are you using office 365 groups yet? you should be! · admins can now create office 365 groups...
TRANSCRIPT
Are you using Office 365 Groups yet?
You should be!
Introduction
Matt GreeneEngagement Manager at Netwoven
Over 6 years experience in Building and
Delivering SharePoint Solutions
Agenda
21 3
Show of Hands
How Business Works Today
➢ Request Distribution List for Messaging
➢ Get SharePoint site for files
➢ Create project plan
➢Manually manage permissions on content
➢ Ramp up new team members based on previous group
discussions
➢ Apply and manage policies on content
➢Manually manage membership and access on Distribution
Lists
Collaboration in the Past
Business Challenges
of organizations lack data governance, leaving them open to litigation and data security risks
of employees believe IT is ineffective at providing collaboration, data analysis, and mobility capabilities.
Collaboration Today with Office 365 Groups
Hub for Teamwork
Teams
Co-Author
Office Apps
Connect Across
the Organization
Yammer
Intranets &
Content Management
SharePoint
Email & Calendar
Outlook
Office 365 GroupsSingle team membership
across apps and services
Microsoft GraphSuite-wide intelligence
connecting people and content
Security and ComplianceCentralized policy management
Office 365 Groups is a Membership Service
One identity Federated resources Loose couplingAzure AD is the master for group
identity & membershipOffice 365 services extend with
their dataService notify each other of
changes to a group
Demo
How do I manage Groups at scale?
OPEN
• Everyone can create groups (default).
• Using all teamwork apps to meet their diverse needs.
• Consistent classification and policy enforcement.
CONTROLLED
• Creation is limited to certain business units/users.
• Progressively expand self-service during O365 apps onboarding.
• Guide users to collaboration choices.
Processes in place
Reporting & monitoring
Change management
How can you ensure it is rolled out in a
controlled fashion?
?
Scope group creation to a pre-determined set
of users.
Incrementally expand access before enabling
self-service for entire organization.
Group Creation Permissions
Creation PoliciesSet up a security group which is allowed
to create groups.
Hidden MembershipHide the Office 365 group members
from users who aren’t members of the
group.
Dynamic MembershipAdmins can define groups with rule-based
memberships using the Azure
Management Portal or via PowerShell.
Enforce a consistent naming strategy for
O365 groups created across all group
workloads (Outlook, SharePoint, Microsoft
Teams, Planner, etc.)
Group Naming Policy
IT admin can overrideSelective admin roles can override the
naming conventions and blocked words
check
Custom Blocked Words Check Upload your organization specific
blocked words to restrict usage
Force a Naming Convention Prefixes and Suffixes to identify creator
and user intent. Use fixed strings or Azure
AD user attributes
Manage group content produced by setting up retention policies
to keep what you want and get rid of what you don’t need.
Admins can now create Office 365 Groups retention policies that
apply to the group’s shared inbox and files in one step using the
Office 365 Security & Compliance Center.
With labels, you can classify Office 365 Groups emails and
documents across your organization for governance, and
enforce retention rules based on that classification.
Group Policies & Information Protection
Usage GuidelinesYou can define usage guidelines for
Office 365 Groups—to educate your
users about best practices and internal
content policies.
Guest ExpiryAutomatically enforce guest access
review with expiration policies that group
owners must respond to.
Default Classificationcreate a customizable data classification
system for Office 365 Groups, such as
unclassified, corporate confidential or top
secret.
Demo
How can I manage unused groups?
?
Manage group lifecycle and clean unused O365 groups across all
group workloads (Outlook, SharePoint, MS Teams, Planner, etc.)
Group Expiration Policy
Notify Group Owners to
Renew the expired groupsOwners get notified by email to renew
the expiring group incase they still need
to use it
Apply expiration policy to
specific groupsAdmins can select a specific set of groups
and apply the policy to those
Expire Groups older than a
specific periodAdmins can expire groups created older
than x days
Owners can restore expired
groups that are soft deletedIf the group expires and gets soft
deleted, owners can still restore the
group
What if users accidently delete a group?
?
Retain group workload content in soft deleted state for 30 days after deletion
No more complex scripts needed to retrieve content of accidentally deleted
groups. Restore groups and its content across workloads by a click in admin
center or a simple PowerShell commandlet
Soft Delete and Restore
Hard Delete the groupAdmin can permanently delete the soft
deleted group
Restore the soft deleted groupAdmin can restore the soft deleted group
and its contents within 30 days of
deletion
Deleted group content across
workloads is stored for 30days Any group that is deleted is stored in a
separate container for 30 days
How can I audit user actions and gain
insight on group activity?
?
View which groups are active in your organization so
that you can act on inactive groups
View storage used by group mailboxes and group
sites so that you can clean up unused groups and
reclaim storage space
Groups Admin Reporting
Group storageView the group mailbox storage used
and the group site storage used
Group Activity across
workloadsView group activity across Group
mailbox, SharePoint sites and Yammer
groups
Total Groups vs Active GroupsView the total groups created and how
many are active
Groups Admin Reporting – Workload ActivityGroups Activity across workloads
Admin can view group activity across Group mailbox Conversations, Group site/files activity, Yammer group activity
Auditing
Audit Logs in the Azure AD Admin
Portal
Audit Log Search in Security and
Compliance Center
Demo
Office 365 Groups Roadmap
Rolling Out
• Expiration policy
• Naming policy
• Guest expiry
• Guest allow/deny for individuals & domains
• Default classification and classification description
In Development
• Expiration policy: In-app renewal & custom email
notification
• Yammer: SharePoint DocLib as default file store;
naming policy; guest access
• Teams: Guest access; larger team size
• Multi-geo: Enable the geo positioning of group
created in EXO & SPO based on the creator’s data
at rest location
• SharePoint: Connect an existing site to a new
group; manage group sites via SharePoint admin
center; select site designs
Getting Started✓ Establish Business pilot goals and make sure IT and
Business are committed to executing the pilot.
✓ Create a pilot roll out plan in partnership with Active
Directory, Exchange, and SharePoint administrators
✓ Deploy ProPlus for latest Outlook 2016
✓ Amplify successful groups and demonstrate value to
other departments
✓ Upgrade existing Distribution Lists (DL) & SharePoint
team site
Upgrade Distribution Lists to groups in Outlook
• Can do it in one click via Exchange Admin
Portal
• Automatically provisions other Group assets
(Planner, Team Site, etc.)
Connect existing sites to Office 365 groups
• Site collection administrators can connect sites
to groups
• Only top-level team sites (STS#0 template) are
eligible
• Respect current permissions hierarchy
Thank you
Thank You to Our Sponsors
Join us right after at The Blue Prynt
Socialize and unwind after our day of learning.
Blue Prynt Restaurant & Bar
815 11th St, Sacramento, CA 95814
bluepryntsacramento.com
Thank you for joining us today!
Don’t Forget SharePint
References
Soft Delete and Restore
Office Documentation
https://support.office.com/en-us/article/Restore-a-deleted-Office-365-Group-b7c66b59-657a-4e1a-8aa0-
8163b1f4eb54
Azure AD Documentation
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-restore-azure-portal
MS graph API Documentation
https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/directory_deleteditems_restore
Exchange Online PowerShell
https://technet.microsoft.com/en-us/library/mt784604(v=exchg.160).aspx
Group Expiration Policy
Office Documentation
https://support.office.com/article/8d253fe5-0e09-4b3c-8b5e-f48def064733
Azure AD Documentation
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-lifecycle-azure-portal
MS graph API Documentation
https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/resources/grouplifecyclepolicy
PowerShell Module
https://www.PowerShellgallery.com/packages/AzureADPreview/2.0.0.137
PowerShell Documentation
https://docs.microsoft.com/en-us/PowerShell/module/azuread/?view=azureadps-2.0-
preview&branch=master#groups
Group Naming Policy
Office Documentation
https://support.office.com/article/Office-365-Groups-Naming-Policy-6ceca4d3-cad1-4532-9f0f-d469dfbbb552
Information Protection
Data Classification and Usage Guidelines
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-accessmanagement-groups-settings-
cmdlets
Retention Policies
https://support.office.com/en-us/article/Overview-of-retention-policies-5e377752-700d-4870-9b6d-
12bfc12d2423?ui=en-US&rs=en-US&ad=US
Label Management
https://support.office.com/en-us/article/Overview-of-labels-af398293-c69d-465e-a249-d74561552d30?ui=en-
US&rs=en-US&ad=US