What comes next is the future – Microsoft Prognosis 2018

The new year just started. Highest time to look at what 2018 will bring our way in the Microsoft ecosystem

This article covers:

• Hot topics and trends 2018
• Trend topics around collaboration and communication
• Teams will replace SharePoint as frontend in many places
• The renaissance of email
• AI, Machine Learning & Bots
• Is Hybrid the new on-prem?
• It has never been easier and more economical to integrate external users
• GDPR is coming
• Office 365, Dynamics 365, Bing for Business, LinkedIn and where else the journey is heading

Download the English version of the article for free: LINK

Das Jahr 2018 ist bereits einige Tage alt. Höchste Zeit, sich anzuschauen, was es im Microsoft Ökosystem tut.

Themen:

• Hot Topics und Trends 2018
• Trendthemen rund um Kollaboration und Kommunikation
• Teams wird SharePoint als Frontend an vielen Stellen ablösen
• Renaissance der Email
• AI, Mashine Learning & Bots
• Ist das Hybrid das neue on-prem?
• Nie war es einfacher und kostengünstiger Externe zu integrieren
• Die DSGVO kommt
• Office 365, Dynamics 365, Bing for Business, Linked und wohin die Reise noch gehen wird

Kostenloser Download der Deutschen Version des Artikels: LINK

(Eine online Version des Artikels gibt es auch hier: Teil1 | Teil 2)

Some insides about the new App Launcher in Office 365

Microsoft released a new Office 365 App Launcher version (version 3). Beside a massive experience change Microsoft also changes some stuff in the backend.

All info about the new experience can be found in this Microsoft post: New Office 365 app launcher and Office.com help you be more productive on the web

The “old” App Launcher needs an Exchange Online subscription for each user to let a user personalize his App Launcher. This was because of the App launcher settings are stored in the user mailbox. The settings are located in the PR_ROAMING_DICTIONARY property of the IPM.Configuration.Suite.Storage at the root folder of the mailbox. All this is based on JSON. The settings are located in Suite/AppsCustomizationDataTEST value and the property is called PinnedApps.

Scott Bueffe posted a detail description about this here: How to pin custom app tiles on behalf of your users in Office 365

With the new version Microsoft changed the way this information is stored. It is no longer located in a user’s Exchange Mailbox. Actually, we do not have any documentation about where the settings are stored now.

In fact, a user did not longer need an Exchange Online mailbox to customize the default Apps in his App Launcher.

Microsoft Compliance Manager framework

Microsoft finally release the Compliance Manager: https://servicetrust.microsoft.com/ComplianceManager

This framework is designed to help companies getting and staying GDPR compliant or do other audits like ISO 27001:2013.

This article is focusing on GDPR topics.

Services included in this cloud service assessment

SharePoint Online, Exchange Online, Microsoft Booking, Microsoft Graph API, Microsoft Analytics, Microsoft Planner, Microsoft Stream, Office Delve, Office 365 Groups, Office 365 Video, Sway, Microsoft StaffHub, Microsoft PowerApps, Microsoft Teams, Skype for Business

Microsoft Managed Controls

Article 4 Number 8 of the GDPR defines that an entity that processes data on behalf of another is considered to be a contract data processor. Therefore Microsoft, with its services Office 365 & Azure is clearly a contract data processor within the meaning of Article 4 Number 8 of the GDPR.

Because of this there are also topics that Microsoft has to fulfill and the contracting entity had to check. These topics are aggregated in the “Microsoft Managed Controls” section of Compliance Manager.

The topics in this section are passed and tested by a third party independent auditor. We can get the details about every topic in the Compliance Manager as you can see in this example:

Customer Managed Controls

Not every GDPR article is about IT systems. Because of this not every article is covered by the Compliance Manager framework. In the section “Customer Managed Controls” Microsoft offers an audit tool that can be used to organize you GDPR compliance journey for Office 365 & Azure.

Features to organize GDPR compliance journey

1. Assessment a topic to a responsible person
2. Upload and manage documents
3. Track status
4. Test date
5. Track test result
6. Detailed description for each topic
7. Documentation about your implementation details
8. Documentation about your test plan & management response

Example:

You can use the Compliance Manager framework web UI to work with an auditor or you can also export the results as an Excel files.

Mapping

The GDPR is structured by the following topics:

• General provisions (Article 1 - 4)
• Principles (Article 5 - 11)
• Rights of the data subject (Article 12 - 23)
• Controller and processor (Article 24 -43)
• Transfers of personal data to third countries or international organisations (Article 44 - 50)
• Independent supervisory authorities (Article 51 - 59)
• Cooperation and consistency (Article 60 - 76)
• Remedies, liability and penalties (Article 77 - 84)
• Provisions relating to specific processing situations (Article 85 - 91)
• Delegated acts and implementing acts (Article 92 - 93)
• Final provisions (Article 94 - 99)

(only the highlighted topics are covered by the Compliance Manager framework)

Microsoft as a Software company is using different topics:

• Discover
• Manage
• Protect
• Report

Even the Compliance Manager framework is using a different structure. The framework is separated in:

•  Office 365 in-Scope Cloud Services (List of covered services)
• Microsoft Managed Controls (Topics Microsoft has to fulfill)
• Customer Managed Controls (Topics the customer has to fulfill)

So we need to do a mapping.

The following matrix is showing the chapters, the articles and the subitems covered by Compliance Manager framework. You can use this in you company-wider GDPR audit to get a clear overview of what is relevant in the context of Office 365 & Azure and what is covered by the Microsoft Compliance Manager framework.

File can be downloaded here -> LINK

Remarks:

Not every article need to be fulfilled by every company. In detail it depends on your company structure and what you do in detail with personal data. A general evaluation of which of these articles apply in a specific individual case, must be analyzed in a legally robust manner.

This article and the Excel Matrix was created to the best of the author’s knowledge and according to careful research. However it cannot and does not intend to replace an in-depth legal, process, and technical assessment.

Related articles: GDPR/DSGVO Field Guide for Office 365 & Azure

GDPR/DSGVO Field Guide for Office 365 & Azure

Starting May 25, 2018, the EU General Data Protection Regulation (abbreviated GDPR or DSGVO in German) will take effect, thereby becoming applicable law for all companies, regardless of size.

For the IT manager, this subject quickly becomes too theoretical and more than anything, contains too much legalese. The data protection officer and the compliance officer are usually a bit overwhelmed when it comes to the GDPR. The company management and the workers council put pressure on them and want to know if the relevant players are well-prepared or not.

This is the usual state of affairs when it comes to the GDPR within the company.

In this white paper, you will learn how to handle the subject with confidence and be well-prepared by the deadline of May 25, 2018.

Download the English version of the Whitetpaper for free: LINK

This document was created to the best of the author’s knowledge and according to careful research. However it cannot and does not intend to replace an in-depth legal, process, and technical assessment. Many thanks to Dr. Michael Rath and the team of Luther lawyers for the preparation and support.

Ab dem 25.05.2018 gilt die EU-Datenschutzgrundverordnung (DSGVO oder auch GDPR abgekürzt) und wird damit geltendes Recht für alle Unternehmen, egal wie groß sie sind.

Dem IT Verantwortlichen wird das Thema schnell zu theoretisch und vor allem viel zu juristisch. Der Datenschutzbeauftragte und der Compliance Officer sind meist etwas überfordert, wenn es um die DSGVO geht. Die Geschäftsleitung und der Betriebsrat machen Druck und wollen wissen, ob man bei dem Thema gut aufgestellt sei.

In aller Regel ist das die Situation, die sich zum Thema DSGVO in Unternehmen findet.

Erfahren Sie in diesem Whitepaper, wie Sie mit dem Thema hier und heute schon souverän umgehen und zum Stichtag 25. Mai 2018 bestens gerüstet sind.

Kostenloser Download der Deutschen Version des Whitetpapers: LINK

Das Dokument wurde nach bestem Wissen und nach sorgfältiger Recherche erstellt. Es kann und will jedoch keine fundierte rechtliche, prozessuale und technische Bewertung ersetzen.

Vielen Dank an Herrn Dr. Michael Rath und das Team von Luther Rechtsanwälte für die Zuarbeit und Unterstützung.

Interview zum Thema auf der Microsoft Partner Konferenz 2017 in Leipzig:

Ignite 2017 recording - explore PnP Partner Pack for IT pros admins and architects

Session recording at Ignite 2017. Me talking about PnP Partner Pack for IT pros admins and architects in the cloud and on-prem.

(Sadly bad video and audio)