Where to store my data in O365

Nowadays nobody likes file servers, probably because are often in a state of chaos, and accessing them from a mobile device is difficult.

But for our luck, we can use O365 to adress this problems in order to store and share files in other systems like OneDrive, Teams and SharePoint.

The key point here, is files are stored in the cloud, so can be accessed easly from any device and probably anywhere (depends on the security implemented at your organization). So… there is no need to use the corporate network or to log into a VPN.

So let’s take into smaller pieces:

• Personal Data OneDrive: This is not a surprise, all your personal data MUST be stored on your OneDrive (I am not talking about your personal OneDrive), your corporate OneDrive!! OneDrive is mobile accessible, syncs with the user desktop, allows to sync certain files. It’s easy to find what you’re looking for. For me, it’r a masterpiece in the user Adoption
• Collaborative Projects Microsoft Teams: Any data that is being shared and worked within a group of users, should be on Teams, in addition to sync, mobility and search capabilities, it integrates an IM solution and other features as notes, calendar, Planner, which provides a complete collaborative workspace.
• Corporate Data SharePoint: Final versions of data and files that are shared company wide, should be stored in SHarePoint. You can include several layers of securioty, which provices a safe place where store confidential documents.

As you can see, there are several options inside O365, but as always you will need to implement a Governance plan inside your tenant to be sure that your data is secured.

Advertisement

Copy and Move in O365

When we were having all our files in SHarePoint and OneDrive onPremises it was a nightmare to copy and move files between Document Libraries, sites, etc.. but fortunately this have been changed and new features have been introduces to bypass this.

The following table lists the behaviour of the Copy/Move functionality in OneDrive for Business, SharePoint Online and of course Teams and other services associated:

 

Action	Behavior	Notes
Move File(s)	Moves the selected file(s) to the designated target container Retains metadata Retains sharing	Does not overwrite if filename exists, reports back error
Move Folder(s)	Moves the selected folder(s) to the designated target container Recreates a new copy of the folder Retains sharing	Does not overwrite if filename exists, reports back error
Copy File(s)	Copies the selected file(s) to the designated target container Recreates a new copy of the file(s) with new metadata Does not retain sharing	Does not overwrite if filename exists, reports back error
Copy Folder(s)	Copies the selected folder(s) to the designated target container Recreates a new copy of the folder with new metadata Does not retain sharing	Does not overwrite if filename exists, reports back error

As you can see i the table, If one or many of the files already exist at the target, they are not overwritten, not even with a new name or new version. You will instead get a note on this and the result

New File Viewers for Onedrive, SharePoint and Teams

The new functionalities included in OneDrive, SharePoint and Teams, allow the users to  have a quick and easy access to those files across devices regardless of the file type. So the user can have previews and thumbnail images for Adobe formats, like Photoshop and Illustrator, 3D files or DICOM medical images without actually installing the native application.

The following extensions are included:

3-D Modeling/Printing: 3MF, COOL, GLB, GLTF, OBJ, STL

Apple: MOVIE, PAGES, PICT, SKETCH

Adobe: AI, PDF, PSB, PSD

Audio/Video Media Files: 3G2, 3GP, ASF, BMP, M2TS, M4V, MOV, MP3, MP4, MP4V, MTS, TS, WMV

AutoCAD: DWG

AutoDesk: FBX

BioWare Game Engine: ERF

Compressed File: ZIP

Compressed File (Unix): Z

DICOM Medical Images: DCM, DCM30, DICM, DICOM

Finale: PLY

HydroCAD: HCP

Image Formats: GIF, JPEG, JPG. JPE, MEF, MRW, NEF, NRW, ORF, PANO, PEF, PNG, SPM, TIF, TIFF, XBM, XCF

License Key: KEY

Log Files: LOG

Microsoft Office (Word, PowerPoint, Excel): CSV, DIC, DOC, DOCM, DOCX, DOTM, DOTX, POT, POTM, POTX, PPS, PPSM, PPSX, PPT, PPTM, PPTX, XD, XLS, XLSB, XLSX, SLTX

Microsoft Outlook: EML, MSG

Microsoft Visio: VSD, VSDX

Microsoft Windows: CUR, ICO, ICON

Open eBook: EPUB

OpenOffice: ODP, ODS, ODT,

Photo: ARW, CR2, CRW, DNG

Rich Text Format: RTF

Text and Code: ABAP, ADA, ADP, AHK, AS, AS3, ASC, ASCX, ASM, ASP, AWK, BAS, BASH, BASH_LOGIN, BASH_LOGOUT, BASH_PROFILE, BASHRC, BAT, BIB, BSH, BUILD, BUILDER, C, C++, CAPFILE, CBK, CC, CFC, CFM, CFML, CL, CLJ, CMAKE, CMD, COFFEE, CPP, CPT, CPY, CS, CSHTML, CSON, CSPROJ, CSS, CTP, CXX, D, DDL, DI. DIF, DIFF, DISCO, DML, DTD, DTML, EL, EMAKE, ERB, ERL, F90, F95, FS, FSI, FSSCRIPT, FSX, GEMFILE, GEMSPEC, GITCONFIG, GO, GROOVY, GVY, H, H++, HAML, HANDLEBARS, HBS, HRL, HS, HTC, HTML, HXX, IDL, IIM, INC, INF, INI, INL, IPP, IRBRC, JADE, JAV, JAVA, JS, JSON, JSP, JSX, L, LESS, LHS, LISP, LOG, LST, LTX, LUA, M, MAKE, MARKDN, MARKDOWN, MD, MDOWN, MKDN, ML, MLI, MLL, MLY, MM, MUD, NFO, OPML, OSASCRIPT, OUT, P, PAS, PATCH, PHP, PHP2, PHP3, PHP4, PHP5, PL, PLIST, PM, POD, PP, PROFILE, PROPERTIES, PS, PS1, PT, PY, PYW, R, RAKE, RB, RBX, RC, RE, README, REG, REST, RESW, RESX, RHTML, RJS, RPROFILE, RPY, RSS, RST, RXML, S, SASS, SCALA, SCM, SCONSCRIPT, SCONSTRUCT, SCRIPT, SCSS, SGML, SH, SHTML, SML, SQL, STY, TCL, TEX, TEXT, TEXTILE, TLD, TLI, TMPL, TPL, TXT, VB, VI, VIM, WSDL, XAML, XHTML, XOML, XML, XSD, XSL, XSLT, YAML, YAWS, YML, ZSH

Web/Hypertext: HTM, HTML, Markdown, MD, URL

You can find more info in the following link

Idle session timeout in SPO and ODFB

Idle session timeout is a feature that kicks off after a period of inactivity, allowing O365 administrators to automatically signing out inactive sessions preventing the overexposure of information in case a user leaves a computer unattended. This is done, first by displaying a warning prompt and then signing the user out of SharePoint Online and OneDrive for Business.

This a useful feature in the scenarios where shared pc’s are used by multiple users. We have to take into account that this feature is activated for the entire tenant (is not possible to configure it to specific users) and only applies on web browser session 🙂

By default, this new feature is disabled, so in order to enable it we have to use SPO PowerShell module and execute the following commands:

Connect-SPOService -Url “https://yourtenant-admin.sharepoint.com”
Set-SPOBrowserIdleSignOut -Enabled $true -WarnAfter (New-TimeSpan -Seconds 100) -SignOutAfter (New-TimeSpan -Seconds 120)
Disconnect-SPOService

Once the idle session timeout has been activated, is it necessary to know that shis setting only will take place fore the new sessions. So once the timespan is reached (in my case 100 seconds), the user will be notified like the following:

If the timespan for log out is reached (in my example 120 seconds), the user will receive the following message

And the user will need to log in again into O365

If by any chance, you need to deactivate the Idle Session time out into your tenant, will be necessary to execute the following command:

Set-SPOBrowserIdleSignOut -Enabled $false

Also, it is necessary to be aware that the following actions are counted as O365 actions and restrictions/limitations:

1. Mouse movement or scrolling up and down is not included as activity. Activity is counted as requests sent to SharePoint Online.  Mouse clicks within the context of a site are considered activity.
2. Idle-session timeout is limited to SharePoint Online browser sessions; however, will sign users out of all Office 365 workloads within that browser session.
3. It will not sign out users who are on managed devices or select Keep Me Signed In during sign-in.
4. Idle session timeout is currently limited to Classic sites.  A fix will be rolled out to support Modern sites soon.
5. The WarnAfter and SignOutAfter values cannot be the same.
6. The policy scope is Tenant-wide.

For more info:

https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_shareon-mso_o365b/idle-session-timeout-in-sharepoint-and-onedrive/d128a00e-7c66-482b-abca-96b4e2b89436

https://techcommunity.microsoft.com/t5/SharePoint-Blog/Introducing-Idle-Session-Timeout-in-SharePoint-and-OneDrive/ba-p/119208

OneDrive for Business: File restore

Once again Microsoft has impressed me with rolling out this incredible feature. It allows end users to restore files from their OneDrive for Business from any point in time during the last 30 days.

I am sure that the inclusion of this feature will allow a lot of users to solve their day to day problems, for example I remember one customer having all his OneDrives files blocked by a Cryptlocker, and the only way to solve his problem was to ask to Microsoft to restore the entire Onedrive losing their recent changes. So, I hope that the files restore will solve this problem.

Furthermore, this tool is very graphic so will be very easily to select a file or a bunch of it and restore to a point in time. By the time writting this article, I’ve checked all my tenants and the tool hasn’t been rolled out yet.

You can learn more about it in the following post: https://techcommunity.microsoft.com/t5/OneDrive-Blog/Announcing-New-OneDrive-for-Business-feature-Files-Restore/ba-p/147436 

SPO and O4B Per Group Sharing Controls

This new feature – which hits first release tenants in June 2017 – will give extra control over who and how information can be shared with external/third party users in SharePoint Online and OneDrive for Business.

This control allows to limit the share with external users based on an specific AD security group, providing the ability to configure more than 1 security group to that control.

In order to configure this feature, we have to take into account that provides 2 options:

• Users in selected security groups share with authenticated external users: Only users in the assigned security groups will be able to share with external users. If you are not included in these groups you cannot share with an external user who is not in your organization.

• Users in selected security groups share with authenticated external users and using anonymous links: Users will be able to share with external users and also create anonymous links.

An important thing to note about this new sharing control is that the site collection policy will always take precedence. So, If the anonymous sharing is disabled at site colletion level (wether it is SPO or OneDrive personal site), users in the security group that will not be able to do so in that site collection.

Audit logs for OneDrive

Last week, a colleague asked me what possibilities of auditing that Onedrive has, but to be honest, no one likes being audited.

At the beginning, I was not sure about what to aswer, because I was sure that the Admin center has information about the tenant, but at the same time I was sure enough that the Admin center will not fulfil the requirements of the project.

I started digging into the O365, and I realize that exists and amazing feature called O365 audit log report inside the Compliance Center, it allows to seach the audit log to view user activity in the O365 organization, for example:

· User activity in SharePoint Online and OneDrive for Business

· User activity in Exchange Online (Exchange mailbox audit logging)

· Admin activity in SharePoint Online

· Admin activity in Azure Active Directory (the directory service for Office 365)

· Admin activity in Exchange Online (Exchange admin audit logging)

· User and admin activity in Sway

· User and admin activity in Power BI for Office 365

· User and admin activity in Yammer

If you want to know all the activities that you can select per category, visit: https://support.office.com/en-us/article/Search-the-audit-log-in-the-Office-365-Protection-Center-0d4d0f35-390b-4518-800e-0c7ec95e946c?ui=en-US&rs=en-US&ad=US

Knowing how to audit your information, it is an important feature and skill. Therefore, I want to introduce you how to activate all this data:

Access to you O365 tenant, Inside the Admin, go to Security section:

Then click on Office 365 audit report to access Audition and reports, take into account that before you are able to create new reports, you will need to activate the record. So, let’s begin:

And select “Turn On”

Then, you will need to wait for some time… After this time, you will be able to create activity reports, with many other filters (like date range, folders, etc…)

Currently, the audit history is retained for 90 days, I suppose that will be possible to tell MS to extend the audit log, but take into account that it is possible to export results to CSV.

Another wonderful feature, is to create activity alerts to automate process, imagine that you need to keep an eye on specific events, so you can execute a search, and then click on add an alert, you will need to specify a recipient for the alert

Therefore, when the audit detects a match between the alert and an event, it will trigger an email to the recipient specified.

As you can imagine, there are other options to detect events from the compliance center, for example using the APIs of Office 365.

Hope it helps!!

Which version of OneDrive I am running?

As a user, probably one day you would ask this question to yourself, so I will explain how to know which version of OneDrive 4 Business you’re running.

First of all, you will need to go to “C:Program FilesMicrosoft OfficerootOffice16”

Take into account that the directory will change in case you are using the 32 bit version or if you have installed the SO in another language.

Try to locate the Groove.exe application, right click and select properties, navigate to details tab and you will see there the version you’re running:

Also is it possible to do this by clicking Crtl+Shift+Esc, go to Details tab, click on Groove.exe, right click, Properties, details and you will see the same version as showed before. And then… compare if it the last version or if you need to update the client

Hope it helps!