close

Office 365

Office 365

Better Spam Filtering with Exchange Online Mail Flow Rules

Oracle-Patch-Updates

One of the layers of processing in Exchange Online Protection is mail flow rules. You might know these from their previous name in Exchange Server, which was transport rules.

The layered defences of Exchange Online Protection
The layered defences of Exchange Online Protection

The name transport rules aligned with the naming of the Hub Transport server role, first introduced in Exchange 2007. In the latest versions of Exchange, that role no longer exists. The Mailbox server role now provides that functionality. Transport rules and mail flow rules  the same thing. The capabilities of the rules have improved a lot since those early days in Exchange 2007. And calling them mail flow rules makes more sense to some people because “mail flow” is an easy concept to understand. The name “transport” is a little bit vague and wouldn’t make sense to someone who hasn’t worked with those older versions of Exchange.

Mail flow rules can provide a wide range of policy enforcement outcomes. They can also fight spam and other unwanted types of email.

Now, some of you might be asking, should we need to fight spam by creating mail flow rules in Exchange Online? Doesn’t that seem a bit old school? Especially when there are complex antispam algorithms running behind the scenes in Exchange Online Protection?

Office 365 sent and received mail report
Office 365 sent and received mail report

That’s a fair question. And yes, it does go back to the good old days of spam fighting where a lot of spam was blocked with very simple keyword-based rules. That was before antispam products evolved to include more intelligent detection. But even the most intelligent spam filters still miss things. And we need to use every tool at our disposal to tailor our antispam protection to suit our organization.

Sometimes that means creating mail flow rules to do things like:

  • Allowing or blocking specific IP addresses, domain names, and email addresses.
  • Blocking specific keywords, whether that’s to detect text in the message or even a URL that the message might contain.
  • Tagging all email that is inbound from external senders that contains suspicious keywords.

Mail flow rules are also effective against fresh, new attacks and campaigns. Sometimes you need a quick solution while you wait for EOP to start detecting a new attack.

Yes, EOP should prevent most attack scenarios for you. But security is all about mitigating risks using all reasonable means at our disposal.

Here’s an example. Consider a sales contact form running on a company website. The company website is hosted on shared hosting server, provided by a web hosting company. The sales team wants to ensure that no contact form emails are filtered by Exchange Online Protection. Weakening the entire organization’s protection is not a good solution. Instead, one option to achieve this is to add the web server IP address to the IP allow list in your EOP connection filter policy. This will prevent the connection filter from blocking the email.

Bypassing connection filtering in Exchange Online Protection
Bypassing connection filtering in Exchange Online Protection

However, by using the IP allow list you are allowing all email from that web server’s IP address to bypass your spam filters. In effect, you’re trusting the web hosting company to prevent other customers who are also on the shared hosting server from spamming or phishing your users. It’s unlikely that the web hosting company will be able to prevent that. Furthermore, any insecurity in the web form itself could lead to abuse.

So, to enhance your protection without opening yourself up to a new risk, you can use a mail flow rule instead. The mail flow rule is configured to ensure that mail from the web server is still subject to spam filtering if it doesn’t have the specific characteristics of the sales contact form emails. To achieve this, create a mail flow rule such as the following:

Bypassing spam filtering with an Exchange Online mail flow rule
Bypassing spam filtering with an Exchange Online mail flow rule

Mail flow rules can also be used to combat malicious emails. A lot of phishing attacks rely on impersonation of popular services like Amazon, Dropbox, Docusign, banks, and even Office 365. These attacks can be difficult for even a human to spot, so it’s no surprise that they sometimes slip past Exchange Online Protection’s defences.

However, you can mitigate these risks by using mail flow rules with regex filters to detect likely phishing attempts. You can then either quarantine them, send them to junk folders, or modify them in some way to alert the user that the mail is suspicious. Popular Twitter personality @SwiftOnSecurity has helpfully shared a series of regex patterns and other text strings in this GitHub repository.

@SwiftOnSecurity phishing regex patterns

You should use caution when applying these patterns in your mail flow rules. I don’t recommend setting up rules to immediately delete or block the mail until you have an understanding of what is being detected. Using non-destructive actions such as prepending the subject line, or raising the SCL so the message is delivered to junk mail, are reasonable approaches. Another good approach is to configure the rules to send incident notifications, or add a BCC recipient for a shared mailbox so you can review the messages that are triggering the rule. @SwiftOnSecurity has another repository with details of mail flow rules that you can use as well.

@SwiftOnSecurity example mail flow rule
read more
Office 365

Managing Change in Office 365

download

Keeping up with all the changes in Office 365 is practically a full time job. It’s neither simple nor easy, and has created quite a lot of “change fatigue” amongst the IT pro community. Even the people in the community who try to catch and share all the changes going on get fatigued. It’s hard to sustain the effort.

I originally wrote this blog post in January of 2017. But I recently answered a question elsewhere about how to stay up to date and manage all the changes occurring in Office 365 and other cloud services such as Azure Active Directory. Some of the answers I gave to the person who asked were not covered in my original blog post here, so I’ve now updated it with the new information.

Dealing with Change in the Cloud/SaaS World

In a traditional IT model, before cloud services came along, change control was something that many organizations relied on quite heavily. Any change to IT systems that could impact end users, whether it was regular maintenance or the roll out of a new product or feature, went through a rigorous process involving many stakeholders, project managers, change managers, and communications people. Nothing happened without a high level of scrutiny and a carefully worded email communication to the user population.

Then the cloud arrived, and organizations embraced services like Office 365 for a variety of reasons. Migration projects got underway, and stakeholders rejoiced at the cost savings, or simpler administration, or better security, or whatever benefits they sought from their adoption of cloud services.

Then one day, users get an email like this.

Or instead of a MyAnalytics email, a Clutter folder appears in mailboxes and messages are delivered there instead of the inbox. Or the UI for the OneDrive sharing experience changes.

For organizations that are used to that strict change control process, the reaction is often…

We didn’t approve this!

Change control certainly has value. An email like the MyAnalytics notification above can create a burden for support staff, particularly the help desk staff at the front line of most IT support hierarchies. What is this email? Is it legitimate? Do I need to do anything? Can my boss spy on me? I don’t want this! How do I turn it off?

The Challenges of Managing Change in Office 365

With everything going on in Office 365 and other Microsoft cloud services there are a few challenges that we face as IT pros and customers:

  • Staying aware of the changes
  • Dealing with the sheer volume of changes
  • The minimal (or complete lack of) control over when changes occur

I’ll go through each of those challenges and provide some advice for how to address them.

Staying Aware of Office 365 Changes

Microsoft does have some history with rolling out changes without notification, such as the change to Exchange Online license removal behavior, or throwing up a new Office 365/Azure sign-in experience to users with zero prior notice to customers. But for the most part, change is communicated well and customers are provided with controls to manage those changes. The MyAnalytics notification above, as an example, was:

  • Included on the Office 365 roadmap
  • Communicated for my specific tenant through the Office 365 Message Center

So, I don’t have any real excuse for not knowing about that change. But that doesn’t mean it’s not still a challenge dealing with it.

Message Center is the primary channel for Microsoft to communicate changes that are relevant for your specific Office 365 tenant. Visiting the portal on a daily basis is not a habit of mine though, and many other admins say the same thing. Message Center now has a weekly email digest if you prefer to have updates sent to your inbox.

The Office 365 roadmap is a difficult tool to use for tracking changes. There’s no native functionality in the roadmap to keep you alerted as items move from “development”, to “rolling out”, to “launched”. However the unofficial roadmap watch website has an RSS feed you can subscribe to and be alerted to any change in roadmap item status. There is also the Office 365 weekly blog, which is run by a Microsoft employee. That blog is official in the sense that a Microsoft employee is posting to it, but if that person changes roles or leaves the company it will probably go away.

The Office 365 roadmap doesn’t cover everything though. For other announcements related to Office 365 such as changes occurring in Azure AD there’s an extensive list of blogs and forums where announcements are made on the Office 365 change management survival guide. That list is probably a bit excessive and contains some duplication, which adds to the burden of trying to track all of the change that’s going on. But you can use it to build a personal list of RSS feeds to follow.

Aside from blogs there are also a series of Microsoft documentation pages such as What’s new in Azure Active Directory, the Azure AD Connection version release history, and What’s new in Microsoft Intune to follow.I was previously using an online service called Change Detection to track individual documentation pages on TechNet for changes. That service has now shut down. The new Microsoft Docs platform allows you to follow pages as RSS feeds, but not all docs pages advertise that. As an example, the what’s new in Azure AD page has a link to their feed at:

 
 
 
 
 
 
 
1
https://docs.microsoft.com/api/search/rss?search=”whats new in azure active directory”&locale=en-us

Unfortunately there’s no single source of truth for Office 365 changes that you can keep an eye on, so tracking multiple sources is necessary.

Dealing with the Volume of Changes

Once you’ve dialled in a good set of resources that are relevant to your organization’s usage of Microsoft cloud services, the next challenge is dealing with the number of changes happening at any given time. At this time I’m writing this, the Office 365 roadmap has 74 changes rolling out, and another 194 in development. That’s a lot of activity to track. Even if some of those changes are minor and not much of a risk of disrupting your users’ habits, you still need to review them all.

There’s no magic solution to this. You just need to invest time in reviewing upcoming changes, working out how relevant they are to your organization, and then planning for the change. With so many changes rolling out it’s easy to lose track of them, which is why I recommend implementing a system to handle that for you. Some people use their own job ticketing system, or a Trello board. Microsoft Planner is also a good system for managing changes, as they are effectively a perpetual running project. There is even a blog post series on MSDN for setting up Azure functions using PowerShell to automatically add new Message Center items to Planner.

Controlling the Timing of Changes

In the past there have been many instances of significant, user-impacting changes rolling out in Office 365 without any administrative controls. The initial rollout of Clutter in Exchange Online is one example. But for the most part, change is communicated well and customers are provided with controls to manage those changes. The precise timing of the change is still an unknown in most cases, but if you can opt-out of the rollout of a feature at first, and then manually enable it later when you’re ready, then that is ideal. Most changes roll out as on by default though, so you do need to stay on top of things. The MyAnalytics notification above, as an example, was configurable by administrators.

Microsoft usually, but not always, rolls out new features to Targeted Release (formerly known as First Release) customers first. Targeted Release customers have specifically opted in to receiving new features earlier than other customers. It’s a great way to get a head start on seeing new features in action, so that you can prepare for the roll out to your end users. Some customers even maintain a separate Targeted Release tenant for testing purposes, and then also enable Targeted Release for a subset of the users in their production tenant.

My Recommendations

If you’re responsible for managing change in Office 365 for your organization then I recommend the following:

Most importantly, allow yourself or your team the time to discover, review, and respond to upcoming changes.

 

read more
Office 365

Office 365 Message Tracking Improvements

download

Microsoft has been working on improving the message tracking experience in Office 365. In this blog post we’ll look at the new message tracking features that are available in Office 365, and compare how the new interface is different from the old message tracing feature.

Message tracking within your messaging environment is the easy part. Office 365 keeps track of messages as they move around your tenant, and it gives you access to that data. So message tracking is very useful for finding out what happened to messages that were sent to your tenant, or that were sent within your tenant.

The problem with message tracking is it can’t see what happens to messages before they arrive in your tenant, or after they leave your tenant. This means that you won’t be able to tell a user that their outbound email was delivered to a recipient outside your organization. But you can show them that it was delivered to the destination organization.

Classic Message Tracing in the Exchange Admin Center

Let’s take a quick look at the classic message tracking features in the Exchange Admin Center for Office 365. The interface for message trace in EAC is not complicated. Select a date range, and some information about the message you are looking for, and click on Search. Below I searched for all the messages from Paul for the last seven days.

Paul sent me a few messages about writing this article. You can see the messages listed below.

Selecting one of those messages will show you more detailed information about that message.

In the screenshot above we can see this message sent by Paul was delivered to my mailbox, into the Inbox folder. That is possible to know because this message was delivered to me, and my mailbox is in the Office 365 tenant that I am searching on. When I do the opposite search for messages I sent to Paul it doesn’t give me that same level of surety that the message was delivered to the recipients Inbox. I can only see that Office 365 successfully sent the email to the destination organization.

Again, it’s important to understand what message tracking can and cannot do. You can get lots of information about the message within your organization. The information you can get about messages for someone else’s environment is limited.

Message Tracking in the Security and Compliance Center

Microsoft has done some work to improve this message trace experience. They’ve released a new message tracking interface is in the Security and Compliance Center. You can find it under the Mail Flow section. There are two new areas: Dashboard and Message trace.

The dashboard is a quick view of some important information that can be useful for diagnosing problems, such as:

  • How many messages are sent and received in my tenant
  • How many connections were made with TLS security applied
  • How many messages were queued for more than an hour

None of these reports tell you much by themselves. Together with other information you can gain a picture of the health of your environment.

Moving on to what we’re here for, let’s go to the Message Trace tab. The interface for this new message trace is built to be more intuitive for administrators who may not be specialized in email tracking. The first thing you’ll see in the Message trace section is five default queries that Microsoft has provided for you.

These default queries will cover a lot of the information that many administrators will be looking for here. That’s fine and all but let’s look at what you can do yourself.

The first situation I thought to test was the help desk call from a user who did not receive a specific message they were expecting. When I get this question, my first step is always to look for messages being filtered as spam. I did a search on my mailbox for all messages filtered as spam over the last day. Here are the results.

I blacked out the send addresses because some of them weren’t spam. This report is a quick way to verify if a specific message was moved to spam and missed. You can also search for messages to and from specific accounts. That may be more appropriate in the situation where an end-user is looking for a specific message.

At the top of the screenshot above you can also see the Filter resultsbutton. This is a handy tool when your original search turns up too many messages for you to scan.

Another great feature of this new interface is the saved queries. The last 10 queries I have run are saved for me in the “autosaved queries” section. Selecting one of those queries gives you the option to save that query with the Save button at the bottom.

There are three report types to choose from:

  • Summary report, which provides instant access to view the results in your web browser
  • Enhanced summary report
  • Extended report

Both Enhanced summary and Extended reports are completed using archived message trace data. This means that they can take several hours to generate results, but also that they provide more detailed information.

Summary reports are limited to data for the last 10 days, while the other two report types can pull from data for the last 90 days. Any query can be run for any report type. Saved queries do not have to be run against one report type or the other.

All the reports run in the Security and Compliance center and the Exchange Admin Center run against the same data and return the same results if run with the same options and selection. The difference between the two portals is the look and feel of the interface, and the format of the results.

What About PowerShell?

Wouldn’t it be great if all this new message trace also worked in PowerShell? I thought so too. Unfortunately, it does not. I connected to my Security and Compliance Center PowerShell session, but I do not have any cmdlets that include “*MessageTrace*” as I do in my regular Exchange Online PowerShell session. Hopefully Microsoft will add these cmdlets soon.

read more
Office 365

Using SharePoint Online Document Libraries as a Document Management System

download

In the modern workplace we use multiple systems to accomplish business needs. Systems such as Human Resources Information System (HRIS), intranet and wiki sites follow us anywhere we go.

All these sites have some duplicate information that we have to maintain, and it is always hard to keep up with a current version of the document on each site.

Here’s a common scenario for many organizations. The Human Resources department manages company policies and posts them in the corporate Intranet as well as in HRIS while maintaining an original copy of the document in the local machine or shared drive for revisions.

The shared drive or local machine has two copies of the document, Microsoft Word version for editing and a PDF version for sharing by uploading to the Intranet and HRIS.

Also, there is a manual document distribution process where HR has to distribute a noneditable version of the document to Intranet and HRIS administrators for an upload every time when changes are made to a policy.

This is how it looks:

As you can see, there are four copies of one document exist in multiple places. Also, HR has to make sure that Intranet and HRIS have the same copy of the document uploaded.

In today’s blog post I am going to walk you through a solution for this complex and cumbersome set up using a SharePoint document library. This solution removes the need for HRIS and Intranet administrators to get involved in the process of publishing policies.

Ok, let’s get started.

First, you will need to create a SharePoint document library with the columns shown below. You can add more columns based on your business requirements. I’ve named the document library Corporate Policies for this demonstration.

There is one column that I specifically created for sharing purposes called Share URL. This column is just a plain text column which will store the sharing URL of the file. You will see later why would you need that column.

Next, we will need to turn on Content Approval for the document library by navigation to library Settings -> Versioning Settings

By enabling this feature, every file in the document library must be approved by Approver before anyone else can see changes in the file. This setting will solve the problem where HR has to maintain Working and Approved versions of the file. After turning on this feature, you will notice the Approval Status column appearing in the list view.

You do not have control over the Approval Status field.

Now that the document library is ready to host files, let’s configure permissions.

Since the Corporate Policies document library is very critical, we want to make sure that files are protected. To add extra protection, we are going to break permission inheritance from the site level. This action will help us to make sure that users who have access to edit documents on this site level don’t have access to edit files in the targeted library. We will also need to allow Policy Approvers to have access to approve files before they are visible for the entire organization.

Please follow this link to learn more about customizing SharePoint site permissions. If you want to understand SharePoint permission levels visit this link.

Let’s make those changes. Navigate to the Settings page of SharePoint library and click on Permissions for this document library.

Next, click on Stop Inheriting Permissions.

Now we can assign a specific SharePoint group to be an Approver for this document library. Start by creating either a SharePoint group or a security group, and add the users who will be approvers for this document library.

In the permissions page of the library settings click on Grant Permissions, search for the name of your approvers group, then Select a permission levelof Edit, and finally click Share.

Make sure that the rest of the users have Read Only permission to the library.

Now the Library is ready for a file upload. Let’s upload one file, and I will explain the purpose of the Share URL field that we created earlier.

If you are planning to test user’s permissions, I would recommend using two different computers since sometimes Microsoft Office gets confused which account you are logged in with.

Click Upload, select File and browse to the local machine to choose your document to upload.

After the file is uploaded we will need to complete file metadata. But before we do this, let’s get the shareable URL to the file. Select the file, click on the Share button and choose People in your organization with the link can edit (in the next step we will fix Edit part of this step).

In the next step, deselect Allow editing and click Apply.

In the previous two steps, we customized the shareable URL which will allow accessing your file in a Read-only mode.

If you don’t see sharing options or they look different, talk to your tenant administrator to check tenant level settings.

Now, we will need to copy the URL and save it in the file’s metadata for easy access.

This URL stays unchanged throughout the life cycle of the file. As we have the URL copied in the clipboard, let’s modify the metadata of the file that we just uploaded. Select the file, and on the right side of the screen modify metadata.

You will notice that Approval Status column indicates that file is Pendingapproval, which means that the file is not available for others to see.

When a file is newly uploaded, and Approval Status is Pending, the file is not visible for others. But if you already approved file once and then made changes which turns Approval Status to Pending, users will have access to the file but to the last approved version. For more details visit this link and learn about SharePoint content approval.

Let’s approve this file by clicking on ellipses (three dots)More and then Approve/Reject, which makes this file available via sharable URL or direct access to the library.

Great, we have prepared the workspace for our HR team. You will have to explain to your HR team that they can safely work on files in this library and only approved versions will be visible to employees. You will also have to explain that file turns to not approved (Pending) as soon as they make a change to a file and save. This will solve the problem where HR had to maintain two copies of the document.

Next, we will need to provide shareable URLs of the file to Intranet and HRIS sites administrators to post these policies. Intranet and HRIS administrators have to design their HTML pages once, and whenever HR makes modifications to the file and approve it, changes will reflect immediately (admins don’t have to redesign respective HTML pages or replace links). You can provide metadata of the file to Intranet and HRIS administrators by exporting the SharePoint library to Excel (it will export metadata only).

Click on Export to Excel button, which downloads a query file.

Once query file is opened, metadata will be exported to Excel. You can save that file and send to your Intranet and HRIS admins. You have to do it once as long as you don’t add new policies that need to be shared on respected sites.

As you can see that Share URL column exported to Excel. Intranet and HRIS administrators can use it to design their respective web pages.

For a quick demonstration, I built very simple HTML page to show how you can share policies outside of Sharepoint using the sharable URL. You can also create an email template, or any other web readable file to share files with your employees. Today almost any content management systems will allow you to design HTML pages very easy. It can even be your WordPress site to share with the larger audience.

Let’s run a demonstration on of how our new system works.

First I am going to show that whether I access the file from SharePoint or external webpage, I access the same file.

Next, let me demonstrate how a file turns to “not approved” version (Pending) if I make a change.

Since the latest changes are not approved yet, all employees will see only the approved version of the document via the SharePoint library or external webpage. Let me demonstrate that by logging in with two different accounts; one  HR Approver, and one regular user (John Doe).

And lastly, I am going to approve the document which automatically updates the link that is exposed to all employees.

I just demonstrated how easy it is to set up a system where you eliminate unnecessary and cumbersome work that your employees have to do almost daily. You can also enhance this process using Microsoft Flow by sending alerts and notifications. We will save it for a later blog post.

 
read more
Office 365

Retiring the Practical 365 Blog

download

The time has come for me to retire this blog. I’m writing this post to let you know what’s going to happen to Practical 365 going forward, and to say thank you to everyone in the community who has supported me over the years.

Some History

If you’ll indulge me a for a few minutes I want to take a step back to the beginning. I started blogging back in 2006 to share a few random thoughts and my experiences in IT. After a few years of blogging my career was starting to focus on Microsoft Exchange Server. That’s when I made the decision to focus on Exchange, and renamed my blog to Exchange Server Pro.

In a lot of ways I was in the right place at the right time. I happened to be working with Exchange Server when it was going through some big changes. The new server roles architecture, the variety of new features emerging, and the PowerShell integration provided endless opportunities to share my experiences in blog posts.

The Tipping Point

Exchange Server Pro took on a life of its own. Traffic started doubling. Hundreds of thousands of people visited the site each month. My inbox was overflowing with comments and questions. Twitter was taking off as well, and I was having a lot of fun getting involved in the Exchange community online.

The success of Exchange Server Pro opened up a world of new opportunities for me. I’ve travelled to different countries, spoken at events, written books and training courses, and been offered jobs, all because of my blog. One of the highlights was travelling to Austin, Texas for the MEC conference in 2014. Of all the events I’ve been to, MEC stands out as the one that I enjoyed the most.

I’ll always have that connection to Exchange Server and the Exchange community. I’m looking forward to seeing what Exchange 2019 delivers later this year. Maybe I’ll write a book or a course about it. Time will tell.

Along Came The Cloud

I’ve been in the IT industry for 20 years. A lot changed before I started blogging, and a lot has changed since then. The most impactful has been the emergence of Office 365.

Most of my IT work has moved away from Exchange Server and towards Office 365 over the last few years. It’s one of the reasons Exchange Server Pro evolved to become Practical 365.

Office 365 and the cloud in general have opened up a whole new world of opportunity. A lot of those opportunities just don’t suit where my family and I are in life right now. Speaking at international events, travelling around the country for customer projects, or even working for a vendor, are all things that would take me away from the things that I value the most.

Where to Now?

Every aspect of my life is different today than it was when I started blogging. When opportunities are plentiful but time is limited, it forces you to decide what the most important things in your life are. For me it is my family, my health, and the flexibility to enjoy our lives.

Over the last few months I’ve thought long and hard about where Practical 365 fits in to my future. I’ve come to the realization that as much as I enjoy running the site, the time I spend here is better spent on other things. Things that are more beneficial to what’s important in my life.

I’ll still be working with Office 365, and more books and training courses are very much a part of my future plans. You might still see me pop up in technical discussions on Reddit or other forums now and then. I will also very likely still be blogging somewhere about something, because writing is a big part of who I am. I just won’t be blogging here, and not about Office 365.

Thank You

As I was writing this post I took a look at the traffic stats over the life of my blog. It still blows my mind that my little blog that I started in 2006 with a silly domain name and some free web hosting has been read by more than 13 million people almost 40 million times. As you can see below I blogged for several years with fairly modest traffic. I was quite happy with that. Writing useful content that someone would read is all I wanted to achieve. The last few years certainly exceeded my expectations, and I’m grateful for everything that came from it.

To everyone in the community who read my blog posts, left comments and feedback, attended my conference talks, learned from my books and training courses, or engaged in discussions in forums and social media, I want to say thank you. I wouldn’t be where I am today without you.

Questions?

Here’s some quick answers to questions that you might have. If there’s something not answered here, please feel free to leave a comment below.

Q: What will happen to the Practical 365 site?

A: The site receives a lot of traffic from Google and other search engines, so it would be bad form for me to erase it from the internet. I will be leaving the site online for people to continue finding answers to their problems, but there are no plans to add more articles or content. The store will also stay online for at least the rest of this year to allow people to download any ebook files that have lost.

Q: Have you considered selling the site?

A: Yes, but discussions with a few potential buyers didn’t progress to a sale. If the right company with the right community mindset comes along, that might change. What’s important to me is that the content on this site remains online for as long as it is still useful to readers.

Q: What will you be doing instead?

A: Mostly focusing on growing our business. I’ll still be writing books and training courses for the foreseeable future. I’m working on a book right now(sign up to the mailing list for updates), as well as another Pluralsight coursethat is due for release next month. I have some other opportunities to explore as well, but no details to share yet.

Q: What about your MVP award?

A: My MVP award was renewed on July 1st, making it the 7th time I have been awarded. I’m honoured to be recognized again by the Microsoft MVP program. Obviously my blog is a big part of the contributions that I am recognized for. But MVPs are awarded for all kinds of contributions, not just blogging. Next year we will see whether my ongoing contributions are enough for renewal. If not, then I’m happy with what the MVP award has provided to me, and will continue giving to the community in whatever capacity I can.

read more
Office 365

The Future of Practical 365: What To Expect

7

So, it’s the beginning of a new chapter with Practical 365, with myself and Sigi joining the team to take forward what is undoubtedly one of the go-to websites for Microsoft 365 and – traditionally – Exchange Server content.  

After Quadrotech asked Paul if they could keep the site alive, they reached out to a few fellow MVPs to lead this, and I had no hesitation coming on board. I’ve known Paul for quite a few years. Long-time readers will know Paul was part of the UC Architects podcast back in when it started in 2012, and I’ve joined podcasts on Practical 365 as well. To have the opportunity to help keep the site going from strength to strength will be a privilege. 

For those of you that don’t know me, I have been a Microsoft MVP since 2012, and blogging about Exchange and Office 365 since 2010. In that time I’ve authored a few books about Exchange and Office 365 – including co-authoring Deploying and Managing Exchange Server 2013 High Availability (available for free on this site), along with books for Microsoft Press and elsewhere.

You’ll also find me at Microsoft Ignite next week, talking about Office 365 migrations, PowerShell and Exchange Server – as well as recording the All About 365 podcast with my fellow MVP Jason Wynn. 

However, the reason why I jumped at the opportunity to become Chief Editor for Practical 365 was due to the fun I had writing for similar popular sites. Whilst the depth of content available on those sites diminished, Practical 365 has continued to provide great content. I spend my time in my day job, as a lead consultant at a Microsoft Partner working with IT pros who are trying to make sense of the new world they find themselves in. 

Practical advice

Deploying and managing Microsoft cloud services means as an IT professional you are at the end of the proverbial firehose – new technology launching, and you need to be able to not only find out what is new, but also find out how to use it in a practical sense. What you need is a great resource for real-world, practical advice for the actual doing. What really works? What are the gotchas? How can you avoid the mistakes others made – or learn about how to successfully deploy it, once you move past the basics.  

Microsoft provides fantastic content for understanding their services. However, they know it from the inside out – MVPs and other people who deploy this in the real world learn about it from the outside in – not just how it should work but how it really works in organizations with their own history and unusual configurations; and that is what you need to know yourself if you are to be able to successfully do this in the wild. 

The world I live in today is no longer the siloed one of the past, where Exchange, SharePoint, Skype and other technologies were looked after by different groups of people. Today, when you buy Office 365, you buy these services pre-integrated and when you deploy them, they have dependencies on one another – and include a plethora of additional tools, like Teams, Planner, StaffHub and much more. When you buy the Microsoft 365 suite – you not only get Office 365, but you get Windows 10 – including management and security capabilities, InTune for device management, premium security functionality with Azure AD Premium, Cloud App Security, and Azure Information Protection. When you buy the top-end E5 licensing, you get a phone system replacement, advanced threat protection capabilities and much more. 

On Practical 365, you should expect to see deep dives into all these areas. Perhaps you’ll be tasked with understanding Windows Autopilot? Or maybe , you’ll need to use Advanced Threat Protection to secure Exchange, files in SharePoint and provide coverage for Windows devices. Or you’ll need to get a good understanding of how you can use Teams as your phone system – then next week you might get tasked with understanding how to use Bots within the organization.

Whether you are a generalist looking to make sense of it all, or specialising in a particular area, I’ll be working to bring you great guides on how to do this. And it goes without saying that I’ll be writing for the site too – with guides to help you understand the basics and deep dives in areas I specialise in to help share what I’ve learnt with you.

Additionally, we’re keen to meet and hear from other IT pros who would be interested in writing insightful articles packed with actionable advice. If this sounds like you, please email write@practical365.com outlining your thoughts. As mentioned above, I’ll also be at Ignite next week, so if you’re going to be there and would like to have a chat about becoming a contributor, come find me at the event or at the MVP Pre-day.

read more
Office 365

Deploying, Migrating and Administering Microsoft Office 365

astronaut

Office 365 is Microsoft’s cloud offering that provides software and services to customers on a subscription basis.

The name “Office 365” has been used by Microsoft to refer to quite a wide variety of product and services. Office 365 can refer to:

  • The Office applications that run on Windows and Mac computers, as well as mobile devices such as tablets and smartphones. These applications include Word, Excel, PowerPoint, Outlook, OneNote, and more.
  • The collection of Office 365 online services that provide cloud-hosted email, communication, and collaboration features to businesses, governments, and education institutions.

Office 365 Applications

Microsoft sells Office 365 Home, Home and Student, and Personal editions for use by individuals, students, and households. This subscription offering is a departure from the old model of selling Microsoft Office as a one-time purchase. By offering Office as a subscription, Microsoft is able to deliver the latest software and features to customers at all times, instead of customers needing to pay to upgrade to newer versions of Office ever 2-3 years.

The applications that are provided inn Office 365 subscriptions include Outlook, Word, Excel, PowerPoint, OneNote, and more. The specific applications included will depend on the subscription that you have. For example, Office 365 Home and Student does not include Outlook, whereas Office 365 Home and Office 365 Personal do.

You can find a comparison of Office 365 application subscriptions here.

Office 365 Cloud Services

The Office 365 cloud services that Microsoft offers include:

  • Email and calendaring with Exchange Online
  • Online file storage and sharing with OneDrive for Business
  • Instant messaging, video and audio conferencing with Skype for Business Online
  • Intranet website hosting with SharePoint Online
  • Enterprise social networking with Yammer
  • Productivity and collaboration features such as Groups, Teams, and Planner

You can read more about Office 365 for Business and Enterprise on the Microsoft website.

Learn About Office 365

Office 365 skills are among the most sought-after knowledge for IT professionals today. If you’re an experienced IT pro, the transition to managing cloud services will be fairly smooth. If you’re new to the industry, Office 365 skills will get your foot in the door and your career moving forward.

One of the challenges with learning about Office 365 is that the service changes rapidly. Training materials can go out of date very quickly, so it’s important that they teach core concepts that will continue to be relevant even as the surrounding features change.

I’ve published a series of on-demand video training courses with Pluralsight that you can use to enhance your Office 365 skills. Learn more here.

If you prefer books, here’s my list of recommended Office 365 books.

read more
1 8 9 10
Page 10 of 10