SharePoint 2016, Hybrid Search and Data Loss Prevention

SharePoint Server 2016 IT Preview is now available for general download.

Today SharePoint Server 2016 IT Preview was announced by Microsoft. A Preview version is not the full-blown product but it is an early enough version for the people on the field to inspect and start getting their hands-on with the new technology, which by the way is great. Big shout out for the SharePoint team for doing these things.

The download is about 2.8 GB and you can get it here. There are language packs for Spanish and Japanese as additional downloads.


Let's cut to the chase.

What's new?

DLP and Compliance

Data loss prevention is paramount in todays business and if you have been following me, this must be enforced across the board wherever is possible. SharePoint 2010 offers controls to minimize the content exposure that might lead to legal and compliance challenges. SharePoint 2016 have several controls to make sure sensitive information types are handled properly and at the same time ensuring right people have the right access level to the information at the right time.
Some of these new controls are In-Place Holds and Document Deletion centres. They will extend on the current eDiscovery capabilities covering from SharePoint living content up OneDrive for Business content and allowing rules such as deleting content after an specified expiration time.

Something that will affect data protection with SharePoint 2016 is Search Technologies. Search in the cloud is becoming a centrepiece in the data protection strategy. With the advent of the Hybrid Search, the index content will be stored in the cloud which needs to be considered when mapping the data sovereignty plans. So, make sure your tenant is aligned with the regulations and laws of the location. You might now want to get caught with your SharePoint content living in Australia but the Search Index living in another country, for example. We will talk a bit more about this later.

SharePoint 2016 was designed with cloud, mobile and Infrastructure as a Service (IaaS) in mind. Also, 2016 is the first version that's being built sharing the same core platform from SharePoint Online, so SharePoint 2016 when installed will be very similar to a SharePoint Online deployment.

Installation and Deployment

This new version reduced dramatically the deployment and management of SharePoint together with cloud components. A lot of the administrative tasks are streamline, just like SharePoint Online.
Also, just like Windows Server 2012, installation can be performed by roles so you don't need a full blown deployment for every server, only the required bits for that server role in the whole infrastructure.

Mobile Devices and Touch-friendly

SharePoint 2016 incorporates the latest standards to integrate with mobile push-notifications and synchronization. HTML5 is king in the new SharePoint with all the cool beans to make sure SharePoint apps are better targeted and content are to mobile devices. Also by using an unified HTML5 views people can have the same experience anywhere they are accessing it: cell phone, tabled, desktop etc.

App Launcher

The app laucher, a loved feature from SharePoint Online, now is part of SharePoint 2016. It is a global place where people can quickly launch applications, sites and files.

Document Libraries
Another feature coming from SharePoint Online are the new controls for files and contents. The whole experience of creating, sharing and collaborating on files and content now is the same as SPO.


Now every page in SharePoint 2016 have a Share button. No more navigating to ellipsis or other properties. Just one-click, give the name of the people you want to share with and go. Similar to SharePoint Online, the invitees will get a link to access the content. This process also eliminates the need to check the security matrix, making the sharing experience much easier to understand.

Large Files

SharePoint 2016 now offers support for uploading files up to 10GB.

One More Thing Before You Go

Hybrid search is here. Hybrid search and its improvements are not really part of the SharePoint 2016 package, however today Microsoft announced the Cloud Hybrid Search preview, which is a product that extends the search capabilities from SharePoint 2013 and SharePoint Online to return search results in an unified location. The central point for the search index is Office 365, which makes it a great extensibility window for integration with more products. SharePoint 2016 has this integration point already baked into the product.

Because the search index for a Cloud Hybrid Search will be residing in the Office 365 cloud it will offer the users the ability to discover related information across on-premises and cloud content. Keep in mind that for this to happen *ALL* crawled content will live in the geography tenant, including your on-premises content.

Here's the link to download Cloud Hybrid Search. Give it a try and see how this can affect your business scenarios.

You can read more about this announcement here.

The upcoming months are likely to be *very* busy for us all working up the new SharePoint puzzle . And that's great!


Office 365 DLP protection cool again

Thank you everyone who came to see me talking about Office 365 DLP, Privacy, Data Leakage Protection. Office 365 User group at Microsoft Brisbane offices.

I love doing these things for the community! Feel free to reach out if you need anything or want to talk more about it.


BYOD Guidelines and Office 365 DLP

Let's talk about "Bring Your Own Device"(BYOD) again. We all know how often people have devices which are more capable than what their current organizations/employers offer. Rightly so, to keep all devices and all systems updated across the enterprise it is still a huge, and expensive, task. BYOD has a security framework that allows the regular folks to being their own laptops or mobiles to use at work.

The issue starts when company data is exposed in a risky way. Would your manager be OK with you having an spreadsheet with people's contacts details, addresses and sometimes financial values? hint: the answer should be NO; otherwise you guys needs to have the "data protection talk" :)

The key here to make sure the risks do not outweight the benefits of BYOD is to make sure reasonable steps were taken to mitigate data leakage and exposure to the wild web.


And that brings us to the point I wanted to discuss. Canada is one of the first nations to move in this direction with a comprehensive set of guidelines for mitigation polices. More precisely, the Office of the Privacy Commissioner of Canada released a guide (Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization?) highlighting several key privacy and security risks that you and your organization should take into consideration for a BYOD program.

This is a Canadian perspective but some of the points are excellent for your own discussions. It is a long document but if we can summarize the main points they recommend are...


Perform an Impact and Threat Risk Assessment

Privacy Impact Assessment (PIA) and a Threat Risk Assessment (TRA) needs to be done to identify and address risks associated with the acquisition, handling, storage and period retention of personal identifiable information (PII). If you've been to any of my presentations, you see how much focus and stress I put on the demos with personal data. They are extremely valuable and can do real damage to everyone involved, people and companies.

Create specific BYOD policies

Dedicated BYOD policies needs to be developed, consolidates and established for all devices covered in the program. Training here is essential. All users part of the BYOD program must have a clear set of expectations about what they can and can't do with their devices, including training on privacy protection and defensive data handling (to mitigate security threats). The guide recommends for CTO offices engage directly with other departments. The objective here is to develop enforceable, easy-to-communicate BYOD policies. There is no point in having a hard to follow/hard to understand framework across the board. In short they should address at a minimum: user responsibilities, acceptable uses of BYOD devices, application management and access requests.


Containerization means group and isolate corporate data that might be living offline in an employee's device. The goal here is to create a division between personal data (for example, family pictures in your mobile) and company data (for example, sales forecast documents, resumes etc).

Incident Management

Let's face it, doesn't matter how much effort and controls we put around a technology, at some point the data will likely be compromised. The question here is: What to do when this happens? Technology is a living thing. In 5 years from now, the technology landscape will be totally different from when we have today. So, when a a privacy or security breach happens, an mature and well-thought out incident management process needs to be in place. The goals here are to identify the root cause, report, analyse and correct the breach in a timely fashion...and then use the learnt lessons for the future.


As part of the incident management, the guide recommends that companies should create an inventory of the connected devices. The goal here is to take appropriate steps during an incident response. Users must understand that personal devices which are not adequately secured might expose company information to malicious elements and this often leads to financial loss (for losing competitive advantage, reputation damage etc).

All these are great points and at first they seems very obvious. Tricky part here is that the obvious is hard to implement.

BYOD Program Seems Too Complex for Our Company

If you are reading this and think that your organization can't have a BYOD program because these guidelines might be too hard to implement, don't worry there are still steps you can do to make sure you meet them halfway. More and more the workforce is digital and users are demanding these programs. My 2 cents here is that the organization should aim to have a secure enough environment where the benefits of a smaller BYOD program can be leveraged. The main thing in any security program is still the same: User education. We are becoming so technologically connected, with machines so auto-sufficient yet the main component always was, still is (still will be?) people.

If you found this interesting, let me know what you think in the comments.


New Yammer Office 365 Features

If you're a current user of Yammer, you will be pleased to hear the great news Yammer team have done for you.
If you're not, I recommend for you to give it a try. In short, Yammer is like a "Facebook" for the enterprise.


It was acquired by Microsoft and soon later incorporated under the Office 365 umbrella.

It's great integration with document authoring tools and a very intuitive and responsive design are the coolest features of the product. This month, Microsoft made some announcements for the product that aim to raise its profile and increase adoption by the users across the board.


Immersive Experience

Files now can be previewed and edited straight out of Yammer. A unobtrusive window will appear on top of your browser session with the Office Online tool required to edit your document and then saved directly to the cloud. Changes made in the file are appropriately tracked with out-of-the-box versioning.

External Collaborators

Another cool feature from Yammer is the ability to share document with people outside your organization, if needed. Now Microsoft is taking this to the next step: External people can collaborate on the document together with your team is needed. This is not a paid feature, this is now available to everyone using Yammer.

Real-Time Co-Authoring

Document preview in Office Online is already available as of today. Real-Time Co-Authoring is in the roadmap for early 2016.

If you use Yammer, feel free to engage in the conversation in the comments. If not, what are you waiting for? :) join the fun. You can even create a Yammer network for your own family members, for example. Like your own family Facebook!