Please note that Webroot customers are protected from the Bad Rabbit – malware that is affecting computers across some Eastern-European countries, as well as Russia, Ukraine and Japan.
Here is what we know about Bad Rabbit thus far:
- it is a well-made piece of malware that uses a lot of clever tricks to spread; in many aspects, it is similar to NotPetya, which affected customers across the globe this summer;
- it has been successful as it has worm-like behavior, using embedded usernames and passwords to move laterally through the network;
- attackers used compromised websites, most of which are news sources local to the APAC/Eastern European region, as watering-hole infection vectors;
- When Bad Rabbit tries to restart your machine and encrypt data, Webroot SecureAnywhere, will prompt you with a warning about unauthorized Master Boot Record alternation. Webroot also blocks the files responsible for Bad Rabbit through the BrightCloud Threat Intelligence Platform.
Although Webroot customers are protected against Bad Rabbit, all users are recommended to maintain good cyber hygiene, including:
- limit Admin account usage to only employees who need it;
- don’t use easily guessable passwords;
- update Windows – Ransomware authors take advantage of unpatched systems;
- backup your data – Ransomware is crippled entirely if you have a backup copy of your data.
As you may remember, in May 2017 Equifax, a provider of consumer credit reports, said it experienced a data breach affecting over 140 million US consumers after hackers exploited a vulnerability on its website. That’s about 44 % of the US population! The data exposed in the hack included names, Social Security numbers, birth dates, addresses, and, in some cases even driver license numbers. Unfortunately, this wasn’t the last time Equifax’s website was breached. The site was maliciously manipulated last week, this time to deliver fraudulent Adobe Flash updates. Visitors who clicked the link had their computers infected with adware, which only three out of 65 antivirus providers managed to detect.
If you come to think of it, this is really worrying; the site which previously lost personal data of so many US citizens with a credit history was once again attacked, this time to trick visitors into installing malware, called by Symantec Adware.Eorezo. Usually, in order to avoid being caught, attackers provide malicious downloads only once to just a select number of people. Surprisingly, this time the bogus Flash download links were served to the same visitor at least three times in a row. The Equifax site was redirecting users to the centerbluray.info page which delivered MediaDownloaderIron.exe file. Sometimes browser was redirected to at least four domains before finally opening the Flash download file.
Unfortunately, only Panda, Symantec, and Webroot were able to detect the file as adware. Luckily for our customers Webroot is part of our Managed Services Provider package, so we know we keep you safe. Malwarebytes flagged the centerbluray.info site as one that pushes malware, while both Eset and Avira provided similar malware warnings for one of the intermediate domains, newcyclevaults.com.
It’s not yet clear how the Flash download page got displayed. Researcher Kevin Beaumont in his twit suggested that Equifax was working with a third-party ad network or analytics provider that’s responsible for the redirects. This could mean that the breach isn’t on the Equifax site and may be affecting other websites as well.
Many enterprises blend their disaster recovery and security recovery plans into a single and easy-to-implement package. But such an approach not necessarily makes sense. Undoubtedly security and disaster plans are related but not always the same things. Disaster recovery and security recovery have inherently different objectives: the former is more about business continuity and the latter about information asset protection. With disaster recovery plans we tend to focus on data quality in the first place and with security plans we rely on capability of protective control, we focus on “protecting forward”.
Many SMBs combine their disaster and security strategies as a matter of convenience, lured by so many similarities of those plans. Both types of plans include procedures to minimize the impact of a malicious event, that are followed up by procedures to recover from that event, as well as procedure to test and return to business as usual operations. Furthermore, both disaster recovery and security plans have an option that allows to minimize the possibility of a similar event occurring once again.
But if we dive deeper, we will find that the disaster recovery and security plans are fundamentally different:
- Disaster recovery plans focus on recovering IT operations and business continuity,
- Security plans focus on preventing or limiting IT interruptions.
Security recovery strategies need to be revisited and updated more frequently than disaster recovery plans. Events such as fires, floods or blackouts are unpredictable but we generally understand their nature. Security threats are also unpredictable, but their nature is often hard to be understood. Nowadays new external cyber threats are mushrooming, they become more and more technically developed and harder to detect, that is why it’s more difficult to keep a security recovery plan up to date. The number of natural or man-made disasters that can possibly threaten our business is relatively static. Keeping that in mind, all SMBs should implement separate disaster recovery and security plans for best protection.
Did you know that businesses with fewer than 250 workers have become a prime target of cybercriminals? The worst misconception any SMB can have, is that they are too small to be noticed by cybercriminals. Even businesses with less than a dozen employees have become a growing target.
Hackers see SMBs as being more susceptible to security breaches since they typically lack solid security. Instead of attempting one risky “big score”, today’s cybercriminal targets thousands of small businesses at once and uses malware to collect stored credit card information that they use to extract money. Additionally, SMBs are often seen as a gateway to the data of their high-end B2B clientele.
3 Ways to Enhance Security Without Breaking the Bank
Budget isn’t an excuse when it comes to security. Here are 3 security-enhancing fixes that don’t require big investments:
- Take Inventory:Many businesses have overcomplicated computer systems that are outdated, poorly secured, and not even business critical. Identify these.
- Talk Security:Employees are your greatest security threat. Talk to them about averting phishing email threats, frequently updating passwords, and staying safe while working at the office or remote.
- Don’t Fear the Cloud and Managed Services:Don’t let paranoia keep you from moving email, backup, and file sharing to the cloud. It saves money and is often safer. A managed services provider can also take over both routine and complex security tasks.
Don’t Be Forced Out of Business By Cybercrime
According to the National Cyber Security Alliance, one out of every five small-and-medium sized businesses is hit by cybercrime each year. Roughly 60% of these SMBs are out of business within six months of an attack.
Today’s cybercriminal doesn’t discriminate by business type or size. They look for exposed security cracks and vulnerabilities that are rife with opportunity. Don’t be the type of ignorant and defenseless SMB they typically feed on.
As we reminded you last week, Office 2007 will reach End of Life on October 10, 2017. If you haven’t already begun to upgrade your Office 2007 environment, we recommend you start now.
Almost all Microsoft products have a support lifecycle during which new features, bug fixes, security fixes are provided to customers. Such lifecycle typically lasts for 10 years from the date of the product’s initial release. When Office 2007 reaches its End of Life on October 10, 2017, Microsoft will no longer provide:
- Technical support for issues
- Bug fixes for issues that are discovered
- Security fixes for vulnerabilities that are discovered
In addition, as of October 31, 2017, Outlook 2007 will be unable to connect to Office 365 mailboxes, which means Outlook 2007 clients using Office 365 will not be able to receive and send mail. Microsoft customers have three options to choose from, which we shortly described in our previous blog post. Here we want to focus on upgrading to Office 365 ProPlus.
What is Office 365 and Office 365 ProPlus?
Office 365 refers to subscription plans that include access to Office applications and other cloud services, including Skype for Business, Exchange Online, and OneDrive for Business. Office 365 ProPlus is the version of Office that comes with many Office 365 plans. It includes the full versions of Word, PowerPoint, Excel, Outlook, OneNote, Publisher, Access, and Skype for Business. Unlike Office 2007, Office 365 ProPlus is a user-based service that allows people to access Office experiences on up to 5 PCs or Macs and on their mobile devices. For information about the new features available in Office 365 ProPlus, see What’s new in Office 365.
Here is a roadmap for your upgrade to Office 365 ProPlus:
- Review the system requirements for Office 365 ProPlus – before upgrading to Office 365 ProPlus, you need to verify that your computers meet or exceed the minimum system requirements. The Office 365 ProPlus requirements are the same as the Office Professional Plus 2016 requirements. In addition, you should review the system requirements for your Office server workloads. For example, Exchange 2007 does not support Outlook 2016.
- Plan for Office 365 – because Office 365 ProPlus comes with many Office 365 plans, you should review your current Office 365 capabilities as part of planning an upgrade to ProPlus. Prior to deploying ProPlus, for example, you should ensure that all your users have Office 365 accounts and licenses.
- Assess application compatibility – to ensure a successful upgrade, we recommend identifying your Office applications, including VBA scripts, macros, third-party add-ins, and complex documents and spreadsheets, and assessing their compatibility with Office 365 ProPlus.
- Assess your infrastructure and environment – to decide how to upgrade to Office, you should evaluate your infrastructure and environment, including the following:
- Number and distribution of your clients, including required languages.
- IT infrastructure, including operating systems, mobile device support, user permissions and management, and software distribution methods.
- Network infrastructure, including connections to the Internet and internal software distribution points.
- Cloud infrastructure, including existing Office 365 capabilities, user licensing, and identity.
- Choose how you want to deploy Office 365 ProPlus – you can deploy ProPlus from the cloud, from a local source on your network, or with System Center Configuration Manager. Which option you choose depends on your environment and business requirements.
- Choose how often to update Office – with Office 365 ProPlus, you can control how frequently your users receive feature updates to their Office applications.
Here are some special considerations you should take into account while preparing the upgrade to Office 365 ProPlus
The Office Customization Tool is not used as part of the Office 365 ProPlus installation. Instead, you can customize the installation for your users with the Office 2016 Deployment Tool.
Removal of InfoPath from Office 365 ProPlus. InfoPath 2013 remains the current version and therefore won’t be included in the Office 2016 version of Office 365 ProPlus. When you upgrade an existing installation of Office 2007 to the Office 365 ProPlus, InfoPath is removed from the computer. If your users still need to use InfoPath, the 2013 version of InfoPath will be available for installation on the Software page in the Office 365 portal.
On October 10, 2017, Office 2007 will reach End of Life. If you haven’t already begun to upgrade your Office 2007 environment, we recommend you start now. It is high time. Being Microsoft Certified Partner, Network It Easy can provide useful deployment benefits for cloud migrations and for on-premises upgrades.
So what does End of Life mean?
Office 2007, like almost all Microsoft products, has a support lifecycle during which company provides new features, bug fixes, security fixes, and so on. Such a lifecycle typically lasts for 10 years from the date of the product’s initial release, and the end of this lifecycle is known as the product’s End of Life. When Office 2007 reaches its End of Life on October 10, 2017, Microsoft will no longer provide:
- Technical support for issues
- Bug fixes for issues that are discovered
- Security fixes for vulnerabilities that are discovered
In addition, as of October 31, 2017, Outlook 2007 will be unable to connect to Office 365 mailboxes, which means Outlook 2007 clients using Office 365 will not be able to receive and send mail. Because of the changes listed above, we strongly recommend that you upgrade as soon as possible.
This is a good time to explore your options and prepare an upgrade plan. You can:
- Upgrade to Office 365 ProPlus, the subscription version of Office that comes with many Office 365 plans.
- Upgrade to Office 2016, which is sold as a one-time purchase and available for one computer per license.
- Upgrade to an earlier version of Office, such as Office 2013.
If you think you cannot manage that process on your own, contact us and will be happy to help. In our next post, we’ll show you what Office 365 ProPlus is, so stay tuned.
We often forget that periodically assessing our IT security is an important part of our organization’s preventive maintenance plan. Security is mostly an invisible attribute, we tend to set it up and then forget about it. But each of us has our blind spots, causing us to miss things. Our infrastructure changes over time, possibly opening it up to new vulnerabilities. And new methods of attack are invented daily, so what was secure yesterday may not be secure today. Think of your company as of your car with a list of scheduled maintenance tasks and create a similar list of security features to be checked on a regular basis. Undoubtedly you can perform some of them yourself, but nothing can replace an independent expertize.
An increasing number of organizations are bound by governmental regulations that dictate what security measures you should have in place and how they should be audited. HIPAA, PCI, FISMA, Sarbanes-Oxley, and Gramm-Leach-Bliley all dictate how to secure different types of data and the systems that manage it. They also require regular security posture assessments, though they vary on specific requirements and time frames.
There are many benefits to doing periodic assessments beyond simply complying with government regulations. Undertaking regular assessments can help you to:
- Find out whether your security has already been compromised. According to FBI there are two kinds of companies; those that have been hacked and those that don’t know they were hacked.
- Stay on top of the latest security threats — with new attacks coming on the scene every day, you could become vulnerable even if nothing has changed since your last assessment!
- Educate your employees – increase their awareness and understanding of security issues.
- Let your customers know that security is important to you and that you care about them and their data.
Here are some categories that you need to pay attention to, if you want to make sure that your network security assessments are done diligently:
- Check out in which ways your security can be compromised from the inside or outside, from both internal and external sources of attack. It is not enough to audit your firewall rules, you need to know if hackers can gather information through a company directory posted on the Internet.
- Check how well have you been keeping up with patches? These are areas you need to pay attention to: operating systems on servers and workstations; infrastructure services such as email and DNS; enterprise applications including Web applications and databases; and desktop productivity applications. So, are you following your patch policies?
- Assess and re-assess how your network is defended at its perimeter, and how well it is segmented internally to limit the damage that can be caused by prying eyes or errant applications. Audit both your device configurations and your update procedures and policies.
- Write down your security policies to give your employees guidance and you a benchmark with which to compare your performance.
- Use encryption to secure internal and external communication, including between layers of software.
- Viruses can come from practically anywhere: from an employee’s home laptop, from visiting a malicious Web site, from an infected USB drive. How well is your antivirus software working, and how prepared are you to stop viruses if your countermeasures fail?
- Develop a policy that dictates how complex user passwords must be and when users are forced to change them. Make sure you are auditing it periodically by running password-cracking software.
- Assess how well your organization works, how well your procedures are documented, and how well your staff members keep up to date with their field.
- Remember that backups are important part of your security strategy; verify that they work by actually restoring your data.
- You may be bound by governmental regulations dictating how you secure and manage your business data and your customer information. Whether your organization falls under HIPAA, FISMA or PCI DSS you need to do a risk assessment. Self-assessment is surely a good thing, but in order to prepare for a full compliance audit it’s important to get an independent outside consultant to perform this critical assessment.
Last month at Inspire, Microsoft unveiled Microsoft 365, which brings together Office 365, Windows 10 and Enterprise Mobility + Security, delivering a complete, intelligent and secure solution to empower employees. It represents a fundamental shift in how we will design, build and go to market to address our customers’ needs for a modern workplace.
With more than 100 million commercial monthly active users of Office 365, and more than 500 million Windows 10 devices in use, Microsoft is in a unique position to help companies empower their employees, unlocking business growth and innovation. To address the commercial needs from the largest enterprise to the smallest business, the company is introducing Microsoft 365 Enterprise and Microsoft 365 Business.
Microsoft 365 Enterprise is designed for large organizations and integrates Office 365 Enterprise, Windows 10 Enterprise and Enterprise Mobility + Security to empower employees to be creative and work together, securely. Microsoft 365 Enterprise:
- Unlocks creativity by enabling people to work naturally with ink, voice and touch, all backed by tools that utilize AI and machine learning.
- Provides the broadest and deepest set of apps and services with a universal toolkit for teamwork, giving people flexibility and choice in how they connect, share and communicate.
- Simplifies IT by unifying management across users, devices, apps and services.
- Helps safeguard customer data, company data and intellectual property with built-in, intelligent security.
Microsoft 365 Enterprise is offered in two plans—Microsoft 365 E3 and Microsoft 365 E5. Both are available for purchase as of August 1, 2017.
Microsoft 365 Enterprise is built on the foundation of the highly successful Secure Productive Enterprise, which grew seats by triple digits in the last year. Going forward, Microsoft 365 Enterprise replaces Secure Productive Enterprise to double-down on the new customer promise of empowering employees to be creative and work together, securely.
Microsoft 365 Business is designed for small- to medium-sized businesses with up to 300 users and integrates Office 365 Business Premium with tailored security and management features from Windows 10 and Enterprise Mobility + Security. It offers services to empower employees, safeguard the business and simplify IT management. Microsoft 365 Business:
- Helps companies achieve more together by better connecting employees, customers and suppliers.
- Empowers employees to get work done from anywhere, on any device.
- Protects company data across devices with always-on security.
- Simplifies the set-up and management of employee devices and services with a single IT console.
Microsoft 365 Business is available in public preview starting August 2, 2017. It will become generally available on a worldwide basis in the fall (CYQ3) of 2017.
As a part of Microsoft commitment to small-to-medium sized customers, they’re also announcing the preview of three tailored applications that are coming to Office 365 Business Premium and Microsoft 365 Business:
- Microsoft Connections—A simple-to-use email marketing service.
- Microsoft Listings—An easy way to publish your business information on top sites.
- Microsoft Invoicing—A new way to create professional invoices and get paid fast.
To make Office 365 more valuable for small business, Microsoft is announcing three new applications coming to Office 365 Business Premium:
- Microsoft Connections—A simple-to-use email marketing service.
- Microsoft Listings—An easy way to publish your business information on top sites.
- Microsoft Invoicing—A new way to create professional invoices and get paid fast.
They’re also introducing the Office 365 Business center, a central place where you can manage these business apps and get an end-to-end view of your business. In addition, they’re adding MileIQ, the leading mileage tracking app, as an Office 365 Business Premium subscription benefit. These new services—along with the recently added Microsoft Bookings and Outlook Customer Manager—help you win customers and manage your business. Let’s take a closer look at each of these products.
Microsoft Connections—Email marketing can accelerate sales, but getting started can be overwhelming. With Microsoft Connections, you can easily create professional-looking email marketing campaigns with pre-designed templates for newsletters, announcements or customer referrals. You can also provide simple ways for people to join your mailing list or unsubscribe. As your mailing list grows, you can manage your subscribers by creating segments to efficiently target specific groups of customers. Performance charts and subscriber activity updates track open rate, clicks, new sign-ups, new customers, offer redemptions and unsubscribed numbers for each email campaign, so you can see what is and is not working. Microsoft Connections is available on the web, and on mobile apps for iOS and Android.
Microsoft Listings—Getting your business listed online is a great way to be discovered by prospective customers, but it can be time consuming to set up your online presence, keep information like business hours up-to-date and monitor performance across sites. Microsoft Listings makes it easy to publish and manage your business listing on Facebook, Google, Bing and Yelp.
Microsoft Listings includes a web dashboard that lets you easily monitor ratings and reviews. When you update your business profile in Microsoft Listings, the changes automatically populate across Facebook, Google and Bing. And what’s more, you can monitor online views and reviews of your listings across sites from a single dashboard. This makes it easier to understand feedback from your customers and strengthen your online reputation.
Microsoft Invoicing—Getting estimates and invoices out on time, tracking pending payments and processing payments quickly are critical to keep things running smoothly. But it can be tedious and confusing to keep track of information in different systems of record or even on paper. Microsoft Invoicing helps you quickly create professional-looking estimates and invoices, so you get paid quickly.
Microsoft Invoicing works with PayPal, so you can accept credit and debit cards online. A connector to QuickBooks lets you sync customer and catalogue data, and transfer invoicing information to your accountant.
The Office 365 Business center brings Bookings, Connections, Listings and Invoicing together in a central location—so you have easy access to your business apps and data. It features a unified dashboard where you can view key metrics from all the business apps, including total outstanding invoices, the number of appointments scheduled, the impressions across Facebook, Google, Bing and Yelp, and the number of new subscribers and sent campaigns.
The Business center includes an activity feed, so you can see the details of what’s happening within each of the apps—making it easy to keep up-to-date on new customer appointments, invoices and payments being created or updated by the employees in your business. The activity feed also provides suggestions on what actions to take next, such as alerting you that a payment is overdue and it’s time to resend an invoice.
Because the new business apps are built to work together, you don’t waste valuable time setting up connectors or transferring data manually. A contact in one business app is automatically recognized in another, so you don’t have to input data multiple times. As a business owner, you also have full control over who on your team gets access to which business apps and related information.
MileIQ—If you drive a personal car for work purposes such as customer sales visits, partner meetings or trade conferences, you know that tracking and reporting your miles for tax deduction or expense reimbursement can be a hassle. MileIQ offers a simple, smarter way to track your miles—with automatic drive detection and mileage logging, easy one-swipe classification as business or personal, and comprehensive reporting. You can log unlimited drives every month with the MileIQ Premium subscription that you get with Office 365 Business Premium.
Connections, Listings, Invoicing and the Business center are rolling out in preview over the next few weeks to Office 365 Business Premium subscribers in the U.S., U.K. and Canada, starting with those in the First Release program. MileIQ Premium is available to all Business Premium subscribers in the U.S, U.K. and Canada effective today.
Recent Microsoft updates for security and compliance include enhancements to Advanced Threat Protection, eDiscovery, Advanced Data Governance, Advanced Security Management and expanded support for Windows Information Protection. Read on to learn more about these updates.
Office 365 Exchange Online Protection (EOP) and Advanced Threat Protection (ATP) were designed to keep your organization protected against cyber-attacks while supporting end-user productivity. The Office 365 team continues to enhance both EOP and ATP by offering deeper insights and more flexible controls. This month, they are introducing the following new capabilities:
- Threat Protection status report—New reporting for ATP and EOP that adds visibility into malicious emails detected and blocked for your organization. This supplements the recently introduced reports in the Security & Compliance Center for ATP Safe Attachments.
- Enhanced quarantine capabilities—Now all emails classified as malware from both EOP and ATP are quarantined. This builds upon the existing quarantine experience by allowing administrators to review and delete emails from quarantine.
Additional details on these new features can be found in the Microsoft Tech Community, as well as on the EOP and ATP product pages. EOP is offered across the enterprise E1, E3 and E5 suites. ATP is offered as both a standalone SKU or as part of E5.
Furthermore, Microsoft has recently released several new eDiscovery and Data Governance features in Office 365 in order to help you meet legal, business and regulatory compliance requirements. These features include:
- Optical character recognition in Advanced eDiscovery—Extracts text from image files or objects within the files, significantly reducing the amount of manual remediation work required to analyze image files.
- Rights management (RMS) decryptionin Office 365 eDiscovery—Automatically decrypts RMS-encrypted email messages at export time when you choose the MSG Export option.
- Unified case management—Provides a consistent user interface spanning the eDiscovery capabilities in Office 365, from core to advanced, which helps to reduce potential human errors by streamlining eDiscovery case definition and eliminating several steps in the process.
Many organizations have the need to perform supervision of employee communications. This need stems from internal security and compliance guidelines, or from regulatory bodies such as the Financial Industry Regulatory Authority (FINRA). In both cases, failure to have a demonstrable supervision process in place could potentially expose organizations to liability or severe penalties. To address this need, Microsoft has released the new Supervision feature in Office 365 Advanced Data Governance. Supervision covers not only email communications, but also third-party communications streams, such as Facebook, Twitter, Bloomberg and many more. Supervision is part of Office 365 Advanced Data Governance, which is available as part of Office 365 E5 or the Office 365 Advanced Compliance SKU.
Last week Microsoft announced a new, streamlined web experience for instantly viewing Word and PowerPoint files in One Drive and SharePoint Document Libraries. The PowerPoint and Word Viewers are new Office 365 features and you’ll begin seeing these new features in the coming days. You’ll notice the following with the viewers:
- they load instantly, in line with your files, just like you’re used to with popular file formats like PDF, photos, and videos;
- as much clutter on the screen as possible has been reduced so that you can focus on reading the content;
- you still have access to the same capabilities you use in OneDrive and SharePoint – including editing the document in your browser or Word and PowerPoint clients;
- you can share, rename, download or see file information (using the details pane of the file you’re viewing);
- company Shareable Links for Word and PowerPoint files are now part of this experience;
- the viewing canvas is getting a fresher look and feel with lighter colors and more purposeful spacing that helps you focus on the content – aligning more to other Office 365 experiences.
These features will be gradually rolling out in the following days, and the roll-out will be completed by the end of July. The best part is that you don’t need to do anything to prepare for this change, but you may consider updating your user training, and notifying your help-desk.
More than 10 million people rely on Groups in Outlook every month to work together and get things done. Groups in Outlook has been proved useful as it offers huge improvements over traditional distribution lists, with a shared space for group conversations, calendars, files and notebooks, the convenience of self-service membership and much more.
In April, 2017 Microsoft launched Groups in Outlook for Mac, iOS and Android. Since Groups is already available in Outlook for Windows and on the web, now you can access your group conversations and content no matter which platform you use.
With these updates, you can:
- View your group list.
- Read and reply to group conversations.
- Add group events to your personal calendar.
- View unread messages sent to the group.
- View group details within the group card (Outlook for iOS and Android only).
In addition to bringing groups to more Outlook apps, Microsoft has released several new features for Groups in Outlook on other platforms:
- Give guest access—Last fall, Outlook on the web was updated to give customers the ability to set up guest accessfor people outside their organization, set group classification as defined by Office 365 admins, and view usage guidelines. Now, these same capabilities are available in Outlook for Windows.
- Invite people to join—in order to simplify inviting multiple people to join a group, Microsoft released the Invite to joinfeature to Outlook on the web, which lets customers create invitation links and share them with others via email or other channels, giving them a quick way to join the group.
- Multi-delete conversations—Group owners can now multi-select conversations and delete them from the group conversations space in Outlook for Windows.
- Send email as a group—Office 365 admins can grant send-as and send-on-behalf-of permissionsto members of a group using the Exchange admin center. Group members who have these permissions can then send emails as the group, or on behalf of the group, from Outlook for Windows and Outlook on the web.
We believe that hard work and dedication are crucial in providing services to our customers. But we also believe that having fun as a team is important for building team spirit. We surely make a great team and we hope we can only get better and stronger as a company going forward. Last Saturday we visited iFLY Rosemont to make our dream of flying become a reality. Now we are going to take care of other dreams we have, because sky is the limit…
Earlier in May, Microsoft unveiled a new wave of innovations that build upon the vision they set forth last year to reinvent content collaboration and usher in a new generation of mobile and intelligent intranets. We already know that SharePoint and OneDrive in Office 365 empowers individuals, teams and organizations to share with confidence, transform business process, inform and engage the organization, and harness collective knowledge. These new announcements make it easier than ever for customers to drive such outcomes and accelerate their digital transformation.
Share with confidence
OneDrive lets you share files securely with anyone—inside or outside your organization. Its deep Office integration, which powers rich co-authoring, allows you to collaborate on these shared files with others in real time. And it lets you access all your Office 365 files, including your individual work files and files shared with you by individuals, teams and the organization—regardless of whether you’re on a PC, Mac, an iOS or Android device or a Windows phone.
See all your files in File Explorer with OneDrive Files On-Demand
Files On-Demand enables you to work with all your files in Office 365—both work and personal, across OneDrive and SharePoint—right from File Explorer, without having to download them and use storage space on your device.
Share files directly from File Explorer on Windows and Finder on Mac
Starting this summer you will be able to share Office 365 files directly from File Explorer on PC and Finder on Mac. The sharing experience has been simplified, so you can share a file or folder with specific people or send a link that enables anyone who needs access, inside or outside your organization. In addition, you can now control how long a link provides access, and you can easily view and modify the permissions you have granted.
Connect SharePoint team sites with other Office 365 content and services
Over the last year, SharePoint team sites were modernized and connected with Office 365 Groups. Some additional enhancements—coming later this year—will further unify collaboration experiences in Office 365, including:
- The ability to connect existing SharePoint team sites to Office 365 Groups, so you can augment existing sites with shared conversations, calendar and Planner.
- Support for adding SharePoint pages as tabs in Microsoft Teams so you can add a tab with a news article or your team site’s homepage, for example. This builds upon the existing ability to add tabs for SharePoint document libraries in Teams.
Transform business process
SharePoint enables you, your team and your organization to streamline tasks, automate workflows and integrate processes seamlessly into your work—on any device and from anywhere you work.
Create custom SharePoint forms and digital experiences with PowerApps
Starting this summer, you will be able to use Microsoft PowerApps to easily create custom forms and rich digital experiences that surface right in the context of a SharePoint list or library. Users can then create, view and interact with data using your custom form or experience, rather than default SharePoint forms.
Inform and engage employees
An intranet lets you communicate to people—keeping them informed of news and information. And it enables you to communicate with people—to engage employees and foster open conversation. It is this engagement that is fundamental to driving digital transformation and culture change.
Find people, expertise and content faster with powerful, personalized search
When you click in the Search box on SharePoint home in Office 365, recommendations appear instantly. You’ll see recent files, making it easy to get back to your work, as well as relevant content, sites and news. When you’re searching for knowledge, it may be found in content such as files, sites and news. And it might also be found through your colleagues. Now, your search results will include people whose skills, interests and projects—part their Office 365 profile—are relevant to your query.
Search results activate people cards, so you can learn at a glance about a person and the content they work on. One more click activates an extended view with richly detailed information from the user’s profile. These enhancements to search will roll out over the next few months.
Microsoft has improved the sharing UI on the OneDrive for Business and SharePoint Online websites and sync clients to provide easier collaboration and better security.
The Share command now sends shareable links by default rather than granting permissions to specific people like the old Invite people tab. This better matches user expectations that links sent in email can be forwarded to others by default. In other words, Share does the same thing as Copy link except it enables users to send the link immediately to recipients via email.
Both the Share and Copy link commands are now default to the same permissions and use the same link settings.
Users can change settings on sharing links to one of three possible permission levels:
- Anyone with this link – this shareable link can be forwarded to others or people might be added to the thread. This option does not require recipients to sign-in and hence is the most convenient for recipients. It can be used for sharing content with others, including people outside your tenant.
- Only people in [tenant] – users who open the link must sign-in or be signed-in to a non-guest account in the tenant. It can be forwarded to others or people might be added to the thread, as long as these people are inside your tenant. If any external user gets a hold of the link, they will not be able to use it. It can be used for sharing internal-only content.
- Specific people – this link will only work for people who were granted permission (and others who already have access to the item). If recipients want to send this link to anyone else, they need to ensure those recipients have been granted permission to the resource, otherwise the link won’t work. This option produces behavior similar to the “Invite people” tab in the old sharing UI.
Tenant admins who wish to change the default link permission can do so in the OneDrive Admin Center and the SharePoint Admin Center. Users who want to explicitly grant permissions to an item without sending a link can do so by selecting “Manage access” and then selecting “Add people”.
The new sharing UI will be rolling out in late Spring on the following endpoints:
- OneDrive for Business on the web
- SharePoint Online document libraries on the web
- Windows File Explorer context menu for sync’ed files (“Share” command)
- Mac OS Finder context menu for sync’ed files (“Share” command)