies are fully enforced.

• Encapsulate genereric files using the .pfile• Authentication is needed to “unwrap” the protected file.• Content itself is not protected, only when encapsulated.• Usage rights are not enforced (Do-not-print, Do-not-forward, etc)

Azure Rights ManagementFeature RMS for

Office 365Azure InformationProtection P1

Azure InformationProtection P2

Manual document classification and consumption of classified documents Yes Yes

Automated data classification and administrative support for automated rule sets YesHold Your Own Key (HYOK) that spans Azure RMS and Active Directory RMS for highly regulated scenarios

YesProtection for Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business content

Yes Yes Yes

Bring Your Own Key (BYOK) for customer-managed key provisioning life cycle2 Yes Yes Yes

Custom templates, including departmental templates Yes Yes YesProtection for on-premises Exchange and SharePoint content via Rights Management Services (RMS) connector

Yes Yes Yes

RMS software developer kit for all platforms: Windows, Windows Mobile, iOS, Mac OSX, and Android Yes Yes YesRMS connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector

Yes Yes

Document tracking and revocation Yes Yes

Protection for non-Microsoft Office file formats, including PTXT, PJPG, and PFILE (generic protection) Yes Yes Yes

RMS content consumption by using work or school accounts from RMS policy-aware apps and services Yes Yes Yes

RMS content creation by using work or school accounts Yes Yes Yes

Office 365 Message Encryption (OME) Yes Yes Yes

Administrative control Yes Yes Yes

Office 365 Message Encryption


Admin

• Simple configuration• Create simple Transport

Rules• Portal and messages can be

branded with Company Name & Logo

• Allows for Enterprise content inspection and compliance

Sender

• Send encrypted messages to any SMTP address

• Integr• Clientless architecture

Recipient

• Notification by e-mail of Secure Message

• Content is not stored on the recipient side.

• Encryption portal has rich OWA controls for viewing and composing messages

• Replies from the portal are also encrypted


Send e-mail Message

Interception by Transport

Rule

Encryption is applied

Server-Side

HTML Notification is

delivered

Link to Encryption

Portal

User edit in OWA-Like

style

Reply is decrypted by

system

Sender (Office 365 User) Sender (Office 365 User)


PowerShell

New-TransportRule –Name EncryptRule <Condition for which to apply encryption> -ApplyOME $true

New-TransportRule –Name DecryptRule <Condition for which to remove encryption> -RemoveOME $true


Plan Requires Price

Office 365 E3, E5 Included Included

Office 365 SPE E3, E5 Included Included

Enterprise Mobility E3, E5 Included Included

Exchange Online Plan 1, Plan 2 or Kiosk Azure RMS Option 2€

SharePoint Online Plan 1, Plan 2 Azure RMS Option 2€

Office 365 Business Essential, Premium Azure RMS Option 2€

Exchange OnPremise Azure RMS Option 2€

And more and more and more and more and more and

more and more and more and more and more and






more and more and more

Office 356 FeaturesFeature Business Essentials Business Premium Enterprise E1 Enterprise E3 Enterprise E5 Secure Productive

Enterprise E3Secure ProductiveEnterprise E5

Microsoft Bookings

Microsoft Flow

Microsoft Forms

Microsoft Graph API

Microsoft MyAnalytics

Microsoft Planner

Microsoft PowerApps

Microsoft Staffhub

Microsoft Teams

Office Delve

Office 365 Groups

Office 365 Video

Sway

Advanced e-Discovery

Cloud PBX

Microsoft To-Do Preview

To-Do Preview

• Task list with adaptive My Day pane.

• Delivered through web & mobile apps

• Synced with Task from Outlook, Office 365 and Hotmail

• Import from Wunderlist and ToDoIst(https://import.todo.microsoft.com/)

Microsoft Bookings

Microsoft Bookings

• Customer Booking platform for the SMB

• Integration with Facebook and web.

• Complete branding possible.

• Add your services to the bookings page.

• Centralized console with overview of all bookings

Microsoft Planner

Microsoft Planner

• When tasks are not enough, but MS Project is overkill

• Certified (ISO, HIPAA, EU-US, Model Clause, etc.)

• Integrated with Office 365 and Office 365 Groups.

• Roadmap: External User Access

Microsoft Staffhub

Microsoft Staffhub

• Schedule shifts for employees.

• Create, update and maintain shift schedules

• Mobile Apps with push notifications.

• Users can switch shifts, request leave

• Export data for HR integration.

• Share documents

Microsoft Flow

Microsoft Flow

• Automation application • Create a flow based on an

event within an app.• Powered by LogicApps• 3rd Party apps are included

with Custom API’s• +100 Templates for use in

a flow

Secure Score

What else is new?

Updates to Office 365 Pro Plus

Old Name New Name Frequency

Current Channel Monthly Channel Early Adopters

First Release for Deferred Channel

Semi-Annual Channel Pilot Users

Deferred Channel Semi-Annual Channel Broad

Type Valid for Valid for

Semi-Annual (Pilot) 4 Month18 Months of Support

AvailableSemi-Annual (Broad) 14 Month

Outlook Customer Manager

Outlook Customer Manager

• Light CRM application for Small Business

• Integrated in Office 365 and Outlook

• Track open opportunities and follow-up

• Mobile App

Updates to K1 Plans

Used to include

Exchange Online (2GB)

SharePoint Online

Yammer Enterprise

Added services

Microsoft Staffhub

OneDrive for Business (2GB)

Skype for Business Presence and IM

Microsoft Teams

Office 365 Video

Microsoft Flow

Microsoft PowerApp

And many more…

Office 365 Video

Office 365 Stream

Office 365Delve

Office 365 MyAnalytics

Office 365 Groups

Office 365 Teams

Microsoft Forms

Microsoft PowerApps

Microsoft PowerBI

unlock the full potential of your office 365...

Documents