Follow me on Twitter @AntonioMaio2

Monday, April 22, 2019

SPSTC: An Introduction to Enterprise Mobility + Security

[I posted this to the blog back on Apr 7, 2019, but just realized blogger had not actually published it]

Thanks to everyone that attended my session at SharePoint Saturday Twin Cities in Minneapolis on April 6/19!  You can find my presentation slides below, and should be able to download them from SlideShare.  This session had a lot of information to in it, walking through the various components that make up the Microsoft Enterprise Mobility + Security offering and the licensing options around those offerings.

The licensing in particular is complex, but ultimately your options for this offering are:

Enterprise Mobility + Security E3

This subscription includes:

  • Azure Active Directory Premium P1
  • Microsoft Intune
  • Azure Information Protection P1
  • Microsoft Advanced Threat Analytics
  • Azure Rights Management (part of Azure Information Protection) and the Windows Server CAL rights.

Enterprise Mobility + Security E5  

This subscription includes all the capabilities of Enterprise Mobility + Security E3 plus:

  • Azure Active Directory Premium P2
  • Azure Active Directory Identity Protection (as a feature of AAD Premium P2)
  • Azure AD Privileged Identity Management (as a feature of AAD Premium P2)
  • Azure Information Protection P2
  • Microsoft Cloud App Security
  • Azure Advanced Threat Protection

You can find more information about Microsoft Enterprise Mobility + Security licensing here:  There are other licensing options as well, but these are the primary ones that organization consider when they look to increase the security and compliance features which their organization is leveraging.

Table of Enterprise Mobility + Security

You can learn a lot more about each feature included across all Microsoft Security and Compliance tools from our Table of Enterprise Mobility + Security.  The features and tools are grouped together to identify the tools that help you to accomplish specific related tasks, and clicking on each tile in the table will take you to the Microsoft documentation which is specific to that service or feature.


Thursday, April 4, 2019

The Table of Microsoft Enterprise Mobility & Security!

I'm very happy to announce that I’ve teamed up with jumpto365’s Matt Wade and Niels Gregers Johansen to publish The Table of Microsoft Enterprise Mobility & Security, which is a new addition to the Microsoft Periodic Table series!

Niels, Matt, and I decided at Microsoft Ignite 2018 to work together on a tool that’s been one of the top requested additions to the Periodic Table of Office 365.  That is overview for Microsoft’s Cloud capabilities related to security, compliance and information protection.  Similar to the Office 365 periodic table, the Table of EM&S categorizes similar services together to make the overall offering easier to navigate, and easier to determine which tools are available to you.

 Table of Enterprise Mobility & Security

Considering the breadth of tools available with the EM&S offering, which is maintained by many teams across Microsoft, it can be hard to find central resources providing an overview of the entire suite, which group and describes the tools with respect to each other. This work aims to bring everything together in one spot and make jumpto365 your entry point to understanding the Microsoft Cloud tools that are available to you.

  Table of Enterprise Mobility & Security

Each tile represents a Microsoft service, feature or tool which is related to information protection, security, compliance, and enterprise mobility. Some features are provided as part of the Microsoft Enterprise Mobility + Security offering.  Some come with Office 365 enterprise licenses, some are just built in protections that are critical for people to understand, and some go beyond the Microsoft Enterprise Mobility + Security offering, helping you to understand some of the Advanced Options available for security and compliance

We're highlighting the features and capabilities that are important when considering the security of your Microsoft 365 environment and the tools available to you to help with regulatory compliance.

   Table of Enterprise Mobility & Security

I've worked in the security and compliance space for a very long time, and there are many great solutions built into the Microsoft Cloud which help customers protect their information, secure their tenant, and comply with the regulations that are important to them.  I truly love working with these tools!  In working with many customers though, I find that they often don't know that these tools exist, and learning which one is best for which task is one of the hardest tasks in moving to a more secure and compliant state in Microsoft 365.

The security and compliance tool landscape is vast in Microsoft 365, with a lot of great services, features and tools!  One thing that excites me most about this table is sharing that knowledge with people and giving them an easy way to explore the many security and compliance features available to them.

Links to Documentation and Product Pages

You can jump to the product pages and documentation for each tile in the Table for the particular service or feature, giving you both an overview and access to the in-depth details about how to make use of the service or feature. All of those product pages offer links to the technical documentation, pricing, getting started guides, and live demos.  This lets you check if the service offers what you are looking for before spending money and time on the idea.


All information in the EM+S Table can be found across Microsoft’s Enterprise Mobility + Security service websites. If any changes are made by Microsoft to the EM+S services, we will update the Table as well, so that it stays up to date.

More to Come...

This is the beginning of the Table of Microsoft EM&S. We will continuously update the Table with more features and functions to make it better over time. If you have anything you would want to see on the next version, please let me know in a comment below.

To learn more about my work and what I do, please visit my other blog and follow me on Twitter.

Friday, January 25, 2019

A Practical Introduction to Microsoft Forms & Microsoft PowerApps

As an enterprise architect, working primarily in the Microsoft Cloud, I often get asked questions about which form solution a Client should move forward with in their enterprise. It usually starts with one form that a business stakeholder has requested or suggested, or with one team that wishes to publish a few forms. The request and the questions quick spread to multiple teams that want to do something similar in the spirit of "Going Digital"! Do we continue to use InfoPath like we used to? Do we use SharePoint Designer to create a list form? Are those things still supported, because we've heard they're not? Do we create a custom form on a SharePoint site page with a custom web part... maybe a full page web part? Do we use Microsoft PowerApps, Microsoft Forms, or a third party solution?

So, I thought I'd share my practical thoughts here to hopefully benefit many people wondering about the same question. Microsoft has a long history of form solutions which have come and gone, especially in the case of SharePoint. The SharePoint and Microsoft technology stack for building and hosting online forms has gone through significant flux in recent years. It started with the announcement that Microsoft would discontinue InfoPath back in January 2014 (anyone remember the InfoPath funeral at the SharePoint conference). After several years of flux, we finally have a clear path forward for online forms in SharePoint and in the Microsoft Cloud.

Let's Be Clear on InfoPath and SharePoint Designer
First of all, let's be clear on InfoPath and SharePoint Designer - Microsoft has clarified in recent years that InfoPath and SharePoint Designer will in fact be supported in their last versions, InfoPath 2013 (the client application, as a separate download, and not included with Office 2016 or later) and SharePoint Designer 2013, until July 2026. This means that current and recently released versions of SharePoint, so SharePoint 2016 and SharePoint 2019, will support artifacts created in InfoPath 2013 and SharePoint Designer 2013. As will SharePoint Online, until further notice. However, Microsoft has also been clear that no new work, not features, not updates, not patches, will be put into InfoPath 2013 or SharePoint Designer 2013. Those are the last versions of those applications.
This effectively means that InfoPath and SharePoint Designer are on life support, and are still supported for those on premise and online solutions for Microsoft customers that have a large investment in using InfoPath and SharePoint Designer and cannot yet move to the new modern capabilities.

This also means that new modern capabilities added to SharePoint Online and the Microsoft Cloud will likely not work or integrate with InfoPath or SharePoint Designer. Effectively, the real use cases in which InfoPath and SharePoint Designer may be used in conjunction with SharePoint Online sites to fulfill a business need will get more and more narrow, over a long period of time, until 2026 in fact.

What you've built in the past is still supported, and you could still likely use the tools for something simple, but its highly recommend that you don't look to these technologies to try to build anything modern, or supported on mobile, or integrated across the Microsoft Cloud. You will have a long up hill battle!

Microsoft's Go Forward Online Form Solutions: PowerApps & Forms
As many will tell you, Microsoft's go forward solutions for Online Forms in the Cloud include both Microsoft PowerApps and Microsoft Forms.

Microsoft Forms was released to general availability on April 27, 2018, so its only a little over a year old in general availability (it had a long preview program before that which many of us participated in). The solution is still fairly young, but its intended use cases and purposes are fairly narrow and focused, so it does what it does very well.

Microsoft PowerApps was released to general availability on October 31, 2016. It is only a little over 2 years old. Its important to keep that in mind, because it tells you the technology is young and still evolving. That said, the technology has come a long way in just 2 short years.

Microsoft Forms
Microsoft Forms is essentially a light weight, very basic tool for creating surveys, quizzes and polls that are intended to quickly collect information. Some general use cases in which we have seen Microsoft Forms are:
  • Surveys to collect end user feedback
  • Short forms asking users to register for an event or to gauge interest in an event
  • Simple forms requesting contact information from users
  • Polls to gather employee or customer satisfaction
  • Educational environments where teachers wish to publish a quiz to students to measure information retention, or to test knowledge of a topic and evaluate progress

With Microsoft Forms, you really can create a simple online form in minutes which fulfills these use cases. Microsoft Forms does not replace InfoPath or SharePoint Designer list forms, due to the simple nature of forms it can create. But it does very quickly fill one particular need with respect to Forms. It allows you to very quickly and easily:
  • Create forms for surveys, polls or quizzes with a simple set of varied controls, and using simple conditions
  • Publish those forms to the internet for users to fill out anywhere, any time, on any device (desktop, laptop, tablet or mobile)
  • Collect submitted data in a central place, which can be aggregated, summarized and analysed by other tools
  • Automatically trigger workflows created in Microsoft Flow which can integrate the collected data from Microsoft Forms into other systems

One feature that Microsoft Forms has over PowerApps, is that Forms can be optionally be published so that they can be accessed anonymously. That's correct, if you need to publish a form to the internet that you want people on the internet to access and fill out and not require them to login (because maybe they don't have a user account in your Office 365 tenant) you cannot do that with Microsoft PowerApps, but you can do that with Microsoft Forms. This is not the default configuration, but when you publish a form in Microsoft Forms you can choose to publish it anonymously and not require users to login - when you do this, any person on the internet with a link to the form can respond to it.

Access to Microsoft Forms
Access is controlled through your Office 365 license, and all Microsoft Office 365 enterprise licenses include one flavor or another of the Microsoft Forms SKU, including Office 365 Enterprise E1, Enterprise E3 and Enterprise E5.

There are numerous flavors of the Microsoft Forms license itself, including those focused on the enterprise (Microsoft Forms plan E1, plan E3, plan E5), those focused on kiosks or unattended applications (plan K), and those focused on Education (Plan 2 and Plan 3). You can control if a user has access to Microsoft Forms for the purpose of creating a publishing a form by turning ON or OFF the Microsoft Forms SKU in their Office 365 license.

You can learn more about which licenses include Microsoft Forms here.

Microsoft Forms is also available for free to Hotmail and Outlook/Live Microsoft accounts, with some limitations.

Controls Available in Microsoft Forms and Other Options
There are many common control options available when you're designing your forms, which are:
  • Choice fields where you only select 1 answer (radio buttons or dropdown)
  • Choice fields where you select multiple answers (check boxes)
  • Text Fields
  • Ratings
  • Dates
  • Net Promoter Score Fields (announced at Ignite 2018; for example, "How likely are you to recommend this to a friend?" with a choice from 1 to 10)

Other options include:
  • Options to make fields required
  • Options to order fields as desired
  • Options to shuffle the options presented to users
  • Options for titles and subtitles on form questions
  • Branding options in the form title
  • Suggested questions based on how you start your form
  • Creative ideas presented to you as you are developing your form

Important Technical Notes about Microsoft Forms
The following are other important technical notes and limitations related to Microsoft Forms:
  • All data submitted through Microsoft Forms is stored on servers in the United States or Europe (only if your Office 365 tenant is hosted in Europe). So, if your Office 365 tenant was created and is hosted in a data center outside of the United States or Europe, your form, its configuration and any data submitted through your form is stored and hosted in servers within a US data center. This may or may not fit with your data residency requirements, so please consider the use of Microsoft Forms carefully with this in mind.
  •  If a user who creates and publishes a form using Microsoft Forms, leaves the organization and their account is disabled and/or their Microsoft Forms license is removed, then all Microsoft Forms configuration and data, including submitted form responses, will be deleted 30 days after their user account is deleted from your Azure AD instance.
  •  Conditional Access does integrate with Microsoft Forms. You can select Microsoft Forms as a Cloud App in the Cloud Apps assignment.

There are some limitations as to how many forms a user account may create, and how many responses they can receive. Forms created using an enterprise or commercial accounts:
  • A single user account may create up to 200 forms
  • A single form may have up to 100 questions
  • A single form may receive up to 50,000 responses

Finally, surveys and quizzes allow you to collaborate with others during the creation process by creating and sharing a link to the form with other users. You can use this same method to save forms as templates and reuse them over and over again.

Microsoft PowerApps
Microsoft PowerApps is cloud based technology only available in the Microsoft Cloud, which allows business analysts as well as software developers to build custom business applications.  It is Microsoft’s go-forward solution for online forms, and is the intended replacement technology for InfoPath forms, as well as all previous form technologies.

The solution is not only targeted at software developers.  The solution is targeted at business analysts or technical specialists within a business function (as opposed to business users) as some technical abilities are typically required to build simple PowerApps solutions.  Often business users can easily start a PowerApps solution, but very quickly they find that some knowledge of JSON or expressions/formulas is required to achieve the business functionality they wish.

Therefore, PowerApps is typically viewed by most enterprises as a “low-code” and “rapid application development” solution for building custom business applications in the Microsoft Cloud.  When developing a PowerApps application, there are two (2) types of applications that may be created:

Canvas App
A canvas app allows the app developer to layout supported controls wherever they wish on the page and construct multi-page applications.

Model Driven App

A model driven app is created and designed for the most part based on the data fields you select for the app.  They are tightly integrated with the Common Data Service (CDS) which is the common data model used within Dynamics 365.  As you develop a model driven app, you create entities and fields within the CDS, and the controls are automatically laid out on your form to support reading and writing of data from and to those data structures.

All Office 365 enterprise licenses include a PowerApps for Office 365 license.  This provides all Office 365 users with standard PowerApps designer capabilities, in effect enabling all users to create their own PowerApps.  The PowerApps for Office 365 license provides access to Canvas Apps, and it provides access to the Common Data Service (CDS), however only in the default environment.

Any user that will run a PowerApps, meaning if they will fill out an online form built on PowerApps, will run it under the context of their own user account and therefore requires a PowerApps license.

The default PowerApps for Office 365 license has limitations in the capabilities which are available to users.  PowerApps also provides higher level licenses, named Plan 1 and Plan 2:
  • PowerApps Plan 1 provides access to the Common Data Service for Apps to store and manage data in additional environments. Users can run canvas apps that are built on the Common Data Service for Apps, use premium connectors, access data in custom applications or on-premises data.
  • PowerApps Plan 2 allows users to run model-driven apps with code plug-ins and real-time workflows.

 For more information on PowerApps license plans please refer to the Microsoft article here.