NOREX logo
Menu MENU

REQUEST DEMO

Send us your contact info and we'll give you a personal tour of our amazing platform:

Back

M365/O365

09.27.2018

Summary

NOREX members shared experiences and strategies related to the adoption of Office 365 and Microsoft’s M365 license bundle  during a recent WebForum. There was a wealth of information included in the chat portion of the session.

News

Default image 14

NOREXmembers shared experiences and strategies related to the adoption of Office 365 and Microsoft’s M365 license bundle duringa recent WebForum. There was a wealth of information included in the chat portion of the session.



Mike B

We started to use EMS, W10 Enterprise and O365 together

 

 

Bob B

We are all in on Office 365, EOL, SharePoint, Teams...

 

 

Jeremiah N

All in here too, what is M365?

 

 

Alexandria M

Are M365 and O365 the same?

 

 

Ken K

So are you enforcing Conditional Access via MDM for Outlook to prevent anything but Outlook from connecting?

 

 

Ryan S

We're all in on O365, not looking at M365

 

 

Karl R

We are also all in for O365 including SharePoint.  Waiting for better web video on Teams before switching.

 

 

Ken K

Did you implement Azure Information Protection (AIP) as well?

 

 

Kurt S

200 people on the call...FYI

 

 

Bob B

we need a backup solution for our Whole Microsoft Office 365 suite...

 

 

Andrew T

This might clear things up for people that want insight into what is/isn't included: https://www.microsoft.com/en-us/licensing/product-Licensing/microsoft-365-enterprise.aspx

 

 

Ken K

EMS + Security gives you visibility into what is happening in the cloud environment.  O365 without that is pretty weak on visibility.

 

 

Bob B

looked at Veeam this morning...

 

 

Anthony G

Security is a huge concern for my organization.  How do you allay security fears with adopting MS365?

 

 

Sharon B

Are companies using E1 vs E3 licenses and why or why not?

 

 

Bob B

e1 vs e3 = do you want the desktop apps or not...

 

 

Ken K

M365 is E3 minimum

 

 

Mike B

We use a mix of licensing - only buy what we need.

 

 

Mike B

We have some E1 - E3 - E5 based on need.

 

 

Bob B

mike b, we do the same...

 

 

Sharon B

Thank you, we are doing the same.

 

 

Bob B

no e5 though

 

 

Karl B

Bob, we are using agents from our main Commvault system.

 

 

Jeremiah N

We use a mix of E1 and E3.

 

 

Ken K

gives access to Advanced Security Analytics (ATA) golden tickets (kerberos), anomolous user activity, MFA, strong passwords, O365 Cloud App Security

 

 

Mike B

Link - https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Introducing-the-Microsoft-365-Security-and-Compliance-Center/ba-p/178468

 

 

Bob B

used commvault at my last place, not my responsibility, but it seemed so time intensive to administer it... looking for easy

 

 

Karl R

Bob, I agree.  :)  But for now that is what we are using.  But we are looking for a replacment.

 

 

Carlo S

We deploy E1 solely for email via outlook web

 

 

Carlo S

as well as via phone

 

 

Carlo S

Otherwise, we deploy E3 to all

 

 

David D

Biggest thing ediscovery hold in e3 vs e1

 

 

Stefanie R

E3 also different from security perspective https://products.office.com/en-us/business/compare-more-office-365-for-business-plans.

 

 

Carlo S

I agree with David. E3 is important for eDiscovery

 

 

Al F

anyone found a business case for E5?

 

 

David D

Is anyone using F1 licensing for deskless workers?

 

 

Al F

@david - we use E1 for deskless workers

 

 

Bob B

we use some f1 licenses for mobile only users that use webmail...

 

 

Tyson S

Important safety tip: those E1,E3,E5 classifications map to the G1,G3,G5 levels for Government use, nearly exactly.

 

 

Sharon B

Thank you for the explanation.

 

 

David D

e5 has Power Bi Pro and Audio Conferncing included

 

 

Ken K

E3 gives you access to https://empb.portal.cloudappsecurity.com/#/policy whicih is REALLY important to have visibility into who is connecting in to your enviornment form WHERE.  NOTE MS has been changing functionality in this portal - so for foreign logins HIGHLY advise going to user,

 

 

Bob B

please add another poll for who have implemented  backup solutions and then another for who they went with

 

 

Ken K

This becomes your visibility into perimeter stack.  Prevention is still strong passwords, MFA and strong anti-phish solution.

 

 

David D

One thing is Office 365 licensing also drives what features you can have enabled on hybrid servers like sharepoint and exchange

 

 

Jeff G

We gave E1 to field workers, E3 to office workers, and E5 to a handful of PowerBI users. But some of our field users need to do some office stuff and want E3's, and as more and more people see PowerBI, they are asking for E5's

 

 

Carlo S

Use a Migration Wizard !  We used Bit-Titan

 

 

Mike B

Link to advice http://www.susanhanley.com/

 

 

Bob B

you should integrate your AD with Azure if going to O365 and EOL

 

 

Michele L

We worked with Susan Hanley, she is wonderful!

 

 

Andrew T

We found this site (still find it) very helpful! https://practical365.com/

 

 

Stefanie R

Microsoft has good advice and we used this successfully as a blueprint for our project plan https://support.office.com/en-us/article/deployment-planning-checklist-for-office-365-5fa4f6ef-35ad-4840-91c1-4834df3df5a0

 

 

John S

https://www.quadrotech-it.com/

 

 

Michael A

How does everyone "control" the o365 newly added features?

 

 

John S

Great tool for archive migrations

 

 

Brittini P

Has anyone used a 3rd party vendor that completed the implementation successfully

 

 

Stefanie R

We deployed 360 users in batches of about 60-70.

 

 

Mike B

Need some adoption and training plans

 

 

Dennis H

We used Covenant Technology Partners and they did an awesome job.

 

 

Mike B

Look at Joanne Klein as a resource for labels and other adoption issue

 

 

Todd L

Allocate time at the beginning and before migrations to understand the multiple licensing options and how they correspond to your users and retention policies.

 

 

Bob B

to migrate Exchange data from on prem to o365 you can also use a hard drive shipping method too... we did that when we divested one of my old company daughter companies and it worked well...

 

 

John S

deep dive book to get started and updated frequently –

https://www.amazon.com/Office-365-Pros-4th-Comprehensive-ebook/dp/B071FQTKTG

                                       -

 

Mike B

Link to one of Joanne resources https://joannecklein.com/category/o365/adoption/

 

 

Jeremiah N

Is anyone using MFA? How are your users handling App passwords?

 

 

Mike B

Running in hybrid - Maybe a POLL on this?

 

 

Chairperson

MFA is a topic coming up later.

 

 

Michele L

?for migration, we used three tools: Metalogix Content Matrix to migrate sharepoint 2010 content to SP online mover io to migrate dropbox to OneDrive for Business and  Microsoft Sharepoint migration tool to migrate file shares

 

 

Aaron F

We are using Azure MFA.  It works fine for O365 and VDI access.  Annoyingly, Skype does not work well with the App Password and continually prompts for credentials.

 

 

Anthony C

I am also curious how people handled MFA App Passwords

 

 

Zachary B

I have MFA turned on for my account, and I like it, but it can be cumbersome for users if they don't always have their phone available if you need to log into webmail. I have not had issues with skype for business. Outlook has been working great

 

 

Andrew T

Also big note - if you try turning off apps/features you will run into a ton of integration issues with Office / Windows.  While it is a lot of apps / features to turn on all at once (ex. E3/5 license), if you pay for it you're better to use it.  If you think you don't want your users to have access to it, don't pay for it.

 

 

Michele L

we also used MS FastTrack at the beginning. it was very helpful

 

 

Laura S

Thank you all, appreciate the insight!

 

 

Mike B

Migration plans where your mail resides.  City of Des Moines migrated about 1600 mailboxes from Google Apps to O365.  Our biggest problem was getting mail from Postini Archive.

 

 

Michele L

I can speak to that experience

 

 

Bob B

when using an outside resource like a VAR, make sure they have an intimate knowledge of your environment first before designing anything! super important and make sure they have great SSL and DNS folks...

 

 

Karl R

For those that migrated sharepoint, what is your method to migrate "pages" (not sites/subsites)

 

 

Stefanie R

We created a SharePoint space "O365 Knowledge Hub" with basic training aids and conducted some info sessions. We also now implemented Lynda.com (owned by Microsoft), which provides O365 training courses.

 

 

Kris F

In my experience the biggest issues that we experienced was the size of the mailbox's. Some users don't know how to delete ANYTHING

 

 

Chairperson

Several SP topics coming up later.

 

 

David D

Brainstorm https://www.brainstorminc.com/

 

 

Bob B

can we get a copy of the chat text emailed to us all after this call? this might be useful for some links provided...

 

 

Mike B

Tools like MetaLogix migrate pages and other parts of SharePoint

 

 

Tyson S

Chris R, look me up offline. We're still in the assessment phase for 0365 at Massachusetts Trial Court

 

 

Stefanie R

As a state agency in Wisconsin, we are fully utilizing O365 on the government cloud. We do not allow our users, however, to use Onedrive. Also our users MUST use agency-provided devices.

 

 

Charles W

Teams is more a part of SharePoint

 

 

Charles W

Think of teams kind of like Slack

 

 

Andrew T

Not right now Teams is separate

 

 

Mike B

We are replacing Slack with Teams

 

 

Charles W

Teams is separate, but it is built on SharePoint.

 

 

Mike Brannon

Teams and GROUPS are a layer on top of SharePoint

 

 

Chad B

Teams is a mixture of Skype, Sharepoint, and Groups

 

 

Andrew T

Teams will replace Skype for Business however Skype for Business will be available on-prem for some time after Teams replaces Skype for Business in Office 365

 

 

Ken K

How is the Slack -> Teams going?  I suspect a lot of sad users?

 

 

Mike B

Getting over it but slowly

 

 

Jean Y

I think they are joining force with google (for slack)

 

 

Karl R

We did our entire deployment of Office365 via teams/groups.  :)

 

 

Mike B

When we did some adoption training Teams fared a bit better

 

 

Mike B

Great approach Karl

 

 

Norman S

I think it saves time on server upgrades

 

 

Mike B

Get rid of your HW

 

 

Todd L

365 saves on all those, including our backups and disaster recovery location.

 

 

Michael A

Still need Admins. Just backup is done by someone else.

 

 

Tyson S

High Availability saves on Vuln Management/ OS/Application downtime.

 

 

reed w

no.  Mike is correct it just changes where you dedicate your time.

 

 

Mike B

City of Des Moines did a O365 pilot and found out that namespace and data couldn't be transferred to Government cloud.  Would have been nice to know that ahead of time.

 

 

David D

you function more as a system analyst

 

 

Karl R

I want to get my not getting larger team out of software/hardware maintenance and into utilizing the software.

 

 

Karl R

That didn't sound right.  Regarding time saving, I viewed this as getting my team out of the software/hardware business and into maximizing the use of software.

 

 

David D

hybrid in exchange or sharepoint or Skype

 

 

Tyson S

Karl: Alternately, the account management business.

 

 

Ron B

What about Big Data / Mailboxes 100GB and above

 

 

Karl R

We have a identity management system

 

 

Kris F

Mailboxes over 50gb are a pain to migrate

 

 

Karl R

and a powershell nut  :)

 

 

Chad B 

Deployed using hybrid, but are no longer hybrid.  Some apps may require hybrid.

 

 

Ken K

Hybrid AD <=> AAD, or exchange only?

 

 

Sharon B

Hybrid now, but we are deploying Windows 10 to users

 

 

Stefanie R

ETF (Wisconsin) identified high-volume mail boxes in our current state assessment and created .pst file backups for those users, just in case.

 

 

Andrew T

Defining Hybrid, it's important to distinguish between O365 and Exchange Online

 

 

Henok E

Has anyone moved all of fileshares to office 365?

 

 

Karl R

Henok – no

 

 

Zachary B

I haven't seen the ability to add network shares to OneDrive/SharePoint easil

 

 

Mike B

We have a tight control and separation here - We don't allow it on an unregistered setup

 

 

Andrew T

@Henok no we are looking at putting home directories in OneDrive though

 

 

David D

you need to enable DLP

 

 

Michele L

Henok, we are in the process of moving file share data to O365

 

 

Stefanie R

We do not allow using a personal device for agency work. Work from home has to be done on an agency-provided device. That said, we are 97% on laptops.

 

 

Karl R

We are going down the route to use Groups heavily to organize our shared drive instead of file shares.

 

 

Kris F

can anyone answer @RonBrumitt's question about mailbox sizes?

 

 

Ryan S

Yes, we had issues with that.  It was a training and helpdesk issue that we just had to work through

 

 

Tyson S

Karl: That doesn't require administrative interaction? I didn't mean just provisioning, but managing the properties and attributes of accounts and mailboxes. IAM is just one tool to do so.

 

 

Stefanie R

We then promoted the HUP (Home use program) for our users, allowing discounted purchase of Office 2016 for personal use. So strict separation between personal and business.

 

 

Todd L

There is a setting in OneDrive to prevent syncing to non-domain computers.

 

 

Andrew T

The key is EMS, it allows you to control where people access your data and where they sign into Office through EMS + InTune

 

 

Tyson S

Migrate the on-prem AD to Azure, first.

 

 

David D

I would recommend a consultant

 

 

Mike B

we had good luck with forsyteit.com

 

 

Eric E

Good info. Thank you Stefanie, Todd & Andrew.

 

 

Karl R

@Tyson - I double checked with our IAM guy and its heavily automated

 

 

Karl R

via FIM (and soon MIM)

 

 

Mike B

Look at the E5 licensing - it has VERY good security tools

 

 

Tyson S

Karl: In which case, which IAM solution are you using? :)

 

 

Ken K

EMS + Security license gets you Advanced Threat Analytics (ATA) ? which is pretty important to see when your accounts (humans/computers) are getting enumerated or golden tickets issued. Office 365 Cloud App Security ? watch for foreign logins, MSO365 Security & Compliance Center ? https://protection.office.com/#/alertsdashboardexternally  shared files unusual external file activity creation of forwarding rules

 

 

Karl R

Forefront Identity Manage, soon to be upgraded to Microsoft Identity Manager

 

 

David

There is a hidden metadata field in all SharePoint/OneDrive document libraries that gest set one labels are implemented

 

 

Ken K

Are you accessing it from the MS O365 Security & Complaince center or form Azure blade? Also assuming this is tied to AIP and Azure RMS?  https://protection.office.com/#/datamanagement/dashboard

 

 

David D

There are data classifications built in you can set it to be associated to a label

 

 

Mike B

Resource person Nishan De Silva

 

 

Mike B

Check with Joanne Klein too

 

 

Mike B

This supports GDPR and PII regulations

 

 

Mike B

Engage your Legal and any Compliance teams ahead of Office 365

 

 

Ken K

Really large mailboxes are a PAIN to migrate. I was not a part of solution but it was not easy.

 

 

Alexander G

we use secure auth for mfa

 

 

Alexander G

but 3rd party with app passwords

 

 

Stefanie R

We are using MFA with SSO w/o problem.

 

 

Charles W

One of the things they mentioned at one of the conferences I went to is that you can have a hybrid email setup where most of your users are on O365 and specific users are on prem

 

 

Michael C

We use OneLogin with dual factor app on phones

 

 

Ron B

okta

 

 

Stefanie R

RSA

 

 

Mike B

EMS lights up MFA inside Microsoft

 

 

Andrew T

You can migrate to 95% for mailboxes, which takes away the time constraint of migrating such a large mailbox.  You can then complete the mailbox migration to 100% which only finalizes the last 5%.  This is kept up to date migrating the deltas roughly every couple hours I believe.  I believe the setting is "manual completion" when setting up a migration.

 

 

Jeff G

we use Microsoft Authenticator for MFA to allow employees to log in to O365 remotely (i.e. from home, Starbucks, etc)

 

 

Tyson S

Can anyone verify that you can have MFA for everything besides a whitelisted network address space?

 

 

Mike B

Our largest mailboxes migrated to the cloud were about 20-30GB 3 years ago.  Now they're approaching 50 GB. Our new empty mailboxes take 30-40 minutes to migrate.

 

 

Zachary B

Is there any other way to pull the rules that are hidden aside from logging into the user's account?

 

 

Michael A

Are these recorded for us to review?

 

 

Aaron F

@Tyson Our Azure MFA is indeed set to bypass prompts for traffic coming from our internal IP's.

 

 

Tyson S

Thank you, @Aaron

 

 

Zachary B

@Aaron, is there any documentation you can share with that?

 

 

Ken K

https://support.office.com/en-us/article/data-encryption-in-onedrive-for-business-and-sharepoint-online-6501b5ef-6bf7-43df-b60d-f65781847d6c

 

 

Henok E

I am reading that most are using a third party for MFA / SSO. Was Azure AD premium considered before using third party solution?

 

 

Mike B

Good link - https://azure.microsoft.com/en-us/services/security-center/

 

 

Ken K

Azure Information Protection AIP

 

 

Mike B

that was for security

 

 

David D

https://protection.office.com/#/serviceassurance/othertrust

 

 

Aaron F

@Zachary I don't have any specific docs, but followed MS Conditional Access config guide https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#enable-the-trusted-ips-feature-by-using-conditional-access

 

 

David D

Microsoft Provides a list of Trust documents in Security Compliance Center

 

 

Mike B

Link to marketing - https://products.office.com/en-us/business/security-and-compliance/home

 

 

Zachary B

thank you

 

 

Mike B

Talk to this firm is you want security advice - https://microsolved.com/

 

 

Mike B

Google for Lisa Wallace from Microsolved

 

 

Mike Br

https://stateofsecurity.com/?author=3721

 

 

Mike B

Backup and archive AvePoint or ShareGate

 

 

Mike B

CommVault has some tooling too

 

 

John M

We are using metalogic's tools

 

 

Michael C

Barracuda has a great product

 

 

Mike B

We migrate / replicate things with MetaLogix too

 

 

John M

We are also using the migration tool with metalogic

 

 

David Dean

backup vs retention/Version history?

 

 

David D

thoughts?

 

 

Charles W

O365 has some backup built in. When a user deletes a document it goes into a recycle bin that they can access, when deleted form there it goes into a recycle bin that only admins can access. I believe each of those has a 30 day retention.

 

 

David D

90 day

 

 

Brian W

sending the raw chat would definitely be very helpful.

 

 

Mike B

OneDrive Restore as a replacement for backup - https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/Announcing-New-OneDrive-for-Business-feature-Files-Restore/ba-p/147436

 

 

Ken K

You can highlight - drag down and copy the chat

 

 

Andrew T

Retention can be achieved through policy, no need for a backup solution.  Backup for DR is a whole different ball game that requires you to integrate a 3rd party    solution.

 

 

Charles W

I saw an awesome demo of that feature at SharePointNA. It was during the keynote, I was just looking for the link to the video.

 

 

Mike B

I second all that David Dean said - this is our plan!

 

 

Henok E

I am reading that most are using a third party for MFA / SSO. Was Azure AD premium considered before using third party solution?

 

 

David D

Lots of space in SharePoint now: https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Increase-in-SharePoint-Online-storage-allocation/ba-p/187617

 

 

Mike B

Link to HIPAA https://www.microsoft.com/en-us/TrustCenter/Compliance/HIPAA

 

 

David D

hybrid SharePoint also a consideration

 

 

Mike B

Really hope you can share the chat!!

 

 

Mike B

I have to go now but look forward to shared results!

 

 

Chairperson

I will send the raw chat log to all registrants later today.

 

 

Chairperson

thanks Mike!

 

 

Mike B

I do not think you need a traditional backup!

 

 

Ken K

belt and suspenders? Dont trust MS cloud 100%, MS gets massive security breach?

 

 

David D

How your current companies policies and procedures in regards to retention, easier to implement one vs getting that changed

 

 

Charles W

Wouldn't you already have that with MS colo farms?

 

 

Chris R

Losing data is not an option for my government organization....

 

 

Ken K

https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761/  - not the same thing, but example

 

 

Todd L

Our backup retention is longer than 90 days

 

 

Chairperson

SharePoint topics are next up.

 

 

Charles W

https://aka.ms/GetMultiGeo

 

 

Charles W

http://aka.ms/OneDrive-FilesRestore

 

 

David D

Sharegate Hands down

 

 

Michael C

E1 has legal hold

 

 

David D

move to a flat structure

 

 

David D

every site is a site collection now

 

 

Charles W

move teams over to teams if you have it.

 

 

David D

use hubsites

 

 

Charles W

that was clear as mud... LOL. I meant move your team sites over to Teams.

 

 

Andrew T

Very interested in best practices for structure + management of SPO sites/sub-sites

 

 

Andrew T

Does anyone have any links for best practices?

 

 

Chairperson

32-bit vs. 64-bit windows version is next topic

 

 

Richard L

Thanks for that folks!  Much appreciate the feedback!

 

 

Aaron F

We had help from http://sharesquared.com/ with branding templates

 

 

Ryan M

thank you all!

 

 

David D

have your developers learn the sharepoint framework

 

 

Ken K

https://support.office.com/en-us/article/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261  32 bit used to be  limited to 4GB memory shared across ALL office apps ? 2017 onward has some memory extension (magic) 64 bit is ideal for finance or anyone using large spreadsheets or with lots of macros, formulas, and can use a lot more memory. Obviously make sure you have > 4GB of memory in the system or no point in 64 bit.

 

 

Ken K

Poll is talking about Windows vs Office

 

 

Ken K

Question is what bit version of Office

 

 

Bob B

anyone have any issue moving large amounts of files to Sharepoint? we are getting an error that says "Sorry, there was a problem uploading this file. Please try again" but gives basically zero details to find out what the actual issue per file is... . any tools out there to help with this?

 

 

Ryan M

unfortunately we're a smaller IT shop that doesn't currently have a head with SharePoint expertise, which is why we needed third party advice.

 

 

Andrew T

Our issue was with legacy applications (mainly Access DBs) and integration into those applications.  We'd love to be at 100% 64-bit but we do have a few cases of 32-bit.

 

 

David D

Move access databases to PowerApp

 

 

Andrew T

I'd love to Dean, we have over 1000+ DBs all managed by our clients...

 

 

David D

or SharePoint Lists

 

 

Henok E

You can connect Bipin with us for further discussion.


For further information, request the transcript by contacting Info@norex.net 

Not a member?  We’ll be happy to send you further information.  Click HERE to let us know how we can help!

Cloud Computing Contracts/RFPs IT General Management Security Software – COTS Vendor Management