How to use Service Assurance in Office365

How to use Service Assurance in Office365

One of the challenges concerning those implementing Service Delivery with Office365, is building proof that Office365 complies with regulatory standards and legislation. Service Assurance in Office365 is a primary goal, and if it vital that you understand how Office365 protects your data, especially since Office365 concerns email access, team communication, collaboration, content storage and specifically content viewed and edited in a browser. Service Delivery includes Service assurance, which is an organisational primary goal, and is directly aligned to the C/I/A triad (Confidentiality, Integrity and Availability), being key aspects of information security.

Office365 contains a Service Assurance area which allows Administrators to setup and provide resources to carry out risk assessments and audits, and includes a wealth of reports covering security, and the relevant legislation and standards that Office365 adheres to. I wrote an article for TechNet Blogs which gives a great overview on how to use Office365 Service Assurance (within the Security and Compliance section) here, go check it out!

Microsoft SOC and ISO Audit Reports Available

Microsoft SOC and ISO Audit Reports Available

One of the most useful documents in my view in planning implementations of Office365 is understanding data encryption and data backup and the standards applied. Microsoft have provided audit reports covering their cloud stack (Dynamics CRM, Office365, Yammer and Azure). These SOC and ISO reports include testing and trust principles in these areas:

  • Data Transmission and Encryption
  • Security Development Lifecycle
  • Data Replication and Data Backup

To access these reports, you will need to access the Security and Compliance area in your Office365 tenant.

As said, these cover the Microsoft Cloud Stack, however, the two key documents for Office365 are:

Office 365 ISO 27001-ISO 27018-ISO 27017 – this is an audit document confirming whether Office365 fulfils the standards and criteria against ISO 27001, 27018 and 27017.

Key points:

  • PII is included in Office365 because it is run over Public Cloud for multi-tenant customers.
  • Cloud Security is included in Office365 because it is defined as a SaaS (Software as a Service)
  • All encryption adheres to TLS requirements and hashing (specific)

Office 365 SOC 2 AT 101 Audit Report 2016 – this is an audit document looking at the controls relevant to Security, Availability, Confidentiality and Processing Integrity.

Key points:

  • Details on the services concerning planning, performance, SLAs, hiring process (including background checks of staff) are provided.
  • Control Monitoring, Access and Identify Management, Data Transmission (encryption between Microsoft, Client and data centres) are described.
  • Project requirements through to Final Approval concerning the SDLC process is described
  • Availability, Data Replication and Backup is covered.

Summary

The above SOC and ISO are extremely useful in aiding any risk assessment that you should take to confirm the service assurance of Office365 going forward. Risk assessments are not a ‘one shot’ task. They should be carried out on an annual basis. The Office365 service is a rich offering of Infrastructure, Software, People, Procedures and Data. Each requires security controls and confirmation that they meet standards which can be dovetailed into your organisation. The audits go into great detail concerning the controls (especially things like Data in Transit / Rest – SSL / TLS). A lot of questions is asked by customers concerning security controls – the video below is a good method of getting you to understand (and your clients) how Microsoft ensures proactive protection, and you should definitely check out the Microsoft Trust Centre for great information concerning encryption.

Learn SharePoint and Office365 Cloud-Connected Hybrid Scenarios

Learn SharePoint and Office365 Cloud-Connected Hybrid Scenarios

Learn to make the most of Office 365 innovation by bringing cloud innovation to your on-premises SharePoint infrastructure. Why? Cloud computing has become a popular and successful computing model that enables organizations to reduce their capital and operational expenditures, renew IT innovation, and gain the advantage of more rapid software delivery to meet their business needs. The session below allows you to get get a detailed overview of the latest innovation in cloud-connected hybrid scenarios, along with a look at the capabilities and features in the hybrid SharePoint and Office 365 roadmap.

 

Port, Pies and SharePoint Support

Port, Pies and SharePoint Support

Merry Christmas Everyone!

As the seasonal period quickly approaches, the discussions concerning what happens to supporting SharePoint over the holiday either approaches, or has been covered, or even assumed.  The Christmas period is of course where your SharePoint sponsors are more likely to show a little more concern than normal about how their SharePoint platforms are going to be monitored over the period.

So then, lets remind ourselves of the holiday period in question – basically, the days that will relate to anyone, is the week of Christmas starting from the 23rd through to the 28th. There are two days pretty much important to us guys in the UK over the seasonal period, especially in Scotland – Christmas Day and New Years day. Then there is Boxing day when it’s likely that you would be relaxing in front of the telly, or sledging, or skiing – using that day to wind down after the Christmas day madness. Then there’s the two days after boxing day, the 26th and the 27th, where relaxation, relief and playing with the various presents, and getting stuck in to food 🙂

So that means that over the period you are likely to do over those two days, probably a combination of one or more of the following not be in the Office, switch off the mobile, inform people you are not available?

So chances are, that on the days in question, you will be chilling out, and possibly even like me having a choice Mince pie, a Glass of port (or more – like Rum)…

But this is not about what you will be doing over those periods away from the office. It is about how you are going to support SharePoint, isn’t it?

First, let’s consider the available types of support:

  • On Premise SharePoint Support / IT Support combined / Outsourced
  • Off-Premise Office 365 Microsoft provisioned Support
  • Third party product support
  1. Throwing caution to the wind

    My dad once said to me when I was a lot younger that in order for Santa Claus to know what present I would like, that I should write a letter, and throw it into the wind when it was blowing north, so that the letter would reach the north pole.

    Of course, by doing that I eventually realized that the letter would not get there, unless my dad without me seeing ran like the clappers to retrieve the letter once I threw it out of the window.

    Clearly, I was throwing caution to the wind, assuming things would happen – luckily for me, most of the times when I did throw that letter, things would work out – but only because there was a contingency – my dad, running like the clappers.

    This relates in a way to the lack of responsibility those charged with SharePoint management judge the level of the support needed to ensure the availability of SharePoint services over an important period, like Christmas! There is not enough preparation carried out preceding the Christmas period by some organizations, to ensure that there is adequate coverage of SharePoint support. In some organizations, instead, there is a laissez faire approach, by simply throwing caution to the wind. Or, worse still, their IT support departments will not think to include SharePoint as system that should be monitored, and instead not including those with basic knowledge of SharePoint on the support desk.

    Take this real scenario which happened a while back. Fictional company used though, however, if their now SharePoint support individuals are reading this article, they will definitely remember this event!

    Five days leading up to Christmas day. Fabrikam has an IT Support department, and a number of individuals who are tasked solely with looking after SharePoint, called ‘SharePoint Admins’.  These SharePoint Admins look after the platform solely, there are no monitoring systems in place except for the server monitoring systems (alarm bells ringing already – no pun intended). A member of IT Support asks what the SharePoint Administrators will be doing on Christmas day.

    “We won’t be around, that’s for sure…” … “SharePoint looks after itself” – pipped the SharePoint Administrators. “We will just take a peek at midday to make sure all is well”.

    IT Support reports this discussion to the IT Support Manager. The IT Support Manager waves his arm saying ‘that’s not a problem, we have IT Support people on the desk who know a little of SharePoint, nothing can really go wrong’.

    Over the next 4 days, no more is mentioned as the company ‘winds down’. On the 23rd of December, the CEO puts a Christmas message to the communication team who then puts the message in an announcement list on the Fabrikam SharePoint Extranet.

    Christmas Day. At 9.30am that day, the CEO of the company, with his family in the Seychelles, decides to show a friend the message that was put on the SharePoint Portal on the 23rd. When attempting to display the announcement, the web page displays an error. Concerned, he raises a call into IT Support. IT Support try to get hold of the SharePoint Administrator, who has switched off his mobile because he is at the top of the hill where he lives, sledging. The CEO asks whether there is anyone else who can help, but IT Support have no knowledge of anyone and neither do they have any other contact number for the SharePoint Administrator.

    The SharePoint Administrator calls in at midday to find chaos. The CEO is fuming because he has no idea whether anyone saw the announcement, and even if they tried saw the error which was embarrassing. IT Support have stated to the CEO that they do not know how to fix the problem, which is embarrassing. And, guess what, the SharePoint Administrator, who fixes the issue in minutes finds that the rest of his day is spent building confidence with the CEO and IT Support – he is embarrassed.

    That SharePoint Admin threw caution to the wind. And in doing so, assumed the following:

    1: No one will care whether SharePoint is available or not

    2: The SharePoint Admins does not care whether SharePoint is available or not

    3: The SharePoint Admins assumed that the problem will ‘fix itself’

    4: The SharePoint Admins assumed that they will eventually be told or will find out themselves that there is a problem, and that no one will moan when they do, or how long it takes to correct the problem.

    5: That if a problem occurs where SharePoint is not available that there is no financial impact or otherwise

  2. Preparing for Christmas

    You must prepare your SharePoint environment to be supported over the Christmas period. This is just like preparing for Christmas itself. Doing things like putting up a Christmas tree, carefully putting up decorations without falling off ladders, writing Christmas cards, posting them, wrapping presents (carefully) without getting the sellotape stuck on the wrong part of the wrapping paper and making a mess. You put effort into doing all of that because you want to make others comfortable and yourself prepared. Therefore, there is no difference when it comes to SharePoint support.

    There are a nine things you could put in place, so that you can ensure that SharePoint is supported over the Christmas period:

    1. Make it clear the days when there will be SharePoint cover over the period. When on holiday, for example, ensure that there are phone contacts and that is communicated to IT Support and your SharePoint sponsor.
    2. Ensure that the contact details have a backup. One number is not enough. Consider adding on the home phone number or the number of the place you will be staying / visiting on the key days. Reasons for this could be bad mobile coverage, or you could be travelling
    3. Ensure that there is a remote method of you accessing the SharePoint environment. Most organisations using on-premise SharePoint have a method whereby individuals can log in over the Internet using say a Citrix / VPN / Xen Desktop etc. connection.
    4. Ensure that a member of the IT Support team is aware of any resolutions that can be used for ‘possible issues’. For example, one issue could be that in order to quickly reset an application pool for a SharePoint site to go into IIS on a relevant server, etc.
    5. Ensure that there is a list of the infrastructure, and details of any specific login information.
    6. Based on point (3) above, try to log into the SharePoint environment at least once a day to quickly check the status of the environment.
    7. Ensure that relevant third party information concerning their levels of support is listed and the details made known to IT Support.
    8. Provision monitoring systems for IT support which includes the status of key services to the SharePoint platform (on-premise).
    9. Provision monitoring services which includes the status of services for Office 365 Tenants
  3. On-Premise and Off-Premise Support are that different

    At a very basic level, the provision of support for SharePoint over a Christmas could be divided two segments – the SharePoint ‘supporter’ – the associated services ‘supporter’.

    For on-premise SharePoint, the levels of support are:

    1: The SharePoint ‘supporter’. The person(s) responsible for managing the products provided in SharePoint services.

    2: The Associated services ‘supporter’. The person(s) responsible for providing support for the infrastructure and associated services.

    The interesting aspect of Off-Premise (e.g. Office 365) Support is that there is in effect, also two levels:

    1: The SharePoint ‘supporter’. The person(s) responsible for managing the products provided in the Office 365 tenant – e.g. SharePoint Team Sites and relevant products in those sites.

    2: The Associated services ‘supporter’. The person(s) responsible for providing support for the Office 365 tenant.

    Both of these, on-premise and Office 365 have monitoring tools. Both have the priorities and service delivery of support defined to SLAs, which is communicated to the person responsible for managing the products provided. This information is then cascaded in an understandable form to the client.

    There is a huge amount of monitoring tools available to on-premise SharePoint support (default and third party provisioned), which I will not go into (and there are a huge number of articles that describe them). SharePoint Online now has a good amount of services and tools for monitoring. The Office 365 Admin app for which allows those responsible for supporting Office 365 to connect to their organization’s Office 365 service status on the go. The app enables them to view service health information and maintenance status updates from their mobile device. You can also filter information by service subscriptions and configure app data refresh intervals.

    To get the app, go here:

    https://www.microsoft.com/en-us/store/apps/office-365-admin/9wzdncrdtbmj

    Office 365 also has the Office Message Centre. The Message Centre is located in the Microsoft Online Portal. The Message Centre is the central hub for communicating with you about Office 365. And in there you will find the topics including those in the Admin Task Newsletter, messages on new feature releases, and other important information. The Office Message Centre also links with the Office365 Admin app, so you can have messages concerning the state of services sent direct to your mobile device.

    More information about the Office Message Centre: http://blogs.office.com/b/office365tech/default.aspx

    There are also methods of logging transactional data through code. Microsoft is releasing the Office 365 Management Activity API which allows visibility of all user and admin transactions within Office365 covering activity logs. These logs would include information like tenant, service, action, object, user location, IP Address and more.

    More information about the Office 365 Management Activity API: https://blogs.office.com/2015/04/21/announcing-the-new-office-365-management-activity-api-for-security-and-compliance-monitoring/

    Additionally, for those who have access to Microsoft System Centre Operations Manager, there are of course services available to monitor SharePoint on-premise, and to monitor Office 365. For those who have not done this before, or need to get further information, I wrote a blog ‘Office 365 Monitoring using System Centre Operations Manager’ located here:

    http://blogs.msdn.com/b/mvpawardprogram/archive/2015/07/08/office365-monitoring-using-system-centre-operations-manager.aspx

  4. Conclusion

    I hope by reading this article you have understood the importance of providing adequate and understandable SharePoint support over the Christmas period. The ability for you as a SharePoint ‘supporter’ to be forewarned of issues so that at the very least clients can be informed is vital. For on-premise, the ability to be contacted, or the ability provided to IT support to be able to deal with common issues, provides a service which in the eyes of the SharePoint sponsor is ‘good’. So I do hope that you are able to take points from this article and apply them to your SharePoint support cover proposals….

    I’d like to finish up by wishing you and yours a wonderful holiday season!

Support and Recovery Assistant for Office365 available

Support and Recovery Assistant for Office365 available

Microsoft has released a tool, called SARA, that can help diagnose issues with Office 365. Currently, its configured to help setting up Outlook with Office365.

SARA is the Support and Recovery Assistant for Office365, and can help diagnose issues from you entering the Office365 account, and then using the Support topic options to get help with. SARA is an on-demand application, so it only needs to be used when there is a problem indicated. Of course, access to the Office365 tenant will be required to use this tool! Its early days for SARA as I write this quick blog,, but, I guess it would be useful to keep an eye on this tool, as Microsoft continues to upgrade it to help support issues with other products in the Office365 suite.

Check the below video for more information, and download link is below the video.

 

To download the tool, go here: https://support.microsoft.com/en-us/kb/3063137
Office 365 Public Roadmap is a key service delivery tool

Office 365 Public Roadmap is a key service delivery tool

Being an Office 365 administrator is challenging. Simply being on top of the changes in Office365 would be difficult in the extreme, simply because you may need to feed into more than one client, and trying to pass information directly to them in their form may be challenging. The key focus of service delivery is repeatability; the attempt to apply one solution for all as a generic standpoint. One of the key tools for Office 365 is the Public Roadmap, which I use to show clients and customers what is happening in the world of Office 365 and how quickly the information can be obtained.

(more…)

Office 365 Customer Success Centre Available

Office 365 Customer Success Centre Available

When delivering an Office 365 service, you will need to ensure that the customer has access to resources to help them understand and get up to speed. As seen with SharePoint ‘getting the users on-board’, there is always a danger of ‘recreating’ adoption content, simply because information is non-centralised – that also means having to spend time gathering and crafting that content so that it is visually appealing (for example)..

(more…)

Port, Pies and SharePoint Support

Office 365 Support Information Available

For anyone working with software systems will know that there is nothing on the planet that is so completely frustrating, as a solution that does not work. Downtime leads to increased overhead costs, lost productivity, lost customer satisfaction and lost revenue. This hits business users of course, but also those who are there to support the business.
Small business users are especially hit by this since they are completely dependent upon the technology. Take into consideration therefore that if businesses do not understand the provisions of support for a cloud service that they will particularly suffer, especially since they will not, in the main have direct access to IT staff to aid them.
Office 365 carries with it solutions (SharePoint, Lync, Mail, Yammer, Office) within a significant number of feature such as Identity, Exchange, Rights Management, etc. Just think of what a small business will need to go through to start to raise a call concerning an issue if there is a problem with one or more of those solutions. And those with internal IT teams to help will fair no better. Having an IT team to turn to, without understanding that self service is available, that tools, troubleshooting techniques, videos, forums that are available, does not warrant a successful support structure. Additionally, the support level in Office 365 needs to marry with expectations from the client. You can only do that by understanding the provision of support provided.
So, here’s a call to action. For those utilising Office 365, or even providing Office365 to clients, I would strongly suggest that the following article is read and understood. And, before you start saying ‘this will not apply to me because I am using SharePoint 2013 on-prem, and I might be using an Office 365 tenant’ – it does!

The article describes:

  •  Community and self-service support options – describes the various resources that can be used to provide self-help.
  •  Pre-sales support – describes the various assistance provisions for understanding features, benefits, plan comparisons, pricing, licensing, etc.
  •  Billing and subscription management support – describes the kind of assistance for signing up, renewing subscriptions, paying bills, etc.
  •  Technical Support – describes what areas of support will be covered and how.
  •  Shared Support Responsibilities – very important for those who will need multiple roles in their Office 365 administration and support management scenarios.
  •  Additional support options – describes three other levels of support like Microsoft Cloud Vantage, Premier and Professional Direct Support, including partners, developers and volume licensing.
  •  Features – describes the support options, like phone support, technical, billing, pre-sales, etc. against the differing licencing options available for Office 365.

So check out the article on this link: http://technet.microsoft.com/en-us/library/office-365-support.aspx

SharePoint and the Internet of Things

SharePoint and the Internet of Things

Bold statement time. The Internet is a collection of machines – and there is more data generated by machines than humans. IOT (Internet Of Things) is connected devices providing data which will simplify, enhance, and enrich our lives. Already connected devices are beginning to revolutionise our lives; but to understand the nature, challenges and opportunities we need to understand how we can take informed decisions concerning this technology and trends.

Things like how the data our devices upload and download is shared, used, managed, controlled with clear data integrity. What should be our focus, what and who can help us understand this technology. IOT has implications for those working within the SharePoint sphere. As SharePoint workers, we will need to roadmap and further refine data provided  (from internally or externally provided systems harvesting sensor data) to define an IOT strategy.

We will need to learn how to promote use of devices used within organisations, so they become smarter devices thus turning our companies, and ourselves, into smarter people. The article I have written for TechNet, aims to describe, simplistically, the nature of IOT, some of the key opportunities realised by Microsoft and others, the challenges we may face in control, management, security, privacy. The article suggests some take-aways in what we may need to address to support the infrastructure and manage the data.

Sometime ago, I also wrote about the skill-sets coming into the fold of data analysis (the Data Scientist). We are already seeing the emergence of the CDO (Chief Data Officer) whose skillset will become more and more entrenched in helping people make decisions on data coming from sensor feeds and the management of IOT in organisations.

Even my kids know about IOT and sensor technology. My eldest daughter, an ardent follower of fashion, running her own shop, mentioned to me that she was really into reading up and working on opportunities concerning nano-technology in clothes, as she thought it definitely the future. I thought that nano-technology in clothes was a myth; that it simply didn’t exist (showing my age I suspect) – but I was astonished to find on IET an article talking about just that, even to the point where engineers were busy creating clothes and being designers! Imagine, nano-technology in clothes; that would be able to determine the colour and provide better waterproofing in clothes – wow…. Surely then, we can’t be far away from having our clothes change colour based on the time of year, or maybe even inform how many washing cycles clothes can take before needing repair / replacement? So that means sensor technology in clothes must be a reality…

Anyway, I just had to do more digging. I am sure there are implications from a systems analysis, and service delivery perspective, particularly for data management.  I found myself absolutely fascinated by the impact of IOT. From discussing with other techies in this field and more, I was able to put together an article which I’ve had posted to TechNet. Please go read the article here.

Office 365 Public Roadmap is a key service delivery tool

Office365 for Business Public Roadmap released

Microsoft has today released the Office 365 for business public roadmap. The Office 365 for business public roadmap provides customers with a way to learn more about upcoming change and updates before the change impacts their service.

Go here to see the Office365 for Business Public Roadmap

The public roadmap will be closely coupled with the larger Office 365 Change Management strategy, including integration with Message Centre and the Office 365 direct to admin communication channel.

This is an extremely important and very useful service delivery mechanism to ensure you know what services will affect Office 365 customers – the roadmap page is split into sections allowing you to see what features are launched, rolling out, in development and cancelled.

Another very important read is the Improving visibility to service updates blog which gives more information concerning the concepts behind the Office 365 for business public roadmap.

So what is the public roadmap?

The Office 365 for business public roadmap is a web page on Office.com that provides customers with a list of new and updated features being released to the Office 365 service. The website will list recently launched features, features still rolling out, and features that are still in development. The website will launch with a monthly update cadence.

Note that the public roadmap does NOT commit Microsoft to specific timelines for delivering service updates. It follows a set of policies for what should and should not be included based on when an update is expected to being rolling out and previous disclosure of a particular update. The content goes through a quality assurance pass bi-monthly as part of previous NDA roadmap activities.

Why is the public view of the Office 365 roadmap being created?

As both engineering and marketing move to a services operating model, Microsoft are changing the way they approach customer communications. Part of this transformation is going directly to customers and scaling communications to every Office 365 customer from the individual business owner with 1 employee to the largest enterprise or governmental organization with hundreds of thousands of users.

From examining customer data it has been seen that customers expect a “service” to behave like other services in their life, such as cable or mobile phone subscriptions. They expect notification and communication about any changes to their service. PSAT data, focus groups, and OneList items all show the high cost in the old operating model that erodes customers’ trust and confidence in Office 365.

So what’s next?

Microsoft will be listening closely to customer, partner, and field feedback for improvements that fit within policy guidelines. Improvements currently being evaluated include localization into tier 1 languages, notification or tracking capabilities for the site change log, and expanding to include out-of-scope Office 365 instances. They will continue to refine the update tracking process and use the Office Release Roadmap as the single source for data related to service updates.

Office365 Service Status and SharePoint support

Office365 Service Status and SharePoint support

Am checking up on a friend who is using Office 365 within a team of 20 people, mainly for SharePoint 2013, and who relies on SharePoint support provided externally. My friend stated they want to ramp up the usage, but were concerned about service availability, and wanted to know whether it was possible to get a record of service uptime for Office 365. They were particularly interested in SharePoint Online service uptime.

That got me thinking. Not all customers using Office 365 will understand how to read the service status provided in Office 365. Even if they saw that page, without really understanding the meaning will probably gloss over some of the features within the service status offerings on that page. Also, considering the methods by which Office365 tenants are provisioned (off-the-shelf buy, through a re-seller, directly) it could be likely that literally any computer literate person could be drafted in to support the customer who takes on Office 365 who potentially has never worked in customer support!

So, yes, taking some time to understand the service statuses provided within Office 365 is useful. Particularly if you are responsible for managing SharePoint online through Office 365 (plus its other offerings), or if you are considering a move / hybrid approach and need to inform the client of the service expectation and what is used to measure service status in Office 365.

What is the Office 365 Service dashboard? The service dashboard is located in the Office 365 Admin centre, and then by clicking the View Details and History link at the foot of the current health list in the centre of the screen as shown in Figure 1.

Figure 1: The Office 365 Service Dashboard

When View Details and History is clicked, a screen showing the service health of Office 365 is displayed. These Service are Exchange Online, Identity Service, Lync Online, Office 365 Portal, Office Subscription, Rights Management Service and SharePoint Online and all are shown in expanded format showing the sub-services and their statuses. The service status is indicated by an icon which is displayed for each. Figure 2 shows each service icon, its meaning, the definition associated with that icon.

Figure 2: Office 365 Service Status icons, description and Definitions

Most of the above are self-explanatory, and for each service listed if there is any status reported other than ‘Normal service availability’ there is a link which is provided which when clicked allows the individual to get more information about the service issue.

An interesting one above is ‘False Positive’. For those working in email land you may have heard of this term before. A False Positive is essentially a message which is legitimate but marked as spam, which is then rejected or returned to the sender. So, what that means is that a report is provided that indicates a problem but does not provide clear proof. It is very important that these are noted, because if that’s not done, it will result in False Negative.

Without going into False Negatives (which I will write about in a companion article), let’s take a look at a False Positive example starring on-Premise SharePoint. Assume that a SharePoint 2013 on premise platform has a third party app deployed on it and a monitoring service carrying out remote scans of all apps and services on that platform. Note that it does not matter what the third party app does. The app identifies itself as version “1.6.11”. A remote scan provided on the platform identifies the app to be a vulnerable version (could be due to security, compatibility or other issues). The remote scan does not have further knowledge of the app, however, the scanner has reason to believe that a vulnerability exists and includes this in its reports. However, the SharePoint administrator (a human!) of the target system may know that this app has already been security-fixed to “1.6.11-1”, however, the app still identifies itself as version 1.6.11. Hence, this is a False Positive because the platform is deemed healthy.

I would suggest that False Positives are useful when identified, and should be recorded – so it has good reason to be there listed as a service status. One thing I should point out, however, is that the problem with tools to remote scan is that if they are configured strongly enough to be effective, there’s a significant chance of receiving false positives. If too many false positives are received, the monitoring becomes less proactive to the point were real issues are ignored, because of the volume of false positives and the assumption therefore that a human already ‘understands’ that there is no issue (when there is!).

Going back to getting more information concerning the service status. Figure 3 shows a list of the current health against each service in Office 365, and for any there there are issues links are provided for more information. SharePoint shows as being in extended recovery in the screenshot. You can click the View details link to get more information concerning the issue. In the figure, I have deliberately scored over the date…

Figure 3. Example of the Current health of services section in the Service Overview page

 

When clicking on the view details against a particular service status (not normal service status), another page is displayed giving further information concerning the issue covering issue, resolution action and date of next update. Figure 4 shows the page displayed when the view details link is clicked (again I have deliberately scored over the date).

Figure 4. The details page regarding the relevant incident when clicking the view details link at the foot of any service which has an issue on the service overview page

 

So, the service overview page is a good resource for identifying how the products provided in a Office 365 tenant are performing. However, without understanding the lifecycle of a service incident, it will be problematic in identifying whether a service incident is being fixed, has been fixed, is still under investigation and so on. What is the lifecycle concerning a service incident and how is that reflected on the service health dashboard? Here is an outline of that process:

  1. The incident occurs
  2. The service health dashboard is updated to ‘investigating’
  3. The incident status is posted to the service health dashboard
  4. The incident is resolved
  5. The closure summary is posted to the service health dashboard
  6. The post incident review is posted to the service health dashboard

I think this lifecycle is important to describe to your customer, as well as your service desk team (if for example you have an internal support team). When explaining the lifecycle of a service incident to a new customer, do this as part of providing Office 365 in the first place. If this is not done, there will be an assumption from the customer that they have a direct line to Microsoft Support. They will assume that they can quite literally pick up the phone, report a user challenge which they think is resolved using the product, and expect it be resolved immediately and that the resolution meets their exact requirements. Besides which, even understanding the sheer wealth of information provided on the service dashboard will overwhelm the customer, particularly if the customer has not been taken to identify, using the Service Level Agreement, the products listed of the service dashboard which will be of applicable to the them. That’s not to say the support you provide does not monitor the other services, it is just that in terms of priority that there is information going back to the customer that clearly identifies what is supported.

Conclusion.

Understanding the service dashboard is only a part of the picture in providing a successful support service for an Office 365 customer. In order for it to be effective and measurable, the results being displayed on the dashboard needs to be made meaningful and each service status to be relayed to the relevant customer in a way that makes it useful to them. So, to effectively support Office 365 and to manage customer expectation, you should define a Service Level Agreement which maps onto exactly what will be supported, since that is the key that will help you and the customer able to map the service status provided by the Office 365 service, give that meaning and provides a useful resource which can be measured.

I repeat, the principle here is a matter of what is supported. Your job as SharePoint support is to support the information worker, and in that sense, you support the usage of SharePoint. Your job is intertwined with how SharePoint is exploited to the benefit of the business. Your job is user support. However, Microsoft will see things from an entirely different perspective. Their job is product support. Microsoft cannot be expect to support your users, and certainly cannot be expected to precisely understand how your business applies to their products. So, when your query goes to Microsoft Office365 support, that query will be of several to do with the products provided within Office 365 of which SharePoint is one. That support will answer the question from a product perspective point of view. Your job, is to translate that inherently generic information into the specific information your end user needs. That means that the service status messages that are provided within the dashboard are not specific to your users concerning their use of the product, and instead the service status of the entire product provided to all customers. You must therefore take the information provided by the service status messages and relay that to the customer in a way they understand using the Service Level Agreement.

The Service Level Agreement is vital, for in the end, the only support service truly qualified to support your users is your own. The service dashboard is a resource, for that is the best it can be. If you depend 100% on Microsoft Office 365 support, the best you can hope for is an accidental or actual coincidence of purpose. I believe that is a foolish prospect, whereby one would hope or even attempt to engineer that the two widely differing set of goals (those of Microsoft and your end users) coincide somewhere, so that your company can extract some real benefit from ‘supplier’ support. I would not put all my eggs in relying on complete Microsoft support. You will still need to provide real user support and that means building a proper support model which exposes the service status. The alternative (getting the supplier to provide end user support) will simply not happen in the way the customer will expect or fully understand.

References:

SharePoint Service Level Agreement Guide

SharePoint Service Delivery

Book – SharePoint 2013 Adoption and Governance Guide

 

Security in Office 365 Whitepaper available

Security in Office 365 Whitepaper available

Last week, I attended a great Microsoft session concerning Compliance and Data Protection across the Office products, focusing on Archiving, Retention / Hold, Discovery and Data Loss Protection concerning compliance in 2013 products. I mentioned that I have clients who are interested in Office 365 but need some comfort concerning compliance, and queried if there was further information available. Was informed that there was a document available that described this which I must share with you all.

This document covers topics such as Office 365 Built in Security, like monitoring, isolation, automated operations, secure network and encrypted data. It describes security best practice, and the customer controls. It talks about how compliance is enabled through DPL, audit and retention, eDiscovery and Data spillage. It also describes the standards of compliance met, like ISO 27001, FISMA, HIPAA BAA, EU Model Clauses, and the CSA (Cloud Security Alliance).

If you are embarking on SharePoint migration to Office 365, or having a hybrid operation with on-premise SharePoint and Office 365, I would recommend reading this paper, as it will give you valuable information proving to the customer that Office 365 includes security features, protects data and provides administrators with the ability to configure, integrate and manage security.

To give you a taster, here’s the intro:

The ability for organizations to control and customize security features in cloud-based productivity services, such as email, calendars, content management, collaboration, and unified communications, is becoming an essential requirement for virtually every company. Today, IT teams are being required to deliver access to productivity services and associated documents and data from more devices, platforms, and places than ever before. While user benefits are undeniable, broader access makes security management more challenging. Each endpoint represents a potential attack surface and another point of management for security professionals. At the same time, organizations face ever-evolving threats from around the world and must manage the risk created by their own users accidentally losing or compromising sensitive data. For these reasons, organizations require a cloud service that has both (a) built-in robust security features and (b) a wide variety of customizable security features that organizations can tune to meet their individual requirements. Organizations expanding remote access while maintaining security best practices may find it difficult and expensive to add this combination of security functionality if they deploy productivity services solely on-premises.

You can download the article from here:

http://www.geoffevelyn.com/downloads/Security-in-Office-365-Whitepaper.pdf

And from here:

http://www.microsoft.com/en-us/download/details.aspx?id=26552

Get Office 365

Get Office 365

Collaborate in the cloud with Office, Exchange, SharePoint, and Lync videoconferencing.  As a Microsoft Silver Partner in Collaboration Services we are able to provide Office 365 to your organisation. At the highest level of collaboration, one is able to communicate and share complex information from within a simple framework. Microsoft’s Office 365 offers such a framework. Download a trial to see for yourself and see how Office365 can improve productivity.

What is Office365

What is Office365

This article describes the Office365 offering as a question / answer format. This is particularly useful when explaining exactly what Office365 is, what it entails, the costs and benefits.
(more…)