There is no question that organizations have become much more familiar with the digital productivity tools available to them in the past couple of years with the tremendous shift to the hybrid workforce. As a result, cloud Software-as-a-Service (SaaS) environments have become wildly popular. Microsoft 365, particularly Microsoft Teams, has been incredibly popular with businesses to bolster and support productivity.

Many may view Microsoft Teams as only a chat and collaboration platform for fellow teammates in the business. However, a large part of the robust capabilities that Microsoft Teams brings to the table is the rich set of integrations from Teams into other solutions and what capabilities these integrations offer.

What is Microsoft Teams?

Microsoft Teams is a behemoth of a product that allows users to collaborate with teammates, communicate, share files, work on projects, and many other capabilities. True to the name of the service, it allows end-users who may be located in different geographic regions worldwide to communicate and function as a team effectively.

One of the tremendous selling points of Microsoft Teams is the ability to consolidate and have all the tools that users need in a single location. Historically, many businesses may have a chat application, a video conferencing solution, a document-sharing platform, a file repository, and other individual services that make up their portfolio of productivity tools.

Microsoft Teams allows organizations to consolidate these productivity tools and services into the Teams platform as it provides all of the capabilities mentioned above natively. In addition, it drastically streamlines productivity workflows as users do not have to leave the Teams app to do what they need to do. Take note of the Microsoft Teams services:

• Chat

• Voice calls

• Video conferencing

• File sharing

• Shared calendars

• Internal Wikis

• Others

The all-inclusive nature of Teams also simplifies the provisioning of corporate devices, as IT teams now only need to ensure employees have access to Teams instead of dozens of other applications taking care of individual services. In addition, all of the services provided under the umbrella of Microsoft Teams are accessible using a single login.

The platform has resonated with businesses worldwide and has led to tremendous growth across the board. In July 2021, Microsoft teams hit the 320 million monthly active user milestone.

Microsoft Teams has over 320 million monthly active users

However, even if users are taking advantage of native Microsoft Teams functionality, they may be missing out on one of the more powerful features of teams. What is this? Microsoft Teams integrations.

Microsoft Teams App Integrations to Boost Your Team Productivity

The Microsoft Teams architecture allows the integration of various tools, applications, services, and other third-party solutions into the Microsoft Teams ecosystem. The Teams integrations are arguably one of the platform’s hidden gems and enable organizations to integrate different productivity workflows into their Teams environment seamlessly.

Due to the explosive popularity of Microsoft Teams, third-party app developers are generally developing “Teams-integrated” versions of their apps to provide the “hook” into the Teams solution for their specific app functionality. Today, over 1200+ integrations with Microsoft Teams are listed in the AppSource site for Teams apps.

Exploring Microsoft Teams app integrations in the Microsoft AppSource site

First off, what is meant by Microsoft Teams integrations? When applications are written to be “integrated” with other apps, the developers have added modules that allow the applications to “connect” to other applications. These connections or “integrations” make them appear and function seamlessly like they were designed to work together, even if they weren’t originally.

Application integrations allow the application programming interfaces (APIs) to communicate from one backend application to another in a way that enables the applications to connect, exchange data, communicate, and, by extension, allow users to use applications together seamlessly.

As you can tell, the discussion leads to the fact that Microsoft Teams is a platform into which other applications can integrate. These integrations exponentially expand the capabilities and functionality of what each application can do individually. Microsoft Teams often becomes the “hub” of communication, collaboration, file sharing, calendaring, and other capabilities. So, it becomes a great application that can centralize and connect other disaggregate cloud services and solutions an organization may use.

Microsoft Teams integrations are handled by “apps” available within Microsoft Teams. Teams can easily be extended with additional functionality with the various apps available for Teams, like cloud SaaS marketplace applications that extend functionality.

Let’s discuss a few creative ways to integrate Teams into your organization by exploring application integrations with Teams that can significantly benefit your organization. We’re going to look at the following integrations with Microsoft Teams:

• Power BI

• Github

• Adobe Creative Cloud

• Jira

• Zoom

• Trello

• Geekbot

• Polly

• Karma

• ServiceNow

Power BI

With Power BI, Microsoft dispels the thought that organizations can make critical business decisions without the data to support those decisions. Instead, power BI is all about raw data and presenting the data in a way that enables data modeling, visualization, and reporting with customized key performance indicators (KPIs) tailored for your business use cases. These capabilities enable businesses to make data-informed decisions. In addition, power BI leverages artificial intelligence (AI) and machine learning (ML) to answer business questions quickly.

As business teams collaborate using Microsoft Teams, integrating Power BI into the Teams platform enables individual teams collaborating on data-driven projects to share and collaborate on interactive Power BI content in Microsoft Teams channels and chats. This integration enables the following:

• Allows colleagues to find and discuss the Team’s data

• Embed interactive reports directly into Teams channels and chats

• Paste links to your reports, dashboards, and apps

• Share a filtered view of your Power BI reports and dashboards

• Get notified in the Teams activity feed when important things happen in Power BI

• Integrate a Power BI report in Teams and share it with external users

Power BI integration with Microsoft Teams

Having rich data-driven models, graphs, charts, and other information at the fingertips of Teams users provides a powerful tool to enrich the collaboration of the hybrid workforce.

Github

Arguably, there is no more popular and impactful service to the application development world than Github. GitHub and similar services are at the heart of modern application development, featuring continuous integration and continuous deployment (CI/CD).

In 2020, GitHub announced a new integration with Microsoft Teams that allows developers to collaborate around their projects from the context of Microsoft Teams. So, what does the new Github integration with Microsoft Teams bring to the table? Developers and DevOps teams can now see the following in Microsoft Teams from their GitHub environment:

• New commits

• New pull requests

• New issues

• Status updates

• Comments

• Code reviews

Using the syntax @github subscribe [repository name], users can start receiving the pertinent updates from Github in their Teams channels. In addition, organizations can transform user discussions in Teams chat into Github actions, including pull requests, issue notifications, and other Github actions.

Native Github integration with Microsoft Teams provides easy access to code repositories and actions

Using Microsoft Teams and GitHub integration, developers can schedule reminders for pull requests as part of a channel or personal chat. Also, developers can share links directly from GitHub and post these into Teams channels for easy viewing, including links such as:

• Pull requests

• Issues

• Comments

• Code snippets

• Repositories

• Accounts or organizations

These native GitHub features and actions performed directly from Microsoft Teams enable businesses to empower developers and users to monitor, plan, and collaborate on GitHub code without leaving the context of Microsoft Teams and logging into GitHub and other interfaces directly.

The efficient communication and collaboration between code teams enabled by Teams and GitHub integration help facilitate modern development methodologies such as Agile development.

Adobe Creative Cloud

Many organizations have a creative department working on the creative design aspects of the business. Together with Microsoft Teams, Adobe Creative Cloud allows organizations to extend creative design workflows for the hybrid workforce using Adobe Creative Cloud and Microsoft Teams’ communication and collaboration strengths.

The integration between the two platforms enables users to have new levels of visibility and oversight of their Create Cloud projects in a centralized virtual workspace for collaboration. In addition, having access to your Creative Cloud files and assets from within Microsoft Teams enables finding what you need much more quickly.

Instead of chatting about an Adobe Creative file or asset with a teammate and detailing where they can find these resources, integration with Microsoft Teams allows placing these resources directly into your Teams chat conversations and within channel posts.

Adobe Creative Cloud brings together creation and collaboration in a single platform

Enterprise customers can also enjoy the benefits of Single Sign-On (SSO) with Azure Active Directory. However, the Microsoft Teams Adobe Creative Cloud app is available even to those on the free plan versions. You simply need a valid Adobe login.

Features of the Adobe Creative Cloud and Microsoft Teams integration include:

• Pin Adobe Creative Cloud assets directly to a channel tab and get feedback from teammates or other business stakeholders quickly and easily

• Creative Cloud assets can be shared in Microsoft Teams chat messages in rich formats

• Ability to use the Adobe Creative Cloud bot to keep track of activity on Creative Cloud assets using the Teams notifications feature

• Have visibility to version updates or comments made on Creative Cloud files

• Get notified of comments and updates to Creative Cloud files in Teams

Jira

Atlassian Jira is one of the top issue-tracking and project management solutions enterprise organizations use today. Many organizations are running Jira for bug tracking and agile project management. To go along with the common theme of efficiency with Microsoft Teams integration, Jira integration with Microsoft Teams provides a powerful integration for organizations to empower team members. Teams can use the centralized platform of Microsoft Teams to interact with and use Jira, all from within Teams.

With the Jira integration for Microsoft Teams, it includes the following features:

• Quick actions with Jira Server bots

• Search, share, or create new Jira issues for team members

• Track team progress and tasks with tabs

• Search, share, and create new or existing issues

• Track issues assigned to you or reported by you in the personal app

Jira integration with Microsoft Teams

Zoom

There is no question that Zoom is the absolute king of the hill when it comes to video conferencing. Since the pandemic began, Zoom, like Microsoft Teams, has seen explosive growth across the board. As a result, Zoom has become synonymous with video conference meetings.

While Microsoft Teams has video calling functionality built-in, it still makes sense to integrate Zoom with Microsoft Teams. Why? Integrating Zoom meetings with your Microsoft Teams environment allows using Zoom seamlessly from your Microsoft Teams environment. Additionally, it is beneficial when joining video calls with other organizations, affiliates, third parties, and others using Zoom rather than Teams.

Also, many companies prefer the video conferencing functionality of Zoom over Microsoft Teams, or they may have been a Zoom customer before rolling out Microsoft Teams. The Zoom integration with Microsoft Teams provides many additional benefits for Zoom customers who want to use its functionality inside Teams.

With the Zoom Teams integration, customers can:

• Launch Zoom meetings without leaving Microsoft Teams

• Create a new Zoom meeting

• Get Zoom meeting information and summaries

• View and access Zoom meeting recordings

Zoom integration with Microsoft Teams with Teams apps integration

Trello

Trello is an app that allows businesses to manage projects and achieve their productivity goals. It features intelligent boards, lists, and cards that organize tasks and foster a cohesive team. Trello for Microsoft Teams allows businesses to work creatively to collaborate, achieve goals, and manage projects using the Trello framework for doing so.

You can view your Trello boards, lists, and cards within Microsoft Teams. You can also create new cards, move existing cards between lists in Trello, set due dates, and mark cards as complete. In addition, the Trello board can be added as a tab in the Teams channel. It allows everyone to view the board and navigate between the tasks it contains.

Trello for Microsoft Teams allows businesses to manage their projects within Teams

Within Microsoft Teams, you can use the Messaging Extension for Trello to search specific Trello cards utilizing a keyword. Additionally, users can send Trello cards to Microsoft Teams conversations.

Geekbot

Many organizations today are taking advantage of the agile development methodology. The Scrum framework is a prevalent model used with the agile development methodology. However, while software development teams commonly use it, it can also be used across many verticals and applied to increase productivity across the board.

Scrum standups are a central part of the agile development methodology that is much like a “sports huddle” where the team stays informed and connected and helps to give light to progress made on current tasks.

Geekbot is a solution that provides a way to automate standups, retrospectives, and surveys from within the company’s Microsoft Teams environment. Geekbot helps to empower the already communication-rich Teams platform with the automated interactions provided by Geekbot.

Geekbot allows sending questions, getting responses, and sharing these automatically within a Microsoft Teams channel without any manual activities. Organizations are using this very creative Microsoft Teams integration to run asynchronous standups that help bring remote-first employees together, get to know one another, and make the best use of everyone’s time.

While in-person standups may be needed from time to time, Geekbot helps keep productivity flowing without interrupting the workflow between team members daily.

Geekbot helps to empower the already communication-rich Teams platform with the automated interactions provided by Geekbot.

When many businesses use remote workers who live in different time zones, finding a way to come together for standups synchronously can be challenging. Using the Geekbot integration with Microsoft Teams helps organizations make the most of the digital communication and collaboration platform and use Geekbot to have more productive, concise, and effective standup meetings.

Polly

Microsoft Teams provides a great platform for users to communicate and collaborate. However, when a team leads, or managers need to gather feedback, they want to do this in the least disruptive way possible and with as few meetings as possible to keep from interrupting the team’s productivity.

Polly is a solution that allows gathering feedback from team members within Microsoft Teams. It enables creating polls that can be scheduled, configurable options, question types, anonymity levels, and controlling how results are displayed in Teams.

It helps remove the barriers to constructive feedback since Polly can be configured with anonymity to users and allows gathering needed feedback to move projects and tasks forward.

Polly makes gathering feedback and input from team members extremely easy

Karmabot

It can be challenging to keep track of employee performance, especially when workers are located across time zones and remote locations. Karmabot helps organizations track the strengths and weaknesses of teams to help with productivity. In addition, Karmabot allows teammates and supervisors to award one another for achievements. The points can be added up and used for tangible rewards at specified intervals, such as cash, parties, or other rewards that appeal to team members.

Karmabot uses machine learning algorithms and natural language understanding to glean important information about users and how each team functions. As a result, it helps to enhance Microsoft Teams with the tools needed to strengthen the performance of the team and award performance achievements.

In the age of remote work, Karmabot helps bring teams together, even if these are remote. It also helps encourage teammates to increase the quality of their work and unlock the group’s potential as a whole. Traditionally, it has been more challenging to gauge the accomplishments of remote workers and how well they contribute to the team. Karmabot helps to change that with the technology tools needed to recognize the well-deserved achievements across the hybrid workforce.

Karmabot helps to reward team members and promote productivity

ServiceNow

ServiceNow is a SaaS-based IT service management (ITSM) platform that provides a fully-featured solution for organizations to manage their service desk operations. However, ServiceNow is more than a simple ticketing system. Instead, it is a task management system that can fully manage tasks and workflows in IT and also across the entire organization.

Many organizations are using ServiceNow across the enterprise. In addition, many Microsoft Teams customers are also ServiceNow customers. With Microsoft Teams being the centralized communication and collaboration platform, it would be beneficial to have visibility of the ServiceNow environment within Microsoft Teams.

With the Now Virtual Agent, organizations can integrate ServiceNow with Microsoft Teams and perform ServiceNow tasks directly in Teams to allow many efficiency benefits.

It includes many features, including:

• Performing routine ServiceNow actions via Microsoft Teams chat

• Interoperate with existing ServiceNow apps

• Find answers to questions using your ServiceNow database

• Resolve ServiceNow IT requests and other tasks from within Teams

The ServiceNow Virtual Agent for Microsoft Teams

Ways to build collaborative teams

Over the past two years, the hybrid remote workforce has been highly beneficial to organizations with work-from-home mandates, travel restrictions, and other challenges related to the global pandemic. As a result, businesses have had to reimagine collaboration and communication.

Tools like Microsoft Teams and the powerful integrations discussed, among others, have allowed organizations to carry on despite the challenges. Building collaborative teams in challenging circumstances and with highly virtual layouts requires the following:

• Effective communication

• Tools to empower users

• Easy access to resources

• Free flow of ideas

• The feeling of being part of a team

• Motivation

Generally speaking, a successful and productive business usually has the right mix of people, processes, and technology. No amount of technology can replace talented individual team members. However, to keep that talent motivated and directed to a central purpose of productivity, having the right processes and technology solutions allows businesses to accomplish this goal.

Organizations can empower collaborative teams using the core collaboration and communication features built into the platform using Microsoft Teams. As stated earlier, Teams provide the tools that allow teammates to come together, communicate, collaborate, and feel the team’s bond no matter where they are located.

Building on the underlying capabilities of Microsoft Teams, organizations can add robust integrations on top of the central functionality. For example, empowering team members with easy access to Power BI data from within Teams enables them to make intelligent decisions based on real numbers.

Developers, business analysts, and creative personnel, among others, benefit from the integration with Github, Adobe Creative Cloud, and Jira. Communication capabilities can even be further bolstered with the Zoom integration with Teams and the project management capabilities brought to the platform by Trello. ServiceNow integration with Microsoft Teams provides task management capabilities to users right from the Teams interface.

Then, the “human-aspect” integrations with Microsoft Teams don’t provide access to a specific resource but rather help make virtual teams work cohesively and efficiently. In addition, they keep a pulse of user feedback, end-user morale, motivation, and recognition of jobs well done. These include the benefits of integrations such as Geekbot, Polly, and Karmabot.

By using these valuable integrations and many others in the Microsoft Teams app store, organizations can build collaborative, motivated, and satisfied teams, something that hasn’t been easy with the hybrid workforce.

Integration with remote and hybrid teams

Again, taking advantage of the people, processes, and technology to empower today’s hybrid workforce, teams may collaborate effectively, in person and remotely. The communication and collaboration tools found in Microsoft Teams make any disparity between in-person work and remote or hybrid teams seamless.

No matter where users or teammates are located, the Microsoft Teams platform, with its many integrations, allows organizations to empower users with the right tools and communication tools. In addition, since it is cloud-based, Microsoft Teams ensures that all employees have access to the same great tools, whether on-premises or working remotely, eliminating any disparity there.

Microsoft Teams helps overcome the challenges of impeded collaboration and communication based on connectivity back to the corporate datacenter. In traditional scenarios, on-premises employees often have “better” access to the business-critical resources needed for collaboration, productivity, and communication than remote employees.

Microsoft Teams and third-party app integrations remove these traditional barriers to productivity for remote employees and ensure everyone has equal access to the same toolset and resources.

Microsoft Teams platform – central to automated processes and tasks

An increasingly common and creative use of Microsoft Teams and other platforms is using the platform to drive automation. More commonly now, event-driven automation allows businesses to notify communication platforms like Microsoft Teams. While email notifications and other legacy platforms to receive automated messaging are still very common, many automation teams are seeing the value in targeting collaboration platforms such as Microsoft Teams for essential notifications.

Using the rich integrations with other third-party integrations, organizations can drive feature-rich automation that can look for specific events posted in Teams channels, as an example, and do something with those notifications. For example, when looking for particular keywords or tags found in Microsoft Teams channels, automated actions can be generated, such as creating a ticket in Jira or ServiceNow.

This type of use case for Microsoft Teams helps organizations have a more proactive and DevOps approach to triaging and remediating environmental issues. A tiered approach can also prove helpful. For example, maybe these are only notified via email with specific events. However, for more critical events and alerts in the environment, posting out to specific Teams channels provides an escalation path for critical events in the infrastructure or data environment.

So Which Integrations are Essential?

Organizations today use technology tools creatively to empower the remote and hybrid workforce to communicate and collaborate. Microsoft Teams is one of the most popular and powerful cloud-based platforms used by businesses today. It provides a rich set of native features and functionality in the platform. Also, it provides a long list of third-party app integrations that help extend the native features and capabilities.

Due to its popularity in the enterprise, many software companies write app integrations to allow seamless integration between their software and Microsoft Teams. Users can access and interact with popular enterprise applications using these app integrations without leaving the context of Microsoft Teams. Users no longer need to switch between multiple dashboards and logins to access Jira, PowerBI, ServiceNow, Twitter, Jabber, ClickUp, Trello, Asana, MindMeister, Zoom, Cisco Webex, RingCentral, Adobe Creative Cloud, TeamViewer, Confluence, SharePoint, and many others.

Many of the Microsoft Teams integrations help bolster the “human element” of the team by gathering feedback, conducting virtual standup meetings, gauging employee morale, and awarding hard work through achievements and recognition. These technology solutions help build collaborative teams, whether in-person or virtual teams, located worldwide.

This new cloud-based model for collaboration and communication is the way of the future. It allows businesses to have better access to talent, regardless of where users are located and their role. It also helps to ensure the same tools for communication and collaboration are available to employees, whether they are working on-premises or remotely.

The post 10 Creative Ways to Integrate Teams Into Your Organization appeared first on Altaro DOJO | Microsoft 365.

There has been an explosion of project management tools and apps on the market. With the onset of a hybrid work layout, organizations have especially realized the benefits of using project management tools to organize, manage, plan, and capture ideas, progress, tasks, and other details. 

Microsoft provides several tools that can help organizations with task management. These include Microsoft To Do, Microsoft Tasks app for Teams, Microsoft Planner, and Microsoft Project. Knowing which product to use with multiple products and overlapping features can be difficult. But before we get into these tools, let’s understand why these tools are crucial.

5 Reasons Why Task Management Apps Are Crucial For Business Operations

Transforming your digital workspace is no longer an option but a necessity. Task management apps have emerged as vital tools for businesses to do just that. Here, we explore five compelling reasons why task management apps are indispensable in today’s business landscape.

• Enhanced Organization and Prioritization

In the bustling business world, keeping track of numerous tasks, deadlines, and projects can be daunting. Task management apps offer a structured way to organize these elements, allowing users to prioritize and focus on what matters most. For example, Microsoft To Do enables individuals to list tasks and sort them, helping maintain focus on critical items. This level of organization is crucial in ensuring nothing falls through the cracks.

• Improved Team Collaboration and Communication

Collaboration is the backbone of any successful project. Tools like Microsoft Planner and the Microsoft Tasks app for Teams bridge the gap between individual planning and team-based execution. They allow teams to assign tasks, discuss them, and monitor progress, fostering a collaborative environment. This enhanced communication ensures everyone is on the same page, reducing misunderstandings and increasing efficiency.

• Greater Flexibility and Accessibility

The modern workforce is increasingly mobile and geographically dispersed. Task management apps provide the flexibility to access and update tasks from anywhere, at any time. This accessibility is vital in a hybrid work model, where team members may not always be in the same physical space. Apps like Microsoft Project, accessible in various ways, including the cloud, cater to this need for flexibility and constant connectivity.

• Efficient Resource Management

Managing resources effectively is critical for the success of any project. Sophisticated apps like Microsoft Project offer features for detailed resource management, including tracking dependencies, costs, and intricate project details. This allows businesses to allocate resources more efficiently, ensuring projects are completed on time and within budget.

• Data-Driven Decision Making

Finally, task management apps often come with built-in analytics and reporting tools. These tools provide valuable insights into project progress, team productivity, and other key metrics. By leveraging this data, businesses can make informed decisions, adjust strategies, and continually improve their processes.

We’ve no doubt spoilt a few of the essential tools we’ll be reviewing in this text. Regardless, task management apps like those offered in the Microsoft 365 suite are essential partners in modern business operations. They bring structure, clarity, and efficiency to an otherwise chaotic environment. Now, let’s learn the difference between these tools and when to use which one.

Task Management in Microsoft 365

Like many software and cloud giants, Microsoft has many solutions, applications, and services that often overlap in functionality, features, and capabilities. Microsoft To Do and Tasks, Microsoft Planner, and Microsoft Project all do similar things. However, deciding which one to use will depend on the type of projects a business manages and organizes.

These solutions from Microsoft are all designed to cater to different scenarios and diverge from one another when multiple people or teams are involved. If we could rank these tools from the order of simplest (1 being the simplest) to most complex in their abilities to manage tasks, projects, and teams, these would rank in the following order:

1. 1. Microsoft To Do
   2. Microsoft Tasks
   3. Microsoft Planner
   4. Microsoft Project

Let’s consider a description of each of the solutions.

• Microsoft To Do – With Microsoft To Do, you can list your tasks and sort these for better focus on what’s important. You can create a “My Day” view of your daily tasks and create additional lists to organize your work projects, groceries, and any other custom lists you want to track. With the help of the Microsoft To Do app, you can keep track of what’s important for each day and not lose track of important tasks.

• Microsoft Planner – The Microsoft Planner application is a lightweight, mobile, web-based app with Office 365/Microsoft 365 business subscriptions. It allows your team to create “plans” that include assigning tasks, chatting about tasks, seeing progress charts, and other features. Like many other Microsoft cloud-based applications, it provides easy integration and access from within Microsoft Teams and Microsoft SharePoint.

• Microsoft Tasks app – The Microsoft Teams Task app bridges the gap between Microsoft To Do and Outlook with your team tasks from Planner. It allows you to easily see tasks assigned to you and cross these off once completed. In addition, you can change multiple tasks simultaneously if needed. With the Tasks app, you can work on To Do and Planner tasks next to your Teams channels, chats, and other apps inside Microsoft Teams that you are used to.

• Microsoft Project – Microsoft Project can be accessed in three ways: Project for the web, Project Desktop, and Project Online. Each of these has different capabilities, Microsoft Project for the Web, for example, is a cloud-based app that allows you to create projects and collaborate on these with other users easily. It has three views, including Grid, Kanban-style board, and Gantt Timelines.

Microsoft has outlined some general recommendations on choosing the right Microsoft product to organize projects, tasks, to-do lists, etc. As mentioned, Microsoft To Do and Tasks, Microsoft Planner, and Microsoft Project all have their strengths and preferred use cases.

Which solution aligns with which use case? Let’s consider the following considerations:

• An individual project involving only one person – Individual task management is the simplest and most basic form of task management and to-do lists. If a single user needs to manage tasks and personal to-do lists, the Microsoft To Do and Tasks app is a great way to keep track of various items, tasks, etc.

• A team project involving more than one person – If it is a team project where multiple users need to take part in tasks, to-do lists, and other details, Microsoft Planner and Microsoft Project are built for team projects

• Suppose you only have a few deliverables and tasks that must be managed. In that case, Microsoft Planner is well suited for this kind of project management, especially if it is a simple team project with very few tasks and other details that need to be managed.

• You have a more complex project with many dependencies, costs, and intricate details – Microsoft Project is the best fit for more involved, difficult, and detailed projects. While the other tools offered by Microsoft, such as Microsoft To Do and Tasks and Microsoft Planner, are capable of handling basic tasks and project management, Microsoft Project is the fully-featured 800-pound gorilla in terms of features and capabilities.

Microsoft Project Management Software: Pros and Cons for each

Each project management solution from Microsoft has preferred use cases and pros and cons. Let’s look at the pros and cons of each of the Microsoft project management solutions detailed so far – Microsoft To Do, Microsoft Planner, Microsoft Tasks, and Microsoft Project.

Microsoft To Do

The Microsoft To Do app is a great little project management app that allows individuals to manage their daily tasks, lists, and other items and perform light collaboration. This use case really shines with this specific Microsoft project management application – managing tasks for a single person who can share your tasks and lists and even assign some of these to others.

It is best suited for tasks or lists that relate to you individually, as the collaboration features are not seamless and involve manual steps to collaborate with others. Not to say that you couldn’t keep up with tasks associated with work or other activities. It is just not the strong suit of Microsoft To Do.

Note the features of the app as found in the Microsoft Store:

With Microsoft To Do, you can:

• Stay focused with My Day, a personalized daily planner with suggested tasks

• Get your lists anywhere, on any device

• Share lists and assign tasks with your friends, family, colleagues, and classmates

• Personalize your lists with bold and colorful backgrounds

• Set one-time or recurring due dates and reminders

• Break your tasks into manageable steps

• Add notes to any task

• Attach files up to 25 MB to any task

• Sync your tasks between Outlook and To Do

• Group your lists together by topic or project

The official website for Microsoft To Do is found here: https://to-do.microsoft.com

Microsoft To Do

The interface is easy to navigate, intuitive, and keeps up with many tasks. As you can see below, you can easily create customized lists with multiple tasks. You can set reminders, add due dates, repeat, and even assign tasks to others. As mentioned above, you can also add files of 25 MB or less to individual tasks.

Of course, there’s a mobile app for both Android and iOS so you can see your tasks on the go.

Creating a new list and tasks in Microsoft To Do

Pros:

• Free to download

• Easy to use

• Intuitive

• Great for personal tasks and light collaboration

• Rated 4.9 in the Microsoft Store

• Lots of functionality built into the app

• It does not require a Microsoft 365 subscription

Cons:

• Collaboration is not seamless

• It does not scale well when many users need to collaborate on tasks

• Not built for large projects and teams

Microsoft Tasks

The Microsoft Teams Tasks app is an application that helps to bring together tasks found in Microsoft To Do and Microsoft Outlook and integrate these with the Teams tasks found in Microsoft Planner. The look and feel of the Microsoft Teams Tasks app are similar to what you see with Microsoft To Do.

With the Microsoft Tasks app for Teams, you will find the following:

• My tasks: The My Tasks view includes the lists from your To Do app, including tasks you’ve added in To Do and Outlook and tasks that have been assigned to you in Planner.

• Shared plans: The Shared plans include the Planner plans added to Teams

You can also use the Tasks app to:

• Add a plan to a Teams channel

• Edit multiple tasks using the List view

• Get notifications about Planner tasks

The Microsoft Tasks app for Teams

Pros:

• Very similar to Microsoft To Do

• If users are familiar with To Do, that translates over to using the Microsoft Tasks app

• Easy to add to Microsoft Teams

• Provides synchronization of tasks from both To Do and Planner

• Better integration for organizations than To Do

Cons:

• Microsoft Teams is required

• Assigning tasks is not as seamless as with Microsoft Planner

• Confusion about when to use To Do and Microsoft Tasks app

Microsoft Planner

Microsoft Planner takes the capabilities of the To Do application for individuals and brings this to teams of users. It is lightweight and web-driven and allows teams of users to collaborate, maintain, and work on task lists for various projects.

Microsoft Planner is more focused on the business realm as it is part of Microsoft 365. It allows organizations’ teams to use Microsoft 365 to create task plans for specific projects and assign tasks to Microsoft 365 users in the organization. When using the Microsoft Planner application, users log in with their Microsoft 365 user accounts and seamlessly access Microsoft Planner. To log in to the planner, users can visit the URL https://tasks.microsoft.com.

Users sign into Microsoft Planner using Microsoft 365 credentials

With Microsoft Planner, you create plans which then contain tasks. The tasks can be assigned to Microsoft 365 users.

Creating a new Microsoft Planner plan

On the task properties, you can use the Assign button to assign others in the organization to various tasks listed in the Plans.

You can also easily add an existing or new Planner plan to a Team to keep collaboration and task management in the same place.

Assigning Microsoft 365 users to Microsoft Planner tasks

Pros:

• Easy to use

• Web-driven

• Easy integration with Microsoft Teams

• Easily see all users as part of the Microsoft 365 organization

Cons:

• Requires a Microsoft 365 subscription

• Not for personal lists and tasks

• It doesn’t provide the more in-depth project features included with Microsoft Project

Microsoft Project

For the most powerful and robust project management features from Microsoft, organizations should look at Microsoft Project. It is the top-of-the-line project management software used by enterprise organizations worldwide. While Microsoft has greatly simplified Project over the years, using it can still be overwhelming and require extensive training to realize the value and benefit of the platform. This aspect must be considered as part of the overall expense of introducing it into your organization.

Microsoft Project provides robust project management features for enterprise organizations

In addition, Microsoft offers Microsoft Project as both a cloud and on-premises offering.

Cloud versions:

• Project Plan 1 – $10 user/month – Manage projects easily via the web browser. This does not include resource management, desktop client, portfolio selection and optimization, demand management, or enterprise resource planning and management

• Project Plan 3 – $30 user/month – Allows executing and accessing projects through both web and desktop clients. It does not include portfolio selection and optimization, demand management, or enterprise resource planning and management

• Project Plan 5 – $55 user/month – Includes all features as well as web and desktop client access

On-premises versions:

• Project Standard 2021 – On-premises project management without collaboration tools and advanced features

• Project Professional 2021 – On-premises project management solution without the ability to manage demand by capturing and evaluating project ideas through standardized processes or the ability to use advanced analytics

• Project Server 2019 – Includes all features, except the ability to sync with Project Online and Project Server or the ability to submit timesheets to capture project and non-project time spent

Note the following access methods with Microsoft Project and what capabilities are found in each:

• Project for the web – A cloud-based management app allowing you to create and collaborate on projects (both that you manage and are a part of). It provides the ability to see grid data, Kanban-style boards, and Gantt timelines

• Project desktop – The Project desktop application is great for organizing work into phases, having dependencies between tasks, and other features for a single user or for publishing to a team

• Project Online – The Project Online access is a web-based application that scales between small, medium, and large organizations. Managers can create schedules, assign tasks, and look at all projects across the board to see what everyone is working on

Pros:

• Robust project management features

• Ability to manage minute project details

• Features not found in other Microsoft project management solutions

• Both cloud-based and on-premises options

• Web-based and desktop clients available

Cons:

• Expensive

• Generally requires training to benefit fully

• It can take an extended time for organizations to benefit from Microsoft Project’s extensive features

Third-party alternatives to Microsoft’s solutions

Microsoft provides many different solutions for project management that we have discussed so far, including Microsoft To Do, Microsoft Tasks app for Teams, Microsoft Planner, and Microsoft Project. However, as mentioned, each solution has pros and cons and costs involved with the upper tiers of Microsoft project management solutions. There may be features or potential costs associated with the upper-level Microsoft solutions that do not align with an organization’s current business objectives. In addition, many organizations may not be subscribed to Office 365 or Microsoft 365 and may use another cloud SaaS solution.

Some third-party solutions offer features and solutions comparable to Microsoft project management solutions. What alternative solutions are available? Let’s take a look at the following:

• Trello

• Asana

• ClickUp

• Wrike

• Todoist

Trello

Trello is a top-rated project management application that allows teams to collaborate, manage projects, and increase productivity. Trello allows you to create Kanban-style boards, lists, and cards to manage projects and organize important tasks using a single tool.

Trello is a great alternative to Microsoft project management solutions

Trello is extremely affordable, intuitive, and provides easy collaboration features built into the platform compared to Microsoft Project. Mobile apps and full desktop clients allow interaction with the Trello solution on any device and while on the go. It also provides excellent collaboration and communication features, such as tagging users, and automatically notifying them of the mention.

Asana

Asana is arguably one of the leaders in the project management space, providing a cloud-based project management platform that allows organizations to manage and keep track of all types of projects. These include simple projects to very complex projects with many components and details.

It provides the expected set of features, including lists, calendars, Kanban boards, Gantt charts, and other features that most businesses look to have when managing, visualizing, and interacting with project tasks. It provides automated alerting and prioritization of tasks. Users can attach files and other resources to projects and provide rich interaction and collaboration between users.

ClickUp

ClickUp is a cloud-based project management platform gaining popularity as a project management solution. ClickUp includes a large number of features in a single, easy-to-use application. It also allows organizations to provide multiple views of pertinent task and project information to visualize these effectively.

ClickUp allows you to see to-do lists, Kanban boards, Gantt views, calendars, activities, mind maps, tables, and many others. It is highly customizable and provides status and color-coding of items and various themes.

ClickUp provides a robust project management solution with many different ways to view information

Wrike

Wrike is a modern, cloud-based project management solution that allows organizations to have centralized and robust project management features. Wrike helps project managers access project resources, timelines, tasks, progress achievements, dashboards, reports, and many other helpful tools.

It also provides many project templates that allow organizations and project managers to ramp up quickly with prebuilt frameworks for many different projects and tasks. Wrike also has over 400+ app integrations, including Microsoft Teams and Google Workspace.

Wrike Gantt view provides excellent visibility to project timelines

Todoist

Todoist provides a cloud-based task management application that allows creating projects tasks, setting reminders, creating labels, collaboration features, and many other features. In addition to list-based tasks, you can also view tasks as Kanban-style cards that allow visualizing workflows.

You can also add tasks via email by forwarding emails to Todoist as tasks or comments. In addition, you can add file attachments, calendar feeds, productivity visualizations, and activity history. These features help teams manage projects and tasks with efficient collaboration.

Todoist provides effective task management and Kanban-style card visualizations

Microsoft project management solution FAQs

• Can I get Microsoft Project for free? No. Microsoft Project is a paid product from Microsoft that can be purchased as a SaaS subscription offering per user/month. Microsoft Project is also available as an on-premises offering purchased as a server license.

• Is Microsoft Project still used? Yes, Microsoft Project is a robust and fully-featured project management solution that has evolved over the years and has found its way to the cloud as a cloud-based solution alongside the on-premises versions. Many organizations are still using Microsoft Project for their project management needs.

• What’s the difference between Microsoft Project and Microsoft Planner? Microsoft Planner is a less complex project management tool that features Kanban boards and simple task management that is more appropriate for less complex and ad-hoc projects. It does provide collaboration features, allowing team members to collaborate and work together effectively on projects. Microsoft Project is a much more complex and fully-featured product that is best suited for the most complex projects undertaken by organizations. Microsoft Project takes longer to get up to speed and requires considerable investment, both fiscally and in time, and training involved to realize benefits.

• Did Planner replace Microsoft Project? No, Microsoft does not tout Planner as a direct replacement for Microsoft Project. Both Planner and Project cater to different use cases and have different strengths and weaknesses, as detailed above.

• Can you integrate Microsoft Project with Planner? Microsoft has introduced various integrations between the two. For example, you can now link a task in Project Online to a Plan in Microsoft Planner if you have an Office/Microsoft 365 subscription that includes Planner.

Which one Should you Choose?

Microsoft provides many great project management solutions that cater to different businesses, project types, and use cases across the board. From the simplest, Microsoft To Do, to the most complex of the offerings, Microsoft Project, Microsoft covers the gamut of possibilities and project management needs with its various software offerings.

There are pros and cons to each Microsoft project management solution. Therefore, businesses must understand the intended use case of each software offering to realize the benefits and advantages of each. In addition, while Microsoft project management solutions offer many great features, many alternative third-party solutions offer similar and often cheaper solutions, especially compared to Microsoft Project. Each business must choose the project management software solution that best aligns with their business use case and existing cloud SaaS subscriptions.

The post What’s the Best Task Mgmt App? Planner/To Do/Tasks/Project appeared first on Altaro DOJO | Microsoft 365.

Changed forever by the global pandemic beginning in 2020, organizations have shifted to a very hybrid, disaggregated workforce. In addition, remote workers may now reside anywhere globally. As a result, managing endpoints is a big challenge facing organizations.

Microsoft’s Endpoint Manager, formerly Intune, is a modern, cloud-based solution that allows businesses to manage devices anywhere, no matter where they may be located and from any network, without traditional management constraints. So what is Microsoft Endpoint Manager? How is it used, and what capabilities does it provide modern enterprise organizations? That’s what we’re talking about here. Let’s get started.

Modern Challenges Facing Organizations Today

One of the challenges for organizations has been rethinking traditional IT tasks such as end-user support and endpoint management. No longer are all employees located directly on the corporate LAN to connect to conventional solutions for endpoint management. With the shift to cloud technologies for communication, collaboration, and business productivity, organizations must adopt cloud technologies to successfully manage endpoints from any network or location.

Traditional endpoint management and monitoring architecture require direct connectivity to the corporate LAN due to the network architecture needed for conventional monitoring and endpoint management solutions. As you can see below, traditional endpoint management and monitoring solutions were architected to exist on the same corporate network as the endpoints they managed or use VPN connections from remote clients for management.

Traditional endpoint management solutions require conventional network architecture

As we look at the architecture of corporate environments since the shift to a hybrid workforce, environments more closely resemble the following. As shown, the endpoints are no longer directly connected to the corporate LAN. These exist out on the Internet, relative to the enterprise datacenter.

Modern hybrid work connectivity

As you can see, traditional solutions no longer provide the robust tooling, flexibility, and connectivity diversity for managing endpoints that may exist in remote sites and home networks of remote employees.

What is Microsoft Endpoint Manager (aka Intune)?

Microsoft Intune is part of the overall Microsoft Endpoint Manager solution. What’s more, it’s cloud-based, meaning as long as an endpoint has connectivity to the Internet, the Intune solution can manage it. It provides several different components that allow organizations to carry out effective management, including:

• Cloud infrastructure
• Cloud-based mobile device management (MDM)
• Cloud-based mobile application management (MAM)
• Cloud-based PC management

Pinpointing in on the mobile device management (MDM) functionality, Microsoft’s Intune platform allows businesses to manage many types of devices. These include desktops, laptops, tablets, and phones. In addition, the devices can be corporate-owned or “bring your own device” (BYOD) devices.

Corporate-owned devices receive the complete set of MDM policies and controls, including controls over settings, features, and security. Administrators configure the settings and security policies needed to meet compliance and governance policies decided upon for their organization. Users enrol their devices in Intune and receive the policies as assigned, based on identity and other factors. Examples of the controls and security protocols that can be enforced include:

• Password
• PIN
• VPN connections
• Threat protection

When fully managed, administrators can also:

• Inventory devices accessing organization resources
• Block jailbroken devices
• Enforce security and health standards for enrolled devices
• Push and enrol certificates on devices
• Pull reports of user and device compliance
• Wipe the device if it is lost or stolen

When using BYOD to access corporate resources, Microsoft Intune allows organizations to protect the business data access from the BYOD device while not infringing on the personal data and activities carried out on the user device. This management capability allows organizations to use a multitude of different devices without the need to use corporate devices in every situation. BYOD may be required as well when contractors or other third parties are involved in projects that require interacting with sanctioned business data while at the same time using their own devices for other clients and activities.

With BYOD Intune policies, administrators can allow users to retain control of the devices while allowing Intune app protection policies that require multi-factor authentication (MFA) to access their business data housed in email or Microsoft Teams.

Microsoft Intune architecture overview

Endpoint Manager Licensing

Most licenses that include Microsoft Intune also grant the rights to use Microsoft Endpoint Configuration Manager as long as the subscription remains active. Intune is included in the following licenses:

• Microsoft 365 E5
• Microsoft 365 E3
• Enterprise Mobility + Security E5
• Enterprise Mobility + Security E3
• Microsoft 365 Business Premium
• Microsoft 365 F1
• Microsoft 365 F3
• Microsoft 365 Government G5
• Microsoft 365 Government G3
• Intune for Education

Intune for Education is included in the following licenses:

• Microsoft 365 Education A5
• Microsoft 365 Education A3

Which Operating Systems are Supported by Microsoft Endpoint Intune?

While Microsoft Endpoint Manager supports a wide range of devices and operating systems, it is good to understand the operating system requirements with the solution. Microsoft Endpoint Manager supports the following operating systems for management with MDM:

Microsoft:

• Windows 11 (Home, S, Pro, Education, and Enterprise editions) – ***Note*** – There are a few known issues with Windows 11 at the moment and Microsoft Intune. Currently, multi-app kiosk mode isn’t supported, and there are limitations with customized start and taskbar experiences.
• Surface Hub
• Windows 10 (Home, S, Pro, Education, and Enterprise versions)
• Windows 10 and Windows 11 Cloud PCs on Windows 365
• Windows 10 Enterprise 2019 LTSC
• Windows 10 IoT Enterprise (x86, x64)
• Windows Holographic for Business
• Windows 10 Teams (Surface Hub)
• Windows 10 version 1709 (RS3) and later, Windows 8.1 RT, PCs running Windows 8.1 (Sustaining mode)

Apple

• Apple iOS 13.0 and later
• Apple iPadOS 13.0 and later
• macOS 10.15 and later

Google

• Android 6.0 and later (including Samsung KNOX Standard 2.4 and higher)
• Android enterprise

You can read further details on specific operating system support for Microsoft Endpoint Manager here: Operating systems and browsers supported by Microsoft Intune | Microsoft Docs

Windows 10 Microsoft Intune enrollment walkthrough

Let’s look at how to enrol Windows 10 in Microsoft Intune using the Company Portal app found in the Microsoft Store. For most Windows devices, organizations will use a combination of Autopilot and the Company Portal. With Windows Autopilot, device provisioning is simplified. It offers the ability to give new devices to end-users without building and maintaining custom operating system images that have traditionally been required.

Windows AutoPilot provisions the devices, and then Microsoft Intune manages policies, profiles, security settings, applications, and other tasks. Autopilot is a collection of technologies used to set up and pre-configure new devices and gets these ready for production use.

Autopilot can also be used to reset, repurpose, and recover devices, enabling IT to manage and provision end-user devices without any on-premises infrastructure. Once a machine is deployed with AutoPilot, devices can be managed with:

• Microsoft Intune
• Windows Update for Business
• Microsoft Endpoint Configuration Manager
• Other similar tools

It provides a workflow similar to the following:

Workflow of device provisioning with Windows Autopilot

What is the purpose of the Microsoft Intune Company Portal?

The Company Portal apps for Windows, IOS, and Android, allow users to access company data and do common tasks. These tasks include:

• Enrolling devices
• Installing apps
• Locating information

You can also customize the available self-service actions shown to the end-users in the Company Portal. Admins can prevent unintended device actions. You can configure these settings in the Administration > Customization section.

• Hide Remove button on corporate Windows devices
• Hide Reset button on corporate Windows devices
• Hide Remove button on corporate iOS/iPadOS devices
• Hide Reset button on corporate iOS/iPadOS devices

Users also have access to self-service device actions from the Company Portal application. Available self-service device actions include:

• • Retire – Removes the device from Intune Management

• • • In the company portal app and website, this shows as Remove.

• • Wipe – This action initiates a device reset

• • • On the company portal website, this is shown as Reset or Factory Reset in the iOS/iPadOS Company Portal App.

• • Rename – This action changes the device name that the user can see in the Company Portal

• • • It does not change the local device name, only the listing in the Company Portal.

• • Sync – This action initiates a device check-in with the Intune service.

• • • This shows as Check Status in the Company Portal.

• • Remote Lock – This locks the device, requiring a PIN to unlock it

• • Reset Passcode – This action is used to reset the device passcode

• • • On iOS/iPadOS devices, the passcode will be removed and the end-user will be required to enter a new code in settings. On supported Android devices, a new passcode is generated by Intune and temporarily displayed in the Company Portal.

• • Key Recovery – This action is used to recover a personal recovery key for encrypted macOS devices from the Company Portal website.

Company Portal app configuration

In the Microsoft Store, you will want to download and install the Company Portal app.

Download the Company Portal app

Once the Company Portal app is installed, log in with your Microsoft 365 credentials to enrol the device for management.

Sign in with your Microsoft 365 credentials to login to your account

Select the checkbox to Allow my organization to manage my device.

Choose to allow my organization to manage my device

The login to the Microsoft 365 account is complete. Click Done.

The account is added successfully to the application

You will see a message that the device is not set up for corporate use. Click the message to begin the configuration of the device for corporate use.

Choose to set up the device for corporate use

You will want to connect the device to work. Click Next.

Choose to connect this device to work

Beginning the process to connect this device to your work environment. Click the Connect button.

Click the connect button to add the device

The login field will be prepopulated with the user you logged in with earlier.

Set up a work or school account

After logging in, you will see the process for setting up the device begin.

Device is setting up for management in Intune

After a few moments, the device will be connected to “work.”

The device is now connected to your work account

The device is not set up for management and is ready to receive policies, applications, and other resources defined by the Intune administrator.

The device is now configured for management

Grouping Users and Devices in Microsoft Endpoint Manager

With Microsoft Endpoint Manager, devices enrolled into Intune are added as objects inside Microsoft Azure Active Directory. Enrolled devices can be managed and grouped using Azure Active Directory constructs, including Azure Active Directory groups.

Intune-enrolled devices are created as objects inside Azure Active Directory

The “win10intune” machine enrolled above using the Company Portal app is displayed in the Devices blade for Azure Active Directory.

Enrolled Windows 10 machine listed in Azure Active Directory devices

The device objects can be added to group objects. Below, I am creating a new group and adding members. The screen below shows a new group creation process with the member selector. As shown, you can easily add devices to groups. Dynamic device groups also can perform automatic group membership-based

Adding a Windows 10 workstation that is Azure AD-joined to an Azure AD group

User objects are the same as well. Native Azure Active Directory users and also users that have been synchronized with on-premises directories using Azure AD Connect can also be added to Azure AD groups. Below, testuser1 and testuser2 are synchronized users with Azure AD Connect.

Users listed in Azure Active Directory

Creating Endpoint Manager Configuration Profiles

Now that we have a device enrolled into Microsoft Endpoint Manager and have a group object created containing the device we have enrolled, we can move forward with creating policies. The policies will then be assigned to the group housing the devices. Next, navigate to Devices Configuration profiles.

Configuration profiles allow configuring system settings, security configurations, and other settings. It is important to note if there is a conflict between configuration profiles and compliance policies, compliance policies take precedence over configuration profiles.

On the Devices > Configuration profiles screen, click to Create a profile to begin the process of creating a new configuration profile for Windows 10 devices. Under the platform, select Windows 10 and later. On the profile type, choose Templates. The templates option contains groups of settings organized by functionality. It makes it easy to have a “cookie-cutter” approach to predefined policies to keep from building these out manually.

Beginning to create the configuration profile in Microsoft Endpoint Manager

It begins the Create Profile wizard. It will step you through the process of creating the configuration profile for the device. First, name the new configuration profile and click Next.

Configuring a name for your configuration profile

Next, you will have the opportunity to specify Configuration settings for your configuration profile. For those who have managed group policy, the configuration settings are eerily similar to what you would find with group policy settings templates.

Updating the configuration settings for a configuration profile

You can define scope tags for your configuration profile.

Define scope tags for your configuration profile

Next, on the Assignments screen, you assign the configuration profile to the specific group of devices you want to have received the configuration profile settings. Earlier, we created a group called Grp-Windows10Devices. This group will be the group targeted for the configuration profile.

Assign the configuration profile to the Azure Active Directory group containing devices you want to target

Review and create the configuration profile.

Finalizing the creation of a new configuration profile

Compliance policies

Compliance policies can be used in combination with conditional access to check to see if a device is compliant with certain policies or not. It is also a great way to report if certain settings are configured on end-user devices. An example would be to know which devices are encrypted using BitLocker.

When configuring a compliance policy, you will have the same wizardized experience to create and configure the policy.

Configuring compliance settings in a new compliance policy

Scrolling down further reveals very useful compliance settings for controlling device security on the compliance settings screen. These include configuring:

• Firewall
• Trusted Platform Module (TPM)
• Antivirus
• Antispyware
• Defender
• Microsoft Defender Antimalware
• Microsoft Defender Antimalware minimum version
• Microsoft Defender Antimalware security intelligence up-to-date
• Real-time protection

Configure device security settings using Endpoint Manager Compliance Policies

Endpoint security with Endpoint Manager

Another really nice feature with Microsoft Intune is the Endpoint Security node. Admins can use the Endpoint Security Blade to configure device security specifically and manage security tasks for devices when those devices are at risk. Think of the Endpoint Security node as specialized configuration policies focused on security and mitigating risk.

With Endpoint Security, you can:

• Review the security status of all managed devices – With the All Devices view, you can view device compliance from a high level. Also, you can view specific devices to understand which compliance policies aren’t met so you can resolve them.
• Deploy security baselines that establish best practice security configurations for devices – Intune includes security baselines for Windows devices and a wide range of applications, like Microsoft Defender for Endpoint and Microsoft Edge. These are pre-configured groups of Windows settings that help apply configurations recommended by the relevant security teams.
• Manage security configurations on devices through tightly focused policies – Each Endpoint security policy focuses on aspects of device security like antivirus, disk encryption, firewalls, and several areas made available through integration with Microsoft Defender for Endpoint.
• Establish device and user requirements through compliance policy – With compliance policies; you set the rules that devices and users must meet to be considered compliant. Rules can include OS versions, password requirements, device threat levels, and more.
• Gate access to corporate resources for both managed devices and unmanaged devices – When you integrate with Azure Active Directory (Azure AD) conditional access policies to enforce compliance policies, you can.
• Integrate Intune with your Microsoft Defender for Endpoint team – By integrating with Microsoft Defender for Endpoint you gain access to security tasks. These integrate Microsoft Defender for Endpoint and Intune together. This integration helps SecOps identify devices at risk and hand off detailed remediation steps to Intune admins.

What is the Difference Between Mobile Application Management and Mobile Device Management?

Microsoft Endpoint Manager allows organizations to protect business-critical data accessed by end-user devices using:

• Mobile Application Management (MAM)
• Mobile Device Management (MDM)

Mobile Application Management (MAM)

Mobile application management (MAM) is the component of Microsoft Endpoint Manager that allows controlling how all business-related data is accessed from end-user devices, such as Windows 10 & 11 PCs, and mobile devices like iPhones and Androids. In addition, MAM allows creating policies that help prevent data leakage and misuse of data to keep client devices aligned with compliance regulations and other governance initiatives. For example, you can prevent users from copying data between Office apps and personal applications. Finally, using MAM, organizations can also remove data from Office applications on personal devices used by end-user clients.

Mobile device management (MDM)

Using Microsoft Intune Mobile Device Management (MDM), businesses can configure policies that control various aspects of the configuration and security of end-user devices, such as Windows 10 & 11 PCs. For example, the control given by Endpoint Manager MDM allows complete control of the device and allows wiping data and resetting it to factory defaults if needed.

How Does Configuration Manager Work with Endpoint Manager?

Starting October 12, 2022, the endpoint management suite previously known as Microsoft Endpoint Manager will be known exclusively as Microsoft Intune. Henceforth, Microsoft Intune will denote cloud management, while on-premises management will be referred to as Microsoft Configuration Manager.

It includes:

• Config Manager
• Intune
• Co-management
• Desktop Analytics
• Device Manage Admin console

Since all of the solutions above are now part of the Microsoft Intune solution, any Configuration Manager customer can now automatically use Intune to co-manage Windows devices with no license changes or additional costs. While they have changed the branding, the changes will help customers use the full capabilities of Endpoint Manager without traditional challenges.

Microsoft has purposely engineered the components of their Microsoft Intune solutions to work together seamlessly. Current Config Manager tasks and data are presented in the unified console of Endpoint Manager Devices. How should the different solutions be used together?

Customers have asked questions about which solution is the ultimate destination they should reach in their device management solution between Configuration Manager, Intune, and co-management. Is co-management a bridge or destination? Microsoft desires co-management to be the destination for customers.

Microsoft ideally wants customers to attach their Intune environment with their existing Configuration Manager deployments. Therefore, co-management allows attaching Microsoft 365 cloud intelligence to existing configuration solutions.

With the unified solution, customers can completely automate compatibility testing when upgrading to a new release of Windows. In addition, customers can test and deploy update patching much faster to bolster compliance much more quickly. Immediate actions can be taken on all devices using the Microsoft Intune solution.

Configuration Manager continues to function the same way it has functioned for customers. When referring to the on-premises component, Microsoft is calling the traditional Config Manager product Microsoft Intune Configuration Manager. If you are licensed for Microsoft Config Manager, you are automatically licensed to use Microsoft Intune to co-management your end-user devices.

What are the Native Google Options Available for Managing Android Devices?

While Microsoft Intune can manage Google devices and Microsoft endpoints, Google has its own native endpoint management solution called Google Endpoint Management. The solution provides both basic and advanced mobile security and app management as well as device management that can do the following:

• Set password requirements for mobile devices: Allows administrators to establish and enforce specific password policies for mobile devices, enhancing security by mandating strong authentication methods.
• Wipe a user’s account from a device: Provides the ability to remotely erase a user’s account and associated data from a device, useful in cases of loss or theft.
• Manage apps for Android devices: Enables control over the installation, update, and removal of applications on Android devices to ensure compliance and security.
• Require admin approval for mobile devices: Implements a system where mobile devices must receive approval from an administrator before being used within the organization, ensuring device security and compliance.
• Recommend and manage IOS apps: Allows the management and recommendation of iOS applications, ensuring that only approved and secure apps are used on Apple devices.
• Standard and strong passcode enforcement: Enforces the use of either standard or more complex passcodes, enhancing the security of devices by preventing unauthorized access.
• Network management: Provides tools for overseeing and controlling how devices connect to and interact with network resources, ensuring secure and efficient use of network infrastructure.
• Android work profiles: Supports the creation of separate work profiles on Android devices, which help in segregating work and personal data for security and privacy. 
• Approve devices: Facilitates a process for formally approving devices before they can access corporate resources, ensuring they meet security standards.
• Device audit log: Maintains a detailed log of activities and changes on devices, providing insights into usage patterns and potential security incidents.
• Report inactive company-owned devices: Offers the capability to identify and report devices that are not actively being used, helping to manage resources and security risks effectively.
• Private Android web apps: Allows for the management and deployment of private, custom web applications specifically for Android devices, offering tailored solutions for business needs.
• Computer security – Manages all company-owned devices, including mobile devices, laptops, and desktops, from your Google Workspace Admin console

Google Endpoint Management can manage macOS devices, whereas Intune is not compatible with macOS. One thing to note with Google Endpoint Management is it is not available for Business Plus or G Suite Business customers. It is only found in the Enterprise offering.

Intune provides more robust features, as expected, for managing Windows devices and health compliance features that are not listed with Google Endpoint Management.

What are the Native Apple Options Available for Managing iOS and ipadOS Devices?

Apple has something called the Apple Platform Deployment. It is a native solution provided by Apple to deploy and manage Apple hardware, software, and services in your organization. With Apple Platform Deployment, businesses can:

• Lock and locate devices: Enables administrators to remotely lock Apple devices and pinpoint their location, useful for security and in cases of loss or theft.
• Wipe devices remotely: Allows for the remote erasure of all data on a device, ensuring sensitive information is protected if a device is lost or compromised.
• Activation lock: Prevents unauthorized use of a device by locking it and requiring Apple ID authentication for reactivation, enhancing device security.
• Enforce device policies: Empowers businesses to apply and enforce specific configuration and security policies across Apple devices within the organization.
• Use persistent tokens: Utilizes tokens that remain valid until revoked, facilitating continuous and secure access to services without the need for frequent re-authentication.
• Use built-in network security features: Leverages the inherent network security capabilities of Apple devices to protect data and communications. 
• Manage certificates: Provides tools for managing digital certificates, enabling secure authentication and encrypted communication for devices.
• Perform user enrollment MDM information: Simplifies the process of enrolling users and their devices in Mobile Device Management (MDM) systems for efficient administration.
• Put restrictions in place for iPhone, iPad, Mac, Apple TV, and other supervised devices: Allows for the imposition of various restrictions on Apple devices to control and secure their usage in line with organizational policies.

Like much of the Apple ecosystem, Apple Platform Deployment only caters to Apple devices. As a result, it isn’t an MDM and MAM solution that organizations can use for multiple platforms and devices. Instead, it is specific to the Apple ecosystem. Here, Intune is a superior all-inclusive tool that can manage most devices used in the enterprise.

Apple’s Platform Deployment is the better choice for the most robust features and capabilities for managing Apple hardware, software, applications, and services.

My Thoughts on Endpoint Manager

The modern distributed hybrid workforce has presented challenges for organizations with remote employees on different continents worldwide. Legacy solutions that depend on endpoints directly connected to corporate networks are cumbersome and don’t scale well.

Cloud-based mobile device management and mobile application management platforms answer many of the challenges organizations face today. Microsoft Intune is a robust platform for managing and controlling end-user devices, applications, and data.

Using Intune configuration profiles, compliance policies, and endpoint security, businesses have cloud-based tools that effectively manage corporate-owned devices and BYOD. Additionally, as the modern workforce is more disaggregated and remote than ever before, cloud-centric solutions provide the flexibility and toolsets needed for modern device management.

The post How to Boss Device Management with Endpoint Manager (aka Intune) appeared first on Altaro DOJO | Microsoft 365.

Microsoft Viva may be a challenging product to wrap our heads around since it’s not just one thing. It’s a family of products that together make an Employee Experience Platform. Microsoft Viva started to make sense during the COVID-19 pandemic for providing employee resources virtually or remotely. Let’s see what Microsoft Viva is and how powerful it is.

Introducing Microsoft Viva

Microsoft Viva presents Viva Connections, Viva Insights, Viva Learning, Viva Topics, and Viva Goals as the five pillars of a new Employee Experience Platform. Microsoft Viva is a platform since it is extensible via APIs and partner offers to be customized and built upon. The Microsoft Viva pillars are surfaced through the products that users are familiar with, including Microsoft Teams, Microsoft Outlook, Microsoft SharePoint, etc., lowering friction and increasing familiarity. Microsoft Viva is meant to increase employee productivity within a hybrid/remote/virtual user experience.

Experiences are customized for users using Microsoft AI technology to present information and news in their context. Microsoft Viva also uses data gained from employee behavior to recommend employee well-being and surface productivity information to managers.

Microsoft Viva components are not entirely new, as we will read below. Instead, they’re assembled using existing Microsoft 365 technology and effective use of Microsoft AI.

Microsoft Viva fits into your more extensive digital transformation journey. As we continue the journey, it is worth remembering that the Microsoft Viva suite fits into a more comprehensive digital adoption strategy and should not be defined as a whole. We will start with why the Microsoft Viva suite of products exists – the User Experience Platform.

User Experience Platform – new buzzwords or new paradigm?

Before COVID-19, we congregated physically in buildings, offices, and headquarters. It was easy to talk about our employee experience since we had a place to interact with our co-workers, make eye contact, read body language, and have coffee together. How we treated each other and how our manager treated us, along with our shared experience and company culture while working together, defined our employee experience. 

Undoubtedly, it is easier to feel cared for when your teammate or manager can see how tired you are, hear the distress in your voice, or pick up on physical cues regarding your well-being. We need a new paradigm when we remove all possibilities of interacting physically and yet want to interact, measure wellness, share news, and increase productivity.

Creating and maintaining culture is easier if we interact physically, transfer culture, and share encouragement and knowledge. The “water cooler” conversation became a quick whiteboard discussion, or a “since we’re seeing each other, how do I…?” 

Knowledge sharing is complicated at the best of times when using digital-only means. In-person knowledge-sharing lowered that friction considerably; however, how do we knowledge-share when in-person communication is discouraged or even forbidden during a pandemic?

Many platforms that don’t speak well to each other as part of our employee experience or even new-joiner onboarding experience are okay if someone sits next to us who can ask how to find the HR portal or how one would capture a timesheet.

The new paradigm is a digital experience – little or no physical interaction – yet we are increasing employee wellbeing, surfacing productivity and wellness data to managers, maintaining or increasing a sense of connectedness as well as allowing employees to learn on the job, in the context of the work that they are doing. Add to that; we need a method of creating culture and connection for digital-only, office-bound, and hybrid workers who straddle both worlds – enter the Employee Experience Platform or EXP.

Let’s evaluate the pillars of Microsoft Viva in Technology terms only without the context of the thinking behind an Employee Experience Platform. It will be difficult to articulate or even defend the possible value that Microsoft Viva can produce for the license cost.

In the following sections, we look at the different pillars of Microsoft Viva, using both technical and User Experience Platform lenses.

Microsoft Viva Connections

Microsoft defines Viva Connections as “The gateway to your employee experience.” Using Microsoft SharePoint intranet experiences, Yammer communities, Stream video, and Teams live events, Viva Connections customizes relevant news, conversations, and company resources into a user-specific view. Companies can target and schedule content for departments and people groups.

Since SharePoint powers Viva Connections, i.e., a SharePoint Intranet presented as a Microsoft Teams App, it looks great for desktop and mobile users.

In an 8-step process for implementing Viva Connections, Microsoft documents the steps for an administrator to publish a customized SharePoint Intranet as the Microsoft Viva Connections app via the Microsoft Teams admin center. The image below details the steps required.

In summary, Microsoft Viva Connections is a well-crafted SharePoint Intranet that surfaced in Teams. However, we can miss the point of the Intranet entirely if we don’t consider the Employee Experience Platform intent.

Working for an organization evokes generally positive emotions if based on robust and positive connections. We like belonging and being part of something. Microsoft Viva Connections should define the digital experience as our organizations’ daily or even hourly entry point. Seeing a birthday acknowledged and celebrated, finding the town hall meetings, and targeted and personalized communications is how we want to think when crafting the Intranet that becomes the entry point to our cultural portrayal of company culture using digital means.

If you think this sounds harder than the marketing suggests, you may be right. Microsoft Viva Connections is a digital enablement framework that forces us to think about how content is perceived through the lens of creating and maintaining connection and then culture.

Microsoft Viva Insight

Data-driven and AI-based, Microsoft Viva creates Personal, Manager, Leader, and Advanced insights.

The AI-powered nature of insights is displayed to the end-user using Microsoft Outlook via the daily briefing email and a Microsoft Teams app. This feature shared branding with Microsoft Cortana, confusing users who hope to use Cortana on Mobile or Windows to turn it on or off.

AI scrapes our mailboxes looking for action words, which can be turned into reminders or tasks. This summary email often reminds us of things we should have scheduled but didn’t. The Briefing email also allows us to schedule focus time, plan our weeks, block out time to catch up with our team, etc., often including data on how well or how badly we have planned or executed our productivity plans. 

Due to the data-driven nature of the product, chatting during meetings, working after hours, etc., are tracked and reported. When presented to managers, none of this information is ever personally identifiable.

Manager, Leader, and Advanced Insights report on work patterns, work culture, and employee engagements using different lenses and emphases on the data at hand. We can see how this data for individuals and managers can be surfaced as part of an Employee Experience Platform to raise awareness of and manage burnout. The individual and organizational lenses of the same data create an understanding of work patterns and over-commitment, which could be missed in a digital-only or hybrid-working workflow.

After licenses are deployed, Microsoft Viva Insights is turned on by default, although Microsoft recommends an adoption strategy to communicate which features are deployed to end-users.

Microsoft Viva Learning

Knowledge workers tend to enjoy learning and learning in the context of their tasks or tools. Microsoft Viva Learning fits directly into the Employee Experience Platform since the individual may have used Microsoft Viva Insights to block time out of their calendars to improve their knowledge and increase their sense of accomplishment and well-being. Career development can be part of the regular users’ working day.

Microsoft Viva is used in Microsoft Teams, allowing users to learn on the job, without taking a week from work to attend a class, using Microsoft and third-party providers, including LinkedIn Learning.

Microsoft Viva Topics

Microsoft Viva Topics used to be called Microsoft Viva Knowledge. It attempts to solve the collating and preserve the intellectual property generated by companies and individuals to be made available as topics and insights.

Microsoft Viva Topics forms the service by using Microsoft Graph, Microsoft Search, Microsoft AI, and other components. AI searches for and identifies topics to which knowledge can be attached, amended, or edited by a knowledge manager. These topics are made visible using highlighted and actionable cards in SharePoint Online and search results using online and Microsoft Office-based searches.

Potentially the most ethereal of problems to solve, preserving and disseminating knowledge is critical to our user experience. Working in a digital-only manager, frustration can easily mar our days by not knowing what specific words mean or where to find the knowledge to do our work.

The Employee Experience Platform attempts to make knowledge available when required by providing it in the context of the user experience, i.e., browsing a SharePoint page without leaving the application.

Microsoft Viva Goals

Microsoft Viva Goals, part of the Viva suite, is a strategic goals alignment platform designed to help organizations set, align, and manage strategic objectives effectively. It integrates seamlessly with the Microsoft ecosystem to provide a clear view of team and company goals, promoting transparency and alignment across departments. Viva Goals fosters a goal-oriented culture by allowing for the creation of Objectives and Key Results (OKRs) that connect the work of individuals and teams to the company’s most important objectives. 

This integration helps ensure that everyone is moving in the same direction, with a clear understanding of priorities and progress. By leveraging the familiar environment of Microsoft tools, Viva Goals simplifies the process of tracking and managing goals, making it easier for teams to stay focused and engaged with their objectives. Its user-friendly interface and integration capabilities make it a valuable tool for any organization looking to improve alignment, productivity, and outcomes through a structured and transparent goal-setting process.

Microsoft Viva for Government Cloud

Microsoft Viva has more features for both Government Cloud instances, GCC and GCC High. Note the Public roadmap announcements https://www.microsoft.com/en-us/microsoft-365/roadmap with the Cloud instance filters set GCC and GCC High.

Microsoft Viva Pricing

Microsoft Viva Suite is available at USD 12.00 per user per month or USD 2.00 and USD 6.00 per user per month for the Employee Communications and Communities and Workplace Analytics and Employee Feedback component. Pricing information, as well as which features are bundled vs. which features require additional add-ons, is documented by Microsoft.

Microsoft Viva suite and Microsoft Viva individual components cannot be purchased without base licensing, including:

• Microsoft 365 F1, F3, E3, A3, E5, and A5

• Office 365 F3, E1, A1, E3, A3, E5, and A5

• Microsoft 365 Business Basic, Business Standard, and Business Premium

• SharePoint K, Plan 1, or Plan 2

A Microsoft Viva license is required for the use of any Microsoft Viva components, with the following caveats:

• Viva Learning

A license is required for anyone who wants to access partner content and learn management systems or recommend content and track completion progress.

• Viva Insights

Personal insights are available to Microsoft 365 users without requiring a separate Viva Insights license. Premium personal insights, manager insights, leader insights, and advanced insights are available to users with a Viva Insights license.

• Viva Topics

A license is required for anyone viewing, accessing, or curating topic cards, topic pages, and centers or benefiting from Viva Topics capabilities.

• Viva Connections

Viva Connections is currently available to all Microsoft 365 or Office 365 enterprise plan users without requiring a separate license.

• Viva Goals

To access and utilize the full capabilities of Viva Goals, individuals or organizations must have a Viva Suite license or a separate Viva Goals license.

Getting Started with Microsoft Viva

Microsoft Viva is an inter-related suite of Microsoft products using Microsoft 365 components. We may choose to deploy only a part of Microsoft Viva, such as Microsoft Viva Learning, or we can deploy all of it. Adoption and change management for a digital journey are not quick or light topics. 

Similarly, the deployment of an Employee Experience Platform requires coordination and thought about the intent of what the organization wishes to achieve with each component and, critically, how the parts should lead the user to a positive experience. Microsoft Viva Connections springs to mind as the most immediate component requiring thought and customization, followed by Microsoft Viva Insights.

Microsoft Viva documentation is a great place to start the implementation journey, remembering that Microsoft Viva Components and the Microsoft Viva suite are tools in the User Experience strategy and not the strategy itself.

The post How Powerful Really is Microsoft Viva? appeared first on Altaro DOJO | Microsoft 365.

Much like learning the difference between Formula 1 and Formula 3 cars by reading the proverbial “high-speed racing weekly” to help choose which car or racing format is for you, read on to understand the difference between the various Frontline Workers licenses to help you decide which suits your business.

Let’s ensure we have the correct definition of the rights of frontline workers.

From Microsoft:
“Frontline workers are employees whose primary function is to work directly with customers or the general public providing services, support, and selling products, or employees directly involved in the manufacturing and distribution of products or services.”

You can also think of these as people who are NOT in front of a keyboard all day.

What are the F1, F3 and F5 SKUs in M365

The world of Formula Racing is complex. Similarly, although entirely different, the world of Microsoft licensing is also. As of December 2021, there were 1858 different SKUs available. Today we will cover just 5 of those designed for Frontline Workers: F1, F3, and the F5 add-ons.

So, let’s get into it.

For the most part, Frontline workers won’t need to use many of the applications used by their desk-bound counterparts. They need tools to do their job and do it securely and, in some circumstances, be compliant with relevant standards in that industry.

Microsoft appears to have considered the essential applications and services they need and offers plans to cover all your needs when it comes to Frontline Workers.

In the Frontline range of licenses, there are only five licenses:

• F1

• F3

• F5 Security

• F5 Compliance

• F5 Security and Compliance

As you would expect, F1 is the simplest of the lot. It gets your worker online with the bare apps needed to do their jobs securely. Or as Microsoft refers to it: “Lay the foundation for secure communication.”

These are key apps like the Office Suite on the web (but not the desktop apps), Outlook, Teams, SharePoint, and OneDrive.

F3 builds on this “foundation” and adds a swag of other applications like Full Outlook and Office Desktop, Sway, and Power Automate, amongst others.

Then there is F5, which is an add-on. It might come as a surprise, but F5 does not actually offer the same as F3. It isn’t a standalone license. F5 is all about Security and Compliance. All F5 add-ons require Microsoft F1, F3 (or Office 365 F3 Enterprise Mobility + Security E3).

The base F5 add-on comes in 2 flavors: “F5 Security” or “F5 Compliance.” Depending on the security requirements of the Frontline worker role or environment, a third SKU is available with security and compliance.

Have a look here to download the full breakdown and comparison for these licenses.
See here for an online comparison in a simpler tabular format.

Limitations of the different Frontline SKUs

Formula 3 racing is considered the entry point for rookies getting into the racing game. The engines are limited to top out at only 270 kmph. You know where this is going. The Frontline Worker F1 license is like Formula 3 racing. In this instance, it’s the starting point.

It can be tricky choosing the right license to ensure your Frontline Worker has access to the tools they need while, so here’s a summary of key services and what you get for each one.

Email

• F1 does not give the user an actual mailbox. Access only to Teams Calendar.

• F3 comes with a license for Outlook and a 2GB mailbox, available as an app or online.

Office

• F1 and F3: PowerPoint, Word, Excel, and OneNote

Device and app management

• F1: Microsoft 365 admin center, InTune, Endpoint Configuration Manager

• F3: All of the above plus Windows 11 Enterprise and Autopilot

Social

• All plans include SharePoint, Yammer, and Viva connections

Files and Content

• F1: OneDrive (2GB) and Stream

• F3: All of the above plus Sway

Work Management

• F1: Microsoft Planner

• F3: Microsoft Planner plus the Power Suite, Forms, and To Do

Meetings and Voice

• F1 and F3 Teams

Automation

• Available on F3 only

The summary above is intended to help in decision-making, comparing what you do or don’t get with each license. Read on for some examples of specific use cases and how they will affect your bottom line!

Use cases for the different Frontline licenses

Frontline worker Productivity Tools | Microsoft 365 (courtesy of Microsoft)

Not all racing cars in Formula 1, Formula 2, and Formula 3 are created equal. In fact, F1 cars are uniquely designed, whereas F2 and F3 are all designed by an Italian firm called Dallara. Bet you didn’t know all that?

Circling back to who Frontline Workers are and typically where you’ll find them. Some of these Frontline Workers might be in a niche service or industry and need their own “unique” choice of which license combination suits them (see what I did there?).

The four photos above – taken from Microsoft’s 365 Enterprise page – capture places where you’ll find Frontline Workers and help cement who they are and what they do. It drives home the wide spectrum of how Frontline Workers are classed or considered.

What are my thoughts on the above and what to choose?

Starting top-left. Honestly, I’m unsure what role or job this person performs. Based on clothing, I’m picking a medical supply service. Drive-through-drugstore anyone?

Moving on to the first responders at the top-right. I suspect high-end security and compliance probably won’t be necessary for them. They need the basics, so F1 for you. Thank you very much.

On the other hand, the healthcare professional at the bottom left will have access to patient data. One thing to remember is the various regulations, such as HIPAA in the US and similar regulations in other countries. That extra $13/month with the Security + Compliance add-ons is worth the spend to remain secure and compliant.

What’s it going to cost me?

The price of a Formula 1 car is around $20m. For a Formula 2 car, you’re looking at parting with only around $670,000 and a Formula 3 dropping to just $120,000.

Pricing for Frontline Workers licensing is a tad less but still requires due consideration when choosing.

Here’s the skinny on pricing for each of the Frontline Worker licenses.

(All prices are based on an annual commitment)

At the top end of the scale, purchasing for Frontline Workers in a high-profile or sensitive industry (e.g., Pharmaceutical or Bank), where security and compliance are common, you’ll probably opt for the F3 + F5 Security + Compliance add-on, which will set you back $21 user/month.

On the other hand, for Frontline Workers in a tin-can factory or the first responders mentioned in the previous paragraph, the F1 license will be your likely choice.

Note that these are simply suggestions and my starting approach. Each business needs to do its own due diligence to decide what is right for the person and the business, and ultimately, the budget!

Conclusion

Microsoft’s catchy terms like “Connect your workforce,” “Protect your organization,” and “Empower with devices” to describe this class of license can’t be faulted. Collectively, they explain the benefit you get from the Frontline Worker license and why you should hand over your shiny dollars.

At the start of this article, I stated the number of Microsoft license SKUs available: 1858. By offering such a variety of licenses, including those for Frontline Workers, there’s something to suit virtually any business, in almost any environment, and in all industries.

I hope you enjoyed learning as much as I did a bit about the world of Formula racing and, more importantly, Frontline Workers licenses and are now better informed when choosing.

The views expressed in this article are my own and are unrelated to my employer’s views.

The post What are the Frontline Worker SKUs in M365 and Who are they for? appeared first on Altaro DOJO | Microsoft 365.

Estimating the real cost of a technology solution for a business can be challenging. There are obvious costs as well as many intangible costs that must be taken into account.

For on-premises solutions, people tend to include licensing and support maintenance contract costs, plus server hardware and virtualization licensing costs. For Software as a Service (SaaS) cloud solutions, it seems like it should be easier since there’s no hardware component, just the monthly cost per licensed user, but this simplification can be misleading.

In this article, we’re going to look at the complete picture of the cost of Microsoft 365 (formerly Office 365), how choices you as an administrator make can directly influence costs, and how you can help your business maximize the investment in OneDrive, SharePoint, Exchange Online and other services.

The Differences Between Office 365 & Microsoft 365

As covered in our article about the death of Office 2019, there are naming changes afoot in the Office ecosystem. The personal Office 365 subscriptions have changed and are now called Microsoft 365 Family (up to six people), and Personal, along with the Office 365 Business SKUs that top out at 300 users, has also been renamed. The new SKUs are Microsoft 365 Business Basic, Apps, Standard, and Premium.

There’s no reason to believe that this name change won’t eventually extend to the Enterprise SKUs, but until it does, from a licensing cost perspective, it’s important to separate the two. Office 365 E1, E3, and E5 give you the well-known “Office” applications, either web-based or on your device, along with SharePoint Online, Exchange Online, and OneDrive for Business in the cloud backend.

Microsoft 365 F3, E3, and E5, on the other hand, includes everything from Microsoft 365 plus Azure Active Directory Premium features (identity security), Enterprise Mobility & Security (EMS) / Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM) along with Windows 10 Enterprise.

Comparing M365 plans

So, a decision that needs to be looked at early when you’re looking to optimize your cloud spend is whether your business is under 300 users and likely to stay that way for the next few years. If that’s the case, you should definitely look at the M365 Business SKUs as they may fulfill your business needs, especially as Microsoft recently added several security features from AAD Premium P1 to M365 Business.

If you’re close to 300, expecting to grow, or already larger, you will have to pick from the Enterprise offerings. The next question is, what does the business need – do you just need to replace your on-premises Exchange and SharePoint servers with the equivalent cloud-based offerings? Or is your business looking to manage corporate-issued mobile devices (smartphones and tablets) with MDM or protect data on employee-owned devices? 

The latter is known as Bring Your Own Device (BYOD), sometimes called Bring Your Own Disaster. It might be the clincher if you have those needs (and no other MDM in place today), including Intune in M365. If, on the other hand, you need to protect your on-premises Active Directory (AD) against attacks using Azure Advanced Threat Protection (AATP) or inspect, understand, and manage your users’ cloud usage through Microsoft Cloud App Security (MCAS), you’ll also need M365 E5, rather than just O365.

Cloud app security dashboard

The difference is substantial; outfitting 1000 users with O365 E3 will cost you $276,000 per year, whereas moving up to M365 E3 will cost you $432,000. And springing for the whole enchilada with every security feature available in the M365 E5 will cost you $684,000, nearly 3X the cost of the O365 E3. Thus, you need to know your business needs and tailor the subscriptions accordingly (see below for individual services to match business requirements).

Note that if you’re in the education sector, you have different options (O365 A1, A3, and A5 along with M365 A1, A3, and A5) that are roughly equivalent to the corresponding Enterprise offerings but less costly. Charities/not-for-profits have options for both O365 and M365 as well. M365 Business Premium is free for charities for up to 10 users and $5.5 per month for additional users.

A la carte Instead of Bundles

There are two ways to optimize your subscription spend in O365 / M365. Firstly, you can mix licenses to suit the different roles of workers in your business. For instance, the sales staff in your retail chain stores are assigned O365 E1 licenses ($10 / month) because they only need web access to email and documents, the administrative staff in head office use O365 E3 ($23 / month), and the executive suite and other high-value personnel use the full security features in E5 ($38 / month). Substitute M365 F3, E3, and E5 in that example if you need additional features in M365.

Secondly, you don’t have to use the bundles that are encapsulated in the E3, E5, etc. SKUs, and you can instead pick exactly the standalone services you need to meet your business needs. Maybe some users only need Exchange Online, whereas other users only need Project Online. The breakdown of exactly what features are available across all the different plans and standalone services is beyond the scope of this article, but the O365 and M365 service descriptions are the best places to start investigating.

Excerpt from the O365 Service Description

And if you’re a larger business (500 users+), you’re not going to pay list prices, and instead, these licenses will probably be part of a larger, multi-year enterprise agreement with substantial discounts.

If You Hate Change

If you want to stay on-premises, Exchange Server 2019 is available (only runs on Windows Server 2019), as is SharePoint Server 2019, and you can even buy the “boxed” version of Office 2019 with Word, Excel, etc. with no links to the cloud whatsoever. This is an option that moves away from the monthly subscription cost of M365 (there’s no way to “buy” M365 outright) and back to the traditional way of buying software packages every 2-5 years.

 Be aware that these on-premises products do NOT offer the same rich features that O365 / M365 provides, whether it’s the super-tight integration between Exchange Online and SharePoint Online, cloud-only services like Microsoft Teams that build on top of the overall O365 fabric or AI-powered design suggestions in the O365 versions of Word or PowerPoint. 

There’s no doubt that Microsoft’s focus is on cloud services. These are updated with new features daily instead of every few years. If your business is looking to digitally transform towards tech intensity (two recent buzzwords in IT with a kernel of truth in them), using on-premises servers and boxed software licensing is NOT going to get you there. But if you want to keep going like you always have, it’s an option.

And if you’re looking at this from a personal point of view, a free Microsoft account through Outlook.com does give you access to Office Online: Word, Excel, and PowerPoint in a browser. There’s even a free version of Microsoft Teams available.

Transforming your Business

There’s a joke going around at the moment about the COVID-19 pandemic bringing digital transformation to many businesses in weeks that would have taken years to achieve without it. There’s no doubt that adopting the power of cloud services has the power to truly change how you run your business for the better. A good example is moving internal communication from email to Teams, including voice and video calls, and perhaps even replacing a phone system with cloud-based phone plans.

But, these business improvements depend on the actual adoption of these new tools. And that requires a mindset shift for everyone. Start with your IT department; if they still see M365 as just cloud-hosted versions of their old on-premises servers, they’re missing the much bigger picture of the integrated platform that O365 has become. 

Examples include services such as Data Loss Prevention (DLP), unified labeling and automatic encryption/protection of documents and data, and unified audit logging that spans ALL the workloads. So, make sure you get them on board with seeing O365 as a technology tool to transform the business, not just a place to store emails and documents in OneDrive. 

Adding M365 unlocks massive security benefits, enabling zero-trust (incredibly important as everyone is working from home), identity-based perimeters, and cloud usage controls. But if your IT or security folks aren’t on board with truly adopting these tools, they’re not going to make you any more secure.

Finally, you’re going to have to bring all the end-users on board with a good Adoption and Change Management (ACM) program, helping everyone understand these new services and what they can do to make their working lives better. This includes training but make sure you look to short, interactive, video-based modules that can be applied just when the user needs coaching on a particular tool, not long classroom-based sessions.

And all of that, for all the different departments, isn’t a once-off when you migrate to O365; it’s an ongoing process because the other superpower of the cloud is that it constantly changes and improves. This means you’ll need to assign someone to track the changes that are coming/in preview and ensure that the ones that really matter to your business are understood and adopted. The first place to look is the Microsoft 365 Message Center in the portal, where you can also sign up for regular emails with summaries of what’s coming. Another good source is the Office 365 Weekly Blog.

M365 portal Message Center

To help you track your usage and adoption of the different services in O365, there is a usage analytics integration with PowerBI. Use this information to firstly see where adoption can be improved and take steps to help users with those services and secondly to identify services and tools that your business isn’t using and perhaps doesn’t need, giving you options for changing license levels to optimize your subscription spend.

PowerBI O365 Usage Analytics (courtesy of Microsoft)

Closing Notes

There’s another factor to consider as you’re moving from on-premises servers to Microsoft 365, and that’s the changing tasks of your IT staff. Instead of swapping broken hard drives in servers, these people now need to be able to manage cloud services and automation with PowerShell and most importantly, see how these cloud services can be adopted to improve business outcomes.

A further potential cost to take into account is backup. Microsoft keeps four copies of your data in at least two datacentres so they’re not going to lose it, but if you need the ability to “go back in time” and see what a mailbox or SharePoint library looked like nine months ago, for instance, you’ll need a third-party backup service, further adding to your monthly cost.

And that’s part of the overall cost of using O365 or M365: training staff, adopting new features, different tasks for administrators, and managing change, which requires people and resources, in other words, money. And that’s got to be factored into the overall cost of using Microsoft 365. It’s not just the monthly license cost.

The final question is, of course – is it worth it? Speaking as an IT consultant with clients (including a K-12 school with 100 students) who recently moved EVERYONE to work and study from home, supported by O365, Teams, and other cloud services, the answer is a resounding yes! There’s no way we could have managed that transition with only on-premises infrastructure to fall back on.

The post The Real Cost of Microsoft 365 Revealed appeared first on Altaro DOJO | Microsoft 365.

This article focuses on administration and management exclusively for OneDrive for Business. We will cover advice and best practices from my extensive experience working with services ideal for system admins and those actively working with it on a daily basis.

What is Microsoft OneDrive?

Microsoft has two different but similar services called OneDrive, both offering users cloud file storage. A free version of OneDrive is available to everyone and is often called the “consumer” version. The business version is “OneDrive for Business” and requires a subscription to Microsoft 365 or Office 365. Both look a lot alike but are managed very differently. To add to the mix, Microsoft often refers to OneDrive for Business as simply “OneDrive” in their documentation and even in the UI.

Note: I may refer to OneDrive instead of OneDrive for Business from time to time in this article for the sake of brevity, but I always mean OneDrive for Business unless otherwise stated.

OneDrive for Business has company-wide administration in mind. A service administrator can control the deployment of the synchronization app, network performance, and many other settings. With OneDrive (consumer), there is no management framework. The individual using the service controls their settings.

Where Should Users Save Files?

OneDrive for Business makes it very easy to share files with others, but if you find yourself sharing lots of files, it is recommended to use Teams or SharePoint instead. Teams and SharePoint are simply better for collaboration. For example, with OneDrive, you can’t check in and check out a document. 

Also, in Teams, any document you upload to Teams is available to the entire Team by default, whereas documents you upload to OneDrive are private by default. Also, in Teams, a conversation about a document is shared in a Teams channel rather than via email. The general guidance is that if you are working on a file without others involved, use OneDrive for Business. If you need others involved, use a more collaborative service like Teams or SharePoint.

OneDrive for Business uses SharePoint Online as Service

As the service administrator, one of the most important concepts to master is that OneDrive for Business is a special-purpose SharePoint document library created automatically for every user in your company. When a user is assigned an Office 365 or Microsoft 365 license, the services automatically create a personal OneDrive for Business document library.

The URL for OneDrive for Business is formatted as follows:

https://<company base name>-my.sharpoint.com/personal/<user-id>

The landing page (shown above) for OneDrive for Business shows “My Files,” which are your files. You can also navigate from here to any SharePoint asset, including SharePoint Document Libraries, files hosted for Teams, or other SharePoint content.

Now that you know OneDrive for Business is using SharePoint under the hood, the following guidance makes sense:

To manage the OneDrive sharing settings for your organization, use the Sharing page of the new SharePoint admin center instead of the Sharing page in the OneDrive admin center. It lets you manage all the settings and latest features in one place.

In this way, settings related to file sharing on SharePoint are aligned with those for OneDrive for Business (and Teams, which also uses SharePoint as a file store). OneDrive picks up many features from SharePoint, such as the ability to do File Restores, Restore a previous version of a file, and synchronize files to your desktop.

OneDrive Integrated With Other Microsoft 365 Tools

OneDrive for Business extends its utility far beyond mere file storage and sharing. When strategically integrated with other Microsoft 365 tools, it transforms into a powerhouse for collaboration, productivity, and seamless workflow management.

OneDrive for Business is intricately woven with Office Online, including Word, Excel, PowerPoint, and OneNote. This integration permits users to create, edit, and collaborate on documents directly within OneDrive without the need to toggle between applications. Changes are automatically saved and synced, ensuring that the most current version of the document is always available, regardless of where or how it’s accessed.

Another integration capability is with Power Automate. This integration with Power Automate (formerly Microsoft Flow) opens up possibilities for workflow automation. You can create custom flows that automatically perform actions in OneDrive based on specific triggers. For example, you might set up a flow to notify team members when a new file is added to a specific OneDrive folder or to automatically archive files when they reach a certain age. This integration not only saves time but also enhances efficiency by reducing manual tasks.

For organizations that rely on data-driven decision-making, integrating OneDrive for Business with Power BI can be transformative. Power BI can connect to Excel files stored in OneDrive, enabling dynamic data analysis and visualization. This integration allows for real-time updates to reports and dashboards as the underlying Excel files are updated in OneDrive, ensuring that decision-makers always have access to the most current data insights.

OneDrive for Business also integrates seamlessly with Outlook, allowing users to easily attach files from OneDrive to emails. Additionally, users can share links to OneDrive files instead of attaching them, which is particularly useful for large files or when collaborating on documents. Outlook’s calendar features can also be used to set reminders for follow-ups on shared OneDrive files, integrating task management with file sharing.

Finally, OneDrive for Business, when integrated with Microsoft Search, offers a unified search experience across Microsoft 365. This integration allows users to perform a single search to find documents, conversations, and people across OneDrive, Outlook, and other Microsoft 365 applications. It streamlines the process of locating information and saves valuable time.

OneDrive for Business’s integration with other Microsoft 365 tools not only enhances its core functionalities but also elevates it to a comprehensive platform for advanced collaboration, workflow management, and data security. While this is due to the fact that OneDrive is part of the Microsoft family of collaboration and productivity tools, you’ll now see just how seamless access can be with Teams and other tools.

Easy Anonymous Access

One main reason OneDrive for Business is well-liked is that it’s easy to share a document with anyone. You can send someone a URL to a document and relax. It works, and you won’t hear the dreaded “I can’t open the document” (which is all too common and a huge productivity sink).

The screenshot below exemplifies my point. What’s being shown is the side-by-side sharing experience in Teams vs. OneDrive. Take note! There is no Share option in Teams. You can copy the link to the file, but you must know if the user you send it to has the right to view the document in the Teams library. In OneDrive for Business, however, a Share option allows you to send a URL to anyone. Anonymous Access is one of the primary reasons users share from OneDrive rather than Teams.

Also, in OneDrive, if you click on Anyone with the link can edit, you can further refine the Sharing options.

As a side note, users frustrated by Teams’ lack of sharing controls can easily open a document or folder in SharePoint instead of Teams (as shown below). In SharePoint, you can share the file with anyone, just like in OneDrive. There’s no need to copy a file in Teams to OneDrive to share anonymously. Just open it in SharePoint instead!

<>Controlling Default Permissions

Many businesses prefer to control who can open company documents. You can change the default settings in the OneDrive administration center, but let’s follow Microsoft’s advice to use SharePoint administration instead.

There are separate controls for External Sharing for SharePoint and OneDrive, ranging from Only people in your Organization to Anyone. However, what a static snapshot does not reveal is that the OneDrive settings cannot be more permissive than SharePoint. If you lower the permission on SharePoint, the permission also lowers it on OneDrive. OneDrive can be more restrictive than SharePoint but never less restrictive. Since SharePoint hosts OneDrive files, this makes sense.

These settings are company-wide. Let users know before you make changes to global settings that cause changes in expected behavior. You WILL hear from them, and it generally won’t be a happy face emoji.

When guest users are needed, as they frequently are, consider securing the environment with the guidance provided by Microsoft in the documentation page titled Create a secure guest sharing environment.

Savvy admins can control sharing using options available when you click on More external sharing settings on the same screen shown above:

The option Limit, external sharing by domain, lets you allow or deny sharing to a particular domain. This can be a great way to go when you want to constrain sharing to a specific set of partners or external resources.

Allowing only users in specific security groups to share externally lets you control who can share files with people outside your organization. A security group is an Azure AD object that is generally a collection of users and other groups. After populating the security group with users, you can assign permissions and policies to the group, such as granting the group access to a SharePoint site or a mailbox or forcing group members to use 2-factor authentication.

Consider the following scenario. Marketing involves a lot of external sharing, so we want to enable sharing for members of Marketing but deny everyone else, AND we don’t want to make adjustments every time someone moves into or out of marketing.

To illustrate how this can be achieved with security groups, I created a security group in Azure AD named Marketing-Org and added four users. As employees come and go, marketing members are added to and removed from this group. (If you haven’t created security groups in Azure AD, it’s straightforward.)

Next (shown below), I created another security group called External-Sharing.

Security groups can have other security groups as members! By adding Marketing-Org to External-Sharing, the users in Marketing-Org automatically inherit External-Org permissions and policies

After that, I assigned the sharing permissions to the External-Org group. Returning to the SharePoint admin center, Policies->Sharing->More external sharing settings-> Allow only users in specific security groups to share externally. Then, by clicking on Manage Security Groups (shown below), I added the External-Sharing group and set them so they can be shared with anyone. To limit everyone else’s ability, I added the built-in security group Everyone except external users and set them to share with Authenticated guests only.

In this way, everyone in the company can only share with authenticated guests, whereas only the members of External-Sharing can share with anyone.

The screenshot below shows the result. The user on the left is not a member of the External-Sharing group (the Anyone option is grey and cannot be selected). However, the user on the right can.

Once configured, effective administrators can manage membership of the security groups using PowerShell with the Add-AzureADGroupMember and associated cmdlets.

Storage space per user

Most Microsoft 365 and Office 365 plans come with 1TB of storage per user for OneDrive. If there are more than five users on a plan, 1TB can be increased by administrators to 5TB. You can even go to 25TB on a user-by-user basis by filing a support ticket with Microsoft.

To increase the storage limit for all users, browse the OneDrive administration console and select Storage. Change the setting from 1024 to the new limit. Shown below is updating the limit to 5TB. There are no additional charges for the increase in capacity.

A global or SharePoint admin can change storage quotas with PowerShell after you connect to SharePoint using the SharePoint Online Management Shell and run the following command:

Set-SPOSite -Identity <user’s OneDrive URL> -StorageQuota <quota>.

You have to construct the OneDrive URL from the company name and user name, as mentioned earlier. Then, find the user name from the list of active users in the Office or Microsoft 365 admin center.

For <Quota>, enter a number between 1024 (1MB is the minimum) and 5242880 (for 5 TB). Values are rounded up. 1TB is 1048576.

As of this writing, OneDrive allows files up to 100GB.

Request Files

In some scenarios, you may want to collect files from others rather than send files to others. OneDrive for Business makes this easy with the Request Files feature. With this feature, users can send an email asking others to upload content to a specific folder.

To set up a request files email, in the OneDrive UI, select a folder, click on the ellipses (…), and click Request files. You will see a window similar to the one shown below.

After clicking Next, you will see the Send file request window:

The email sent by this form provides a URL for uploading content to the OneDrive for Business folder. Request files are a great way to collect and concentrate needed files into a single location for processing. That said, you need to make sure to enable uploads for the folder locations in the request.

Of course, a savvy administrator is thinking, “Hmm, does this provide a way for these users to upload content forever to this location?”

Shown below is the SharePoint admin center for Policies and Sharing.

With these settings, you can limit the ability to upload files to the location access given in the Request files invitation. These settings apply to anonymous links sent from OneDrive and SharePoint as well. As a best practice, if you permit users to send links to Anyone enabled by default, you should expire those links. Otherwise, over the years, there can be hundreds or thousands of URLs that provide access to your content, making access control distressingly challenging or impossible without disabling anonymous access altogether.

Folders must be set to View, edit, and upload as shown above to allow users to upload files in response to a file request.

Synchronization

One of the main features of OneDrive for Business is the ability to synchronize files from a user’s PC or laptop with OneDrive. With the synch service running, users can work on files locally, and the changes are sent to the cloud. Also, well-known folder locations such as Documents can be synchronized, ensuring essential documents are both local and in the cloud. You can easily sync Teams File Repositories as well as SharePoint Document Libraries.

The synchronization service is part of Windows 10, so you do not generally need to download it individually. Users can install the service by clicking Start and typing OneDrive.

Click on the OneDrive app to launch the setup. OneDrive is then accessible in the taskbar as the cloud icon (shown before logging in below).

Alternatively, users can enable the client by logging into onedrive.microsoft.com and clicking Sync.

When installed, users can enjoy the integration of OneDrive with Windows File Explorer. A OneDrive location is visible in the File listing. The OneDrive file listing is unique as you can see if a file is in the cloud (cloud icon), local and in the cloud (checkmark), or synchronizing (arrows). Also, when you right-click on a file in the OneDrive folder, you can Share a file, View it online, and check the version history.

Pay particular attention to the following icons. Shown below is a screenshot from one that appears during the installation of the OneDrive client.

TAKE NOTE – File on demand enabled by default!

Imagine this scenario. You are working on an important project with several others. A Teams site is used for collaboration. You’re headed out for an important client meeting, and a colleague posts several important files to Teams. You’ve installed the sync client and headed off to the airport, so you think, “no worries, I’ve got them synced to my laptop, and I can view them in flight.” Aloft, you open your laptop and see there is a cloud icon next to files. Clicking on a file, it’s not accessible. What happened?

What happened is the Files On-Demand is enabled by default.

Files On-Demand marks content that appears in the cloud as cloud-only. A file added to a Teams File Repository will not automatically sync locally. It’s not available offline until you open the file or set the file or folder to Always keep on this device. Optionally, you could also disable Files On-Demand, which we’ll get to in a minute.

For an important file or folder, right-click in Windows Explorer and select Always keep on this device. Users can also disable Files On-Demand in the OneDrive client by opening the client and clicking More->Settings->Settings, then clearing the checkbox that reads Files On-Demand.

When you clear the checkbox, a pop-up message says that, indeed, the files will download to your PC instead of being cloud-only.

Be advised that as the message above states, if your files in OneDrive for Business take up, say, 1TB, then that 1TB will be downloaded to your PC. Local storage needs to allow for this. Also, administrators need to consider the impact on bandwidth should you disable Files On-Demand for many users at the same time.

As an alternative, consider instructing users to mark files and folders they want to always be available offline as “Always available on this device” using Windows File Explorer, as previously discussed. Then you can keep Files On-Demand enabled to preserve bandwidth as only the designated files and folder will be permanently synched, while those you open will be temporarily synched. All others will reside in the cloud.

Using Policy

For small businesses, administrators can manage OneDrive for Business effectively with the OneDrive for Business administration console. Larger organizations will be interested in using the policy. The policy system for Microsoft and Office 365 is considered the most efficient way to manage many settings, including those for OneDrive for Business. Policy-based administration provides administrators control, scale, repeatability, and flexibility.

Policy automation can be a complicated topic and breaks into different scenarios depending on your network architecture and configuration. For those with on-premise Active Directory environments, you manage policy via SCCM or Azure AD Domain Services.

If your environment is cloud-only (meaning you are not using domain controllers locally), using Microsoft’s InTune service lets you deploy the OneDrive sync service to desktops using the Microsoft Endpoint Manager admin center.

You can also create and apply profiles to users that control OneDrive behavior. Shown below is a policy profile limiting the client upload rate to a percentage of available bandwidth. This is one of many possible settings to control OneDrive policies in Microsoft Endpoint Manager.

Previously, you saw how you can limit sharing with anonymous users to members of a specific security group. Similarly, you can apply different policy profiles to different security groups.

In this way, you manage the behavior of OneDrive and many other aspects of your cloud service by membership in security groups. It’s easy to imagine uses for this practice with a group for New Hires, Legal-Review-Team, Alliance Partners, Vendors, or other typical roles with differing needs in a busy organization.

Network Impact

In regards to OneDrive, you want to be thoughtful about bandwidth consumption in your company, especially on the initial deployment of OneDrive for Business. More than one company has had issues with essential business services becoming sluggish when hundreds or even thousands of newly deployed OneDrive for Business sync clients start downloading content at the same time. Files On-Demand, as discussed earlier, helps significantly to reduce the initial bandwidth hit as files located in the cloud are not automatically downloaded to clients when enabled.

Known folder moves (discussed next) can also impact network performance by automatically uploading users’ local folders to the cloud when the client is deployed.

To help manage network impacts, the OneDrive sync client has bandwidth controls built-in. For a small business, you may want to adjust these settings on each users’ system. Right-click on the OneDrive for Business sync client, then click Settings->Network to see the settings.

In a larger business, you can use policy to push the desired settings, including the ability to mark OneDrive network traffic with QoS settings

Known Folder Moves

Finally, a feature called Known Folder Moves is of keen interest to administrators as it can help reduce support desk calls and ease users’ transitions to new computers when replaced or upgraded.

As you probably know, specific folders in Windows, such as Documents, Desktop, and Pictures, and others are unique. These are “known folders” as they are in the same location in the file system on every Windows operating system.

OneDrive includes a feature where known folder locations are synced to OneDrive for Business. When a user needs a file in one of these locations and their PC is not available, they can access it from any device, including a mobile device that has an internet connection. Also, when a user moves to a new PC or laptop, all the previous documents, images, and important files are online and can easily be synched back to the new device.

Known Folder Moves can be enabled in the sync client by clicking on Setting->Backup->Manage Backup.

Of course, you can also use policy with the methods previously discussed. Should you decide to roll this out, be mindful of bandwidth impacts and network performance, all that content will be uploaded to the cloud.

Summary

OneDrive for Business is an exceptionally useful service. In this article, we’ve discussed many of the key considerations, benefits, best practices, and capabilities of OneDrive for Business so you can effectively manage the service for users. A capable administrator will understand the business use cases for sharing as well as the network impact of OneDrive for Business, and be familiar with how to administer the service including using policy to enforce the desired settings for your Business.

When set up, users will enjoy cloud access to essential files, including their Desktop, Document, Pictures, Team sites, and other files of importance, allowing them to share content quickly and work locally or collaboratively.

Of course, Microsoft is continuously updating OneDrive for Business, so as a last tip, bookmark the Microsoft official OneDrive blog to keep up-to-date.

The post OneDrive for Business: Tips and Tricks for High-Performing Admins appeared first on Altaro DOJO | Microsoft 365.

Document storage is key as part of your organization’s journey to the cloud / digital transformation. Microsoft OneDrive for Business (OD4B) replaces the traditional local “Documents” folder and opens up access to work on documents from anywhere, on any device, from the OneDrive app, along with many other capabilities.

This article will look at what Microsoft OneDrive for Business is, how it compares with personal OneDrive, how to use OD4B, protect your files, and share them with others securely, and some tips for Microsoft 365 administrators managing OD4B for a business. If you’d like an overview of how to use OneDrive for Business, I’ve made the video below, which accompanies this article:

The Basics of OneDrive for Business

Microsoft OneDrive for Business is SharePoint-based cloud storage that you license as part of Office / Microsoft 365. It gives users 1 TB of storage (at the most basic levels, unlimited for higher-level plans) for their documents. You can access these documents from any Windows or Mac computer (OneDrive for Mac) and through Android and iOS apps. 

As a note, the client is built into Windows 10, 1709, or later but is also available for earlier versions. You can also access OneDrive storage in any web browser. You can quickly get there by logging in at www.office.com and clicking the OneDrive icon.

OD4B in Office.com

Alternatively, you can right-click on the folder in Windows Explorer on your desktop and select:View online.

Right-click on OD4B in Windows Explorer

Either way, you end up in the OneDrive Microsoft web interface, where you can create new Office documents, upload files or folders, sync the content between your machine and the cloud storage (see below), and create automation flows through Power Automate. Through the Microsoft OneDrive for Business web interface, you can access the “file versions” functionality to restore previous versions of your files. (see below under the Advanced features)

OD4B web interface

Note that if you click on an Office file in the web interface, it’ll open in the web-based version of Word, giving you the option of working on any device where you have access to a browser.

For most people, 1 TB of storage is sufficient, but many modern devices don’t come with that amount of internal storage, so you may need to choose what to sync to the local device. Understanding how to sync OneDrive between the cloud and local storage is straightforward.

There are two approaches: you can right-click on a folder or file and select Always keep on this device, which will do exactly that (and take up space on your local PC), or Free up space, which will delete the local copy but keep the files in the cloud. You can tell the different states with the filled green tick (always on this device) icon or the white cloud (space freed up). The automatic way is to simply double-click on a file that you need to work on, and the file will be downloaded (green tick on white background), called Available locally. This feature is called Files on Demand.

In Windows, there’s also a handy “pop up” menu to see the status of OneDrive for Business, see which files have been recently synced, and let you pause syncing temporarily.

Pop up menu from OD4B client

If you’re working in Word, Excel, or PowerPoint in both Windows and Mac on a file stored in Microsoft OneDrive for Business (and OneDrive personal / SharePoint Online), it’ll AutoSave your changes without having to save manually. OneDrive for Business will also become the default save location in Word, Excel, etc.

And the “secret” is that OneDrive for Business is just a personal document library in SharePoint Online, managed by the OneDrive Microsoft service.

Choosing syncing options for folders

OneDrive versus OneDrive for Business

If you sign up for a free Microsoft account, you get the personal flavor of OneDrive storage, which provides 5GB of storage. Additional paid plans for the personal version of OneDrive storage are worth noting. These include:

• OneDrive Standalone 100GB – 100 GB storage at $1.99/mo

• Microsoft 365 Personal – 1 TB OneDrive 365 storage – $69.99/yr and also includes full Office applications (Outlook, Word, Excel, PowerPoint)

• Microsoft 365 Family – $99.99/yr includes 1 TB of storage for (6) people – 6 TB total

From an end-user point of view, the services are very similar, but the business version adds identity federation, administrative control, Data Loss Prevention (DLP), and eDiscovery.

OneDrive, designed for individual use, offers a convenient interface ideal for personal file storage and sharing. It integrates seamlessly with Windows and other Microsoft products, offering a straightforward solution for personal document management. 

In contrast, OneDrive for Business is tailored for enterprise needs, featuring advanced security with encryption, integration with Microsoft Teams and SharePoint for real-time collaboration, and compliance adherence to standards like GDPR, HIPAA, and FERPA. It also provides comprehensive audit trails and IT controls for user management and access permissions, making it suitable for larger organizations with complex data protection and regulatory requirements.

 While OneDrive offers simplicity for individual users, OneDrive for Business delivers a more sophisticated, secure, and collaborative environment for businesses, with features like advanced security, compliance tools, administrative controls, and team collaboration capabilities, making it a comprehensive solution for organizational needs.

While on security, let’s see the security capabilities of the basic OneDrive and OneDrive for business. 

Security in OneDrive Versus OneDrive for Business

When comparing the security features of Microsoft’s OneDrive and OneDrive for Business, several key differences stand out, each tailored to the specific needs of personal and professional users.

OneDrive Security 

OneDrive offers essential security features that cater to individual users. These include: 

• Encryption: OneDrive encrypts user data both in transit and at rest, ensuring that files are protected during transfer and while stored on Microsoft’s servers. 
• Two-Factor Authentication: For added security, OneDrive supports two-factor authentication, which requires a second form of identity verification, such as a code from the Microsoft Authenticator app, to access the account. 
• Personal Vault: A standout feature for sensitive documents, the Personal Vault requires additional authentication and automatically locks after a period of inactivity. 
• Ransomware Detection: OneDrive includes ransomware detection and recovery tools, allowing users to recover lost data for up to 30 days and revert to previous file versions. 

While OneDrive’s security is robust for personal use, it lacks some advanced features necessary for business environments, such as auditing and advanced versioning controls​​.

OneDrive for Business Security

OneDrive for Business is designed for organizational use and offers enhanced security features suitable for enterprise environments. Key security features include:

• Advanced Encryption and Key Management: While it also provides encryption for data in transit and at rest, OneDrive for Business lacks client-side encryption key management, meaning the encryption keys are managed by Microsoft, not the individual user.
• Auditing and Reporting: This feature is particularly crucial for businesses as it allows for the monitoring of file access and user activities, providing valuable insights for security compliance.
• Versioning Management: OneDrive for Business offers more sophisticated versioning controls than its personal counterpart, allowing businesses to manage document histories effectively.
• SSO/ADFS/Directory Sync Support: These features provide seamless integration with corporate directories and support single sign-on (SSO) capabilities, enhancing both user convenience and security.
• Compliance and Industry Standards: OneDrive for Business aligns with various industry standards and regulatory requirements, making it a suitable choice for businesses concerned with compliance​​​​.

While OneDrive offers a secure and user-friendly environment for personal file storage and sharing, OneDrive for Business steps up the security game to meet the sophisticated needs of business environments. The choice between the two should be based on your specific needs, whether for personal convenience or for meeting complex security and compliance requirements.

Advanced Features

OneDrive for Business provides several advanced features that the casual user might not know about. For instance, when you’re attaching a document to an email, you’ll have the option to attach a link to the document in your OneDrive for Business instead of a copy. If you’re emailing the document to someone internally in your business or someone externally that you collaborate with, this is a better option as you’ll both still be working on the one file (potentially at the same time; see below) rather than having multiple copies attached to different emails and ending up having to manually reconcile the edits at the end.

Known Folder Move is another feature that you can enable as an administrator. This will redirect the Desktop, Documents, Pictures, Screenshots, and Camera Roll folders from a user’s local device to OneDrive for Business.

This has two benefits; firstly, if a user loses their device or it’s broken, their files will still be there when they log in on a new device. Secondly, they can use their local Documents, Pictures, etc. folders as they always have.

Known Folder Move can be controlled on-premises using Group Policy from Active Directory Domain Services. In addition, Microsoft Intune configuration profiles can be used to configure and control Known Folder Move for hybrid-connected end-user clients.

There’s also versioning built into OneDrive for Business, which keeps track of each version as it’s saved; you can access this either in the web interface or by right-clicking on a file in Windows Explorer.

OD4B document versions

The Recycle bin in the web UI for OneDrive for Business has saved many an IT Pro’s career when the CEO has deleted (“by mistake” – but they swear they never hit delete) an important file. Simply click on the Recycle bin and restore files that were deleted up to 93 days ago (up to 30 days for OneDrive personnel). A related feature is OneDrive Restore, which lets you recover an entire (or parts of) OneDrive for Business, perhaps after a ransomware attack has encrypted all the files. It also shows a histogram of versions for each file, making it easy to spot the version you want to restore.

Using AI, SharePoint and OneDrive for Business will automatically extract text from photos that you store so that you can use it when searching for files. It’ll also automatically provide a transcript for any audio or video file you store. File insights let you see who has viewed and edited a shared file (see below) and get statistics.

If you’re using the app on your smartphone, you can scan the physical world (a whiteboard, a document, a business card, or a photo) with the camera, and it’ll use AI to transcribe the capture.

Scanning in the Android app

Recently, Microsoft added a new feature called Add to OneDrive that lets you add a shortcut in OneDrive for Business to folders that others have shared with you or that are shared with you in Teams or SharePoint. Speaking of Teams, when sharing files, they will now use the same sharing links functionality that OneDrive for Business uses (see below).

 Even more useful will be the forthcoming ability to move a folder and keep the sharing permissions you have configured for it, and for some files (CAD drawings, anyone?), the increase of the maximum file size from 15 GB to 100 GB is welcome. And, like all the other cool kids, OneDrive for Business (and OneDrive personal) on the web will add a dark theme option. More at OneDrive for Business tips and tricks

Collaboration and OneDrive for Business

One of the powerful features of OneDrive for Business is the ability to share documents (and folders) with internal and external users. As you might expect, administrators have full control over sharing options (see below). But assuming it’s not turned off or restricted, you can right-click on a file or folder and click the blue cloud icon Share option or the Share option in the web interface. This lets you share a link to the file or folder with internal and external users, grant access to specific people, make it read-only or allow editing, and block the ability to download the document (they have to edit the online, shared copy).

Sharing a file

It’s a good idea to turn on external sharing notifications via email.

Once a document is shared, you can also use Co-authoring to work on the document simultaneously, both in the web-based versions of Word and Excel as well as the desktop versions of the Office apps. You can see which parts of a document another user is working on.

Sharepoint vs OneDrive

As mentioned earlier, the OneDrive for Business service is built on top of SharePoint Online infrastructure. Does this mean you have SharePoint Online by default with OneDrive for Business? No, SharePoint Online provides many more features and functionalities outside of file storage.

SharePoint Online is a behemoth product that can do many things. Traditionally, organizations have used SharePoint to create intranet and extranet websites for collaboration. SharePoint Online contains all of the features of OneDrive for Business from a file storage perspective, but many other features, such as calendaring, content management features, more robust collaboration, and dashboards, just to name a few. Still, it requires a proper SharePoint backup; read more: Why You Should be Backing up SharePoint Now.

SharePoint Online is a much more comprehensive solution for enterprise services and collaboration than OneDrive for Business, which is primarily focused on file storage.

OneDrive for Business Apps Integrations

Microsoft has a large ecosystem of third-party vendor integration across the entire ecosystem of cloud Software-as-a-Service solutions. There are OneDrive for Business apps available to integrate with OneDrive for Business. Like other cloud SaaS integrations, OneDrive for Business apps are third-party applications that extend the built-in functionality for Microsoft cloud applications.

The OneDrive for Business app integrations includes AI+Machine Learning, analytics, collaboration, commerce, compliance & legal, customer service, finance, productivity, project management, and many others. You can learn more about OneDrive for Business app integrations here: https://www.microsoft.com/en-us/microsoft-365/onedrive/apps-that-work-with-onedrive

Administration

If you’re the administrator for your Office 365/Microsoft 365 deployment, you can access the SharePoint admin center (from the main Microsoft 365 Admin center) and control sharing for both OneDrive and SharePoint. There is also a link to the OneDrive for Business admin center, where you have control over other settings, including sharing settings.

Sharing Settings in OD4B Admin Center

The main settings for you to consider here are who your users can share content with. The most permissive setting allows them to share links to documents with anyone, with no authentication required (not recommended). The next level up allows your users to invite external users to the organization. Still, they have to sign in (using the same email address that the sharing link was sent to), creating an external user in your Azure Active Directory and thus giving you some control, including the ability to apply Conditional Access to their access. 

If you are only allowed to share with existing external users, you must have another process for inviting external users. And the most restrictive is to only allow sharing with internal users, blocking external sharing. Don’t be fooled by these sliders; however, if you set this too restrictive and users need to share documents externally, they will do so using personal email, other cloud storage solutions, etc. They will just not be using OneDrive for Business sharing links, which at least allows you visibility in audit logs and reports, along with some control.

Under the advanced settings for the links, you can configure link expiry in days, prohibiting links that last “forever.” You can also limit links to be viewed only. The advanced sharing settings let you black or whitelist particular domains for sharing, preventing further sharing (an external user sharing with another external user) and letting owners see who is viewing their files.

Under Sync, you can limit syncing to domain-joined computers and block specific file types. Storage lets you limit the storage quota and set the days that OneDrive for Business content is kept after a user account is deleted. Device access lets you limit access based on IP address and set some restrictions for mobile apps. 

In contrast, the Compliance blade has links to DLP, Retention, eDiscovery, Alerts, and Auditing, all of which are generic Office 365 features. The next blade, Notifications, controls email notifications for sharing, and the last blade, Data migration, is a link to an article with tools for migrating to OneDrive for Business from on-premises storage.

If you’re considering OneDrive for Business, there are handy deployment and administration guides for administrators, both for Enterprises and Small businesses. If, on the other hand, your business is definite about keeping “stuff” on-premises, you can use OneDrive with a SharePoint server, including 2019.

Note that a recent announcement means that the OneDrive for Business admin center functionality will move into the SharePoint Online admin center, but the above functionality will stay intact, just not in a separate portal.

OneDrive for Business sync issue troubleshooting

There are times when users may experience a OneDrive for Business sync issue. The following are a few basic troubleshooting steps to troubleshoot OneDrive for Business sync problems. These include:

• Make sure OneDrive for Business is updated to the latest version on the client – You can check the version of OneDrive for Business by right-clicking the icon in the system tray.

• Reboot – Often, synchronization issues or errors can be resolved with a simple reboot of a workstation if OneDrive for Business is experiencing errors

• Resolve conflicts – If files are in conflict due to issues saving or merging the conflicts, you may need to “save a copy” to OneDrive instead of merging changes.

• Clear cached files in the Microsoft Upload Center – Clearing cached copies in the Microsoft Upload Center can help resolve issues with uploading and synchronizing.

• Stop and resync the libraries – If multiple files are in error, stopping and resyncing the libraries can be effective.

• Resolve credential issues – Incorrect user credentials can cause OneDrive for Business sync issues.

• Repair OneDrive for Business or uninstall/reinstall – If all else fails, repair or uninstall/reinstall OneDrive for Business.

Microsoft has a detailed KB on the subject of troubleshooting OneDrive for Business sync problems here.

How to disable OneDrive for Business

Some organizations may want to disable OneDrive if they use another cloud storage solution. This can help prevent end-user confusion as to where files are located. In Windows 10 & 11, the Microsoft OneDrive app is automatically installed.

However, the Microsoft OneDrive app can be totally removed from Windows 10 & 11 using the Settings > Apps & Features utility.

Uninstalling Microsoft OneDrive from a Windows 10 workstation

Once removed, the Microsoft OneDrive system tray icon and program entry will be gone without the possibility of users accessing, configuring, signing in, etc.

To properly protect your Hyper-V virtual machines, use Altaro VM Backup to backup and replicate your virtual machines securely. We work hard perpetually to give our customers confidence in their Hyper-V backup strategy.

To keep up to date with the latest Hyper-V best practices, become a member of the Hyper-V DOJO now (it’s free).

Conclusion

There’s no doubt that cloud storage is a cornerstone of successful digital transformation, and if you’re already using Office 365, OneDrive for Business is definitely the best option.

The post Why You Should Use OneDrive for Business appeared first on Altaro DOJO | Microsoft 365.

In this post, we will look at the differences between the standalone version of Office 2019 and Office bundled with Office 365, what the main differences are, and how to choose between these versions.

Microsoft Office is a bundle of products that include the very familiar Outlook, Word, Excel, and PowerPoint. However, the edition of Office and the available features within those apps can change dramatically based on its origin and the installer used. For the sake of clarity, I’ll be writing about these as either the Office 365 edition recently renamed – more on this below – or the Office 2019 edition.

Office 365 Pro Plus Renamed

On April 21, 2020, Microsoft renamed Office 365 for SMB to Microsoft 365. Microsoft also renamed the online version of Office, which is bundled with certain SKUs of this service, from Office 365 Pro Plus to Microsoft 365 Apps. Office 365 Pro Plus is now known as Microsoft 365 Apps for Enterprise or Microsoft 365 Apps for Business.

For the sake of this article, I want to point out that irrespective of the Microsoft 365 Apps edition, i.e. “for enterprise” or “for business”, this version of Office is also known as the “click to run” version of Office containing the Office applications Outlook, Word, Excel, PowerPoint, and others. For the rest of this article, I’ll refer to it as Microsoft 365 Apps while reminding you of the old name to keep confusion to a minimum.

What’s in a Name?

Office 365 Pro Plus and Office 2019 sound similar, which means confusing the two is quite easy. Microsoft 365 Apps and Office 2019 sound less similar and allow us to easily differentiate between the two Office editions. Both can be downloaded and installed on a user’s PC or Mac. However, the installer, which is bundled with each of these versions is massively different. Microsoft 365 Apps is installed using Click-to-Run technology, while Office 2019 is installed using Windows Installer technology (MSI).

Each installer has a different way of handling versions of Office. MSI versions of Office have major versions such as Office 2013, Office 2016 and Office 2019 and are licensed using Volume Licensing and are perpetual licenses. Perpetual licensing means once you’ve licensed, for example, Office 2013, you own it forever and receive security patches and updates for that version of Office, specifically Office 2013 until its support lifecycle ends. That also means you do not automatically qualify for a newer version of Office when it is released. Office 2016 and the current version of Office 2019 need to be bought as new versions.

You may decide that since the installers are different, you install both types of Office on the same machine. Assuming you still own and have Office 2013 installed and try to install the Click-to-Run version of Office on the same machine, you will encounter the following error and will have to uninstall the MSI version of Office first before continuing.

When installing the MSI version of Office, currently versioned as Office 2019, you will need to wait for the installer to finish before accessing one of the bundled applications like Word.

Click-to-Run, which delivers the Microsoft 365 Apps versions of Word, Excel, PowerPoint, and others, is dramatically different, as it utilizes both streaming and virtualization technology built into modern Windows versions. Streaming implies that as Microsoft 365 Apps is being downloaded, a component like Word may be used before the entire Microsoft 365 Apps bundle has finished downloading.

This way of delivering Office was first introduced in 2010 with the version of Office bundled available with Office 365 and allows users to start using Office components from the time the installer launches. The implication is that users are able to work within Office applications before they are finished downloading, as soon as the installer starts executing, compared to the MSI version of Office which needs to finish downloading and installing before any of the Office apps are available.

Are Microsoft Office 2019 and Microsoft 365 Apps the Same?

Earlier, we noted that Office 2019 and previous versions are perpetually licensed, which means we have to buy the newer versions of Office as they appear if we want the new features that are bundled with those versions of Office.

The Click-to-Run version of Office, i.e. Microsoft 365 Apps, is completely different. Microsoft 365 Apps and its predecessor, Office 365 Pro Plus, are subscription versions of Office, meaning you pay for it monthly. Since its installer method is so dramatically different, it’s able to continually update from an online or administrator-provided source. While there are “version numbers” aligned with release years, the new version of Office stays the same. It identifies as Microsoft 365 Apps, which is visible in the Product Information section, similar to the below image.

This means that Office 2019 is “locked” in terms of available features while Microsoft 365 Apps updates regularly, and new features appear.

What is the Support Lifecycle for Office 2019?

Office 2019 is the current on-premises version of Office. You may be wondering what operating systems are supported since Microsoft, over the years, has been relatively generous by supporting a range of versions of Windows. The Office 2019 Home & Student and Office 2019 Home & Business editions require Windows 10 if you wish to run it on a PC. If you’re looking for MacOS support, you’ll find it, since MacOS is explicitly supported, however only on the two most recent versions of MacOS.

Furthermore, Windows 10 support is restricted to any supported Windows 10 Semi-Annual Channel or Windows 10 Enterprise Long-term Servicing Channel (LTSC).

If you require virtual desktop support to serve your users via Remote Desktop Services, you require a Windows Server operating system. In this case, only Windows Server 2019 is explicitly supported.

The support lifecycle for Windows and Mac versions is slightly different. Both Windows and Mac editions start on the 24th of September 2018, as illustrated below, however, note that Windows support ends on the 14th of October 2025, while Mac support ends two years beforehand in 2023.

What is the Support Lifecycle for Microsoft 365 Apps?

Remember that Microsoft 365 Apps is the Office 365 edition and is the cloud-enabled version of Office. The supporting statement for this version of Office is completely different from the on-premises version of Office, i.e. Office 2019. Microsoft defines the support statement for Microsoft 365 Apps in a document called a Modern Lifecycle Policy, which basically requires customers to stay up to date all the time in order to be supported. 

However, in this case, Windows support extends all the way back to Windows 7, ending in January 2020, while Windows Server support extends to Windows Server 2008 R2, also ending in January 2020.

We can see that the different versions of Office Pro Plus, including 2010, 2013, 2016, 2019, and the newly branded Microsoft 365 Apps, are all explicitly called out and have a much wider-ranging support position than the on-premises version of Office 2019.

Are Microsoft Office and Office 365 (Microsoft 365 Apps) the same? Assuming we only want to license Office with no other bundling, we notice that licensing and costs differ between the perpetual version, Office 2019, and the online version Microsoft.

Remember that Office 2019 is licensed perpetually, i.e. we purchase it at a single point in time and own it from that point onwards. An online purchase of Office will cost us a one-time amount of $249.99.

Let’s browse to Microsoft.com > Office > Buy now, and note the two options, for Home and For business. Notice that in this yearly model, we get a ton of value from a yearly subscription and much less from a one-time purchase. The subscription models automatically bundle both OneDrive storage and Skype calling credit.

Moving onto the For Business tab shows a radically different value proposition based on pure subscription options only. Note that it’s very difficult to compare the value gained from the subscription options to the one-time purchase of Office 2019 since so many of the bundles implicitly include cloud services that are integrated into the Office proposition.

Integration With Other Microsoft Services

Integrating office suites and other services in an ecosystem plays a pivotal role in choosing the right license. You, as an IT Admin or a user, may be particularly interested in how Office 2019 and Microsoft 365 Apps integrate with other Microsoft services like Microsoft Teams, SharePoint, and OneDrive. These integrations significantly affect productivity, collaboration, and file management. Let’s dive into how each Office version engages with these services.

Integration Capabilities of Office 2019

Office 2019, as a standalone product, offers robust functionalities in its core applications – Word, Excel, PowerPoint, etc. However, when it comes to integration with other Microsoft services like Teams, SharePoint, and OneDrive, its capabilities are somewhat limited.

• Microsoft Teams and SharePoint: Office 2019 provides basic interoperability with Teams and SharePoint. You can open and edit documents stored in SharePoint directly from your Office 2019 applications. However, the collaboration features are not as seamless as in Microsoft 365 Apps. For instance, real-time co-authoring, a highly lauded feature in Teams and SharePoint, is not natively supported in Office 2019. This means you may face challenges when multiple users need to work on a document simultaneously. 
• OneDrive: Integration with OneDrive in Office 2019 is straightforward. You can save your documents directly to OneDrive and access them from anywhere. Yet, the synchronization features are not as advanced as in Microsoft 365 Apps. Automatic saving and real-time syncing across devices are more limited, which might be a critical factor if you heavily rely on cloud storage for your work. In essence, while Office 2019 interacts with Microsoft Teams, SharePoint, and OneDrive, it doesn’t leverage the full potential of these platforms, especially in terms of real-time collaboration and advanced cloud functionalities.
• Other Microsoft Products: The integration of Office 2019 with other Microsoft products like Dynamics 365, Power BI, or Azure services is primarily manual. This version works well with other products but does not offer the smooth, automated integrations and data exchange capabilities seen in Microsoft 365 Apps. For businesses relying heavily on a broad range of Microsoft products, this might limit the efficiency and automation benefits that come with a more interconnected ecosystem.

Integration Capabilities of Microsoft 365

Microsoft 365 Apps, on the other hand, takes integration with Microsoft services to a whole new level, primarily due to its cloud-based nature.

• Microsoft Teams: Integration with Microsoft Teams in Microsoft 365 Apps is a game-changer. You can access, share, and co-author documents stored in Teams directly from your Office applications. This seamless integration facilitates real-time collaboration, making it easier for teams to work together irrespective of their physical location. Microsoft Teams also integrates deeply with Outlook, allowing for efficient meeting scheduling and management directly from your inbox. 
• SharePoint: Microsoft 365 Apps and SharePoint are a perfect match for collaborative work environments. You get the full benefit of SharePoint’s document management capabilities combined with the advanced features of Microsoft 365 Apps. Features like real-time co-authoring, where multiple users can edit a document simultaneously, are fully supported. Additionally, SharePoint’s robust version control and document management features are tightly integrated, ensuring that document handling is both efficient and secure. 
• OneDrive: When it comes to OneDrive, Microsoft 365 Apps utilizes its cloud storage capabilities to the fullest. Documents saved in OneDrive are automatically synced across all your devices. The AutoSave feature is particularly useful in ensuring that all changes are immediately saved online, reducing the risk of data loss. This integration is not just about saving files; it’s about accessing your work from anywhere, on any device, and knowing that your data is always up to date.
• Other Microsoft Products: Microsoft 365 Apps is designed to work seamlessly with the broader Microsoft ecosystem. Whether it’s pulling data from Dynamics 365 into Excel, integrating Power BI for advanced analytics, or leveraging Azure’s AI capabilities for predictive typing in Word, Microsoft 365 Apps make it easier and more efficient. The cloud-based nature of Microsoft 365 Apps means that it’s continually updated to support the latest integrations and features offered by Microsoft’s ever-evolving product suite.

How Much Does Office 2019 Cost?

The cost of Office 2019 then is pretty simple to predict, either $249.99 for Home and Business as a once-off purchase or 149.99 for the Office Home & Student edition. Note that both are perpetual licenses that may be installed on a single Windows PC or Apple Mac. You’ll also notice that no cloud services are bundled with Office 2019, as illustrated in the screenshot below.

It’s easy to notice the stark contrast of what is and is not included in the bundle and how often you’re able to install it compared to the generous installation options presented by Microsoft 365 Apps.

Lastly, Microsoft is very explicit about the differences between Microsoft 365 and Office 2019. It’s worth calling out the bundled cloud and support options for Microsoft 365, and the reminder that Office 2019 cannot be upgraded to the next major release.

Which Version of Office is Better?

Due to the installation methods, it’s easy to think of the MSI versions of Office as the on-premises and the Click-to-Run version as the online version. However, beyond installation methods, the online version of Office is able to perform functions using Microsoft AI and other technologies, which the MSI version of Office simply isn’t enabled to do. 

This is by design, as customers using on-premises versions of Microsoft Exchange 2019 and Microsoft SharePoint 2019 would use Microsoft Office 2019, i.e. the MSI version. Those customers are primarily concerned with stability instead of features and often don’t allow many online services to be consumed due to security or regulatory restrictions.

Microsoft 365 Apps, or the Click-to-Run version of Office, bundles other applications like Microsoft Teams, Stream, and Planner as part of its bundle. These applications, along with the core set of Office applications such as Word, Excel, and PowerPoint, have features enabled by Microsoft cloud services and Microsoft AI services and do not function without connectivity. Some office applications, such as Stream, do not install anything on your users’ machines, while other applications, like Microsoft To-Do, offer an application but do not store data on your machine.

Does Office 365 Automatically include Microsoft 365 Apps?

Office 365 is available in several editions, including Home, SMB, Enterprise, Government, and Education. Each of these editions is broken up into further SKUs. For now, I’ll discuss Enterprise, Education, and Government.

Office 365 for SMB

• Microsoft 365 Business Basic
• Microsoft 365 Business Standard – Included

Office 365 for Enterprise

• Office 365 E1
• Office 365 E3 – Included
• Office 365 E5 – Included

Office 365 for Education

• Office 365 A1
• Office 365 A3 – Included
• Office 365 A5 – Included

Office 365 for Government

• Office 365 G1
• Office 365 G3 – Included
• Office 365 G5- Included

The E1, A1, and G1 SKUs offer online-only versions of Microsoft 365 Apps. However, all other versions include the downloadable version of Microsoft 365 Apps. The licensing of these apps is very different compared to the on-premises versions of Office, as it allows Office desktop apps (Word, Excel, PowerPoint, OneNote, Access) to be installed on up to 5 PCs or Macs, as well as 5 tablets, as well as 5 smartphones per user. Note that the licensing is linked to the user so that each user is able to install Office Applications on multiple devices linked to that user’s licensing.

How do I Choose Between Office 2019 and Microsoft 365 Apps?

It’s fair to say that Office 2019 and Microsoft 365 Apps (previously Office 365 Pro Plus) are both versions of Office. However, we need to remember the distinction between the two.

Office 2019

Office 2019 is the on-premises version of Office with a very defined support model, which will end as documented earlier in this article. The features of Office 2019 are set – you get what’s in the package and nothing else. The upside is that you pay for it once, and you own it, however, if a new version of Office is released, you need to pay for the new version. Also note that Office 365 platform features like Microsoft Teams are not included and require you to change the edition of Office to take advantage of this feature, depending on how your Office 365 is licensed or purchased.

Microsoft 365 Apps

Microsoft 365 Apps (previously Office Pro Plus) is the cloud-enabled version of Office. This edition has no end to its support date if you’re on a supported version of Windows 10 or macOS. The feature set and application list are impressive compared to the on-premises version, as many online-enabled applications like Teams, Stream, and Forms, as well as cloud-enabled features like AI proposing PowerPoint slide layouts or automatic language translation during presentations, are added as the Office 365 platform matures. The Office 365 roadmap documents what features are in development and when they are expected to be released so that customers can stay informed on what they can expect and when.

The cost of Microsoft 365 Apps ranges from a standalone monthly cost for the applications themselves to being part of a larger bundle for business, enterprise, education or government. For most businesses, these will simply be bundled in as part of the cost of the overall productivity solution.

How do I Choose the Right Version?

If you are staying on-premises for a few more years and looking for a predictable once of CapEx cost (pay once) for Office, or are not invested in the Microsoft online ecosystem, Office 2019 as a standalone purchase may make sense. However, if you are looking for a current feature set within Office that is constantly updated and enabled by cloud services, then an OpEx cost (pay monthly or yearly) for Microsoft 365 Apps may make complete sense.

The post Office 365 vs Office 2019: Pros and Cons for IT Admins appeared first on Altaro DOJO | Microsoft 365.

Microsoft just made sweeping changes to the Office 365 ecosystem, both for personal subscriptions (Office 365 Personal and Home) and Office 365 for Business, sunsetting the Office 365 brand and replacing it with Microsoft 365. This was put in place as of April 21, 2020.

This article will look at what these changes mean, explore the differences between Office 365, Microsoft 365, and Office 2019 and the subscription model underlying these offerings as well as make some predictions for the enterprise services that are still under the Office 365 name.

Office 365 Home and Personal

Let’s start with the home and family subscriptions. Over 500 million people use the free, web-based versions of Word, Excel, Skype, and OneDrive to collaborate and connect. Then there are 38 million people who have subscribed to Office 365 Home or Office 365 Personal. Both provide the desktop Office suite (Word, Excel, etc.) for Windows and Mac, matching applications for iOS and Android, and 1 TB of OneDrive space. These two plans are changing names to Microsoft 365 Personal ($6.99 per month) and Microsoft 365 Family ($9.99 per month) respectively. 

Personal is for a single user, whereas Family works with up to six people (and yes, they each get 1 TB of OneDrive storage for a maximum of 6TB). Otherwise, they’re identical and provide advanced spelling, grammar, and style assistance in Microsoft Editor (see below), AI-powered suggestions for design in PowerPoint, coaching when you rehearse a PowerPoint presentation, and the new Money in Excel (see below). Each user also gets 50 GB of email storage in Outlook, the ability to add a custom email domain, and 60 minutes’ worth of Skype calls to mobiles and landlines.

Picking a plan for home use is easy

Microsoft Editor is Microsoft’s answer to Grammarly and is available in Word on the web, and the desktop Word version, along with Outlook.com as well as an Edge or Chrome extension. It supports more than 20 languages and uses AI to help you with the spelling, grammar, and style of your writing. The basic version is available to anyone, but the advanced features are unlocked with a Personal or Family subscription. These include suggestions for how to write something more clearly (just highlight your original sentence), plagiarism checking and the ability to easily insert citations and suggestions for improving conciseness and inclusiveness.

Settings for the Microsoft Editor browser extension

Outlook on the web will let you add personal calendars, not only marrying your work and home life but also providing clarity for others seeking to find appointment times with you – of course, they won’t see what’s penned in your calendars, only when you’re unavailable. Play My Emails allows Cortana to read your emails while you’re on the go. The Teams mobile app is being beefed up for use in your personal life as well. Finally, Microsoft Family Safety helps parents protect their children when they explore and play games on their devices (Xbox, Android, and iOS).

Office 365 Home or Personal recently changed its name to Microsoft 365 Family or Personal. Keep in mind that nothing else has changed. Also, these changes don’t apply to perpetual licenses, such as Office 2019, which is Word, Excel, etc., that you can purchase (not subscribe to). Office 2019 doesn’t provide any cloud-powered, AI-based features, nor gets the monthly feature updates its Office 365 cousin enjoys.

Microsoft 365 Business Basic, Apps, Standard and Premium

Of more interest to readers of Hornetsecurity’s blogs are probably the changes to the Office 365 SMB plans (that top out at 300 users). As a quick summary (for a more in-depth look at Office & Microsoft 365, here’s a free eBook from Hornetsecurity), Microsoft 365 Business Basic (formerly known as Office 365 Business Essentials at $5 per user per month) gives each user an Exchange mailbox, Teams, and SharePoint access, the web browser versions of Word, Excel, etc. and 1TB of OneDrive storage.

Microsoft 365 Apps for Business (old name Office 365 Business, $8.25 per user per month) provides the desktop version of Office for Windows, Mac, Android, and iOS devices and 1TB of OneDrive storage.

Microsoft 365 Business Standard (prior name Office 365 Business Premium, which is a name change that won’t confuse anyone, weighs in at $12.50 per user per month) gives you both the desktop and web versions of Office.

Finally, Microsoft 365 Business Premium (formerly known as Microsoft 365 Business, again not confusing at all, at $20 per user per month) gives you everything in Standard, plus Office 365 Advanced Threat Protection, Intune based Mobile Device Management (MDM) features, Online Archiving in Exchange, and much more.

Microsoft 365 Management Portal

In a separate announcement, Microsoft is bringing the full power of AAD Premium P1 for free to Microsoft 365 Business Premium. This will give SMBs cost-effective access to Cloud App Discovery, which provides insight and protection for users in the modern world of cloud services, including discovering which applications your staff are using. It’ll also bring Application Proxy to be able to publish on-premises applications to remote workers easily and securely, dynamic groups make it easier to make sure staff are in the right groups for their role, and password-less authentication using Windows Hello for Business, FIDO 2 security keys and Microsoft’s free authenticator app.

Note that none of the Enterprise flavors of Office 365, E1, E3, and E5, F1 for first-line workers, the A1, A3, and A5 for education, nor the G1, G3, and G5 varieties for government organizations are changing at this time. My prediction is that this will change and before long, all of these will be moved to the unifying Microsoft brand.

Philosophically, a few things are going on here. As a consultant who both sells and supports Office / Microsoft 365 to businesses, as well as a trainer who teaches people about the services, there’s always been a pretty clear line between the two. Office 365 gives you the Office applications, email, and document storage. If you wanted mobile device management (Intune), advanced security features (Azure Active Directory, AAD), Windows 10 Enterprise, and Information Protection, you went for Microsoft 365. These features are all available under the moniker Enterprise Mobility + Security (EMS), so essentially, Microsoft 365 was Office 365 + EMS.

Adding Microsoft 365 licenses

The line is now blurred, making it even more difficult to ensure that small and medium businesses pick the right plans for their needs. Remember, though, that you can mix and match the different flavors in business. Just because some users need Microsoft 365 Business Premium doesn’t mean that other roles in your business can’t work well with just Microsoft 365 Business Basic.

And this isn’t a surprise move; even Office 365 administrators have been using the Microsoft 365 management portal for quite some time. Here’s a screenshot of the old, retired Office 365 portal.

Office 365 Admin Center

More broadly, though, I think the brand changes are signaling that Office 365 is “growing up,” and using the same name across the home user stack as well as the SMB stack (with the Enterprise SKUs to follow) provides a more homogenous offering.

Just as with the name changes to the personal plans, there’s nothing for IT administrators to do at this stage. The plans will seamlessly change names, but all functionality remains the same (including the lack of long-term Office 365 backup, something that Hornetsecurity has a remedy for).

The post R.I.P. Office 365, Long Live Microsoft 365 appeared first on Altaro DOJO | Microsoft 365.