Wrapping Up Ignite: More Office 365 Snippets


I’m headed home from the Microsoft Ignite conference. Some of the things I found out or explored during the week include a solid DLP roadmap for Office 365, how BMC Remedy creates incident tickets from DLP audit events, that Veeam now offers a backup for Exchange Online, how Quadrotech’s ADAM plans to drag public folders into the 21st century, the delights of recording a special version of the Office 365 Exposed podcast, why Office 365 will use classification policies in the future, and my continuing frustration with the old OneDrive for Business sync client. Maybe the new client will fix all known ailments.



Data Loss Prevention (DLP) for All Workloads

Microsoft supports DLP policies for Exchange and SharePoint. At the moment, the two workloads are processed separately using transport rules for Exchange and a mixture of crawler/indexer and timer jobs for SharePoint. An effort is under way to provide unified policies that work across both Exchange and SharePoint and then it’s on to expand DLP coverage across additional Office 365 workloads such as Yammer and Skype for Business. For instance, someone who’s participating in a Skype conversation could be blocked from sharing sensitive data through IM. The work is on the DLP roadmap (see Figure 1), but Microsoft wouldn’t say when.

Office 365 DLP roadmap
Figure 1: The DLP roadmap for Office 365 (image credit: Tony Redmond)

BMC Remedy Incorporates DLP Events

Among tons of other events, Microsoft gathers DLP events in the Office 365 Audit log. A typical event might report that a user has attempted to send some credit card information to an external recipient and has therefore violated a corporate policy. An update for BMC Remedy 9 (due in the next few weeks) has the ability to ingest these events and create service management tickets that are assigned to problem coordinators to resolve and close the incident. This kind of integration is a good example of how ISVs are able to use data gathered by Office 365, provided that tenants allow access to the data.

Veeam’s Office 365 Backup

Veeam launched a beta version of its Office 365 Backup module for its Backup and Replication product this week. The name is misleading because only Exchange Online is processed using Exchange Web Services (EWS) to access cloud mailboxes and back up their contents to a Veeam repository in a customer’s on-premises environment. A series of point-in-time backups allow data to be recovered using the Veeam Explorer for Exchange utility.

I haven’t tried this utility so I can’t comment on how well it works in production environments. I do have some doubts as to how well EWS can cope with large scale tenants, as the protocol was never designed to be used for backups. However, other products such as Spanning Backup for Office 365 (also only Exchange Online) use much the same approach and seem happy. If you’re a Veeam customer and think that Exchange Online Native Data Protection is insufficient for your needs, you can check out this new offering.

Grappling with Large Scale Public Folder Deployments

Last week, Microsoft issued an appeal for customers who have large scale public folder deployments to help the company figure out the challenges that exist in moving the “cockroaches of Exchange” to Exchange Online. Microsoft is looking for organizations with between 100,000 to 500,000 public folders. Basically, those who let public folders flourish or run amok, depending on your viewpoint.

In any case, migration is actually the least of your challenges when you face such a large public folder hierarchy. The most important, costly, and time-consuming challenge is to understand what useful data is hidden in the dross. Once you have identified what exists to be rescued, you can figure out where that data should be stored in the future. Perhaps you want to use “modern” public folders. Or perhaps it’s time to eradicate public folders and move to a more modern option (i.e., designed in the past few years rather than 23 years ago). Office 365 Groups is a real option, if you use Quadrotech’s ADAM, which was launched at Ignite.

Figure 2: The console of Quadrotech ADAM (image credit: Quadrotech)

ADAM, shown in Figure 2, uses advanced analytics to process the public folder hierarchy and figure out what useful data exists and the most suitable migration target for that data. It’s fast, efficient, and saves a ton of time. But you’d expect me to claim this because I had a small part in ADAM’s design. If you’ve got a big public folder infrastructure, do yourself a favor and consider all the options. Free tools are great, but there’s a reason why they are free…

A Special Edition of the Office 365 Exposed Podcast

Paul Robichaux and I have some fun discussing topics related to Office 365 in a podcast called Office 365 Exposed. New episodes of the podcast appear intermittently because they depend on Paul and myself being in the same place at the same time. We were at Ignite and a special podcast studio (shown in Figure 3) was available, so we took full advantage to sit high over the expo hall and chat about Office 365 for 50 minutes or so. The new episode is available on iTunes now.

Office 365 Exposed podcast
Figure 3: Slumming it in the Ignite podcast studio (image credit: Tony Redmond)

Azure Information Protection Is Live

I’m rather keen on the approach taken by Azure Information Protection (AIP) to classify sensitive information by applying labels when users create and work with content. Microsoft says that AIP will reach General Availability on October 1. It’s worth checking out if your company deals with a lot of sensitive documents that need to be protected.

Retention Policies Are Dead, Long Live Classification Policies

Exchange retention policies arrived in Exchange 2010 as part of Microsoft’s Messaging Records Management (version 2). They persist today in Exchange on-premises and cloud, but Office 365 is a very different environment with many other forms of information that need to be retained or removed under the umbrella of a data governance policy.

Office 365 Classification policies
Figure 4: Dheepak Ramaswamy explains the need for a new approach to Office 365 data governance (image credit: Tony Redmond)

A really solid information-packed session (shown in Figure 4) spoke about the new classification policies that Microsoft plans to roll out in the near future as the long-term way to apply data governance across Exchange, SharePoint, OneDrive, Skype for Business, and Yammer. In short, they want one governance policy to apply everywhere. It’s a really sensible approach that should have happened a long time ago. Maybe it took that long to get all the heads in the different product groups together so that everyone bought into the need for a unified approach. In any case, classification policies are coming soon. Stay tuned for more information.

The Silliest Synchronization Error

The prize for the silliest implementation of an error message in Microsoft Office must surely go to the one that informs users when an application such as Word is unable to upload changes made to a file to a library managed by the OneDrive for Business sync client because the user is required to sign in and provide their credentials, as shown in Figure 5.

OneDrive for Business signin error
Figure 5: A document upload fails but there’s nowhere to go! (image credit: Tony Redmond)

I don’t know which genius came up with the bright idea of including a “Sign In” button that appears to do Sweet Fanny Adams. At least, it has never done anything for me. And even worse, there is no other way to enter your credentials and sign in. It seems like the only solution is to use the Credentials Manager to remove any cached credentials for OneDrive. I’m not the only person to hit the problem as any Internet search soon reveals (here’s one example).

The new OneDrive for Business sync client is much more reliable, but until now it has not been able to deal with SharePoint libraries. Microsoft announced at Ignite that a preview version that supports SharePoint libraries is now available. The promise is that the migration from the legacy Groove.exe client will be “seamless.” Perhaps so seamless that the sign-in irritation will be removed.

Adieu Ignite

Another conference is over for me as I’m on the plane home to Ireland. Ignite 2016 was much better than its 2015 counterpart. Better facilities, better food, better sessions, better expo hall, and nicer staff made it a good all around event, even if the sheer numbers attending were overwhelming at times and the queues sometimes historic. Ignite delivered more than enough to attract me back next year – after a decent rest, of course.

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.