The following post contains the new features and updated features from July 2019. This post enables you to quickly glance at the Microsoft Teams Roadmap based on the latest information provided from Microsoft.
Information Barrier is now in Preview in Microsoft Teams but what does this mean? Information Barriers enables organizations to prevent users segments from communicating with each other or only allows defined groups of users to communication with certain business units. This will help organizations maintain their compliance with all relevent industry standards and regulations, and protect users against conflict of interests. The main driver for delivering this functionality came from the Financial Service industry (FINRA 2241, Debt Research Regulatory Notice 15-31).
Information Barriers are configured by using Policies within Office 365 Security & Compliance Centre using PowerShell and like with all Microsoft product there are several prerequisites before implementing.
Information barrier groups cannot be created across tenants.
Using bots to add users is not supported in version 1.
Information barriers version 1 doesn’t include support for SharePoint and OneDrive for Business. We are working on enabling the feature in SharePoint and will communicate once it’s available.
You will need to have the listed Microsoft subscriptions in order to use Information Barriers.
Microsoft 365 E5
Office 365 E5
Office 365 Advanced Compliance
Microsoft 365 Information Protection and Compliance
You will need to have the following Admin roles to configure Information Barriers.
Microsoft 365 Global Administrator
Office 365 Global Administrator
IB Compliance Management (This is a new role)
You need to ensure Account Attributes like Group Membership, Department Name, etc. are populated correctly in Azure Active Directory or Exchange Online. As this information will be used later on in this post.
Before you set up or define policies, you must enable scoped directory search in Microsoft Teams. Wait at least 24 hours after enabling scoped directory search before you set up or define policies for information barriers.
Audit logging must be enabled within your Security & Compliance centre. The most simple way of switching on Auditing is using Exchange Online PowerShell with the following command;
You will need to ensure that you have the AzureRM module is installed on your client machine, this can be done by running the following command;
Admin Consent for Information Barriers
When your policies are in place, information barriers can remove people from chat sessions they are not supposed to be in. This helps ensure your organization remains compliant with policies and regulations. Use the following procedure to enable information barrier policies to work as expected in Microsoft Teams.
Do you find it hard to keep up to date with all the latest Office 365 Roadmap news? Would you like an easier way to keep you and maybe your colleagues informed?
Then look no further, with power of Microsoft Teams you can now post the Roadmap updates directly into a Microsoft Teams Channel. By using the super powers of Microsoft Flow we can now publish the Office 365 Roadmap cleanly into a Microsoft Teams Channel and heres how we can do it.
Creating the Microsoft Flow for RSS to Microsoft Teams Channel
Select My Flows Create New Automated – from Blank
Give you Microsoft Flow a name and choose the RSS trigger for “When a feed item is published” then click create 🙂
As a big advocate for Office ProPlus I am delighted to now see that Microsoft Teams now apart of the ProPlus deliver mechanism. However, just like any Microsoft product, it does have its caveats.
Microsoft Teams will only be included with NEW installations of Office 365 ProPlus dependent on the channel you are using. The below shows the schedule of the introduction but this is subject to change.
March 4, 2019
Semi-Annual Channel (Targeted)
March 12, 2019
July 9, 2019
Teams are also included with the following new installations: Office 365 Business, starting with Version 1901, which was released on January 31, 2019. Office 365 Business is the version of Office that is included with certain business plans, such as the Microsoft 365 Business plan and the Office 365 Business Premium plan.
Office for Mac, starting with Version 16.21, which was released on January 16, 2019. Office for Mac comes with any plan that includes Office 365 Business or Office 365 ProPlus. For more information, see Microsoft Teams installations on a Mac.
Now Microsoft Teams is apart of the Office Deployment tool it is now subject to all the controls we are common use to so we exclude Teams if we really to 🙂 but why would we do that.
What about existing deployments of Office 365 ProPlus?
At the time of this post, it is not possible to get Microsoft Teams if you have an existing deployment of Office 365 ProPlus. Microsoft has announced that in Version 1906 Microsoft Teams will be shipped to existing deployment running this version. The table below gives an indication of when we can expect the rollout of Teams but if you are using Monthly Channel (Targeted) you should be seeing Microsoft appearing approximately on 25th June 2019.
July 9, 2019
Semi-Annual Channel (Targeted)
To be determined
September 10, 2019
To be determined
If you don’t want Teams to be added to existing installations of Office 365 ProPlus when you update to a new version, you can use Group Policy or the Office Deployment Tool to exclude the installation.
Temporarily, the name and help text for this policy setting is available only in English. The name and help text will be available in the usual set of languages by June 14, 2019.
Updating Microsoft Teams !! It doesnt follow the normal ProPlus cycles.
Once Microsoft Teams is installed, it automatically updates approximately every two weeks with new features and quality updates. This doesn‘t follow the normal update cycle for Office 365 ProPlus as other applications receive updates depending on which channel they’re on.
Another great feature now become available in Microsoft Teams Preview – Information Barrier. This enables organization to prevent communicate between Teams within their own Office 365 tenant. The information barrier groups cannot be applied across tenants and using bots to add users is not supported in version 1. Information barrier policies also prevent lookups and discovery. This means that if you attempt to communicate with someone you should not be communicating with, you will not find that user in the people picker.
You might want to use information barriers in situations like these:
A team must be prevented from communicating or sharing data with a specific other team.
A team must not communicate or share data with anyone outside of the team.
In order to manage the Information Barrier policy you will need to use the Security and Compliance Centre (SCC) PowerShell cmdlets
The information barrier features is in private preview. When these features are generally available, they’ll be included in the following subscriptions;
Microsoft 365 E5
Office 365 E5
Office 365 Advanced Compliance
Microsoft 365 E5 Compliance
Microsoft Teams is firmly becoming the powerhouse that was sold at its initial launch and I can only this product becoming adopted a lot more by organisations
Its been a long road but Microsoft Teams PowerShell module version 1.0.0 is now available in GA. Microsoft has been working very hard in creating this module and have removed/introduction features into this release. So lets have a look at what we now can and cannot do with Microsoft Teams
So what’s removed?
So Microsoft have removed the following cmdlets
But do not fear, as the same functionality of these cmdlets have been integrated into Get-Team and Set-Team.
So what’s new?
Connect-MicrosoftTeams allows you to specify a Teams Government Environment (-TeamsEnvironmentName) that your organization is homed in.
Get-Team allows you to specify new filter and selection criteria to identify specific teams based off of new criteria, including the Visibility or Archived state of the teams.
So its time to start playing with the Teams module and seeing what interesting scripts can be generated.
Please Note: It is recommended to uninstall any previous version you may have installed. So check out this previous blog post i created
Data Loss Prevention has now been included into Microsoft but being a Skype for Business consultant have you ever configured DLP? Probably not.
So this post will look how it is configured from Start to Finish so let’s start with the standard prerequisites;
Office 365 Global Administrator Account
Launch Microsoft 365 Admin Center –> Select Security from under Admin Center
Click “More resources” and Open for Office 365 Security and Compliance Center
Click Data Loss Prevention –> Click Policy –> Click Create a policy
For the purpose of this post I will be creating a policy for covering UK National Insurance Numbers / Passport Numbers. DLP has a list of generic policies or you can configure a custom policy
Select –> Privacy –> Select UK Personally Identifiable Information (PII) Data –> Click Next
At this stage you can select if you want to configure this policy for Exchange email, Microsoft Teams chat and channel messages, OneDrive and SharePoint Documents or specify a subset of services.
Select your required option –> Select Next
Example of specifying a subset of services, at this stage you can also Include/Excludes Groups, Accounts and Sites.
Select Find content that contains
For this post, I am looking for PII data that is being shared outside my organisation.
Using the default options here but you can configure option to send incident report to a Distribution List or individuals. Select Next
Select “I’d like to test it out first” or Yes, turn it on right away. This is depending if your organisation is ready for the big switch on. The tenant being used in this post is a test tenant will small amount of users.
Review your configured settings –> Select Create
Testing – DLP for Micorsoft Teams
So like with all things Microsoft, we have to wait for replication to take place before we can really start testing DLP. Please dont expect your change to work straight away as its needs to work its way through the big Microsoft cloud.
So its safe to say DLP is now working within my tenant.
Finally, Microsoft Teams will be introduce into Office 365 ProPlus… Microsoft Teams will be introduced into the;
February Monthly Channel; the
March Semi-Annual Channel Targeted (SAC-T); and
July Semi-Annual Channel (SAC)
But will automatically install Teams when Office 365 ProPlus is installed on new PCs and Macs.
Now the million dollar question, how is it being introduced?
As a Consultant that has delivered and spoke about Office ProPlus for a number of years, I do have concerns about how it’s going to be introduced and here’s why.
Office 365 uses the (CDN) Content Delivery Network for providing updates to all the Office ProPlus products, is it not the case with Microsoft Teams.
The update mechanism is completely different as the client is delivered by good old MSI so this will bring a number of questions and challenges to start;
What version of Office am I running?
What version of Teams am I running?
Does Teams need updating?
I have this weird problem but my colleague doesnt, is it version related?
However, if they integrate Microsoft Teams into the CDN it is definitely the way forward and also allows the customer to exclude Teams in the configuration.xml (if this is a requirement). It is very early days and I am sure more information will be released in due case but until then I am looking forward to see what the future holds as Microsoft have stated “Teams will automatically be installed for users who already have Office 365 ProPlus in the future.” So if you’re not using Microsoft Teams today Microsoft are making damn sure its available to increase adoption.
Microsoft have recently released an update to the Microsoft Teams powershell module, in this update we see 3 new exciting additions allowing more control for your Microsoft 365 Global Adminstrator or dedicated Microsoft Teams Service Administrator.
New-Team -Owner Parameter
You can now create Microsoft Teams using the Owner parameter
Edit all Teams settings on all Teams without ownership
Now as a Microsoft 365 Global Admin or Microsoft Teams Service Admi, you can edit all setting within a Microsoft Team located within your tenant.
What no licence require?
The administration account no longer requires a Microsoft Teams Licence in order to use the PowerShell Module
So now lets update Microsoft Teams PowerShell module.
I have created the following script which will check your client machine to see what version is installed and install the latest version.