Follow me on Twitter @AntonioMaio2

Wednesday, January 27, 2016

eBook: Protecting Corporate Information from Insider Threats in Office 365

Enterprises face ever increasing and evolving threats to their internal corporate information every day.   The “insider threat” is just one of those threats, where risks come from internal employees exposing, stealing, destroying or over-sharing sensitive corporate data.  A threat from an insider presents unique challenges based on the fact that employees require legitimate access to data and systems in order to accomplish day to day work.  Some require privileged administrative access due to the nature of their role.  As well, employees typically have a need to know which information is most sensitive or valuable to the business.  Given that such access and knowledge is required to keep a business and its employees productive, how do we solve this problem in modern businesses today so that sensitive corporate information is protected, even from insiders?

Microsoft Office 365 provides an exceptional environment for hosting a corporate Enterprise Content Management (ECM) system, allowing all corporate information, both sensitive and non-sensitive, to be stored, managed and accessed in one place.  Microsoft has implemented excellent security measures, practices and assurances to protect organizations from external threats to their data.  It also provides useful tools to help organizations protect against internal threats.  Understanding the real challenges with internal threats will help enterprises make best use of those tools and put the most effective practices in place to protect the business from internal threats.

Click here to learn more and download the eBook:

Protecting Corporate Information from Insider Threats in Office 365

Monday, January 25, 2016

Webinar: What's New in SharePoint 2016

Thank you to everyone that attended our webinar on Thursday July 21 on What's New in SharePoint 2016!  We had a great turn out and some good questions.  There are a lot of new features and improvements in SharePoint 2016 and the ones I specifically spoke about in my webinar were:
  1. MinRoles - Improving and simplifying SharePoint server deployments
  2. Zero Downtime Patching - Improving how SharePoint is managed and kept up to date
  3. Hybrid Search - Improving the end user experience when searching content in hybrid Office 365 and SharePoint Server environments
  4. Other Hybrid Scenarios - Hybrid Sites, Hybrid OneDrive for Business, Hybrid Delve
  5. User Experience Enhancements - Adding ease of use features such as the App Launcher, new library toolbar, new sharing capabilities
  6. On Premise Compliance Center - Enforcing DLP policies and improved eDiscovery on SharePoint content
  7. Removing and Improving Limits
    • Improving List View Threshold Limits with Automatic Indexed Columns
    • Improved Maximum File Size
    • Removing File Name Character Limitations
    • Site Collections per Content Database increases to 100,000
    • Search Index Supports up to 500 Million Items

What Do We Lose with SharePoint 2016

Finally, we spoke about the features or capabilities which we lose in SharePoint 2016:
  1. No new SharePoint Designer - but SharePoint Designer 2013 will work with SharePoint 2016
  2. New SharePoint Foundation release
  3. No SQL Express installed with single server deployments
  4. No built in Forefront Identity Manager as part of the User Profile Synchronization
  5. STSADM is officially deprecated
  6. Excel Services is no longer part of SharePoint - it is installed with Office Online Server 2016 (the new name for the Office Web Apps product)


A few questions we answered during and after the webinar are:
  • When is SharePoint 2016 expected to release?
Microsoft just released the RC (Release Candidate) build of SharePoint 2016 on Wednesday Jan 20th which is now available for free download and testing.  The RTM release is expected to release towards the end of the first half of 2016.

  • Do you expect people to use the MinRoles feature when deploying SharePoint?
I think the MinRoles feature is a very useful feature for new SharePoint deployments which are straightforward.  However, but many complex SharePoint environments have been deployed with a variety of services for various reasons, many of which are specific to the client's specific needs.  I do suspect that many existing and complex deployments will use the Custom role and continue to customize the services deployed to their particular needs.

  • Is InfoPath supported in SharePoint 2016?
Yes, Microsoft is still supporting InfoPath 2013 with SharePoint 2016.  Microsoft tells us that it will be supported into the early to mid 2020s.

  • Since SharePoint 2016 no longer includes the Forefront Identity Manager as part of its installation to support the user profile synchronization process, what are our options here?
You essentially have 2 options here: 
  1. You can use AD Import, which will be unidirectional (from AD to SharePoint) and will not right data back to AD
  2. You can install the new Microsoft Identity Manager (MIM) yourself, which replaces Forefront Identity Manager, which will support 2 way synchronization as user profile synchronization currently does.

You can find the presentation deck from our webinar here: Webinar: What's New in SharePoint 2016.

Please let me know if there you have any other questions about this topic.


Monday, January 11, 2016

My Reasons For Upgrading to SharePoint 2016

Excitement is brewing for the upcoming commercial release of Microsoft SharePoint 2016, which is expected to RTM in the first half of 2016. It’s already in its 2nd beta release with many users downloading it, installing it, providing feedback to Microsoft and providing the community with information about what’s new through blogs and articles.  Microsoft has provided some great new features that improve how SharePoint is managed, how we integrate with cloud services in a hybrid model and how we collaborate. 

It’s important to consider why we should upgrade a perfectly functioning SharePoint environment to this new major release.  Upgrading SharePoint is never just an upgrade.  We’re often looking at a migration, which can be a significant amount of work depending on the state of the current environment. Sometimes upgrades are driven by wanting access to some cool new features, but often the reasons are much more significant.  I'd like to share my favorite reasons for considering such a significant upgrade of SharePoint.

Hybrid Cloud Search

Hybrid search was introduced in SharePoint 2013 which would allow you to search across both your SharePoint on premise and your SharePoint Online environments through one interface.  It worked relatively well, but there were some caveats – most notably, search results from on premise sources and online sources appear separate and not integrated.  By default, search results are not merged and this can cause issues with determining which result is more relevant, paging of search results, etc.
SharePoint 2016 now provides a unified search experience for hybrid cloud search.  Essentially, the way this works is that the office 365 search functionality will consume the on-premise search index so that it can provide integrated results from both sources for the same query.  An Office 365 tenant and Office 365 search are required for this to work.  If users search using the SharePoint 2016 on premise search, only search results from local sources will be presented. There are other improved hybrid scenarios as well with SharePoint 2016, including:

• Hybrid Sites – Users can follow sites on both SharePoint on premise and in SharePoint Online and have them displayed in one unified list; users can also have a single profile in Office 365 where all their profile information is stored and kept up to date, and use that profile for both SharePoint on premise and SharePoint Online.
• Hybrid One Drive for Business – Users can sync files with Office 365; users can also access files directly through Office 365 on any device they might have.

If you are considering a hybrid ECM environment, with portions of SharePoint content stored on premise and portions stored in Office 365, the hybrid search experience available through SharePoint 2016 will certainly provide significant benefit to end users.

Zero Downtime Patching

Today, installing patches in a SharePoint environment can be a time consuming and disruptive process.  It requires the deployment of large 2GB+ cumulative updates on a somewhat regular basis.  All patches are currently distributed within 1 large update file which contains all patches up until that point in time including bug fixes, feature modifications and even schema updates.  In this form, all patches are applied at once, and results in some form of downtime to the environment.antonio1.13.162.png

SharePoint 2016 introduces a new concept for patching called Zero Downtime Patching, where patches are distributed through smaller packages (~100 MB) which may have some dependencies on one another so that certain patches are required before other patches can be installed.  This dependency model in fact already exists with cumulative updates.  The concept here is that patches contain smaller, more targeted changes so that, dependencies aside for a moment, administrators have some choice about which patches are needed and which they can skip, and so that patching with zero downtime is possible.

Applying patches on a regular basis is an important part of maintaining a healthy functioning SharePoint environment.  Doing so with more choice about which patches get applied and without downtime to the environment and its end users is an enormous improvement in the manageability of the overall SharePoint environment.

DLP Capabilities through the On Premise Compliance Center

SharePoint 2016 has directly integrated the fantastic DLP capabilities from Office 365 into its on premise version.  Traditionally we’ve had to look to third party tools to enforce DLP policies on SharePoint content, but with SharePoint 2016 this is now available through it’s out of box capabilities.  As well, SharePoint 2016 includes an improved eDiscovery Center which also allows you to query for content which do not conform to an organizations DLP policies.

SharePoint 2016 now allows administrators to create both a Compliance Center site collection and an eDiscovery Center site collection.  The Compliance Center site collection, much like the Office 365 Compliance Center, allows administrators to configure DLP policies which are automatically enforced on content within SharePoint.  Using the search service application, DLP policies will automatically identify content that is sensitive or confidential and flag that content so that it is not accessible by unauthorized users. These policies then provide some notification and remediation capabilities, like automatically notifying administrators and/or content authors by email of policy violations, and allowing overrides to policy warnings with documented justifications when needed.  In addition, like Office 365 the DLP capabilities come with 51 built in policy templates for identifying sensitive information.  These templates include a large number of regular expressions like credit card numbers and social security numbers, as well as regulatory compliance standards such as the PCI Data Security Standard and HIPAA related data.  The eDiscovery Center can now be used to run DLP queries to discover content which is sensitive or relates to industry regulations and export a report of the identified documents.

Most organizations use SharePoint to store and manage sensitive information in one form or another.  SharePoint 2016 now allows you to do so in a much more secure manager, and use the out of box capabilities to ensure that end users conform to corporate and industry regulations.

5000 List View Threshold Improvements

A common limitation we’ve had in SharePoint for some time is the 5000 threshold for the “List View Threshold” setting.  This is a limit (which can be configured, so it’s really a threshold) which determines how many items can be displayed in a single view.  This helps to ensure that performance of SharePoint overall is not adversely affected by users storing and displaying more that this number of items in a single view.  It ensures that queries to the SharePoint database for items in a list or library do not result in SQL database locks which will affect performance of the entire SharePoint farm.  Although this setting is configurable, we’ve always been recommended to stay away from increasing this past 5000 items.  One method of supporting large lists and libraries is to configure indexed columns on such lists.

Storing 5000 items in a list or libraries may sound large, but more and more organizations store a lot more content than this across many lists and libraries throughout their SharePoint portal.  Over time, it’s extremely easy to accumulate large numbers of lists which contain large numbers of items far beyond this 5000 limit.

SharePoint 2016 provides greater ability to manage large lists and libraries by now automatically creating indexed columns on these lists.  As content grows in our lists and libraries, which it inevitability will do, it’s important to ensure that the proper mechanisms are in place to efficiently manage that content, and SharePoint 2016 now automates more of that for us.

Large File Support

SharePoint 2016 now increases the recommended limit for storing single files from 2 GB to 10 GB.  This is a welcome change, as more and more businesses look to work with large files and large videos, for example presentations with large videos embedded within them, it’s important that the collaboration portal where such files are stored evolve with this changing need.

Microsoft Product Support

If you are currently running Microsoft Office SharePoint Server 2007 (MOSS) or Microsoft SharePoint 2010, Microsoft is no longer providing product support for either product. More specifically, Microsoft ended regular product support for SharePoint 2010 in October 2015. 

If you are in the situation where you are running either of these SharePoint versions, I would strongly recommend you consider planning your upgrade to SharePoint 2016.

In closing, there are many welcome additions and capabilities in Microsoft SharePoint 2016.  For me, the most compelling changes which will make me want to upgrade to SharePoint 2016 are those which improve SharePoint in broad ways from a management perspective, from an end user perspective and from a security perspective, which are those which we’ve outlined here:

  1. Hybrid Cloud Search, allowing us to better support hybrid scenarios by providing better search results and ultimately a better user experience,
  2. Zero Downtime Patching, enabling simpler management of the overall infrastructure and reducing downtime for users,
  3. DLP Capabilities, allowing us to better secure the SharePoint environment and protect information containing sensitive information,
  4. List View Threshold Improvements, allowing us to better support large lists and libraries through automatic indexed columns,
  5. Large File Support, allowing us to better serve the needs of our end users as the files they work with get larger.