In the previous chapter, the Ready Design Cupcake Company (RDCC) completed a business analysis of the Office 365 cloud services and was ready to move to Office 365. The IT manager, Tom, looked at his total company spending, and with the help of his Microsoft Partner, determined that his on-site cost was about $115 per user per month; and the Office 365 cost would be approximately $53 per user per month (see Figure 2-1). These costs included ongoing support.
However, Tom had questions about how Office 365 services would benefit his users at RDCC. He and his Microsoft Partner set up a demonstration. Most Microsoft Partners can set up different types of test environments, but in the RDCC case, the Microsoft Partner, KAMIND, choose to use an interactive training session using the Microsoft Customer Immersion Experience center (CIE), which provides a fully configured Office 365 experience. This exercise exposes Tom to the full range of Office 365 capabilities and features in such a way that he is able to relate his new knowledge to the Office 365 migration project for RDCC.
The Microsoft CIE is a preconfigured Office 365 organization that supports all of the Office 365 services, including Yammer, Project, Exchange, Lync, SharePoint, and CRM. RDCC is not interested in the CRM option at this time, but they are interested in using Windows Intune. Tom was looking for a way to reduce the costs of managing the Office 365 user’s devices with a cloud solution so RDCC would not need to manage an On Premises solution using Microsoft System Center. Kamind1 suggested that Tom play the role of an end user in the Microsoft demonstration company, Contoso, Inc. Tom was assigned an Office 365 user account, and he assumed the hypothetical identity of a Contoso sales associate, Karen.
“Where to start with Office 365” is a hands-on tutorial, not a configuration guide. In the second part of this chapter, we have all of the necessary configuration information to set up your desktop. The tutorial serves only to show the features of Office 365, so the ones you really need can be selected and applied to your specific work environment.
Where to Start with Office365? A Hands-On Tutorial
Start by opening up a web browser and logging in into the Office 365 site at
(see Figure 2-2).
Once you have entered your email address, Microsoft online services will determine if there are multiple accounts for different Microsoft services under your email address. Microsoft offers two different services for users: consumer services and business services. These services are represented as a Microsoft account and an Organization account. The Microsoft account is for Microsoft services that require a unique ID, such as your email address. Examples of these accounts are Hotmail, Microsoft Passport, Xbox Live, and volume license services (to name a few; there are other consumer services).
The Organization account is your Office 365 company business service account. The services of these two accounts are different and isolated from each other on different servers in one or more Microsoft Data Centers. It is very common that a user will have both an Organization account and a Microsoft account. When you access Office 365 services, you always use the Organization account.
You do not need to have a Microsoft account to use Office 365, only an Organizational account.
Logging into Office 365
After you have opened a browser to
, select the sign-in (Figure 2-2, upper right-hand corner) and enter your Office 365 company email address. If you have added consumer capabilities to your email address (found at
), then you will be presented with two choices (Figure 2-3). If you are going to access the Office 365, then select the Organizational account.
Once you have entered your password you will log in to Office 365 services. The next step is to explore the interface of Office 365. RDCC’s IT manger chose to use the hypothetical persona of Karen Berg, a Sales Associate in the Contoso Company. He wanted to experience the operation of Office 365 from a productivity point of view as a user. When you log into Office 365 for the first time, a normal Office 365 user (like Karen Berg) sees an initial configuration screen that introduces Office 365 services to the user in the self-service portal (see Figure 2-4). Tom liked this approach because the self-service portal reduces the calls to his help desk and improves his users’ satisfaction.
Tom, acting as Karen Berg, sees that he can continue to install the Office 365 software for his PC/Mac, phone, and tablet without any help desk support. He watches the “getting started” video to get a feel for the organization of Office 365. Tom explores the different services, such as Web Outlook and his personal cloud document storage, SkyDrive Pro. The self-service welcome portal (Figure 2-4) will stay visible until the Outlook services are accessed. Tom selects the Outlook tab (Figure 2-5) to see Karen’s email.
Office 365 Outlook mail services are designed to provide data synchronization between all devices that are are using Office 365. The simplest way to look at this is that all information is synchronized, so in using email on his smartphone, Web browser, or local Outlook, Tom only needs to “read once” and/or “delete once” and all devices connected to Office 365 email services will sync his actions.
Tom begins to explore the Office 365 web site. The Microsoft Partner informs him that after the initial login, all future logins to Office 365 will replace the user start page to either use Outlook or the Team site, depending on the license that is assigned to the user. As an example, if the user only has a SharePoint license the user will land on the “sites” page. If the user has an email license, then the user will land on the Outlook page (Figure 2-6). Karen’s license is a full Office 365 that includes access to SharePoint and Office 2013, so her default page is Outlook WebApp.
Tom notices that the Office 365 web Outlook (Outlook WebApp) looks very similar to the Outlook client. The interface is crisp and simple to understand. The Outlook email, calendar, and People (contacts) are easily navigated. Tom notices that the Outlook WebApp supports right-click actions on the interface (Figure 2-7). This is important to Tom so that the sales staff may color code their email into different categories.
Tom also notices that he can assign an individual retention policy on his email. He right-clicks the message and selects “Assign Policy” (Figure 2-8) for email retention. In this case, he selects “never delete.” The Microsoft Partner informs Tom the email size is 50GB per user, and the per-user archive is unlimited. Tom quickly realizes that this is a big benefit to his users. They are constantly getting midnight calls from the president of the company, complaining about the limited size of user’s mailboxes. Most of us have, at some point, suffered the frustration of an over-full mailbox either as a sender or as a receiver.
IT polices can override individual polices on email retention. The default is to allow the user to determine the best way to save email. We have seen corporate email retention polices provide as little as 90 days history. Many of us expect to retain years of old emails.
Tom reviews the Office 365 features and notices that there is support for SkyDrive, Sites, and Yammer. The Microsoft Partner explains that Office 365 document synchronization is part of SkyDrive. SkyDrive is Microsoft’s document synchronization tool that synchronizes documents with Office 365 and all of the user’s desktop or mobile devices. This allows the user Karen to access work documents on her phone, laptop, or desktop computer. The Microsoft Partner instructs Tom to access SkyDrive and select the SkyDrive menu item (Figure 2-9) to edit documents in the Office 365 cloud.
if this is the first time you are accessing the SkyDrive, setup can take a few minutes.
Once the setup is completed, Karen’s private SkyDrive Pro cloud storage is built. Karen’s initial SkyDrive Pro storage capacity can be set at levels between 25GB and 100GB. Tom thinks of RDCC sales associates who have a mobile laptop, iPad, and smartphone and considers that they are located in several different parts of the world. He realizes that SkyDrive Pro storage solves a problem for RDCC by easily maintaining control of company documents in a centralized team storage, without the associated overhead costs. His Microsoft Partner informs him that the SkyDrive is included in the subscription he plans to use for RDCC at no additional cost. The initial SkyDrive Pro size is set at 25GB.
Tom explores other aspects of using documents in the cloud and discovers that any document that is uploaded to the cloud can be used in any collaboration. Office 365 has two document storage areas. One is the personal SkyDrive site and the other is the company’s “Team Site”. The difference is that the personal SkyDrive site is managed by the user (Karen), and the Team Site is managed by the IT department.
The Office 365 SkyDrive and Team Site allow you to create documents specifically for collaboration. Just select the “new document” option in the “Create Document” box (see Figure 2-10) and proceed.
You can also upload documents from other systems to Office 365 using a drag-and-drop interface. Tom discovered that when he used Windows 8.1, he could easily drag documents (Figure 2-11) to the SkyDrive Pro site in the web browser and place those documents in his personal area on Office 365. He also experimented with the Team Site and discovered that he had the same capability there.
Once saved in Tom’s personal area of Office 365, documents could be shared with other members of the team as needed. Once the documents are uploaded, they also can be edited with Office 365 web applications (Word, Excel, OneNote, PowerPoint) or with the desktop (or mobile) Office Professional Plus software, which supports PC, Mac and Android devices).
Tom discovered that Office 365 documents can be shared between designated team members using the personal “share everyone” folder, or externally to users outside the company. Tom experimented with sharing documents by selecting the ellipses (…) and later the “Share” option in the pop menu. Tom was surprised to see a preview of the file with an option to allow you to explicitly share the document (Figure 2-12).
Once the sharing options are visible, just select “Share” and enter the necessary information (such as the user’s email address) to share the directory or the file for collaboration. The files/folders that are shared show the people icon (Figure 2-13). The files/folders that are not shared show the lock icon.
Office 365 Yammer Configuration
Tom has been impressed with the capabilities that he has encountered so far. He sees that Office 365 offers the opportunity to reduce both operational costs and license costs while rolling out new capabilities to his users. However, he still has questions. One of his unresolved concerns is compliance issues. As an example, his legal department has asked him to restrict social media access for users in the company. The legal department feels that too much proprietary information (company confidential information) is being discussed on external social media sites such as Facebook and Google Plus.
The legal department advises that loss of company information could hurt business growth and give RDCC competitors advance information on the direction of RDCC products. The Microsoft Partner suggested that Tom consider the Yammer social media service that is part of Office 365 as a solution. Yammer is a service, similar to Facebook, used to handle group interactions in a free-form manner. It is explained that with Yammer, the company information exchanged on this channel is owned by the company and not licensed to a third party. Usually, a free service has an intellectual property rights assignment that overrides the confidentiality of the company information.
Tom selected the Yammer login from Office 365 page (Figure 2-14) and logs into Yammer using Karen Berg’s Office 365 account. The first thing that Tom noticed (Figure 2-15) was the interaction of the different teams and the discussion groups. There were discussion groups for events, HR, and using Yammer itself. Tom could see that Yammer addressed one of RDCC business objectives: to make the company more integrated in their internal communications to improve productivity. The productivity gain addressed this directive and Yammer received full endorsement by the legal department.
Tom quickly realized that one of the benefits of Yammer is that the service provides a tool for the group’s communications that can be kept internal to the company. The problem with the traditional social media solutions is that RDCC proprietary information can be accidentally leaked to the public. Legal informed Tom that last year, some employees were using some free social media site to share information about a project. The legal department discovered the project discussed in the trade press. Tom was told about the data leak of company information at a company senior management meeting. Tom feels that Yammer will allow RDCC to control potential data leaks.
Public Web Site
The final service that Tom reviews is the Team Site and the public web site. Tom has a business requirement to create a new company intranet and to help the company reduce the carbon footprint. He has a secondary objective to reduce the use of other file sharing services enabling the exchange of information with external parties. To access the Team Site, Tom returns to the main Office 365 page and selects “Sites” (Figure 2-16).
After selecting the sites, Tom is presented with two choices: accessing the “Team Site” (intranet) or the public web site. Office 365 supports multiple sites depending on the configuration of Office 365 services. All Office 365 configurations include a public web site. Tom selects the public web site icon (Figure 2-17) to see the public web site. Tom accessed Karen’s site, to discover that the user has the ability to follow changes made by others in the Team Site and to personalize their experience in using Office 365. Personalization allows you to follow changes in a team site, so if there are changes in the content, you are notified of the change.
Tom selected the “public site” icon to see the capabilities of the public site. The Office 365 public web site can be changed by the users using the web site integrated editor, using SharePoint designer (supplied as an optional tool download in Office 365).
Tom discovered that his access to the public web site configuration tools is based on permissions. If he changes from the user “Karen Berg” to a user that has permission to edit the web site, he can log into the web site (Figure 2-18, upper right-hand corner, sign in) and enter his administrator credentials. Once Tom logs into the administration panel of the public web site (Figure 2-19), he can use the Microsoft integrated tools to build the web site (see chapter 6 for more information). The “public web site” is a SharePoint site.
Tom discovered that the “public web site” in Office 365 is a private web site. The initial state of the public web site is offline. To convert the public web site to a visible web site, he simply assigned a domain to Office 365 and placed the web site online. Tom finishes exploring the public web site, returns back to the “Sites” menu, and then selects the “Team Site”. The Team Site is the company’s Intranet site (Figure 2-20).
Office 365 Team Site
The Microsoft Partner explains to Tom that the MEC demo Contoso site is a fully functional SharePoint site complete with document retention polices, work flows, and other productivity features. The Partner also explains that these capabilities can be used to improve the operation of RDCC business. Tom selects the “Team Site” icon and launches the Intranet site (Figure 2-20).
Tom looks at the team site and the servers they use in RDCC and realizes that he can add the functionality needed for each of the various teams to function. Tom realizes that he can assign user permissions, so individuals can have access to the different business areas. As an example, Karen can access the sales resources but have access to HR, IT, Operations, and account team only as it relates to her business role.
Office 365 and Windows Azure Active Directory Security
Tom realizes that he can use either his on-premises servers’ Active Directory, to manage security, or the Office 365 security groups, to grant permissions. As an IT manager, Tom must have the maximum flexibility to restrict information as appropriate for individuals’ roles. The Microsoft Partner suggested that Tom review Microsoft’s Windows Azure Active Directory integration (Figure 2-21).
Windows Azure is integrated into Office 365 Active Directory. This makes it simpler to have a single sign-on for RDCC users. If an on-premise server is integrated into Office 365 (using any Active Directory integration tools), those on-premise security objects are also copied into Windows Azure. Tom feels that with this integration approach, he can manage the user security access using either on-premise services or Office 365. As an example, Tom was thinking of placing the accounting line of the business in a Virtual Windows Azure Server and integrating that sever into Office 365 Active Directory.
RDCC’s long-term strategy is to remove all on-premise servers and move them to the cloud. Tom feels there is no longer a business need for an on-premise Active Directory server. After looking at Windows Azure Active Directory integration and virtual server management, Tom recognizes that he may accomplish the server migration to the cloud as part of the move of RDCC to Office 365. This would significantly reduce RDCC’s operation costs. Tom makes a note of this to discuss with the Microsoft Partner after the migration to Office 365 is completed.
Office 365 Desktop Tools
The only issue Tom has not reviewed is desktop tools for Office 365. Tom returned to the Office 365 portal and installed the Client software. Tom has a misconception that Office 365 office tools only run in the cloud and that there is no desktop software. Tom learned that Office 365 is a suite of products, namely, desktop and cloud services, and that these products work together. While using the “Karen Berg” login address, Tom was able to use the cloud tools on Office 365 and use the desktop tool without being hooked to the internet, to do work offline on his PC or his home Mac (Figure 2-22). The Microsoft Partner explains that Office 365 allows each user to have up to five copies of Office desktop software installed under the subscription. Tom thought about the cost savings from using subscription services to manage his software assets. Tom realized that he would no longer need to manage serial numbers or manage employees installing software on their own computers. Office 365 allowed Tom to remove the user software subscription when an employee leaves the company and no longer have any responsibility to remove the software. This is a business liability and huge labor effort that Tom realized he no longer needs to manage. Office 365 will significantly reduce his operations costs.
Tom remembers a discussion with one of his users on the differences between Office 2007 and 2010. His comment was that Office is Office; only the menus are different. The 2013 Office 365 is very similar to Office 2010. The major change is that Office 2013 is “aware” of the cloud so documents can be saved on the desktop and synced to Office 365 (using the SkyDrive Pro background synchronization tool), directly to the cloud or in the user’s local documents directory.
Tom begins the installation process of the Office Professional Plus software (Figure 2-23). He returns to the Office 365 portal, selects PC/Mac, and then selects Office software to begin the installation process. He notices that he can also add Microsoft Project to his plan by purchasing a license. Microsoft Project is an optional software package that Tom has licensed in Office 365. Tom clicks the install button to install the Office Professional Plus software on his desktop.
The Office installation software is streamed (Figure 2-24 and Figure 2-25). Streaming means that the user can continue to work while the new software is being delivered from the Microsoft Office servers.
Tom started the Office Professional Plus installation (Figure 2-24 and Figure 2-25). Once this was completed, he started up Outlook using Karen Berg’s email address for the demonstration account. Tom started Outlook and selected a “New Profile.” The installation process required Tom to enter Karen’s email address, name, and password (see Figure 2-26). Outlook discovered the cloud service and downloaded Karen’s email.
Tom was off and running with Outlook. He selected finished (when prompted) and started Outlook. Karen’s email is downloaded to Tom’s client. Tom started the desktop Outlook (Figure 2-27), and he noticed that when he read an email in the desktop Outlook, the Office 365 Outlook WebApp had the same changes. Then, Tom noticed that his actions to email (reads deleted moves) were synced to the cloud. His users have always complained that the smartphones did not update the email status after a message was read or deleted. Tom no longer has to worry about this issue; all email is synced to the latest activity. Tom wanted to try one other test, so he disconnected his network connection, created a new email in Outlook, and sent it. Tom then connected his laptop back into the network and discovered that the offline email that was sent when Outlook was updated in the cloud.
This solved a big problem for his users. Tom now had full business email, calendar, and contacts synchronization not only to his desktop Outlook, but also to his smartphone and iPad. He realized that the variety of third-party programs that his users were using to synchronize their contacts and calendars were no longer needed.
One of the problems that Tom has is web conferencing. When he installed Office on the desktop, the web video conferencing tool Lync was also installed. His users currently use Skype over the public network to talk about business needs and issues. As Tom explored Lync (the Office 365 collaborative and video conferencing tool), he realized that he can now use Lync to talk to external Lync and Skype users outside of the company as well as internal RDCC employees. Using Lync, conversations (and text in Instant Messaging Windows) can be recorded (Figure 2-28). Lync is also an Enterprise voice solution, where both users can speak at the same time (Skype does not support this feature), and Lync can also replace his desktop phone and be placed on user’s mobile devices (laptop, iPad, and smartphone). Tom was pleased to see this, since many new federal regulations require conversation recording to meet compliance rules.
Tom discovered that Lync is integrated into Outlook and he can send a meeting invite out to all employees from Outlook. Tom also discovered that Lync can support external voice conferencing such as intercall conferencing. This way Tom can send out meeting requests and have the meeting either as a web conference or as a video conference (Figure 2-29). Lync allows both sides to talk at the same time, compared to other services where only one person can talk. The ability for multiple people to talk simultaneously is important for enterprise business voice.
Data Loss Prevention
Tom explored some of the additional features in Office 365. One item he wanted to verify was what happens if credit card information (embedded in emails or documents) is emailed externally from RDCC. So he emailed a test message to an external user, and the email was rejected (not delivered to the external user) with the following rejection message:
TRANSPORT.RULES. Reject Message; the message was rejected by organization
The Microsoft Partner explains that Data Loss Prevention (DLP) is a configured service that is part of Office 365. This service processes the email message content against various rules. One of the rules that emails can be processed against is a Personal Information Identification rule that detects credit card numbers in email and documents. Microsoft supplies a standard set of DLP template rules, but you can also have custom DLP templates built. As an example, if RDCC has internal proprietary information, you can construct a word template for those documents and an appropriate DLP rule that manages the information so it is not emailed externally. This way, RDCC will have maximum control (as much as possible) over the external communications to ensure that only appropriate information is delivered externally. The Partner showed Tom the available DLP rules (Figure 2-30) that can be easily added to Office 365.
Tom thought about his business requirements and the services that are part of Office 365. When he looked at the overall costs, Office 365 made business sense, and it reduces his overall expenses. With the different licensing models, Tom has the flexibility to purchase the services on a monthly invoice, or on a yearly invoice through a traditional reseller.
One of the last things that Tom looked at was the smart device support. With everything else that he has experienced, he was not surprised to see that his iPhone was fully supported with Office 365 as well as the Android devices and iPads (Figure 2-31).
As Tom looked over Office 365, he became aware of its different configurations. Office 365 is a cloud-based service that does not care who is the manufacturer of the user’s device. Tom’s users have iPhone, Macs, PCs, laptops, and the new Chrome notebooks. Tom realizes that Office 365 supports all of these devices.
The Microsoft Partner suggested that Tom look at Windows Intune, so Tom enters the URL for Windows Intune (
) and starts to access the service (Figure 2-32). The Microsoft Partner remarked that Windows Intune is an integrated service that uses Office 365 Active Directory to manage desktop and mobile devices.
Windows Intune (see Chapter 7) allows the IT organization to fully manage the user mobile devices and desktop devices with antivirus, policy management, updated management, and hardware and software inventory management. Windows Intune monitors the end user devices and sends notification to the administrator when there are issues associated with the user’s system. Tom logged into Windows Intune (
), looked at the start screen (Figure 2-32), and proceeded to log in to the company portal (Figure 2-33).
The Microsoft Partner explained that Windows Intune is designed for the IT staff to reduce the cost of desktop management deployment. Windows Intune has a self-service portal that allows users to register their devices (mobile, laptops, desktop) into the Windows Intune deployment center. This allows the IT staff to manage those systems. Windows Intune also supports custom application deployment for mobile devices. Controlling the deployment of custom applications is a key benefit for RDCC because they no longer need to publish the mobile application to the Public cloud.
Using a “walk-through” approach has exposed you to the different capabilities of Office 365 from a very practical point of view: how you use the features. There is much more to Office 365 than we discussed, and we will cover that information in subsequent chapters. At this point, if you have a trial subscription, you are ready to try Office 365. The next section contains helpful hints on Office 365 configuration of your mobile devices and workstation.