The Dark Web

Although I spend most of my time working with technology enablement via productivity I have a keen interest in information security and where it is taking us as a society. Unfortunately, on that score I am not very ‘bullish’ about what the future holds.

Some of my previous thinking on this can be found at:

The World of Security Anomalies

Security before convenience or else

The bad guys keep winning

Why the bad guys will always win

To this list you can add:

Inside The Dark Web

Which looks at many of the issues I have previous covered but focused importantly on the challenges or privacy in todays connected world and how we are fast losing it and for it to be lost forever.

Take a look and let me know what YOU think. Is this something we SHOULD be worried about?

Need to know podcast–Episode 81

We’ve covered off using OneDrive for Business as a collaboration solution, now Tas and I turn our attention to outlining how SharePoint Online Team Sites should be used within a business. We also discuss what strategies are successful when it comes to making SharePoint a winner within an organisation.

You can listen to the episode at:

or subscribe to this and all episodes in iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show. I’m also on the hunt for some co-presenters so if you are interested on being a regular part of the show please contact me.


Cloud Business Blueprint

Skype for Business client roll out –

Attached Apps –

Built in mdm for O365 –

AU data centers go live –

Checking your MOSPA agreement in the Microsoft Partner Portal


1. Login to the Microsoft Partner portal;

with you Microsoft Partner details.


2. Click the Status link next to the MOSPA program


3. Confirm that the MOSPA (Microsoft Online Services Partner) agreement is Completed.

If something other than Completed is shown, you need to enrol or renew your MOSPA Agreement.

Getting Started With Attached Apps

One of the most common challenges I see with Office 365 is the ability to easily share contacts throughout your organisation. Yes, you can do with with Exchange Public Folders. Yes, you can do with SharePoint contacts but here’s an even easier way, using Attached Apps.

The great things about the Attached Apps shared contacts setup, is that it is free! The idea is that you’ll get hooked on the Attached Apps platform and use some of their other great offerings.

I must admit I had a little trouble getting the Attached Apps stuff up and working initially so I contacted them and they helped me get it sorted. Now as I like doing, I put all the information together in a simple step by step process you can follow which I have detailed below.

Having seen what the Attached Apps stuff can do I decided that it is an excellent offering for customers and for resellers as well. So if you looking to get set up as an end user then contact me ( and I can help you.


Alternatively, if you are reseller then you can set up your own partner account. In that case All I ask is that when you visit this link:

To sign up you select me when you get to Question 3 above. I’d really appreciate it and lets the Attached Apps folks know where the business is coming from.

I’ll be posting more about my journey with Attached Apps so stay tuned, but here’s how to get the ball rolling.


Navigate to the Attached Apps web site at:


Scroll down the home page and locate the Get the App Now button and select it.


Complete all the details in the sign up form.

Note that you will need to supply an Office 365 Global Administrator login and password to allow Attached Apps to me installed in the tenant.

Also be aware that you can only use a contact email address once, so if you have signed up previously for Attached Apps you will need to use a different email address in your contact details.


At the bottom of the form select he Register button.


You will now need to wait a few moments while the software verifies access to your Office 365 tenant and then configures itself.


When this installation is complete you see a Thank You message displayed on the screen. At this point you need to check the contact email address you suppliers during sign up. When you do you should find the following email:

Congratulations!  We have successfully provisioned your firm for attachedapps.  As an Administrator for the apps, you should have received a batch of credential emails, one for each user on the Exchange account used for provisioning.  You can forward those credentials to the users you wish to have access to the apps.

Please download the Getting Started Guide from our website.  It will expedite productive use of the apps and provide tips on customization for your specific business.  You will also find instructions for enabling the paid applications. 

Please email us at if you have any questions at all.

Thank you,

attachedapps Support Team


The next step in process is to configure your Office 365 tenant so that the Attach Apps configuration and abilities are automatically pushed out to all your users Outlook desktop client.

Visit the following URL:

which will download a file called attachedOutlookMail-Prod.xml. Save this file to your local machine.


Login to your Office 365 tenant as a Global Administrator. Select the nine boxes in the top left of the windows to display the My apps menu as shown above.

From the options that appear select Admin.


In the lower left of the window, under the Admin section, select Exchange.


In the Exchange admin center select organization from the options on the left. Then select apps from the options across the top.

You should then see a list of apps that are provided to everyone who uses Exchange, one of these typically is Bing Maps.


From the menu just above the select of app select the down arrow just to the right of the + (plus) symbol. This should reveal a menu as shown above.

From the menu select Add from file.


Use the Browse button to navigate to the location on your local machine where you downloaded the file attachedOutlookMail-PROD.xml previously.

With that file selected press the Next button to continue.


When the upload process is complete you should now see a new item called attachedcontacts listed as shown above.

Select this item by clicking on it.


Then select pencil icon from the menu just above the list to edit this entry.


From the window that appears select Mandatory, always enabled. Users can’t disable this app and then the save button to complete.


You should now see that attachedcontacts is set to Mandatory and Everyone as shown above.


Return to the Attached Apps web site at:

and select Log in in the top right of the window.

Each of your configured Exchange Online mailboxes would have received an automated email like below from Attached Apps:


Your company has just signed up to use attachedContacts, the powerful yet easy-to-use contact management system that lets you share company contacts across your organization while keeping all your personal contacts private. Plus, it’s designed to work closely with Outlook, so you don’t have to change the way you like to work.

It’s easy to get started, just click here to log in using your organization email address and the password provided below:

Email Address:


When you enter the app for the first time, you will be prompted step-by-step to import the contacts you want to share. You’ll then have access to these great benefits:

  • Edit company contacts once – the updated contact info will be reflected everywhere!
  • Slim down your bloated Outlook and mobile address book
  • Keep your personal contacts segregated from your organization contacts
  • Contacts automatically sync to Outlook, Outlook Web App and to your mobile device
  • Organize unlimited Contact groups and categories
  • And more!

We use attachedContacts in our own company and are constantly improving it. Our mission is to eliminate the technical obstacles to your greatness! So join us, let us know how we are doing and what else we can do to improve your work life.


The attachedapps Team

Want to know more? See these FAQs on our support site.

These are the logins that are used for each to access the Attached Apps portal via the Log in link just selected to provide access to all the Attached Apps functionality.


Login now with the information provided to an Office 365 administrator. Remember, the Attached Apps login is different from the standard Office 365 portal login.


Once successfully logged in you should see the Attached Apps dashboard or something similar.

If you select the first icon after the Attached Apps icon in the upper left of the window, this will take you to the Contacts page.


In most cases the only contacts that will be displayed are any existing Exchange Online users as well as the email address you used to sign up initially.

To import contacts from the current users Outlook select Outlook Import from the menu across the top.


Ensure that Outlook is running on the desktop. In most cases you want to select the Import All button to copy all the individual users contacts to Attached Apps so they can be shared. You can also select the Fetch Contacts if you wish to only upload selected Outlook contacts.


In this example, the current users only has one Contact as shown above. This contact is unique to that user currently but will soon be uploaded for all to share.


After pressing the import button you will see a confirmation message appear at the bottom of the windows. Select Yes to proceed.


You will then receive a confirmation message at the bottom of the screen confirming the import process has commenced. This process will continue in the background so you can close the alert and continue.

The import of the contacts will take a few moments to complete and the time taken is dependent on how many contacts are to be imported.



Once the process is complete you should see that the uploaded contacts have been designated as Attached Apps contacts (i.e. shared) by a small graphic and line underneath the contacts image as shown above.


If you now look at Outlook for a different user you won’t see that the uploaded contacts have been sync’ed down. To do this you will need to log into the Attached Apps portal and force the update.


Once you have logged into the Attached Apps portal select the Contacts icon again (in the top left) to view all the contacts. Just under the heading you will notice a check mark as indicated above.


Once you select the check mark you will see the menu change and display the options to either Mass Delete or Mass Change.


Now make the required changes to all the records desired. In this case make sure that all the contacts have the Sync option selected.

Once you have made any changes, select the Mass Change option from the menu bar.


At this screen ensure that the option Sync to Outlook is selected and checked as shown. Then select the Apply Changes button.


You will receive at confirmation message at the bottom of the screen. Select Yes to continue.


You can also force a sync of individual contacts if you wish. To do this, navigate to that contact and select the Staff Sync tab as shown above.


If you now return to second users Outlook, after a few moments the shared contacts should now appear and be designated as Attach Apps as noted previously.

Remember, if you do sign up don’t forget to mention me and look out for more posts on Attached Apps coming soon.

The world of security anomalies

I continue to see the confirmation of my long held assertion in this blog that the ‘bad guys just keep winning’. Why? The simple example I continue to see is a growing number of infections of Cryptolocker. If you haven’t read my previous rant on this then take a look at:

Now that post was 18 months ago and I still witness many of my peers battling to contain catastrophic outbreaks. How can that be? In all cases there was virus and malware protection already in place, yet the infection was still able to get through all of these, have a human being being duped into activating it and then causing major calamity in the business. Such calamity usually required a full restore of the system to eliminate the problems with all the loss of productivity that entails.

Tell me, why, oh why is this still possible 18 months or more since Cryptolocker first raised its ugly head? It is because the security software, that so many put their blind faith in, is totally and utterly useless in my opinion. It is reactive technology, based on what is already known. We now live in an exponential universe and the bad guys are taking advantage of that while security software tends to live in the old linear world and now being left far behind.

While our desktops are the current target, what happens when the bad guys shift their focus more to our mobile device? Imagine Cryptolocker on your phone. It is only a matter of time until it gets there and what protection do you have on your phone? The most security I have seen people enable on their phone is a pin code that is ‘0000’. That is, they don’t have any security. Think of all your contacts, phone calls, SMS’s, banking details, app purchases and so on begin taken over by hackers? Sadly, it is only a matter of time until we see the likes of Cryptolocker reek the kind of havoc it does on desktops on our mobile devices and sadly the majority of people are totally unprepared for that.

The biggest worry by far is the dawning of the age of the Internet of Things (IoT). This is world where everything from your toothbrush, to your car, your refrigerator to every item in your home and at work is all connected to the Internet. With technologies like IPv6 this is fast becoming a reality but so too is the ability for all of these to be hacked and turned against you. If you want to appreciate this scary future that is fast approaching have a look at my previous post:

and read Marc Goodman’s book

Future Crimes

and you’ll get an idea of how crime is utilising technology to rule the world.

Another of a great concerns when it comes to technology is the lengths that governments are implementing to track citizens in the guise of ‘protecting us’. There has been plenty written about this subject so I won’t go into it here but I’d like to point out an interesting anomaly here.

Recently in my neck the wood there was a state election. Fair and equal democratic elections are the cornerstone of our western society. Many have the mistaken belief that their integrity is above question but I beg to differ. Here’s why.

When I attended my local polling location I am asked for my name and address. I am however NEVER at any stage asked to PROVE who I am with some form of approved identification. The official merely takes my word that I am who I say I am. Clearly, most people are honest BUT ANYONE would walk into all polling station and simply state a name in that electorate and be given voting papers.

My attendance at the polling location if recorded in a paper roll. This roll is NOT shared with other officials in the same polling location let alone other polling location is the electorate. They are only compared after the close of voting. So, what is to stop me voting in one polling location, the travelling to next and voting again, then repeating that processes throughout the electorate? Shouldn’t there a centralised location to record this so all officials can immediately see those that have voted ANYWHERE?

So, I can continue to vote as myself at as many polling stations as I can physically travel to in one day. I can also vote as anyone else at any polling station throughout the day. May seem like a lot of work for a single individual and probably would not have an impact on the outcome right? Maybe, but what if I could get 100, 1,000, 10,000, 100,000, etc, people to do the same thing all for the same political end? Now, how do you feel about the integrity of our democratic elections?

Technology is a great enabler for society but it also enables bad guys as well and honestly we are creating a world so full of insecurities that it makes it easy for them to rob us blind. Even if you are not a victim that affects us all in the hip pocket. The problem is not the technology, it is the human being. We need to teach everyone, especially kids, the importance of security and privacy. We need to demand products be made secure by default (we have the technology already). We need to stop putting convenience ahead of security or else.

Alas, as I continue to lament here, it is pipe dream I’m afraid and I’m sure in another 18 months time the likes of Cryptolocker will continue to roam free on the Internet destroying lives at will. Sigh.

Enabling SharePoint Online auditing

SharePoint Online has the ability to audit different actions that take place and then allow an administrator to view a report on these. Here is how you configure and work with SharePoint Online auditing.


You will firstly need to access the SharePoint Online Site Collection you wish to enable auditing on as an administrator.


In the top right hand corner of the site select the Cog icon to reveal the menu shown above.

From the menu that appears select Site settings.


From here under Site Collection Administration in the lower right select Site collection audit settings.

If you can’t see this option then you are either not at the root of the Site Collection or you don’t have Site Collection administration rights.


You should now see the options displayed above. In most cases all of the options here will be blank or unselected. This means that by default auditing on Site Collection is not enabled and you won’t be able to get any results until you enable something. So, if you need to track something, turn it on beforehand.


By default, logged items are removed (trimmed) when they are more than 30 days old at the end of the month by default. Using the above options you can vary this and well as nominate a SharePoint Document Library into which audit reports will be saved before the audit log is trimmed.


You will notice in the events to be audited it doesn’t include Opening or downloading documents, viewing items in lists, or viewing item properties option as it does with SharePoint on site at this point in time.

Once you check the items you desire, select the OK button at the bottom of the page to update your preferences and have them take effect.

Now, events that you selected to be audited will generate logs that you can view.


Once a suitable time period has elapsed, return to the Site Settings and select Audit log reports from the Site Collection Administration area in the lower right hand side.


You should now see a range of reports you can view. Some of these reports, such as the first one, Content Viewing, will not run as it is not possible to audit such events with SharePoint Online as has been mentioned above.

In this case however, select the Content modifications option to proceed.


You will then be prompted to enter a location into which to store the report. Simply select an existing Document Library by using the Browse button.


The report should complete successfully and provide a hyperlink, Click here to view the report, which you should select.


A good thing with SharePoint Online is that it incorporates Office Online, which means Excel Online should now open to display the spreadsheet report as shown.


The first tab, Audit Data – Table, will provide a summary of the events as shown above.


While the second tab, Report Data 1, will provide more granular information as shown above.

So in summary, you’ll need to enable auditing on the events you wish to log within each individual SharePoint Online Site Collection. You’ll then need to run the audit reports to view the results after auditing has been enabled.

For more information see the following link:

Configuring audit settings for a site collection

Skype for Business client goes live in April


If you have an Office 365 license that includes Office Pro Plus you should know that you get the full Lync 2013 client for your desktop. Hopefully, you are also aware that Lync is being renamed Skype for Business. There is a preview of the client that you can download and look at right now.

What you may not be aware of is that on April 14 2015 (i.e. the next patch Tuesday) the updated Skype for Business client will automatically be downloaded and update any existing Lync 2013 client application you have running if you used the ‘click to run’ install method from Office 365.

Yes, that is correct. If you do nothing, then on April 14th (US Time) your Lync 2013 client will automatically be replaced by the new Skype for Business as shown above. If you look after a lot of Office 365 users with Office 365 Pro Plus who use Lync now, expect quite a few phone calls (hopefully some Skype for Business calls!) in regards to this change.

The new Skype for Business actually contains both the old Lync interface as well as the newer Skype for Business look and feel. This means that you can actually switch the interface back to Lync 2013 look and feel if you want.

How do you make this change? PowerShell of course!

Firstly, connect to your tenant using PowerShell. Make sure you load the Lync Online PowerShell commandlets. I’ve detailed both of these steps previously here:

Configuring PowerShell Access in Office 365

Connecting to Lync Online via PowerShell

Once you are connected run the following PowerShell command:

Grant-CsClientPolicy -PolicyName ClientPolicyDisableSkypeUI

If you then restart Skype for Business you should see the familiar Lync 2013 interface return.

There is a lot more information about controlling this interface update as well as Skype for Business in general at:

What’s new in Skype for Business and how you can take control of updates

The main point to remember is that if you current have Lync 2013 installed from Office 365 and you do nothing, then come April 2014 you’ll have Skype for Business on your desktop.