Microsoft

Blog Categories

Subscribe to RSS feed

Archives

Follow Microsoft Technologies on Pinterest

Posts Tagged ‘SharePoint’

Expanding Data Loss Prevention Across Office 365

Continuing from my previous post on Information Rights Management (IRM), today we will focus our discussion at yet another security feature which is essentially part of customer controls, known as Data Loss Prevention aka DLP.

DLP provides users with policy tips and detects sensitive information in the context of communication. DLP was first rolled out in Exchange and Outlook and then expanded into Outlook Web App (OWA). The only problem was that email is not the only way to share information. A ton of information in this digital age is shared via documents and keeping that in mind, DLP was expanded into SharePoint Online (SPO) and OneDrive for Business (ODFB). Until now eDiscovery allowed us to search sensitive content across SharePoint and OneDrive and now policy actions (restrict and block access) and email notifications are also being introduced.

Source: blogs.office.com

Source: blogs.office.com

With the advent of Office 365, the Microsoft community has become increasingly collaborative in nature, and product teams are now more agile and communicative in their approach than ever before. Building on that approach, recently Microsoft conducted a yamjam around DLP features. Some great scenarios, concerns, and solutions were exchanged. Here is my attempt to capture and summarize that for you.

—————————————————————————

Q: Will DLP be a supplement or replacement to IRM and auditing mechanisms in SharePoint? And in what way will it supplement to IRM and or auditing.

A: DLP is a great supplement for IRM today. Both of these functionalities work seamlessly in Exchange and we are extending that same experience for SPO/ODFB

Q: Will DLP have effect on the content that is shown, or not shown, in Delve

A: That is absolutely our vision. Delve adheres to the user permissions set by your admins and end users, and we will respect the same when it comes to DLP.

Q: Will DLP be a part of the announced Dropbox partnership? Extending to Dropbox for business

A: Currently DLP functionalities are planned only for ODFB/SPO and not Dropbox.

Q: Will DLP be able to enforce IRM on documents that match a policy? 

A: That is definitely in our plans and you can expect us to release that in the service in early 2015

Q: If I want to make sure my policy is enforced on all content all users should have a sufficient license?

A: Yes, you need as many DLP licenses as the number of users. DLP is licensed on per user basis.

Q: How can we protect documents that contain trade secrets or company plans from being uploaded to OneDrive and then downloaded to home computers? These are random documents that may not have specific information to search for. What is to keep users from uploading a mass amount of documents and then downloading them at home?

A: The next level is to apply Rights Management Service (RMS) policies for all content that lands in that area. You can further protect using IRM from within the client and establish a further depth of what can/can’t be done, and possibly further restrict who. Next up is setting policy rules with #dlp that again help to inform and enforce actions that are and are not allowed. In the future we’ll have additional tools via MDM to help protect and reclaim/delete content that can no longer be on devices. Additionally, we’re planning auditing and reporting capabilities so admins can run reports to understand better how content is being used (shared, modified, viewed, etc.).

Q: Is OneDrive for Business a supported application by Azure RMS?

A:  IRM works today for documents on ODFBso yes, Azure RMS works for OneDrive for business. There are some fixes we are making for IRM protected libraries so that it syncs seamlessly just like any other library

Q: ODFB Management : For ODFB and IRM, it seems to be cumbersome to turn on IRM and with certain policy settings like “Allow users to print”. Plus, it does not seem to reference centralized IRM policies like you would expect with Azure RMS because you just name your own policy and do not select from a dropdown list. Is this because IRM on ODFB is not really supported by Azure RMS yet? And is this expected to change sometime soon?

A: ODFB is certainly covered, and is a manual process today from the scope of an audit or configuration of IRM. The concern you have is valid and is something the teams are aware of for auditing, eDiscovery, DLP scenarios. We don’t have timing to share, but we do want to treat ODFB as included by default, not something you have to configure for broader application

Q: If we have 10 users on E3 and 40 users on Business Essentials, do the messages created by the 40 Business Essentials users get evaluated by DLP? What about the server-side processing? If a non-E3 user sent a message that violates a DLP rule, would it be blocked, or would it be sent to the recipient?

A: DLP does require E3, so the non-E3 users would not get a DLP experience, aka the tool tips coming early next year. No, you need to have DLP licensing to enable server side and client side processing for sensitive content. So for eg, in exchange today, every time you use the “the message contains sensitive information” predicate, you need DLP license.

Q: We have a system that generates PDF reports and emails them via SMTP. We use DLP to block the messages from being forwarded but we would like to apply document level IRM as it enters the system via SMTP?

A: Look at adding a document library into your solution. You could then add additional capabilities if above needs a little more.

Q: Can you please elaborate on the phrase “with additional policy controls and actions like Information Rights Management, coming in the first quarter of 2015″ from the 10/28 blog post on DLP? What might this mean in terms of capabilities?

A: In our initial release for SPO policies, you will have actions such as block or request access when someone uploads a document. With RMS action, you will be able to automatically apply IRM action to the uploaded document if the document contains sensitive information.

Q: What will happen if a document is accessed through an API using custom coding? Will DLP apply?

A: If the content is stored in a location that is subject to a DLP policy, such as SharePoint – then yes the changes will be scanned and subject to the DLP requirements in the policy.

Q: Will Microsoft provide a way to automatically add ODFB sites (as they are provisioned) to DLP scope?

A: Yes, you can configure a DLP policy to apply to “all” OneDrive for Business sites, which will automatically include new sites as they are provisioned.

Q: <em?Will the fact that IRM is applied to a document be able to overwrite DLP actions? For instance if IRM is applied with ‘lower’ restrictions, van DLP apply more restrictieve restrictions? Consider this example: IRM can be configured by Site Admins, so a site admin makes a library for contracts. He configures very little restrictions. At company (DLP) level we have a very strict policy and want to override what the site admin on lower level set up.

A: We currently do not allow IRM policy override. This is an interesting feature request. will be available when our policy actions are available in early 2015.

Q: We found the mobility use case to be painful as iOS and Android devices cannot open IRM protected documents minus a few exceptions like PDFs with a purchased app. When is this targeted to change to where the Office Mobile apps will support IRM protected documents?

A: It works great today for email across OWA for devices, Outlook, Outlook for MAC, OWA etc and you can expect us to add the same functionality across Office documents. IRM works today for documents on ODFB so yes Azure RMS works for OneDrive for business.

Q: With an increasing number of non-technical small business users, what is the plan to give true user account management to Global Admins in O365? This weekend we had to terminate a long time employee who lives in a different state. I checked every source for clear guidelines and documentation surrounding this is nearly non-existent. There is no simple way to prevent loss of information other than resetting the user password. If “blocked” then we could not go into Exchange Online or ODFB to back up information. If we remove licenses, we lose all data. If we turn mailbox into shared, we lose auto archive folder/ability. We cannot backup to a PST due to auto archive as well. Four days after the fact, we learned that resetting the password means they can still have access to any sessions of mail, CRM, SharePoint that have not expired. How are we supposed to manage security under these conditions? Please advise when your 100% “cloud first/mobile first” O365 Online small business customers can expect to have the right tools to terminate an employee while preventing any data loss.

A: The scenario you describe is well covered in the enterprise, where we have additional value in the E1-E4 plans. And I’m guessing you know this, but want to be clear that all the compliance tools like RMS, DLP, eDiscovery … they are only offered to enterprise. It is very common to find smaller businesses using the enterprise plans when their needs require the more robust compliance capabilities. Consider upgrading your plan to enterprise. This article should get you started: I can tell you that you can recover documents. You would need to assign a secondary user who can then go into users’ ODFB. You can do this today here: SPO admin center > user profiles > Set up MySites > My Site Cleanup – and then add a secondary owner.

Here’s the text from in-product once you get to this admin setting, “My Site Cleanup”. When a user’s profile has been deleted, that user’s My Site will be flagged for deletion after fourteen days. To prevent data loss, access to the former user’s My Site can be granted to the user’s manager or, in the absence of a manager, a secondary My Site owner. This gives the manager or the secondary owner an opportunity to retrieve content from the My Site before it is deleted. Select whether or not ownership of the Site should be transferred to a manager or secondary owner before the site is deleted. Set a secondary owner to receive access in situations in which a user’s manager cannot be determined.

Q: Any plans to add DLP to Yammer? For instance if a user decides to share his credit card number on Yammer he will get a policy tip; Such as not allowing videos to be downloaded (but only to be viewed), to making sure that PII is not being shared inadvertently in healthcare or insurance companies. You can overcome these things with peer governance but it would be great to have some tech in place too.

A: Definitively something that we are thinking about. What kind of scenarios would you like to see if/when this would happen?

Q: When or will Data Loss Prevention (DLP) become available in the On-Premise version of SharePoint?

A: We’re not ready to discuss any portion of SharePoint Server vNext (on-premises) and what will be included. That said, there are a number of 3rd party solutions today that can be integrated with SharePoint already.

SharePoint Online eDiscovery Center For All Your Legal Needs

ediscovery Featured

Ever have requests to furnish old emails, messages, documents to your HR or legal teams? In this digital era, we experience an overflow of electronic information in forms of email, documents, IM conversations, etc. It can be chaotic when you are expected to look for content from several years in the past. Have you ever wondered what it would be like if you had a tool to help with ESI (electronic stored information) to collect, classify, and analyze? Even better, a tool that allows you to then preview and preserve for as long as your corporate policies allow?

The most-affected workgroups are Legal, IT, and the governance, risk, and compliance folks, who must manage all of the data legal and compliance groups are desperately trying to search. Now with Office 365, you can do just that and more. Office 365 equips you with an eDiscovery center to manage preservation, search, and export of content stored in Exchange and SharePoint, across SharePoint farms and Exchange servers.

eDiscovery2

Your SharePoint Online tenant comes with a pre-created eDiscovery center. What it needs from you is, configuring discovery sets and setting up your search queries in order to export the results. With SharePoint Online you can run an eDiscovery case on SharePoint, Exchange, Lync, and on premises File Shares at the same time, from one management console. This lets you search, preserve, and export all relevant content from all these repositories. For every discovery case, you would create a new case site where it is possible to conduct searches, place content on hold, and export content. There are new capabilities in eDiscovery you need to be aware of:

  • eDiscovery Sets: Combinations of sources, filters, and whether to preserve content. eDiscovery Sets are used to identify and preserve content.
  • In-Place Hold: Now you can preserve sites and mailboxes using search filters. Preservation works behind the scenes… people can work on their documents and delete email and not even know it is turned on, but for eDiscovery, you have the data you need in an immutable store.

eDiscovery3

 

  • Query: Search experience which is eDiscovery focused. This reduces the output data and help you find the content you are looking for.
  • Export: Download all of the data  directly to a local machine with an offline copy of native documents, email PSTs, archived MHT web pages, and CSV files for SharePoint lists.

eDiscovery4

eDiscovery5

After searching for relevant content in a eDiscovery set, you may want to put content on hold. This enables the original content to always there when your legal department asks for it. The eDiscovery center allows you to put SharePoint sites and Exchange mailboxes on hold, without disrupting the business.  Putting a SharePoint site on hold creates a hidden document library. This enables the user to still modify any content item subject to the legal hold while keeping the original copy of the item in that hidden library. Exchange mailboxes apply the same principle by creating a hidden folder where items are actually moved to when a user deletes an item.

This post guided you through the benefits and process to setup eDiscovery and empower your legal department to query and export content to help in any litigation or compliance needs. In the next few posts, I’ll dive into some other advanced security features in Office 365.

Yammer Governance: Working Like a (Safer) Network – Webinar Recap

Each and every time my colleague, Rich Wood, speaks on a webinar or presents at an event, I know it’s going to be good. Whether his audience is more business or technically oriented, or a healthy mix, he has a knack for presenting content in an engaging manner and a way that’s easy to digest (even for this marketer). And just as expected, during last week’s webinar, “Planning for Governance in Yammer While Working Like a Network,” Rich did not disappoint.

Enterprise social networks are, by default, a more informal, natural means of communication and collaboration, whether it be with internal employees, customers and/or partners. Many companies with an enterprise social network in place are benefiting from improved knowledge transfer, empowering employees and breaking down organizational barriers. But, because of concerns around privacy and governance, the majority of companies have yet to take advantage of an ESN such as Yammer.

During the session, Rich, who heads up our Modern Applications practice at Perficient, began with a discussion around the philosophy behind Yammer. He emphasized that Yammer is not SharePoint. We are all so used to thinking of “governance” in a SharePoint context, it can be difficult to wrap your mind around how to govern a Yammer network properly and encourage user engagement. While SharePoint focuses on document collaboration, with Yammer, it’s all about social collaboration. With that different purpose comes a different philosophy.  In SharePoint, the greater user population has the least rights in common areas, and with Yammer, it’s the reverse. Those same users have the most rights in common areas. Read the rest of this post »

Pros and Cons of Cross Site Publishing

Confused when to use cross site publishing? When does it bring you the most value? Or how does it fit in your content strategy and information architecture?sharepoint-logo

Cross site publishing has been around since the launch of SharePoint 2013. I’ve seen various implementations and variations of it over the years but never surprised when I see the reasons behind those implementations. Many a times it’s the coolness factor of utilizing this framework. I have had the honors (ha) of being an early adopter of this framework and during last few years have been exposed with the nuts and bolts of this feature. In this article, I’ll share my thoughts on why and when to use or not use cross site publishing with real world scenarios. Before we being let’s see what cross site publishing really is and how it works. According to TechNet, It lets you create and maintain content in one or more authoring site collections, and publish this content across one or more publishing site collections, by using Search Web Parts. Cross-site publishing (XSP) lets you store and maintain content in one or more authoring site collections, and display this content in one or more publishing site collections

Do you know what your problem is?

Understand your content authors and understand the process which brings the most value to your corporate publishing. This and the next two sections will help you decide if XSP is for you.

What scenarios does it fit?XSP

  • It makes a great candidate when you have articles which are tagged and categorized with topics. It allows you to separate content authoring from the display templates and page layouts used in the article presentation. So instead of ending up with hundreds of exponentially growing  unique pages in a Pages library, the publishing site will contain only two dynamic pages: the CatalogCategory page and the CatalogItem page.
  • If you are in a situation where your content authors need an environment to get a head start while you develop and construct the publishing portal, then XSP is a great candidate for you.

What scenarios are NOT a good fit?

This is where it gets interesting.

  • If you can’t double or even triple your upfront design, architecture, and setup time in your build phase, then it is not for you.
  • If you don’t love managed navigation and term sets, this is not for you. It adds extra complexity to your design by not allowing you to have one term for multiple categories. You will need to define a new term for each new product/article category.
  • If you have multiple content authors in multiple geographical locations and no time for training, this approach is not for you.  The tendency to look for content in libraries is hard to overcome. Also, when managed navigation is in play, vanity URLs can make it difficult to track down source content.
  • Moving from DEV to TEST to PROD is extra effort. You’ll need to recreate all your catalogs or create a PowerShell script to do that.
  • If you use a analytics product and wish to track unique visitors, and track page visits, it can get tricky and the product may not support this architecture. Check with your analytics vendor before implementing cross site publishing or possibly do a proof of concept.

Microsoft-Salesforce Integrations as Cloud Giants Shake Hands

Microsoft and Salesforce has made significant progress to their strategic partnership announced in May. They unveiled new joint solutions—including Salesforce1 for Windows, Salesforce for Office, and Power BI for Office 365 and Excel integrations with Salesforce—at Dreamforce 2014. salesforce1microsoft1

The companies disclosed that in early 2015, they will release a Salesforce1 app for Windows Phone. Alongside, OneDrive will be linked to the Salesforce solutions. In addition, Office will also be incorporated with the Salesforce suite. Through the alliance, Microsoft will gain an opportunity to provide its user-friendly products to Salesforce users. Salesforce, on the other hand, will be able to sell its SaaS product in the more conservative enterprise channels, currently controlled by Microsoft.

The companies plan to integrate Salesforce into Office, SharePoint and OneDrive for Business on the Android and iOS platforms in the first half of 2015. Also, in the first half of 2015, the companies plan to ship a Salesforce app for Outlook. The second half of 2015 will also see a Salesforce1 app for Windows Phone along with a Salesforce app for Excel. Power BI for Office 365 and Excel integrations with Salesforce. With these new integrations, customers will be able to bi-directionally load data to Salesforce and Excel to build reports, visualize information and discover new insights.  Power BI integration with Salesforce is anticipated for the first half of 2015. A Salesforce app for Excel is anticipated for the second half of 2015.

Some key things to note for existing features (live and preview): Read the rest of this post »

How many Personal sites do I have in my O365 tenant?

Cloud UserPersonal sites (formerly known as My Sites) are provisioned on demand in Office 365. Only when the user first clicks e.g. their OneDrive link in the suite bar is their personal site actually provisioned. This was a prudent architectural decision on Microsoft’s part to not provision space until it is actually needed. Anybody who managed pre-provisioned personal sites on premises will know that this can be unnecessarily expensive, especially when you have a very large number of users.

With this approach it is sometimes useful to know how many users have already provisioned their personal site, so as to get a measure of adoption.

Individually by User Profile

We can navigate to the ‘Manage User Profiles’ link and find this out individually for each user. When the user has a personal site we can click the drop down option to ‘Manage Personal Site’ and we are taken to the site settings.

Mange Personal Site

When the user does not have a personal site, a message is displayed saying they don’t have one.

PersonalSiteNotYetCreated

 O365 Reports 

For gathering a total count, there is a report under:

Admin > Office 365 > Reports > OneDrive for Business sites deployed

OneDriveSitesDeployed

 

Use Search to report on Personal Sites

We can also use Search to find all the personal sites e.g.

Path:https://chrishines-my.sharepoint.com AND contentclass:STS_Site

This will get all the personal sites under the My Site application (chrishines-my.sharepoint.com). The query will naturally return only one page of results at a time. However, we can use the search REST API to get creative and return large pages (maximum 500) and iterate through all pages to get a count. The REST API call would look like something like this:

http://chrishines.sharepoint.com/_api/search/query?querytext=’Path:https:%2f%2fchrishines-my.sharepoint.com+AND+contentclass:STS_Site’&trimduplicates=false&startrow=4500&rowlimit=500

This particular request will get all the personal sites from count 4,500 – 5,000. In my case this returned 239 results telling me that 4,739 personal sites had been created thus far.

You may be comfortable writing REST API calls to achieve this. Alternatively, I would highly recommend using the SharePoint 2013 Search tool to help out.

https://sp2013searchtool.codeplex.com

Remember to set trimduplicates=false as identification of duplicates can cause a lot of confusion with this type of query.

Why Agile is the only methodology for SharePoint Online (O365)

I was recently preparing a presentation for a Chicago SharePoint Saturday. As I built out my slides explaining some O365 DevOps best practice it struck me that an Agile methodology could be the only viable methodology to deliver and maintain SharePoint Online projects. Here’s why…

At Perficient we have embraced SCRUM for many SharePoint projects and it has proven to be very successful. I took the SCRUM Master Course and certification to solidify my understanding of SCRUM. I recall the tutor saying that the largest part of adopting Agile is to think in an agile way. Quite simply I have modified the way I think about projects and I think this has helped me lead projects in the cloud.

To contrast, I began to think about how hard it would be to deliver SharePoint Online projects using a more traditional waterfall methodology. When you consider the ‘Evergreen’ service and how quickly we are seeing new features appear it’s a paradigm shift in my field of work as a SharePoint Architect.

I have made it part of my weekly routine to check the Office 365 public roadmap to assess features being rolled out as well as those on the horizon. This helps me understand, from a feature perspective, what I need to keep a close eye on in coming weeks.

O365 Public Roadmap

O365 Public Roadmap

In conjunction I also ensure that our development and QA tenants are signed up for ‘First Release’ (under O365 Service Settings). This enables me to see the features being rolled out at least two weeks prior to general availability and the change hitting our production tenants. This gives first sight of potential issues as well as identifying new feature opportunities.

O365 First Release

O365 First Release

Whether it’s the desire to work with a new feature or the need to respond to a change you’ll have a minimum of two weeks to respond. There is no longer the option to hold off a service pack or ‘hang five’ on that security update as we may have done on-premises.

How would your project handle the need to change, test and deploy within a two week period? Most likely, if you are following a traditional waterfall approach, this will be very difficult. If the service changes during a Build phase, how would you change direction and redesign? If you are a consultant, how would this affect scope and budget? What about your release cycle? Is it frequent enough to keep pace?

Our SharePoint Online SCRUM projects are typically running on a 1-2 week Sprint cycle. We usually start out with a 2 week cycle but then accelerate to a 1 week during a stabilization phase, when we do less new development and enter early support and maintenance. This enables us to achieve 1-2 releases during this critical window and keep pace with the service.

Is your methodology agile enough to keep pace in the cloud?

Everything You Need to Know About Delve & Office Graph

Ok, I’ve got to admit I really meant to say “Almost everything you need to know in first Release.”

The more you share, the more you get. Believe in that? Office 365 community does and as a result , this week Microsoft hosted “Delve Yamjam” to coincide with the launch of the new Office 365 product called “Delve”. (If you are new to I highly recommend reading earlier articles here and here to get to know your new friend Delve). Look at a screenshot of Delve from my demo tenant, looks pretty cool, huh?

Delve Img1

Some great questions asked some great thoughts shared. I summarize here for the larger community. Microsoft responses were from Christophe Fiessinger, Kady Dundas, Josh Stickler, Mark Kashman, Cem Aykan and on the phone Ashok Kuppusamy, Stefan Debald, Fredrik Holm, John Toews, and Robin Miller.

  • Which Office 365 business plans includes Delve?
    • Delve is included in the Office 365 E1 – E4 subscription plans (and the corresponding A2 – A4 and G1 – G4 plans for Academic and Government customers respectively)
  • Can I protect data from ever being shown in others Delve results?
    • Yes, Delve only shows documents based on permissions set and inherit those from OneDrive and SharePoint online. Also each card will have a sharing control and “who can see this” option
    • If your folder and contents are not shared with anyone, they will not appear in Delve for anyone. It always respect the permissions set on the items.
  • Which kinds of data is considered “private data”?
    • There’s both the concept of private data (e.g. files that only you or you and a select few colleagues can see) and private signals (e.g. the fact that you have viewed a particular document, even if it’s public). Delve respects SharePoint and Search permissions, so only users who have access to read a document can see that document appear as a result in Delve. Furthermore, details like the documents you view or documents others view are private.
  • Any Android / iOS apps in the pipeline for Delve?
    • Yes but no timeline could be provided yet
  • Not all content (file types) is included in Delve. Any plans for extending the list of file types, and/or list of content sources?
    • PDF, excel, and word file types are included but there is absence of image files and Visio files.
    • Yep, we are planning to add more content sources and signals to the Office Graph on ongoing basis
    • We are working on increasing the content types supported by Delve. We started with an initial list of Office doc types, but we will expand this over time.
  • Delve site has default branding and does not incorporate our corporate branding that is available on Yammer, OneDrive and Sites menu options in top navigation bar?
    • The top Office 365 navigation is now theme able and your theme should be available in Delve as well. Broader theming is something we’ll be looking at in the future.
  • Delve was rolled out to our business tenant yesterday. So far it is showing us trending documents that our co-workers are viewing on SharePoint. Is there a way to block certain areas so we don’t see our co-workers trends in HR searches?
    • You can make those documents not shared using the SharePoint permissions UI, but right now, there’s no feature to exclude documents from Delve but still available to everyone.  read here for more details.
  • Will Outlook be leverage into Delve
    • Outlook as part of Office 365 is already leveraged in Delve.
    • We are considering adding email attachments to Delve.
    • Office Graph is driving scenario for OWA. So appointments and attendee information are only leveraged in delve if it’s in OWA. You can imagine Office Graph providing insights multiple scenarios in the future…if you haven’t already done so check the Office Graph on the blog post from Monday.
  • Does ‘signals from exchange’ refer to email relationships (i.e. who the recipients and senders are)?
    • Yes, and to elaborate, it analyzes the set of people with whom you correspond via email and use this data as a factor to weight your working relationships with your colleagues.
    • The org structure is another factor taken into consideration
  • The 5 people to the left – seems to be right for most people (in terms of the ones with most interactions), but I have seen colleagues, with strange people presented as top 5 people.
    • have a bug where it is showing groups/crawler accounts instead of just people
    • The people on the left aren’t related to them in any way. Known issues MSFT working with no ETA
  • Will Delve work in a hybrid scenario using my On-Premise systems?
    • This is place for partner opportunities! But MSFT is working on a solution to feed on-premises (like exchange on premise) content into Delve, but no timeline can be announced.
    • Plans to release hybrid connector capabilities so that the Office Graph can integrate signals and content from on prem.
  • Any federation plans across multiple tenants?
    • No plans today
  • Delve supports the most common screen readers, high-contrast mode etc aligned with Microsoft policies in this area.
  • Is there a way to limit #delve deployment to some user groups in the company? Just to help company to graduate deploy it
    • An individual user can turn off Delve. This will also control Office Graph as-well.
  • Are you adding Delve results to the search page, or can we see this as an UI opportunity
    • Not to SharePoint enterprise search center but we look at that as an opportunity
  • Item limit for Delve
    • Delve shows up to 36 items in a view. This is the same when you search in the search box.
  • Details to the API Roadmap?
    • Right now you can do graph queries through the SharePoint Search Rest API using “Graph Query Language” as described here: GQL
  • If a user has permission to access a document/list item but the library/list is excluded from search in list settings will the content still display in Delve?
    • Nope, Delve uses the same permissions for search..
  • Do you have plan to return Yammer conversations in any form as Delve results ?
    • It’s something MSFT is actively working on showing the Yammer conversations tied to documents in Delve.
  • Is Delve going to work with Office 365 Pro Plus client or only Office online, and the other question, is it only working based on files saved only in ODFB and SharePoint online?
    • Yes if the document is stored in OneDrive for Business or SharePoint Online then yes the Office Graph will index it
  • What is the best way to introduce Delve within an organization? Are there best practices and change management recommendations?
    • We are working on an email template that Office 365 admins can then send to their users that helps address exactly what you’re asking. It would have info about What, How, Why with links and first steps. This template will be made available to admins via the message center to raise awareness.
    • We, too, plan to incorporate Delve info and insight into the adoption website we currently maintain here: Discover SharePoint  (with near-term plans to focus on broader Office 365 scenarios).

Hope this provides some insights around how Office Graph captures and renders signals. Check back for more details as I dive more into Delve.

Office 365 pushes Microsoft atop Gartner’s Social Magic Quadrant

Microsoft position as a Leader in Gartner’s 2014 Magic Quadrant for Social Software in the Workplace has moved to the top. Read the rest of this post »

SharePoint Online (O365) adds security and compliance services

In the past month, Microsoft has added two key new service capabilities to SharePoint Online and Rights Management that provide a more robust secure computing experience.  The first is the introduction of data loss prevention and the second is the improvements in protecting content across all platforms including OS X Support.

Data Loss Prevention

DLPSharePoint Online now provides the ability to perform a legal audit to determine the amount of risk posed by data stored on SharePoint sites and OneDrive, commonly known as data loss prevention or DLP. This capability provides the ability to identifying 51 built-in sensitive information types such as credit cards, passport numbers, and Social Security numbers. Once discovered there is the ability to perform an audit and export a report with suspect content.

There is future capabilities for policy creation that automatically detects sensitive content and applies protection, such as deletion or quarantine for review.

For more information about Using DLP in SharePoint Online, review this TechNet article
For more information about the Using 51 DLP Information Types, review this TechNet article.

Read the rest of this post »