Author: Jeremy_MSFT Originally published to the Office 365 Preview blog. Office 365 ProPlus changes the security and data management story from securing end points and activities on the end point to decisions for securely accessing data. In order to enable users to switch from one device to another and resume working with their content, it means that either they log into a remotely hosted environment or that endpoints have access to remotely-stored documents. Office 365 ProPlus optimizes for the best experiences on devices while also providing rich browser-based experiences with Office Web Apps. In either constellation, Office 365 ProPlus does not use a Remote Desktop Protocol-based architecture where the user logs into a remote system and views that from the endpoint. Files and content will move to the consuming device whether viewed through a browser or with rich clients, so securing access to files is a key consideration. If your organization is not quite ready to move email or file storage workloads to Office 365 Enterprise services – with Exchange and SharePoint functionality available – then Office 365 ProPlus may be the best fit because your email services and files will be stored on your premises. The only data Office 365 ProPlus will need to store in the cloud are User Principle Names and related minimum user attributes for handling activation and roaming settings information (primarily HTTP links to files and custom dictionary entries).  Everything else in that case remains in your infrastructure using traditional data management and access models. Securing the Service Some of the primary vectors for Office 365 security have been discussed in this series as they relate to authentication and authorization to Office 365 services and which services are permitted as save-to or open-from locations. For the latter configuration, Office 365 ProPlus and Office Professional Plus 2013 may be managed by new Group Policy settings to optionally restrict storage to SkyDrive or third party cloud storage locations. You may also limit sign-in credentials to Organizational IDs and disable sign-in to personal IDs or disable sign-in altogether. Disabling sign-in completely applies best to Office Professional Plus 2013 installs of Office, where activation is performed via Key Management Service (KMS) or Multiple Activation Key (MAK). Access to files and services may be augmented by Rights Management Services and/or multifactor authentication used in conjunction with Active Directory Federation Services to provide secure authentication and authorization to your organization’s files. Securing Clients Office 365 ProPlus includes enterprise-class security controls and fully-supports Group Policy configuration management. Additional features carried over from Office 2010 include Protected View, Data Execution Prevention (DEP) support, trust locations and documents, Office file validation and file block and ActiveX Kill Bit. For many organizations, the default security settings for Office 365 ProPlus are suitable and for those of you with highly locked-down environments, Group Policy enables thousands of settings via ADMX administration templates to fine-tune Office settings to fit your needs. Securing Office on Demand and Web Apps Office on Demand is a new delivery model allowing users to stream complete Office applications from a SkyDrive Pro location. It enables users to get quick access to Office applications and their files on essentially any Windows 7 or newer PC with an Internet connection – and without ActiveX controls disabled by the admin. But what does this mean for the files accessed via these unmanaged or non-owned PCs? Because the user in this case has access to SkyDrive Pro from the unmanaged PC, Office on Demand works to provide an excellent viewing and editing experience. If that user elects to download a copy and view it in Notepad or a browser, the file has already made it to the local hard drive of the computer. While Office on Demand does enable a more compelling user experience in this case, it doesn’t diminish security if those files were already accessible from that unmanaged computer. Much more to come This post only scratches the surface of security considerations scoped to the client and essentially was written to answer a few very frequently-asked questions I get when presenting Office 365 ProPlus to large organizations. Check out the  Security overview for Office 2013 Preview on TechNet for further information on product and service security as it relates to Office Professional Plus 2013 and Office 365 ProPlus. Also be sure to download the Office 2013 Preview Administrative Template files (ADMX/ADML) for Group Policy management.

Here’s some basic information you’ll want to have if you want to support SkyDrive Pro libraries and Sync services in your organization. If you just want to get your bearings around SkyDrive Pro, you can start here: https://office.microsoft.com/en-us/sharepoint-server-help/what-is-skydrive-pro-HA102822076.aspx   Regarding SkyDrive Pro prerequisite software and services: To support SkyDrive Pro libraries in your organization, the latest SharePoint or Office 365 personal sites (also known as My Sites) need to be deployed in your organization, and the user profile service needs to be running. This is because social features, such as sharing documents, depend on personal sites and user profiles. To support Sync in SkyDrive Pro (the ability to synchronize SkyDrive Pro documents with local desktops), make sure that either Office 2013 (Standard or Professional) or an Office 365 subscription that includes the Office 2013 applications is running on Windows 7 or Windows 8 client devices.  Regarding security concerns: SkyDrive Pro client exchanges with SharePoint sites rely on synchronization protocol and external mechanisms for security, such as those provided by VPNs or Secure Socket Layer (SSL) technology. SkyDrive Pro data is not encrypted over the network when the SkyDrive Pro client talks to SharePoint (which is required to support SkyDrive Pro), unless the transport protocol is being used for server communication is through https (which uses SSL or Transport Layer Security – TLS). Server administrators can configure SSL encryption for data sent over the network between the SkyDrive Pro and the SharePoint servers. On-disk data can be encrypted using the Windows BitLocker Drive Encryption. For more information see ‘BitLocker Drive Encryption’ at https://go.microsoft.com/fwlink/p/?LinkId=163122 . Note: SSL is recommended for SharePoint connections from outside a corporate domain. If you’re using Active Directory, you can configure the following Group Policy setting: Sync Only On Domain Network: Requires a Secure Socket Layer (SSL) connection for SkyDrive Pro clients trying connect to SharePoint Server 2013 (or SharePoint 2010) from outside the organization’s intranet. In addition, you can secure the SharePoint site from unauthorized access by setting access control lists appropriately. For guidance about how to set access control for users to synchronize with SharePoint libraries and lists, see ‘Overview of site permissions in SharePoint 2013’ at  https://technet.microsoft.com/en-us/library/jj219771.aspx .

We are excited to announce our next Ignite Webcast featuring more information on one of the most exciting Office 365 Deployment features called Click-to-Run. You can view the original blog post on the Ignite site here . To sign up for this webcast please download and save the attached calendar invite below where you will find the Webcast Meeting information.   Ignite Webcasts are online sessions led by Microsoft Office 365 Product Managers, Engineers and support staff. The Ignite webcast series addresses different Office 365 technical subjects and scenarios and is beneficial to anyone who wants to increase their knowledge of the Office 365 suite. View the Ignite Site for more information about Ignite programs and webcasts. You can view past Ignite Webcast sessions and materials here .     In this session, we will be providing an overview of the new Office 365 ProPlus delivery technology, Click-to-Run. Come hear about how Click-to-Run works, how it enables “Side by Side” use of Office, and how it makes upgrading Office a lot easier, faster and cheaper. You will have a great opportunity to ask questions and discuss with our presenter. Bring your questions! Our webcast will be led by Curtis Sawin. Curtis Sawin is a Senior Consultant, specializing in Office Compatibility and Office Deployment issues. Further, he dabbles in Windows Installer and SQL Server Reporting Services development. Sawin has spoken at several industry conferences, including MMS (Microsoft Management Summit), TechEd, SPC (Microsoft SharePoint Conference), and TechReady. Sawin has been with Microsoft since 2007.   Remember, to sign up for this webcast please  download and save the attached calendar invite below . We are excited to see you there!    —————————————————————————————————————————————————————————— Presenter :  Curtis Sawin , Senior Consultant specializing in Office Compatibility and Office Deployment Issues Date/Time:  Tuesday January 29 th , at 10:00 AM Pacific Time . (1 Hour presentation) Live Meeting Information: ……………………………………………………………………………………………………………………….. Join online meeting https://join.microsoft.com/meet/v-joshto/F00T8BQY Join by Phone  +14257063500        +18883203585          Find a local number   Conference ID: 27579341    Forgot your dial-in PIN?  |    First online meeting?      [1033])!]   Audience: Office 365 for professionals and small businesses Office 365 for enterprises

To sign up for this webcast please download and save the attached calendar invite below where you will find the Webcast Meeting information.  Ignite Webcasts are online sessions led by Microsoft Office 365 Product Managers, Engineers and support staff. The Ignite webcast series addresses different Office 365 technical subjects and scenarios and is beneficial to anyone who wants to increase their knowledge of the Office 365 suite. View the Ignite Site for more information about Ignite programs and webcasts. You can view past Ignite Webcast sessions and materials here .     Microsoft Exchange Server 2013 brings a new rich set of technologies, features, and services to the Exchange Server product line. Its goal is to support people and organizations as their work habits evolve from a communication focus to a collaboration focus. At the same time, Exchange Server 2013 helps lower the total cost of ownership whether you deploy Exchange 2013 on-premises or provision your mailboxes in the cloud . In this Webcast, Scott Schnoll discusses the new architecture for Exchange Server 2013 and the new features and functionality in Exchange 2013 that enable organizations to support a multigenerational workforce, provide an engaging experience for users, integrate Exchange 2013 with SharePoint and Lync, meet evolving compliance needs and provide a more resilient messaging solution. This webcast will be led by Scott Schnoll, a Principal Technical Writer on the Exchange User Education team at Microsoft where he authors content on a variety of content related to Exchange Server, including high-availability, site resilience, virtualization, and more. He is a frequent speaker at major industry conferences, such as Microsoft TechEd, Microsoft TechDays, Microsoft WinDays, The Experts Conference and more. Prior to joining Microsoft, Scott authored Microsoft Exchange Server 2003 Distilled (Addison-Wesley, 2004) and he was the lead author of Exchange 2000 Server: The Complete Reference (Osborne McGraw-Hill, 2000). Scott is a former long-time Microsoft MVP for Exchange Server, Windows and Rights Management Services. Follow Scott on Twitter @ schnoll and check out his personal blog at https://blogs.technet.com/scottschnoll . This is a unique opportunity to interact and learn from your industry peers and representatives from Microsoft. Be sure to attend this session to learn more about what’s coming in Exchange 2013 and to participate in a Q&A session with Scott Schnoll.   Remember, to sign up for this webcast please  download and save the attached calendar invite below . We are excited to see you there!    —————————————————————————————————————————————————————————— Presenter :  Scott Schnoll , Microsoft Principal Technical Writer on the Exchange User Education team Date/Time:  Thursday January 17 th , at 10:00 AM Pacific Time . (1 Hour presentation) Live Meeting Information: ……………………………………………………………………………………………………………………….. Join online meeting https://join.microsoft.com/meet/v-joshto/F00T8BQY Join by Phone  +14257063500        +18883203585          Find a local number   Conference ID: 27579341    Forgot your dial-in PIN?  |    First online meeting?      [1033])!] Audience: Office 365 for professionals and small businesses Office 365 for enterprises

” The new, modern Office will deliver unparalleled productivity and flexibility for both consumers and business customers. It is a cloud service and will fully light-up when paired with Windows 8. ” ~Steve Ballmer, CEO Are you customer ready for the  NEW  Office 2013 & Office 365 cloud service s ? Jump start your readiness by attending this exclusive premier partner pre-launch event. Register now as space is limited! The event will be held at the Microsoft Corporate campus, in Redmond, WA, USA. Come discuss both the new technical capabilities of this release as well as partner business opportunities. The event will feature presentations, demonstrations, and ample time for discussion with experts from the Microsoft Office Division and the Microsoft Partner Network. Technical and sales readiness topics on the agenda will include: IGNITE – Get Ready for the next Office 365 Overviews PLUS – Grow your business with the new Office PLUS – Understand the new Office Office 365 for I.T. Pros Partnering with Microsoft The New Office Identity and Access Management Understand the  Microsoft Office 365 Sales Process The New Office Web Apps Exchange Online Winning in a competitive services market place Project Online Migrating to Office 365 The Customer Immersion Experience, a selling tool Visio Exchange Online Protection Understand and optimize for the Microsoft Sales Organization Office Telemetry and application compatibility Lync Online Solution Selling, how Microsoft does it Office 365 Pro Plus Data Loss Prevention How to run an O365 Proof of Concept The new opportunities for developers and custom apps Business Intelligence Helping customers with their regulatory compliance (invitation only)   SharePoint Online How we joint sell with partners to our large customers   Yammer Understand the advantage of becoming a Cloud Deployment Partner   Archiving & E-Discovery Learn about the dedicate partner investments for you   We invite Technical and Sales professions from your organization to join us to celebrate this exciting release and prepare for a great 2013! Register now! Register Important Registration Details Dates: January 22 – 24, 2013 Location: Microsoft Campus, Redmond, Washington Suggested Attendees: Sales professionals and Technical consultants Registration Site: https://partnerignite.dynamiceventsreg.com Registration Process:     Accommodations:       Cost:  All registrations are subject to Microsoft approval and availability. You will receive a confirmation email within 48 hours of receipt of your approval by Microsoft, indicating your registration status. Please note that accommodations for this event are not included, however we will send hotel suggestions in your registration confirmation.  We recommend that you book your travel after your registration is approved.  There is no charge for this exclusive event, however we will impose a no-show fee of $600 if you register for the event, but do not cancel your registration by 5:00pm (Pacific Time) January 15, 2013.   Space is limited .   RSVP today! Register Here If you have any questions or require additional assistance with your registration, please contact our registration team via email at  ignitepl@microsoft.com  or the following phone numbers +1 (800) 528-1668 or +1 (360) 253-2971 during the hours of 8:00am – 5:00pm (Pacific Time), Monday through Friday. We look forward to seeing you soon! Office Partner Launch Registration Team

To sign up for this webcast please  download and save the attached calendar invite below  where you will find the Webcast Meeting information.  Ignite Webcasts are online sessions led by Microsoft Office 365 Product Managers, Engineers and support staff. The Ignite webcast series addresses different Office 365 technical subjects and scenarios and is beneficial to anyone who wants to increase their knowledge of the Office 365 suite. View the Ignite Site for more information about Ignite programs and webcasts. You can view past Ignite Webcast sessions  here .   Do you want to learn more about Office 365 ProPlus? Are you looking to launch Office 365 ProPlus into your organization? Our upcoming Ignite Webcast discusses several technical facets of Office 365 ProPlus: Integrating Office 365 ProPlus with the Microsoft Deployment Toolkit, System Center Configuration Manager and Windows Intune Software update management with Office 365 ProPlus This webcast will be led by Jeremy Chapman, Microsoft Senior Product Marketing Manager. This is a unique opportunity to interact and learn from your industry peers and representatives from Microsoft. Be sure to attend this session to learn more Office 365 ProPlus Deployment and to participate in a Q&A session with Jeremy Chapman.   Remember, to sign up for this webcast please  download and save the attached calendar invite below.  We are excited to see you there!    —————————————————————————————————————————————————————————— Presenter :  Jeremy Chapman , Microsoft Senior Product Marketing Manager Date/Time:  Wednesday January 9 th , at 10:00 AM Pacific Time . (1 Hour presentation) Live Meeting Information: ……………………………………………………………………………………………………………………….. Join online meeting https://join.microsoft.com/meet/v-joshto/F00T8BQY Join by Phone  +14257063500        +18883203585          Find a local number   Conference ID: 27579341    Forgot your dial-in PIN?  |    First online meeting?      [1033])!]   Audience: Office 365 for professionals and small businesses Office 365 for enterprises

Following my recent career move (see Hello Social, goodbye Project! #msproject #yammer ) focused on Enterprise Social and the recent SharePoint Conference 2012 last month, I’d like to share important announcements we made at that event that provides insights into our strategy around enterprise social. Putting Social to Work (Business Value, Vision, SharePoint + Yammer Roadmap, Yammer Packaging and Pricing ), Jared Spataro : https://blogs.technet.com/b/microsoft_blog/archive/2012/11/12/putting-social-to-work.aspx SharePoint Conference 2012 Opening Keynote : https://www.youtube.com/watch?v=BLsIjvIyAxo It’s an awesome two hour keynote you should be watching end to end but specifically watch these segments on Enterprise Social (I’ve put the approximate start times): Why we acquired Yammer? Jeff Teper- 0:36 Enterprise Social Network – David Sacks – 0:42 Transform your business, Experiences & Platform – Adam Pisoni – 0:46 3 social demos:  Yammer & SharePoint/ Open Graph , Yammer & SkyDrive Pro integration,Yammer Windows 8 app– Adam Pisoni – 0:51 Roadmap – Jeff Teper – 0:56 Nationwide Insurance – Yammer & SharePoint video – 1:00 A great blog to subscribe to: https://blog.yammer.com/blog/ Exciting years ahead and get started with Yammer today! Happy holidays!

Audience: Office 365 for professionals and small businesses Office 365 for enterprises     To join this Lync and Learn Session  please Download and save the calendar invite at the bottom of the blog post. Join us on  Thursday December 20 th , at 10:00 AM Pacific Time  and  view the Lync online meeting information below.  We are excited to see you there!  Lync and Learn is an online session led by Office 365 Product Managers and Community  Grid members .  Lync and Learn sessions address different Office 365 subjects and scenarios and is beneficial to anyone who wants to learn more and expand their knowledge of the Office 365 suite. View past Lync and Learn sessions  here .        Office 365 provides convenience in the cloud through a great set of productivity and collaboration tools. In this Lync and Learn session, Kelsey Epps will provide some convenience of his own through helping us set up Office 365. We’ll get back to the basics and dive into setting up Office 365. In this Lync and Learn Webcast we will cover the following:  Sign-up for the trial Adding a domain and verifying it DNS records Create Users and Assign licenses Setup Desktop PC for User Accessing Office 365 Services from the Desktop and Internet Purchasing Additional Licenses Open a service request Kelsey Epps is a Senior Systems Engineer with a background in Microsoft Clustering, Exchange Server, Lync Server and Windows Server. Download the calendar invite below and join us on December 20th at 10:00 AM Pacific Time for this great session.   Interested in being our next Lync and Learn presenter?  Learn how to join the Office 365 Grid  and become an Office 365 Lync and Learn presenter. ——————————————————————————————————————————————————— Presenter: Kelsey Epps , Technology Consultant with HP and Concepps Group, and  Office 365 Grid member . Date/Time: Thursday December 20 th , at 10:00 AM Pacific Time . (1 Hour presentation) ·         Live Meeting Information: Join online meeting https://join.microsoft.com/meet/v-joshto/F00T8BQY Join by Phone  +18883203585          Find a local number   Conference ID: 27579341    Forgot your dial-in PIN?  |    First online meeting?      [

  by Brian Petersen, MSFT SharePoint Online provides users the ability to map a network drive to a document library allowing a user to navigate to and open files directly from Windows Explorer. This blog is intended to direct users to a Knowledge Base article that’s been published to help not only setup and configure mapped network drives, but also address common issues and steps to resolve.  In the More Information section of this blog you’ll see a link to the KB Article, but you’ll also see more details around the most common scenario we see in support.  Note This blog and the KB article do not apply to Microsoft Office 365 for professionals and small businesses.   More information: The Knowledge Base article entitled “How to configure and to troubleshoot mapped network drives that connect to SharePoint Online sites in Office 365 for enterprises” can be found here: KB2616712 . Ensure all the steps are completed in the KB, but also note the comment about the cookie expiring in the first set of solution steps. The comment in the KB states “Be aware that the cookie will eventually time out”. Certainly, having the WebClient started in your client machine’s Services, along with adding your SharePoint site to the Trusted Sites Zone of your Internet Explorer browser, are both important solutions to Mapped Drive issues. However, you will continue to encounter an Access Denied error periodically – mainly after rebooting the computer or when you haven’t logged in (authenticated) to SharePoint Online over an extended period of time, generally 8 hours., One common scenario is when a user locks the computer at the end of the workday, returns the next day, and logs in to their work computer. If that worker tries to access the mapped drive he or she will get the following error. Path is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. Access Denied. Before opening files in this location, you must first add the web site to your trusted site list, browse to the web site, and select the option to login automatically’ The user receives this error because the session cookie  for SharePoint Online has expired and must be “refreshed” in order to successfully access the mapped network drive again.            

When the SharePoint 2013 updates start getting rolled out to your SharePoint Online sites, you will notice some changes and improvements to the external sharing capabilities in SharePoint Online: The experience for managing external sharing (for example, turning it on or off) has been streamlined and simplified. Site users will also have more options for how they choose to share content. They can: Share sites or documents with external users by requiring them to sign-in to the site. Share documents with anonymous users through the use of guest links Finally, the sign-in experience for external users who receive invitations to access or view content on SharePoint Online sites will be updated to make the experience a bit more straightforward. Managing external sharing in Office 365 Enterprise Plans In Office 365 Enterprise plans, SharePoint Online admins will be able to manage external sharing centrally from the SharePoint Online admin center.  On the Settings page in the SharePoint Online admin center, admins can turn external sharing on or off globally for the entire tenant, or they can choose to allow only specific kinds of external sharing (e.g., allow sharing only with sign-in). One key change coming for Enterprise plans is that admins can also centrally manage external sharing for individual site collections directly from the SharePoint Online admin center. They can choose to turn external sharing on or off for one or more site collections or they can control which level of sharing is allowed for specific site collections.     SharePoint Online admins with Enterprise plans will also have the option of using Windows PowerShell cmdlets in the SharePoint Online Management Shell to perform tasks such viewing a list of all external users or bulk removing external users. For more information about configuring and managing external sharing in Office 365 Enterprise plans, see Manage external sharing for your SharePoint Online environment.     Managing external sharing in Office 365 Small Business plans If you have an Office 365 Small Business plan, the admin experience for managing external sharing is even more streamlined. You have a simple on/off switch in the Office 365 Service Settings for the external sharing feature. You can also use the Remove individual external users link to remove external users so that they no longer have access to sites or content that has been shared with them.   For more information about managing external sharing in Office 365 Small Business plans, see Manage sharing with external users . Sharing content.   Sharing content For site users, the option to share is easy to discover and use. You can use the Share command to quickly invite users to access a site. You can send invitations to any email address. Invitation recipients can sign in using a Microsoft account or a Microsoft Office 365 user ID.   The process for sharing documents with users by requiring sign-in is the same (although you would click the Share command from the document’s menu).     For more information about how to share sites or documents, see Share sites or documents with people outside your organization .    Thanks for reading!   Laura SharePoint IW Content Team