SharePoint and OneDrive Security, compliance, migration, admin and server – Ignite 2019 announcement

November 4, 2019
The original article is published on the Microsoft Tech Community SharePoint Blog.

Microsoft runs on trust. With the growing presence and sophistication of online threats, it’s increasingly important to have the right protection and tools to help safeguard your corporate data, devices, and personal information from being compromised. With growing digital data in your organizations, need for simplified governance of this corporate data is becoming more and more important. We focus on a seamless move to Microsoft 365 with as much expertise and tooling we and our ecosystem can offer.

We have a lot to share across numerous announcements shared at Ignite 2019. You find all below within these four main categories:

  • Migration – moving content in Microsoft 365 gets more options and easier to manage
  • Security – SharePoint and OneDrive secure and compliant for your data and people
  • SharePoint admin center innovation to best manage sites and metadata/term sets
  • New SharePoint Server offerings in Azure

Let’s dive into the details…

Our goal is to help customers move to the cloud with confidence. Today, we offer several options to support cloud file migrations, including FastTrack and offerings from trusted Microsoft partners, as well as the SharePoint Migration Tool for migrating content from on-premises SharePoint sites and file shares to Microsoft 365.

Microsoft acquires Mover, now a free service for Microsoft 365 customers

clipboard_image_0.png

Recently, Microsoft announced the acquisition of Mover, bringing great technology and people who specialize in migrating content, including admin-led and self-service offerings. As customer demand to move content to the cloud continues to grow, Mover helps make it easier than ever for customers to migrate files to Microsoft 365.

Mover supports migration from over a dozen cloud service providers – including Box, Dropbox, Egnyte, and Google Drive – into OneDrive and SharePoint, enabling seamless file collaboration across Microsoft 365 apps and services, including the Office apps and Microsoft Teams. The Mover team also brings deep expertise and migration technology, which advances Microsoft’s commitment to providing organizations of all sizes with the right tools, people and partners to successfully migrate to the Microsoft Cloud.

clipboard_image_1.pngAuthorize the Mover Transfer Wizard as a co-administrator; above showing for a Box migration to OneDrive.

clipboard_image_2.pngThe Mover migration manager is the dashboard which gives you a summary of your overall migration; here showing an active migration of content from Google Drive into OneDrive.

Mover brings many new cloud migration scenarios alongside our existing SharePoint Migration Tool (SPMT) for on-premises moves, FastTrack planning and onboarding, and a strong migration partner ecosystem – collectively the broadest set of offerings to assist your migration into Microsoft 365. Mover will enhance these offerings with proven tools, plus more self-service options over time.

You can use this service for free. Note: Initially, the service is available to North American customers, and we plan to ramp up to all customers worldwide. We will share more soon.

Learn more about Mover and its processes (guides) today.

Migration manager (preview) [roadmap ID: 57308]

The migration manager, now a key part of the SharePoint admin center (preview), helps orchestrate and simplify management of large-scale migrations. Admins can add and manage multiple migration machines to centrally orchestrate all migration activities. The new task view in the SharePoint admin center provides one location to create and monitor progress. For each task, there is a task detail pane to download reports and change settings for individual tasks – all centrally managed within the SharePoint admin experience.

clipboard_image_3.pngSharePoint admin center – Migration manager, showing scale across clients.

clipboard_image_4.pngSharePoint admin center – Migration manager, showing scale across tasks; one task details.

SharePoint Migration Tool now supports SharePoint Server 2010 on-premises (general availability) [roadmap ID: 54344]

The SharePoint Migration Tool is a simple and fast solution to help you migrate content from on-premises SharePoint Server sites and file shares to SharePoint, OneDrive, and Microsoft Teams in Office 365. It is designed to help you bring your information to the cloud and take advantage of the latest collaboration, intelligence, and security solutions within Office 365.

Now when using the SharePoint Migration Tool, you can start migrating your content from SharePoint Server 2010 (including pages, web parts, content types, taxonomy and subsites) to Office 365. You, too, can now select a sub-folder destination or create a sub-folder directly in the tool, allowing you to migrate your content directly into your preferred Microsoft Teams channel(s).

clipboard_image_5.pngUse the SharePoint Migration Tool to migrate file shares or SharePoint Server sites to SharePoint Online, OneDrive for Business and Microsoft Teams.

With a few simple clicks in the intuitive user interface, you can migrate files from file shares, SharePoint sites, with support for bulk migrations.

clipboard_image_6.pngExample when selecting and setting a Microsoft Team channel folder as a files destination location.

100GB file uploads [roadmap ID: 49368]

Let no big file go un-uploaded! Through the years, Microsoft has adjusted numerous “limits” to adhere to the growth and usage we see with customers big and small. And now, you can bring larger files, up to 100GB. This, too, applies for migration scenarios, OneDrive sync – especially *differential sync* when actively working with large files, and a continuous focus on overall performance throughout the lifecycle of a file – from upload, to download, to use and edit. Go big – Microsoft 365 can take it!

clipboard_image_7.jpegMicrosoft 365 now supports upload of files up to 100GB – applicable to OneDrive, SharePoint and Microsoft Teams.

With growing digital data in your organizations, need for simplified governance of this corporate data is becoming critical. Last Ignite we introduced how sensitivity labels makes it easy to protect and govern your business-critical data and how Office 365 Multi-Geo Capabilities helps you meet data residency compliance needs.

This Ignite we are announcing major milestones in our Labels journey and Compliance controls. We are excited to announce public preview of sensitivity labels for Sites/Groups/Teams and sensitivity labels with protection for Files. Not only core security controls, we are also leaping forward in our compliance story with the introduction of Information Barriers scenario.

With SharePoint and OneDrive, your data is in the most secure and compliant place.

Sensitivity labels for Teams, Office 365 Groups, and SharePoint Sites (public preview) [roadmap ID: 57310]

With a sensitivity label you can now associate privacy, external user access, and un-managed device policies for Sites and Groups. Users can simply select a sensitivity label when creating or updating a Team, Office 365 Group, or SharePoint Site, and the right security policies will be automatically applied. Simple, seamless, and consistent labels experience across Microsoft 365 experiences.

To learn more, check out https://aka.ms/SPOLabels. Public preview starts Nov 20th, 2019.

clipboard_image_8.pngSensitivity labels creation with site and groups settings in the Microsoft 365 compliance center.

clipboard_image_9.pngSensitivity selection in groups-connected site creation experience in SharePoint.

Support for sensitivity labels with protection in SharePoint and OneDrive (public preview) [roadmap ID: 57311]

SharePoint and OneDrive now support sensitivity labels with protection i.e. Microsoft Information Protection-based encryption setting can be associated with a sensitivity label. The encrypted files are treated much like regular files and users can open and edit them in Office on the Web and get modern productivity experiences like co-authoring. You can govern these encrypted files with Data Loss Prevention (DLP) policies and eDiscovery too.

Learn more about SharePoint and OneDrive sensitivity labels.

clipboard_image_10.pngInformation barrier as applied to a SharePoint document library.

clipboard_image_11.pngInformation barrier as applied to a SharePoint document library – here on a PowerPoint file.

SharePoint auto classification with sensitivity labels (private preview) [roadmap ID: 57312]

Not only manual labeling, we are also expanding to automatically detect and label the sensitive files in SharePoint and OneDrive so that even if users forget or neglect to label the sensitive files the intelligent engine will catch the sensitive files. You can create an auto labeling policy in the Microsoft 365 Compliance Center selecting the rules you like to evaluate to determine sensitivity files with few clicks.

clipboard_image_12.pngSharePoint auto classification detects and labels sensitive files in a SharePoint site.

Interested in this private preview, sign-up or nominate in the Security Preview link below.

Information barriers (private preview) [roadmap ID: 57313]

Not only in governance, we are also evolving our Compliance controls for highly regulated verticals like Finance, Healthcare, etc., FINRA like compliance regulations for finance vertical require controls in place to avoid insider trading between different department users in the organization. You can now achieve these advanced regulations with the Information Barriers scenario in SharePoint and OneDrive.

clipboard_image_13.pngUse information barrier policies to control communication and collaboration in Microsoft 365 between two groups of people.

Establish the information segments in the Microsoft 365 compliance center and then create information barrier policies to block communication and collaboration between the segments. For example, Investment Bankers (users Sesha & Jeff) blocked to communicate and collaborate with Advisors (users Nikita).

clipboard_image_14.png

Once information barriers are established, those people or groups that are disallowed from collaboration with the person who is logged in will not appear in the global address look up during collaboration scenarios.

Information barriers support in Microsoft Teams chat is already generally available, learn more.

Automatic expiration of external users’ access (generally available) [roadmap ID: 43797]

Governing external users’ access to your corporate data is a critical security task, we are making it easy for you. You can now setup an expiration period, say 60 days, for external users’ access to the file or site they are invited to so that they don’t retain access forever. To meet your business needs, you can also extend the expiration or instantly revoke the access for the given external user for a specific site.

clipboard_image_15.png

Sign up if you are interested in joining any of the above security private previews.

We’ve updated the experience to allow additional admin controls (like viewing and managing permissions of a site), as we align the admin experiences across the different Microsoft 365 admin centers. We’ve added new admin capabilities to allow you to easily modernize your intranet, manage your metadata term sets and search. The updated SharePoint admin center offers more control for managing your modern workspace.

The new SharePoint admin center home page [roadmap ID: 57318]

When you first land in the SharePoint admin center, we want it to be both familiar and useful at a glance. The idea is to provide a familiar experience, taking a similar design approach as the Microsoft admin center. You’ll see more and more cards and graphs appear over time – so you can see insights on files, usage security, recommendations, training and so on. Better see what’s happening, and then take the appropriate action.

clipboard_image_0.pngThe updated SharePoint admin center home page with graphs and cards to get at-a-glance insights into files, usage, security and more.

Root site swap (now a task within the SharePoint admin center experience) [roadmap ID: 57309]

Your root site originally began as a classic, non-group connected SharePoint team site. And now you can make your root site one that is meant more for communication across the company – a modern communication site (recommended). And you, too, can swap in a modern team site if preferred.

Like a magician’s trick (that we’ll tell you the secret to how it’s done), the power to invoke a SharePoint site swap in Microsoft 365 allows (magical) admins to swap the location of a source site with another target site using either new PowerShell cmdlet: Invoke-SPOSiteSwap, or now via the new Swap site button in the SharePoint admin center. Ta da! Rabbit out of the hat. Once swapped, the source site becomes the new SharePoint root site for your tenant. The previously designated root site automatically gets archived along with any subsites that may have existed.

clipboard_image_16.pngYou can now swap the root site with the site of your choice directly from within the SharePoint admin center.

Note: Before and during the site swap, the source or target sites cannot be “associated” with an Office 365 group or be connected to a SharePoint hub site. If the site is “associated” to a Hub Site, then the association can be removed, the swap performed, and the Hub Site re-associated after performing the swap. And it may be that you wish the newly swapped in root site to be a hub site – which you can establish – after the swap.

Improved edit panel to manage site settings [roadmap ID: 57314]

We are releasing a new panel experience which will make it easier to view and manage more site properties, like how you would edit from within the site itself – through an edit pane that overlays the page you are working from.

clipboard_image_17.pngManage numerous site settings in the new inline edit panel.

Select a site you wish to manage, and in the edit pane you will see several panels. The General panel displays a lot of the main site characteristics – and this is where you can rename the site name and URL. The Activity panel showcases site usage for file and people insights. The Permissions panel enables management of site admins, owners, members and visitors. The Policies panel provides visibility and access to manage site policies like external sharing, sensitivity labels and more. And finally, the Hub panel lets you know if the site is a hub site or associated to one.

Collectively, these panels simplify how you view and manage the site’s properties.

Modern term store + terms analytics dashboard [roadmap ID: 57315]

Metadata is information about information – location, a date, or a catalog item number. You can organize the metadata in a way that makes sense in your business and use the metadata to make it easier to find and organize what you want.

And now, a more modern Term store – to create and manage terms and term sets in SharePoint to enter data consistently. The new experience, within the SharePoint admin center, offers an enhanced set of analytics and make it easier to manage your company’s taxonomy and content types.

clipboard_image_18.pngManage your company taxonomy and terms sets in the updated term store within the SharePoint admin center.

Within the Term store: Analytics, view insights related to the Term Store, to see the breakdown of regular and managed terms, general use of terms across your sites and apps, and any additional management suggestions to ensure healthy, useful managed metadata.

clipboard_image_19.pngGain insights into how your terms and term sets are being used across the organization.

Increased site collection limit: 2,000,000 site collections per tenant [roadmap ID: 57316]

You know that thing we said about increased limits over time that match Microsoft 365 customer usage…? Well, here’s another. We know you may bring a lot of sites as you transition from on-premises, and then IT-managed self-service roll out in the cloud – this equates to a lot of sites to support everything from collaborative team sites, cross-company portals and document centers across disciplines.

So, today, we announced support of a single tenant having up to 2,000,000 site collections across their Office 365 tenant. That’s up from the previous limit of 500,000. Oh yeah!

Today we're announcing additional improvements for SharePoint Server to help your organization meet your business challenges, enabling the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks with Azure.

SharePoint Server 2019 in Azure Stack

Create consistent experiences across your hybrid cloud using comprehensive Azure cloud capabilities to reduce complexity and risk, plus leverage new tools and services designed to work together across your on-premises and cloud environments. You can build and run SharePoint environments using consistent Azure services on-premises to meet regulatory or technical requirements.

Today, we’re announcing support for deploying SharePoint Server 2019 on Azure Stack, giving customers the ability to choose to run a private cloud in their own datacenters while leveraging Azure management tools.

Learn more about Azure Stack – an extension of Azure to consistently build and run hybrid applications across cloud boundaries.

SharePoint Server 2016 and 2019 templates within the Microsoft Azure Marketplace

Today, Microsoft is releasing new Azure Marketplace templates to help customers deploy fully functional, Internet-facing SharePoint Server farms in Microsoft Azure. Our new SharePoint Sever 2016 Farm and SharePoint Server 2019 Farm templates can be used for development and testing, demonstrations, or proof-of-concept purposes.

  • SharePoint Server 2016 Farm – improves performance and reliability and adds several new experiences from SharePoint Online: MinRole, zero-downtime patching, faster patching, and a modern OneDrive experience. [review the SPS 2016 Farm template today]
  • SharePoint Server 2019 Farm – improves performance and reliability and adds several new experiences from SharePoint Online: a SharePoint home page, communication sites, modern team sites, OneDrive sync support, and support for the SharePoint Framework (SPFx). [review the SPS 2019 Farm template today]

These new templates are designed to use Azure SQL Managed Instance for database storage instead of SQL Server on-premises virtual machines hosted in Microsoft Azure. This reduces the need for customers to manage the storage layer and represents the best practice recommendation for hosting SharePoint Server in Azure. You will be able to select the size of your farm to match your needs.

Note: Farms are deployed with a trial license. You must convert the farm to a licensed installation to use it beyond its trial period.

Dig into all the technical resources for SharePoint Server.

In all, we encourage you to build out and organize your intranet. Establish the sites you need and ensure your users can create the sites they need along with business apps that keep business moving forward.

If you didn’t catch CVP Jeff Teper’s general session, “The latest innovations in SharePoint, OneDrive, and Office for content collaboration in Microsoft 365” at Ignite or live streamed, I encourage you to watch the session, soon available on-demand.

We invite you to engage our FastTrack team to help with adoption and migration. Our goal is to empower you and every person on your team to achieve more. Let us know what you need next. We are always open to feedback via UserVoice and continued dialog in the SharePoint community in the Microsoft Tech Community —and we always have an eye on tweets to @SharePoint. Let us know.

Thanks, Mark Kashman, senior product manager (SharePoint/Microsoft)

Discuss this article in the Microsoft Technical Community.