Handle More Tenants in a Record Time
A recent survey revealed that it takes a minimum of 13 hours per month to administer an Office 365 tenant with 1 to 50 accounts . If you are a service provider managing more seats that that, the time you spend doing these tasks can quickly get out of hand. You just need to be organized! Luckily for you, with a reliable set of procedures, you can make these tasks very easy. To help you out, we’ve gathered 15 tricks from successful partners who’ve collectively managed thousands of Office 365 tenants, without any stress.
1. Enable Multi-Factor Authentication for Office 365
Most data breaches are caused by human error: a user’s device is stolen, a weak password is hijacked, a malicious attachment is accidentally opened from a phishing email, a computer has not been patched… the list is endless. By enabling multi-factor authentication (MFA) on a customer’s tenant, you’re setting a higher level of security on user sign-ins and transactions, decreasing the risk linked to unauthorized access (stolen passwords, for instance). MFA requires users to confirm their log-in using at least two of the following methods:
- A randomly generated pass code
- A phone call
- A smart card (virtual or physical)
- A biometric device
2. Activate Data Loss Prevention for Office 365
How easy do you think it is for a VISA card number to be inadvertently sent to a contact outside an organization? It only takes a small slip to make a mistake when entering an email address, and you could send a company’s critical information to the wrong person.
Data Loss Prevention (DLP) helps prevent such scenarios from occurring. It prevents sensitive information, such as credit card numbers, social security numbers, or health records, being leaked outside an organization. A DLP policy allows you to identify, track, and protect sensitive information across numerous Office 365 apps, including:
- Exchange Online
- OneDrive for Business
- SharePoint Online Sites
- Office 2016 desktop programs
Create Data Loss Prevention policies for Office 365
3. Turn Mobile Device Management On
Managing identity and devices, protecting information and addressing new cyber-attacks has turned into a complex buiness. These require governance planning, concerning security and identity management. Microsoft Enterprise Mobility + Security (EMS) is designed to help manage and protect users, devices, apps, as well as data. This integrated suite of products enables companies to manage who has access to corporate resources, while protecting and securing business and customer information on all devices, anywhere, in real-time.
4. Use Office 365 Audit Logs to Single out Events & Correct Issues
The auditing capability is an option for all Office 365 tenants, but only the most popular enterprise subscriptions, E3 and E5, come with it as standard. It can help you learn what actions users took in the last few days, for example; if a user has removed a document, or if an admin has mingled permissions and privileges, plus many other activities
Choosing whether to capture individual user activity, versus repeated user activity, has a direct impact on successfully auditing security for your Office 365 tenant. If you choose to log too many events, you might miss important issues.
To start with auditing, visit the page https://protection.office.com, and then go to Search and Investigation and Search audit log.
5. Analyze an Office 365 tenant’s Secure Score
Office 365 Secure Score is a security analytics tool. It analyzes an Office 365 environment in terms of how secure it is, and suggests aspects that need fine tuning that can further reduce the overall risk. The Secure Score is made to help you take actions to improve your customer’s security. It informs you about behaviours and best practices to have inside your Office 365 subscriptions.
6. Use Connectors to Set Online Protection or a Hybrid Configuration for Exchange
Most organizations have their mailboxes in Exchange Online only. But if they want to keep some mailboxes in an on-premises Exchange environment too, or if they want Exchange Online Protection, then you will need to configure connectors in Office 365.
Learn how to create and set connectors for Exchange Online
7. Manage OneDrive for Business
Microsoft introduced a new type of synchronization with its latest OneDrive sync client. The OneDrive for Business client uses an incremental sync method, which does not create a cache on the machine it’s running on. The cache is kept on Azure Cloud and does not create any entry on the user’s machine, making it faster and more stable.
8. Master the Collaboration Tools in Office 365
Outlook is Microsoft's premium email client and is regarded as one of the best in the business. It’s also at the core of Office 365 productivity tools integration with other applications like Dynamics 365. An important part of support requests related to Office 365 are about Outlook.
But email is no longer the only tool for communication and collaboration; while it won’t disappear anytime soon, there are now faster and more practical ways to work with members of your team and others as well. These are real-time collaboration tools and they include Microsoft Teams, Office 365 Groups and Yammer.
Office 365 Groups is a new feature that extends your standard team sites and document library. It consists of the following five major areas:
- Conversations – all your email interactions
- Files – your OneDrive-like document library
- Notebook – your OneNote for informal notes
Calendar– group calendar
- Team Site – SharePoint Site connected to the group
Another particularly interesting collaboration tool is Delve. It helps users find colleagues to create, edit and share documents. It allows users to embed documents, videos, and images.
9. Know How to Make the Best out of Skype for Business
The app offers easy access to IMs, video calls, voice calls, and online meetings, as well as the confidentiality of Lync through enterprise security, call encryption, and authentication. With all its features, Skype for Business can be a replacement for web conferencing solutions like WebEx or GoToMeeting.
10. It All Starts with Migration: Plan It!
In many ways, planning a content migration is like moving homes. What should be moved and what should be thrown away is a question that is asked multiple times during the process. It plays a major role toward well-defined/well-governed information architecture. Even if you’re an experienced IT architect, moving to Office 365 is very different than migrating content from one on-premises platform to another.
The Content Optimization Model helps better plan a migration
11. Use the Right Management Tools for Every Scenario
From migration to security to monitoring and beyond. Different tools are used for different purposes, for different scenarios:
- The Exchange Server Deployment Assistant makes queries about deployment objectives and produces guidelines for approaching the migration to Office 365.
- Similarly, Azure AD Connect, DirSync, and AAD Sync tools assist the migration process by synchronizing end-users, groups, and contact data from local Active Directory to Office 365.
- The Exchange Admin Center to help with staged migrations, remote moves, cutover migration, IMAP migrations.
- Use other tools like IdFix to remediate errors and Remote Connectivity Analyzer to identify connectivity and configuration issues.
12. Understand Active Directory Federation Services
Office 365 offers a Single Sign-On (SSO) as part of the Active Directory Federation Service (ADFS). It connects an organization’s Active Directory with Office 365 and provides users with a single sign-on for Office 365 services on desktops and mobile devices.
SSO essentially provides a generic authentication solution by storing and transmitting encrypted user credentials across the network boundaries. Therefore, end users do not have to sign in (and remember different credentials) each time they log in to a different environment/application (Outlook, Skype, OneDrive, etc).
Configure the Active Directory Federation Service
13. Save Management Time Using Office 365 PowerShell
When you’re managing multiple tenants, every minute of your time is precious. PowerShell should be your tool of choice to help streamline admin tasks as it allows for remote administration of all components within Office 365 from the command line. You can set and reuse the same batches of commands for all your customer tenants.
The Office 365 PowerShell commands manage Office 365 level tasks such as user management, licenses, organization information, and core tenant level services:
- Connecting to Office 365 PowerShell is a simple three-step process where you install the required software, run the required software, and then connect to your Office 365 organization.
- You can save time by creating new Office 365 user accounts with a single PowerShell command. The only thing you need a pre-set .CSV (Excel) file.
14. Set the Retention Policy for Office 365
Microsoft gives you the option to set in-place archiving and in-place holders on specific pieces of information that meet search criteria defined in eDiscovery. The spectrum of options covers: Exchange, SharePoint, Skype, OneDrive, and Yammer.
15. Specific Customers Are Asking for PowerApps
PowerApps allows you to manage organizational data by using either an app that you created or one created by someone else who has shared it with you. Apps run on mobile devices, or you can run them in a browser.
Microsoft launched PowerApps in 2015 and gradually added SharePoint integration capabilities – one of the most popular being the SharePoint list integration with PowerApps, which allows users to display all SharePoint data integrated within their apps.