Here is a recent presentation I did on Microsoft 365 Business Security:
Here is a recent presentation I did on Microsoft 365 Business Security:
Here is a recent presentation I did on Microsoft 365 Business Security:
If you are an IT professional working in with Microsoft 365 then I would suggest the following are the top five skills that you need to have to be successful going forward. My pick, in order is:
2. Azure AD
and here’s why:
PowerShell gives you the ability to script commands for both cloud and on premises Microsoft services. There are many things you can also only do using PowerShell, however more importantly, you can begin to automate what you do. This reduces the time it takes to complete processes as well as giving more consistent results. It also means that you can potentially offload these tasks to others who only need to know how to run the scripts you have created not understand what they entail.
I also find that understanding the PowerShell side of a process gives you a a much deeper understanding of that process and what is possible. I also think that having to do a bit of coding is a benefit to everyone. It helps you to think more logically, plan and structure what you want to achieve. You however don’t need to become a developer, it is easy to CTL-C and CTRL-V good scripts from various places and integrate them into your processes while making a few changes along the way. You can go as deep as you wish and create really amazing scripts that really make life in IT so much easier, while allowing you to do your job faster.
Remember, software will eat the world.
Identity is key to our modern world. You don’t get access to “stuff” until you prove who you are. Importantly, Azure AD is not the same a traditional on premises Active Directory. It is a subset, where the additional options can be added as needed. However, you need a good understanding of where a user’s primary identity is and how it is managed and secured in the cloud. Without this fundamental knowledge you are really going to struggle to understand things like modern device management and security.
All Microsoft services are underpinned by identity and Microsoft cloud services are underpinned by Azure AD. Thus, to administer, configure, troubleshoot these you need a good understanding of Azure AD.
With so much of our assets now being digital, protecting them is paramount. We need to do this in a way that doesn’t inhibit productivity and that is a real challenge. Poor security to me indicates a fundamental lack of knowledge about the products in question. It also demonstrates a lack of discipline and consistency which are the hallmarks of your adversaries out there trying to gain access to systems you protect.
Security will never be an absolute and that makes it hard for many “IT types” to deal with who like to have a tangible end goal. There is not a finite end point with security, there is simply an ongoing challenge to stay one step ahead of the bad actors. Some see that as a burden while the true security professional sees it as a challenge. The protection of our future lies with good security and the challenges that brings. It therefore, will be a skill that will be in continuing high demand.
As mentioned, Azure AD doesn’t contain the same resources that on premises Active Directory did. The best example of this is probably Group Policy, which is something that Azure AD does not incorporate. To a large extent, that is now handled by Intune and this why it is such an important skill going forward for IT Professionals to become skilled with. It can also be implemented using things like PowerShell, which again goes to the point of how important this list of skills is across all Microsoft services today.
A key factor with Intune is its ability to configure mobile devices. This is something traditionally IT Professionals have not been able to do. However, with the growing numbers of mobile devices in use and their criticality to businesses of every size, it is now more important than ever to be able to easily configure and secure them directly from the Internet.
Most IT Professionals have some skill or familiarity with Exchange and emails which easily translates to services like Exchange Online. However, when it comes to files and folders in the cloud the service of choice is going to be SharePoint, for which there are a decided lack of skills even though SharePoint has been with us for many years now. As I have spoken about many, many time here, SharePoint is more than just simple storage, it is a collaboration system and needs to be approached in that manner to get the most from it. Not doing so results in lots of pain for both administrators and end users.
So there you have it. If I had to pick five skills in order that characterise a modern IT Professional, these would be they. You don’t need to be an elite ninja in each but likewise you can’t remain ignorant of them. if you work with Microsoft cloud technologies you should be familiar and comfortable with them all. If not, then you need to start investing some time and learning them because they will serve you well now and into the future.
Jeffa is back! Jeff Alexander from Microsoft that is. Jeff is here to talk to about the modern desktop including things like Intune, Identity, Device Management and more. Modern desktops require a modern approach and thinking when it comes to everything from roll outs through to updating, so listen in for all the details on how to jump on board. Of course, Brenton and I give you an update on new things in the Microsoft Cloud so you’ll right up to date after this episode.
This episode was recorded using Microsoft Teams and produced with Camtasia 2019
Take a listen and let us know what you think – email@example.com
You can listen directly to this episode at:
Subscribe via iTunes at:
The podcast is also available on Stitcher at:
Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.
If you have a look at all the web parts you have available to you in your current SharePoint environment,
versus what I have available,
You will see that I have quite a few more! The good news is that it is easy to add all these plus a range of additional features using the SharePoint Online provisioning service.
The easiest way to add all these features to simply visit the SharePoint Starter Kit option
and use the option in the top right of the page to Sign in as a Global Administrator for your tenant and then select the Add to your tenant button on the right as shown above.
However, before you do that you’ll need to ensure you have completed a few pre-requisites. Firstly, that your tenant is on Targeted Release.
You’ll find the setting for that in the Office 365 Admin Center, under Settings and Organizational profile as shown above.
You can use the Edit button to make changes to the setting.
If you do change the setting, it may take up to 24 hours for that change to be fully applied to the tenant. Making this change may also affect other areas of your tenant, so I suggest you review the following documentation:
Next, you need to ensure your tenant has an App Catalog. To see whether it does, locate the SharePoint Admin console.
If you are taken to a newer version of the SharePoint Admin console, as shown above, select the Classic SharePoint admin console option on the left.
At the “Classic” SharePoint Admin console select apps on the left.
Then select App catalog at the top, on the right as shown above.
If you don’t already have an App Catalog you need to select the option – Create a new app catalog site and then select OK.
It is recommended that you use the following settings here:
Title = Apps
URL suffix = apps
Administrator = Global or SharePoint administrator
Once you have completed these details select OK to create the site.
In a short while you should find that you have a new SharePoint Site Collection, as shown above, with the details you just entered.
If you already have an App Catalog or you just created one, when you visit that URL you should see a site like that seen above.
The final pre-requisite that you need to configure is some permissions on the SharePoint Term Store.
Once again, from the “Classic” SharePoint Admin center, select term store on the left. Then scroll down on the right and locate the Term Store Administrators option and enter you Global or SharePoint administrator in there again.
Scroll down to the bottom of the page on the right and Save the changes.
Now that all these pre-requisites have been configured, return to the SharePoint Starter Kit option:
and select the Add to your tenant button on the right.
You may see a message about providing permissions, which you should accept. You’ll also see a summary of what will be provisioned as shown above. You’ll basically get all the new features plus three new site collections.
Select Confirm to continue.
In a short while you’ll get a number of new SharePoint sites like that shown above that you can explore. Importantly, you also get additional features and web parts across your whole tenant.
If you return to the App Catalog site and select the Apps for SharePoint option on the left, you will that the SharePoint Starter Kit solution appears as shown. This is the item that delivers all the new features to your environment.
The above sequence is the easiest way to deploy these add on features but what happens if you wish to do this manually and not get the additional demo Site Collections the above deploys?
You’ll still need to ensure the pre-requisites from above are completed (enable Targeted Release, have an App Catalog and modify the permissions on your SharePoint Term Store). Once these are complete you need to visit the sp-starter-kit GitHub repo:
and download the file sharepoint.starter-kit.sppkg here:
You then need to return to the Apps for SharePoint location in the App Catalog
and upload the file sharepoint.starter-kit.sppkg here.
The file is about 7MB so you’ll need to wait while the file uploads into the library. You’ll the progress as shown above.
Once the package has been uploaded, you’ll see the above dialog boxing asking you to Deploy it. Before you deploy, ensure the option to Make this solution available to all sites in the organization is selected.
You may need to wait a little while for the package to roll out to all areas in your tenant. In most cases, this won’t usually be more than a few minutes.
You should now see all these new web parts available to you in your modern pages within all sites in your tenant.
Remember that the SharePoint Starter Kit is available in GitHub and will continue to be updated over time. As it is, simply upload the new package into your App Catalog to gain access to the new features.
Using the SharePoint Starter Kit should give now you lots more options when working with SharePoint and all for free!
In previous articles I’ve provided:
In this article, I’m going to focus on the next level down and how you should be thinking wide not deep when it comes to transforming your data into Microsoft 365.
In essence, structure is not as important as it once used to be. Having layers and layers of directories and sub-directories in a file share was really the only way to catalogue and organise your information in the world of on premises. However, structure becomes far less important in a world where everything is available via search. Think about it, how do you find stuff on the Internet? You search for it. Why then should internal data work any differently?
Search is built into Microsoft 365 and now appears at the top of most pages as you see above.
For example, if I do a search for “bitcoin” then I’m returned results from that location, in this case a list.
Not only do I have search, but thanks to the Microsoft Graph and some “AI” magic I can get a feed of my most relevant documents in Delve. I can also see documents others are working on that are also relevant to me and that I have permission to, again all in Delve.
So, the concept of structure is less important than it used to be, especially the deeper you go. It more becomes a case of get it into some major buckets and we can filter and sort from there.
Let’s say that there is an existing on premises folder structure like so:
and so on. How do you ‘transform’ this into the new world of Microsoft 365? Best practices is to start at the top and work down. Thus:
is going to be the initial bucket. This means that you should either create a Microsoft Team or a SharePoint Site called “Finance”.
Once you have a Microsoft Team called “Finance” then you would probably create a Channel called “Customers”. If it was a SharePoint site then you’d have a Document Library called “Customers”.
Inside the Microsoft Team called “Finance” and the Channel called “Customers” you have a folder in the Files area called “ABC” and so on for each customer.
At this point we have now reached “Robert’s rule of three” maximum structure depth. That means we have a Microsoft Team, a Channel and a folder. We don’t really want to create anything deeper if we can avoid it. This is where “metadata” comes to the rescue. Perhaps, instead of a a single Channel or Document Library for customers, maybe you have a unique library for each? The choice is yours.
If we look at the structure of the source data, we see that is broken out be year. However, we can create a custom column in SharePoint that contains the values of “Year” and use that to ‘tag’ our data. Thus, you create an additional column in the Document Library where the data lives. You specify that the only values allowed in the column are numerical years. You then set that field to the appropriate value for each file.
In the above example, you’ll see that I have created an additional column called “Customer” and used that to tag both files and folders.
Thus, metadata allows me to collapse my structure by using tags, which in many ways is what people used folders for on premises. Once I have tagged my data I can easily sort and filter it like so:
Here it is “grouped by Customer”
Thus, with metadata you can create a much flatter structure because you don’t need all those sub folders. The benefits of a flatter structure is that it is easy to see more of the data quickly and then using the inbuilt filtering tools to get to what you want. Typically, you’ll only be using this filtering technique if you haven’t searched for the data or had it presented to you via Delve. However, for those that still like to navigate a formal structure, it is still possible as you can see.
My best practice is that every time you are considering going more than three levels deep, you should break the data into another Channel or Document Library. Remember, you can create as many Document Libraries as you want in SharePoint and then also link them back into Microsoft Teams if you want. You should be looking to use lots of Document Libraries and keeping them no deeper than a single folder as a rule of thumb.
The other benefits of using additional Document Libraries is that you can have a different set of metadata to describe your information. You can also have a different set of permissions as well as a different look and feel thanks to SharePoint Views. A wide structure in general makes more things visible to people when they go looking, rather than it being buried deep within a folder structure and lost.
Thus, most of your top level folders from on premises file servers will become independent Teams or SharePoint sites. Subfolders below these will become Teams Channels or unique Document Libraries in SharePoint. It is also always better to break deep structures into different Document Libraries and link them back into Microsoft Teams if required.
Remember, moving to Microsoft 365 is about “transforming” data and restructuring it in a ways that users will benefit most. This means keeping it as shallow as possible and using inbuilt tools like filter, sort and search to get to your information rather than constantly navigating up and down deep structures. Services like Delve will also present to you the information you need most times and so you won’t even have to go searching for it. Simply ‘dumping’ data from an on premises file share into a single Document Library is not providing any value or transforming that in any way. If you aren’t going to do that why are you even bothering to move it?
As I have said previously, transformation requires effort, it doesn’t magically happen. However, the point of migration is the opportunity to transform data so that it can take advantage of all the tool Microsoft 365 provides. Also don’t forget that you don’t have to do all of this transformation in one hit. Create the Microsoft Teams, Channels as a starting point at least, then add metadata across the data down the track. Likewise, if you want to make a change down the track you can. That’s the whole idea with Microsoft 365, it is something that will evolve over time as the business does. It is never a once off migration process without future change. Never!
Microsoft 365 gives you the resources and tools to go wide not deep with your structure. Start my replacing some of your sub folders with metadata fields as illustrated above. Doing so will enable your business to be far more productive than it ever was with deep on premises file shares. Remember, moving to Microsoft 365 is about transforming not merely migrating.