Happy New Year! January is here – new year, new you, right? Personally, I don’t believe in all that new year’s resolution stuff. Every day is a new opportunity to live your best life. How about we stick to new year, new updates for Office 365? There are some changes that will increase security, a change that may affect network traffic, best practice guidelines, and as always, an exciting new feature to highlight. Regarding security, Microsoft is retiring 3DES in Office 365, and sharing links that block download have begun rolling out. If you have configured your network to restrict resource access to Azure AD IP address ranges, make sure to read the piece on Azure AD updating IP Addresses. PowerApps users will be happy to see the release of a white paper on coding guidelines and standards. And finally, the exciting new feature we are highlighting this month is reminders in SharePoint.
Microsoft is retiring 3DES in Office 365 beginning February 28, 2019 (Major Update)
Microsoft has been preparing us for this since December 2017, and the time has finally arrived. The plan is to move all online services to Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption, and to ensure service is more secure by default. As part of this plan, 3DES is being retired beginning February 28, 2019. To help you prepare for this change, Microsoft will be providing reports for you to track your TLS 1.0/1.1 and 3DES usage. These reports were available starting January 1, 2019.
How does this affect me?
As of February 28, 2019, connections to Microsoft using the cipher 3DES will not work.
What do I need to do to prepare for this change?
You need to ensure that all client-server and browser-server connections using 3DES to connect to Office 365 services have been updated. By going to http://securescore.microsoft.com, you can find the overview of your TLS 1.0/1.1 and 3DES usage for Exchange. Click on ‘Score Analyzer’ and scroll to the – Remove TLS dependencies tab. Here you will see a summary of your TLS 1.0/1.1 and 3DES usage. If you want more details on who is connecting using these weaker ciphers and protocols – click on the ‘Get Details’ button that will launch a flyout where you can click on ‘Launch now’. This will take you to the Secure Trust Portal (http://servicetrust.microsoft.com) where you can download your user and agent information. Please click Additional Information to learn more. Additional information.
New Feature: Sharing Links that Block Download
Users will be able to share a link to Office documents that blocks recipients from downloading copies but still allows them to view the document in Office Online. Users can create links that block download by using the common Sharing experience that exists across Office 365. The block download feature is activated/deactivated by a toggle in the Link Settings when creating a sharing link (see image below). This feature began rolling out in November and is planned to be worldwide by the end of this month; so, keep an eye out for it in your tenant. For more information check out the Block Downloading from sharing links in OneDrive and SharePoint blog post by Daniel Anderson.
Azure AD Updating IP Addresses in Mid-January
Azure AD announced back in August that they are updating the service IP address ranges used for Azure AD’s services. Intune is sending a friendly reminder to act if you have configured your network to restrict resource access to Azure AD IP address ranges. Depending on your configuration, you may see an end-user impact if action is not taken since Intune uses Azure AD authentication to confirm identity in several scenarios. While the changes were originally going in starting in September, the work was delayed to mid-January.
How does this affect me?
If you’ve configured Azure AD IP address ranges for your firewalls, routers, or Network Security Groups, you’ll need to update them to add the new endpoints: 18.104.22.168/18 and 22.214.171.124/18. Intune requires internet access for devices under Intune management – either for mobile device management or mobile application management. If access to the internet does not include these additional Azure AD IP address ranges, and Azure AD starts using these ranges, then end user logins would fail, and your users would not be able to sign-in to applications including the company portal and/or Intune App Protection Policy protected applications.
What do I need to do to prepare for this change?
If you have multiple IT roles at your organization, tell your networking team or identity team about this change. If you’re responsible for configuring your internet traffic, then see the link to Intune support blog article which contains additional information. If you’ve got a helpdesk, let them know about this upcoming change.
PowerApps Canvas App Coding Standards and Guidelines
In December, Pat Dunn, Senior Program Manager for PowerApps, announced the release of the PowerApps Canvas App Coding Standards and Guidelines white paper written by himself and Todd Baginski. The blog post, with the same name as the white paper, explains the purpose of the white paper. Mainly to provide guidelines that will help developers (enterprise application makers) in these areas:
- Ease of Deployment and Administration
It is exciting to see some effort expended from Microsoft and the MVP community to provide these “best practices” of sorts for PowerApps. Two thumbs up for Pat and Todd and the rest of the contributors! Download the whitepaper today, and level up your PowerApps game.
If you are looking for more ways to advance your PowerApps knowledge, you could attend the Microsoft Business Applications Summit in Atlanta, GA in June. This event is not only about PowerApps, but Dynamics 365, Power BI, Excel, Mixed Reality and Microsoft Flow as well. There are two full days of programming (over 200 sessions) and a bonus pre-day for those of you who just can’t get enough learning. Check out Enrique Plaza’s announcement from December for more details.
New Feature: Reminders in SharePoint
This feature allows users to receive a personal email alert ‘x’ day in advance of a date on any document or item in SharePoint. This feature uses Microsoft Flow to send the reminders. To create the reminder flow, the list or library should have at least one date/time column in the current view. In the screenshots below, I am creating a reminder flow on a task list.
Users are given two options: flow name and the number of days in advance of the date that the reminder should be sent.
The screenshot below, shows the reminder email that was generated by the reminder flow. The email includes all items in the list with a due date of tomorrow (1 day from today).
Once the flow is created, it can be edited from the Microsoft Flow website. Users can also get to the Microsoft Flow website through the same dropdown where the reminder flow was created, just select “See your flows”. Simple edits include changing the “days in advance” variable, which determines how many days in advance the reminder will be sent, or “recurrence”, which determines how frequently and at what time the flow runs (checks dates on the list/library and sends the email). If you are interested in this feature and would like to learn more about Microsoft Flow, check out Microsoft’s guided learning on Microsoft Flow.
This is a great new feature, and we are very excited about it as a first step. While it does a great job of reminding a user of due dates for tasks/documents they have looming, it falls short for those managing due dates for other users. If the user creates a task list to assign tasks to other users, the reminder flow can not be used to send reminders to those other users (at least not without rewriting the entire flow). It is also not possible to set up a list for another user and send the reminders to that user. The reminder emails are sent to the user who creates the reminder flow. There’s already a bunch of chatter on this, so keep your eyes peeled for what is coming next.
That’s what we have for you this month. We hope you found something useful and/or interesting. Best wishes for a prosperous and happy new year!