Summary of key announcements and takeaways from Microsoft Ignite 2018, from a SharePoint Perspective. Includes slides and references direct from the Ignite sessions.

2. Contents
• SharePoint Server 2019 (13)
• Content Services - ECM (17)
• SharePoint Lists (5)
• SharePoint Online Multi-Geo (3)
• Threat Intelligence (4)
• References (1)
• Later reading… (8)
• Choosing the Right Authentication
• Microsoft Cloud App Security

3. SharePoint Server 2019

4. BRK2064
SharePoint Server 2019
• October 2018 Release
• Create site collections in
seconds:
• Modern Team Sites
• Communication Sites
• OneDrive personal sites
• Modern lists, libraries, pages and
news
• Mobile ready
• Modern sharing

5. SharePoint Server 2019
• Modern lists
• Easy to add columns and
rows
• Simplified filtering experience
• Format columns with JSON
• Details pane gives more
information without leaving
the list view
BRK2064

6. SharePoint Server 2019
• Modern Pages
• Beautiful pages made easy
• Rich authoring
• Modern web parts for your
modern SharePoint
BRK2064

7. SharePoint Server 2019
• OneDrive Sync Client
• Fast, reliable, and proven
experience with OneDrive.exe
(Next Generation Sync Client)
• Connect and sync OneDrive
and SharePoint document
libraries
BRK2064

8. SharePoint Server 2019
• SharePoint Home
• New SharePoint landing page
• Your most relevant sites, news
and activities in one place
• Team News
• Keep up with and broadcast key
events and accomplishments
with other members of your team
BRK2064

9. SharePoint Server 2019
• Communication Sites
• Beautiful, dynamic site to reach broad
audience
• Keep your organization informed and
engaged
• Mobile
• Beautiful sites on every device
• Get SharePoint on the go with the
SharePoint Mobile App
BRK2064

10. SharePoint Server 2019
• Search
• Modern search experience
• Type ahead contextual results in search box
• Modern search result page for SharePoint
Home and Site search
• Improved language detection
• Workflow Support
• Connectivity from PowerApps and
Flow services to SharePoint 2019
using data gateway
• Continued support for SharePoint 2010 and
2013 workflows
BRK2064

11. SharePoint Server 2019
• SharePoint Framework
• Build custom lightweight and
mobile ready client-side
web parts
• Extend SharePoint experiences
within modern web pages
and libraries using Extensions
• Automate business processes
using webhooks
BRK2064

12. SharePoint Server 2019
• SharePoint Hybrid
• Hybrid made easy
• Launch the Hybrid Configuration Wizard
directly from Central Administration
• SMTP Server Authentication
• SharePoint can now authenticate to your
SMTP email servers
• No more anonymous relays just for SharePoint
BRK2064

13. SharePoint Server 2019
• Infrastructure Improvements
• Expand supported characters
• # and % in file and folder names
• Long URL path
• 400 characters for MAXURL
• Recycle Bin recovery improvements
• Recover your content deleted by others from your recycle bin
• Performance improvements
• Up to 25% file I/O performance improvements
• Modernize IIS integration
• Remove IIS6 dependencies by switching to modern IIS APIs
BRK2064

14. SharePoint Server 2019
Deprecated Features
• Access services 2010 & 2013
• Aggregated Newsfeed
• Custom help
• InfoPath Client / InfoPath Services
• Lists web service
• Machine Translation service
• PerformancePoint Services
• SharePoint Designer
• Site Mailbox
• Site Manager
Removed features
• Automatic mode in incoming email
• Code-based sandbox solutions
• Digest authentication
• Multi-tenancy
• Silverlight rendering in PerformancePoint
Services and Visio Services
• SQL Reporting Services integrated mode
• Power Pivot
• Power View
BRK2064

15. SharePoint Server 2019
Upgrade Approach
Upgrade
• DB Attach SharePoint 2016 databases
or
Migration
• Migrate Content to SharePoint 2019
Software Requirements
Windows Servers
• Windows Server 2016
• Windows Server 2019
Database Servers
• SQL Server 2016
• SQL Server 2017
BRK2064

16. SharePoint Server 2019
Prerequisites
Support Windows Claims Authentication
Support for IRM scenarios
Support for Access Services 2013
Groove sync
Creation & Consumption of OData services
In memory distributed cache
Support DLP scenarios
BRK2064

17. Content Services - ECM

18. Content Services
Announcements
• Mobile capture
• Document templates mapped to content
types
• Location column
• Flow: File Copy/Move and Shareable Links
• Taxonomy (MMS & Content Types) to
drive ADG labeling
• Import and manage hierarchical file plans
• File intelligence (text extract, readability
etc.)
• Immutable labels (SEC/WORM compliant
labelling)
• MIP integration & container labeling
• Label analytics 1.0
• Enhancements to predictive indexing for
lists and libraries
• PowerApps integration with libraries
• Update to MMS APIs
• Page management
• Central image library
• Modern libraries and attention views and
bulk edit on premises
BRK2104

19. Content Services
Reuse document items with Tap
• Consume indexed sections of
documents into new documents
• Based on Microsoft Graph
• Used in Office clients
• Can also insert metadata as quick parts
BRK2104

20. Content Services
Central asset library
• Organization wide, curated view of digital
images for reuse in page authoring
• Aggregate multiple libraries to a common
virtual hub
BRK2104

21. Content Services
File Card
• Automatic generation of key points,
readability and other document statistics
for new Word documents in SharePoint
• User can edit and supplement as
document metadata
BRK2104

22. Content Services
Document Templates
• Add document templates to library
content types
• Edit the New menu to add, hide or
reorder file types
BRK2104

23. Content Services
File Move
• Full fidelity file movement
among OneDrive and SharePoint libraries
from modern interface
• Metadata and versions and
compliance policies preserved
• Groom and curate files into record
centers or archives while preserving
chains-of-custody
• New! Copy and move files in Flow
BRK2104

24. Content Services
Attention views and bulk edit
Helps users focus on files that are pending, incomplete, or otherwise need attention
Discover status of document required properties (Mandatory no longer blocks saving)
Field highlighting Notification Attention view Bulk edit
BRK2104

25. Content Services
Page management
• Page approval workflows with Microsoft Flow
• Customize flows to streamline page approvals and
processes
• Schedule page publishing
Page metadata
• Categorize and tag pages
• Show page properties on any page
Page targeting and rollups
• Filter pages in news web parts
• Target pages to specific people based on user
profile properties
BRK2104

26. Content Services
Request sign-off
• Quickly send documents for
feedback and approval
• Light-weight, no set up required
approval flow
• Available to all lists and libraries in
SharePoint
BRK2104

27. Content Services
Conditional Formatting
• Build quick conditional column formatting
without JSON scripts
• Conditional color coding based on text,
date or number ranges
BRK2104

28. Content Services
View Formatting
• Conditional formatting
• Apply styling to a row, depending on that
field’s value or range of values
• Multiple line displays
• Break through the single line constrains for
traditional list/library formats
• Flow buttons
• Create an integrated button that kicks off
approvals and flows
• Immersive experiences
• Create a responsive single page app that
redefines the complete user experience on
browser and mobile
BRK2104

29. Content Services
New SharePoint Flow Integrations
No set up required
approval flow
Copy and move
files in Office 365
Require approval for items
and docs in your flows
Require approval for
SharePoint pages
Require approval for hub
site associations
Generate shareable links
for content
Firsthalf2019Inproduct
BRK2104

30. Content Services
• Office 365 content retention
• Central dashboard
• Label defines retention policy based on
document page
• Label can be interactively
or automatically applied
• Manage data loss protection policies across
Office 365 workloads
• One policy definition independent of workload
• One policy lifecycle
• One set of sensitive type definitions
• Custom classifications
• New DLP policy from template
• Import DLP policy
• Policy tips in Office, web, OneDrive apps
BRK2104

31. Content Services
Policy tips in SharePoint and OneDrive apps
BRK2104

32. Content Services
Use content metadata for
automatic labels
• Use content types and metadata to
drive automatic application of policy
for classification, retention and record
management
• Manage via file plan
• Use Keyword Query Language:
ContentType:Value
ColumnName:Value
Available later this year
BRK2104

33. Content Services
Import and export file plan
• Add categories, references,
departments, regulations and more
• Create perpetual retention regulatory
labels
• Export and import via Excel
Available later this year
BRK2104

34. Content Services
Label analytics
• Use a centralized console to manage
and update all your content
classifications and activity across
Office 365
Available later this year
BRK2104

35. SharePoint Lists

36. SharePoint Lists
BRK3096
New ways to create lists
• Create lists from Excel
• Create lists from existing lists
• Generate Site Actions and use them in
Site Designs

37. SharePoint Lists
BRK3096
Location column
• Use landmarks, street addresses, and
geo-coordinates
• Sort, filter, group by city, country, zip
code.
• Also works with meeting rooms in your
directory

38. SharePoint Lists
BRK3096
More control and power with views
• Easier to add column formatting for choice, date and yes/no fields
• All new view formatting
• Drag, drop and resize columns
• Freeze column headers and show totals in modern UI
• Live updates

39. SharePoint Lists
BRK3096
Connected lists wherever you need them
• Your lists one tab away in Teams
• Connect list web parts to others to build dynamic pages

40. Top of mind
Power BI reports on lists
SharePoint Lists
End of 2018
Create a list from Excel
Create a list from another list
Location column
Easier column formatting
Dynamic content between list and
other web parts
Freeze column headers
Totals in modern experience
Create Site Actions from your lists to
use in Site Designs
First half 2019
Quick edit improvements
Add to Planner button
BRK3096
Releasing Now!
Add lists to Teams
View formatting
Predictive indexing for lists larger
than 20K
Change column widths for views
Roadmap

41. SharePoint Online Multi-Geo

42. SharePoint Online Multi-Geo
General Availability Q1 CY’19
SharePoint Online
OneDrive for Business
Exchange Online
contosoEUR.sharepoint.com
EUROPE
Satellite location
NORTH AMERICA
Central location
GLOBAL ORG
Azure Active Directory
Contoso.com
SharePoint Online
OneDrive for Business
Exchange Online
contoso.sharepoint.com
BRK3102

43. SharePoint Online Multi-Geo
3 Key Areas
• Manage sites per Satellite Geo
• Easily identifiable unique URL per Geo
• Flexible sharing & DLP policies per Geo
• Satellite users get rich experience
• Multi-geo is transparent to end users
• Mobile friendly experience
• Search unified across Geos
• Taxonomy is centrally managed
• Profile of user is kept in home geo only
BRK3102

44. SharePoint Online Multi-Geo
Architecture
Azure Active Directory (World wide available)
TenantID-1 (Data locations: NAM, EUR) (sesha@contoso.com, NAM) (adriana@contoso.com, EUR)
North America
(Central Geo)
Europe
(Satellite-1 Geo)
SPO & ODB
TenantID-1 (InstanceID-y)
Service instance syncs from MSODS Service instance syncs from MSODS
Taxonomy Service
(Enterprise Managed Metadata)
SPO & ODB
TenantID-1 (InstanceID-x)
Profile Service
(All users basic info + Home Geo Users Profiles)
Taxonomy Service
(Enterprise Managed Metadata)
Profile Service
(All users basic info + Home Geo Users Profiles)
Search Service
SPO-DS
Search Service
SPO-DS
BCS, Secure Store Service etc., BCS, Secure Store Service, etc.,
SPO Federated Directory Abstraction
Replicated from Central location to Satellites
Per geo only
Unified Search results across geos
Per geo only
Sesha’s OneDrive Adriana’s OneDrive
Australia
(Satellite-N
Geo) …
https://contoso.sharepoint.com https://contosoEUR.sharepoint.com
BRK3102

45. Threat Intelligence

46. Threat Intelligence
Securing the end user
• Critical to combating phishing and
social engineering related attack
vectors.
• Native protection built right into
Office 365.
• Strong complement to your end user
awareness and security training.
• Protection that extends to
collaboration scenarios across
desktop, web/online, and mobile
clients.
BRK3411
Summary of New Office 365 ATP Safe Links Warning Pages for time-of-click protection
Office 365 ATP Safe Links: Native Link rendering showing the original URL in Outlook

47. Threat Intelligence
Office clients and Office online
BRK3411
Word iOS client showing Office 365 ATP Safe Links block
from a click within a document.
Word Online showing Office 365 ATP Safe Links block from a click within a document.

48. Threat Intelligence
SharePoint Online, OneDrive for Business and Microsoft Teams
BRK3411
OneDrive iOS app showing files
detected and blocked by Office 365 ATP
SharePoint Online WebUX showing files detected
and blocked by Office 365 ATP
Microsoft Teams desktop client showing files
detected and blocked by Office 365 ATP

49. Threat Intelligence
Office 365 ATP Safe Links protection in Microsoft Teams
BRK3411
Malicious URL in conversations from Guest/External user in Teams desktop client Office 365 ATP blocks a malicious link click from Teams desktop client

50. References

51. References
• Ignite 2018 sessions used for this deck:
• BRK2064 – SharePoint Server 2019 Overview
• BRK2104 – SharePoint content services (ECM)- What's new and what's coming
• BRK3096 – What's New and What's Coming to SharePoint Lists
• BRK3102 – Getting started with multi-geo scenarios with SharePoint and OneDrive
• BRK3411 – Secure enterprise productivity with Office 365 threat protection services including EOP, ATP, and
Threat Intelligence
• Other useful sessions:
• GS006 – Modern teamwork: Transform collaboration and communications with Microsoft 365
• BRK2451 – Content Collaboration in the Modern Workplace
• BRK2254 – Azure Active Directory: New features and roadmap
• BRK2158 – Elevate the security for all your cloud services with the Microsoft CASB – Cloud App Security
• BRK3243 – Hybrid identity and access management best practices
• BRK3100 – What’s new in external sharing and collaboration with OneDrive and SharePoint
• A bit of fun, and great insight into Azure Datacenters, on land or under the sea!
• BRK3347 – Inside Microsoft Azure Datacenter Hardware and Software Architecture - Mark Russinovich

52. Later reading…

53. Choosing the Right Authentication
 First, use PHS with
Seamless SSO
 Second, use PTA
with Seamless SSO
 Third, use
Federation
 For More see
THR3046
 Documentation
BRK3243

54. CLOUD ACCESS SECURITY BROKERS
Cloud Access Security Brokers (CASBs)
are defined by Gartner as:
On-premises, or cloud-based security policy
enforcement points, placed between cloud service
consumers and cloud service providers to combine
and interject enterprise security polices as the cloud-
based resources are accessed. CASBs consolidate
multiple types of security policy enforcement.
of large enterprises
will use CASBs
By
2020
85%
BRK2158

55. TOP CASB USE CASES
Office 365
Salesforce Azure
Box
AWS
DropboxFacebook
TwitterYouTube
BRK2158

56. BRK2158

57. Ability to detect and automatically revoke an app’s permission, when it is considered risky
Automatic detection and revocation of risky 3rd party apps
Support for Microsoft apps in public preview including O365, VSTS and on-prem apps via AAD App proxy
Single click enablement that extends the discovery of cloud apps beyond your corporate network with
traffic information from Windows 10 Enterprise 10 E5 machines
Cloud App Discovery with Windows Defender ATP
Real-time session controls for Microsoft and on-premises apps
Integrations with Microsoft Flow to provide centralized alert automation and orchestration of custom
workflows using the ecosystem of connectors in Microsoft Flow.
Automating enterprise workflows with Microsoft Flow
After announcing our integration with Zscaler, we’re expanding our partnerships to include iboss
Expanding app discovery and lifecycle management with SWGs
BRK2158

58. Unified Data
Classification
Service
• Unified labelling with
Microsoft Information
Protection
• 90 built-in, sensitive
information types you
can choose from
• Or configure custom
sensitive information
types (supports
complex patterns with
Regex, keywords and
large dictionary)
BRK2158

59. ******
Require MFA
Allow access
Deny access
Force
password reset
Limit access
Controls
Users
Devices
Location
Apps
Conditions
Machine
learning
Policies
Real time
Evaluation
Engine
Session
Risk
3
10TB
Effective
policy
Conditional Access
BRK2158

60. Unusual file share activity
Unusual file download
Unusual file deletion activity
Ransomware activity
Data exfiltration to unsanctioned apps
Activity by a terminated employee
Microsoft Cloud App Security – Detections across
apps
Indicators of a
compromised session
Malicious use of
an end-user account
Malware implanted in cloud apps
Malicious OAuth application
Multiple failed login attempts to app
Suspicious inbox rules (delete, forward)
Threat delivery
and persistence
!
!
!
Unusual impersonated activity
Unusual administrative activity
Unusual multiple delete VM activity
Malicious use of
a privileged user
Activity from suspicious IP addresses
Activity from anonymous IP addresses
Activity from an infrequent country
Impossible travel between sessions
Logon attempt from a suspicious user agent
BRK2158