Administration, OneDrive for Business, Security and Compliance, SharePoint

SharePoint and OneDrive Management, Migration, and Security Updates

In this post:

SharePoint Admin Center Updates

SharePoint Migration Tool Updates

OneDrive Files Restore

Microsoft has been building enterprise software for decades and running some of the largest online services in the world. We draw from this experience to keep making SharePoint and OneDrive more secure for users, implementing and continuously improving security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of your services and data. This update shares upcoming improvements in SharePoint and OneDrive.

SharePoint Admin Center Preview

ROLLING OUT NOW TO TARGETED RELEASE ON 2/1

Innovation in the cloud drives tremendous business value, and it delivers new capabilities to the IT professionals who work tirelessly to support, configure, administer, and secure their organizations’ content and services.

While our new user experiences are designed to be simpler, more intuitive, and more powerful we also believe administration should be just as simple, just as intuitive, and just as powerful, and to that we’re introducing a completely revamped SharePoint Admin center that draws heavily on our modern principles. An administrative console designed to help IT achieve more, so their users can achieve more.

For Targeted Release customers the option to try the new SharePoint Admin Center will be available through the existing administration experience for SharePoint Online (see illustration below).  This permits the use of both administrative experiences as we continue to refine and add capabilities to the new admin center that are currently not present in the existing administrative experience.

  • Sign in to Office 365 as a global admin or SharePoint admin.
  • Select the app launcher icon in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)
  • In the left pane, choose Admin centers > SharePoint.

To see more of the new SharePoint Admin Center check out the video below:

To learn more about the new SharePoint Admin Center refer to https://support.office.com/en-us/article/Get-started-with-the-new-SharePoint-admin-center-0bb250bb-1d3c-43f8-b751-b322522ccf33.

General Availability of the SharePoint Migration Tool

GENERAL AVAILABILITY ON 1/9/2018 refer to complete article at https://techcommunity.microsoft.com/t5/SharePoint-Blog/General-Availability-of-the-SharePoint-Migration-Tool-amp/ba-p/143689/jump-to/first-unread-message.

Taking advantage of cloud services doesn’t have to be difficult or a long-phased migration project.  In addition to the new SharePoint Admin Center, we’re also announcing General Availability of the SharePoint Migration Tool, a new free, simple, and fast migration solution to help you migrate content from on-premises SharePoint sites and file shares to SharePoint or OneDrive in Office 365.

Based on the learning and experience from Microsoft FastTrack, using the SharePoint Migration Tool from Microsoft with a few simple clicks you can begin to bring your information to the cloud and take advantage of the latest collaboration, intelligence, and security solutions with Office 365.

Whether you’re looking to migrate from file shares on-premises to SharePoint or OneDrive or from on-premises versions of SharePoint, the SharePoint Migration Tool is designed to support the smallest of migrations to large scale migrations with support for bulk scenarios.

Using the SharePoint Migration Tool, you can quickly and easily migrate files from file shares, SharePoint sites, or support bulk migrations with a few simple clicks in the intuitive user interface.

To get started with the SharePoint Migration Tool refer to https://support.office.com/en-us/article/How-to-use-the-SharePoint-Migration-Tool-65462df1-42fe-40cf-88f7-e39f82f5130f..

While the SharePoint Migration Tool provides support for many migration scenarios, we recognize your needs may differ in scope and complexity.  For more complex migrations, support with adoption and usage, or help planning Microsoft FastTrack includes resources, tools, and experts to make your rollout of Office 365 a success.

To learn more about Microsoft FastTrack visit https://fasttrack.microsoft.com/office.  In addition, consider one of Microsoft’s many partners that can help ensure your migration to Office 365 is both seamless and successful.

Getting Started
To get started and preview the new SharePoint Migration Tool from Microsoft visit https://aka.ms/spmt.

OneDrive Files Restore Rolling out to Production

ROLLING OUT NOW refer to complete article at https://techcommunity.microsoft.com/t5/OneDrive-Blog/Announcing-New-OneDrive-for-Business-feature-Files-Restore/bc-p/147462#M387.

Data loss is non-negotiable, it’s not something that can be bought back.  From corruption, to ransomware, to just accidental deletion—losing content can completely disrupt a business.  The recent issues with WannaCry and other ransomware attacks showed just how disruptive it can be.

Keeping your data safe has always been a top concern.  In addition to simplifying control with the new SharePoint Migration Tool and migration with the SharePoint Migration Tool, we are also excited to announce that “OneDrive File Restore”, a complete self-service recovery solution to allow content owners to go back in time to any second in the last 30 days is now rolling out to our customers.   Now your users and your administrators can rewind changes using activity data to find the exact moment to revert to.

Files Restore starts rolling out today and will be fully rolled out by Spring 2018.

Resources

To learn more about the new SharePoint Admin Center, the SharePoint Migration Tool, and Files Restore with OneDrive and more security, admin ,and migration capabilities in SharePoint and OneDrive, watch the video below.

https://myignite.microsoft.com/sessions/55100?source=sessions

Standard
Administration, OneDrive for Business, Security and Compliance, SharePoint

Office 365 Advanced Threat Protection for SharePoint, OneDrive and Microsoft Teams now available

When moving your organization to cloud services, security concerns add another layer of consideration; one of trust.

Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel. We strive to keep software and hardware technologies up to date through robust processes. To help keep Office 365 security at the top of the industry, we use processes such as the Security Development Lifecycle; we also employ techniques that throttle traffic and prevent, detect, and mitigate breaches.

At Microsoft we continue systematic approach to disrupting attacks through eliminating weaknesses by eliminating the vectors of attack themselves by implementing architectural changes some of which leverage virtualization, containers, and other types of technologies.

In April 2015 we launched Office 365 Advanced Threat Protection to help customers secure their environment from evolving security threats providing protection against unknown malware and viruses, real time, time-of-click protection against malicious URLs, and rich reporting and URL trace capabilities.

In our continued effort to address the modern threat landscape, today we’re announcing General Availability of Office 365 Advanced Threat Protection for SharePoint, OneDrive, and Microsoft Teams.

Office 365 Advanced Threat Protection SharePoint, OneDrive, and Microsoft Teams uses signals and smart heuristics as quality indicators to identify the files within your tenant that may contain malicious content, which includes correlating the file activity signals from SharePoint, OneDrive, and Microsoft Teams within your tenant with the Microsoft Security Intelligence Graph threat feeds.

Examples of file activity signals include anonymous, company wide or explicit sharing, or activity from guest users. Threat feeds that Office 365 Advanced Threat Protection leverages include known malware in email or SharePoint, Windows Defender/Defender ATP detections, suspicious or risky logins or other indicators of irregular file activity within your tenant.

Getting Started

Office 365 Advanced Threat Protection SharePoint, OneDrive, and Microsoft Teams can be configured in the Office 365 Security and Compliance Center.

Learn more on configuring Office 365 Advanced Threat Protection for SharePoint, OneDrive, and Microsoft Teams at https://support.office.com/en-us/article/Office-365-ATP-for-SharePoint-OneDrive-and-Microsoft-Teams-26261670-db33-4c53-b125-af0662c34607?ui=en-US&rs=en-US&ad=US.

Resources

Office 365 Advanced Threat Protection overview [https://support.office.com/en-us/article/Office-365-Advanced-Threat-Protection-overview-e100fe7c-f2a1-4b7d-9e08-622330b83653?ui=en-US&rs=en-US&ad=US]

Advanced Threat Protection safe attachments in Office 365 [https://support.office.com/en-us/article/ATP-safe-attachments-in-Office-365-6E13311E-92AE-495E-A619-56D770199170]

FaQ

Can I block download of infected files in Office 365?

There is a tenant level configuration that allows or blocks the download of an infected file. This configuration is leveraged by the different native user experiences that are triggered within SPO, ODB and Teams. Tenant admins can be updated using a PowerShell script. Refer to https://technet.microsoft.com/en-us/library/fp161390.aspx and the DisallowInfectedFileDownload parameter for additional details.

Is there a licensing requirement for ATP?

ATP is included in Office 365 Enterprise E5 and Office 365 Education A5. You can add ATP to the following Exchange and Office 365 subscription plans:

  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Exchange Online Kiosk
  • Exchange Online Protection
  • Office 365 Business Essentials
  • Office 365 Business Premium
  • Office 365 Enterprise E1
  • Office 365 Enterprise E3
  • Office 365 Enterprise F1
  • Office 365 Education A1
  • Office 365 Education A3

To buy Office 365 Advanced Threat Protection, see Office 365 Advanced Threat Protection.

To compare features across plans, see Compare Office 365 for Business plans.

Standard
Administration, OneDrive for Business, Security and Compliance, SharePoint

Introducing Idle Session Timeout in SharePoint and OneDrive (Preview)

There’s a new culture of work; one that is increasingly diverse, geographically distributed, and mobile.  Connectivity is ubiquitous and the ability to work remotely has become an ingrained part of the work practice. People have come to expect to be able to access email and documents from anywhere on any device – and for that experience to be seamless, among these trends includes the increasing use of shared systems, such as kiosks to access and work with corporate data.  In order to help safeguard your information on these systems, we’re introducing new idle session timeout policies rolling out as preview on November 6, 2017 and changes to the “Keep me signed in” experience with Office 365.

Idle session timeout provides an Office 365 administrator to configure a threshold at which a user is warned and subsequently signed out of SharePoint or OneDrive after a period of inactivity as illustrated below.

 

Demo

The demonstration below illustrates the idle session timeout policy enacted on a site that is also configured with site-scoped limited access policies.

Idle session timeout policies allow Office 365 administrators to automatically sign out inactive sessions preventing the overexposure of information in the event a user leaves a shared system unattended.

NOTE

Idle session timeout takes a dependency on the Keep me signed in signal.  In scenarios where Keep me signed in is selected at authentication, the client will not honor the idle session timeout. 

In addition to the new idle session timeout policy we’re rolling out in preview, in late September we updated the keep me signed in experience, replacing the “Keep me signed in” checkbox that appears on the sign-in flow with a prompt that shows after the user successfully signs in.  Idle session timeout interprets this signal and where selected does not affect the client where “Keep me signed in” has been selected, on devices where “Keep me signed in” is not selected, the policy applies.

In addition to those recent changes, we’re also adding a layer of protection to intelligently hide this prompt if we detect a shared device, or a high-risk sign-in. Our goal is to decrease the number of times users are prompted to authenticate. Although the new screen adds a small amount of friction up front, users get a better long-term experience as they get less sign-in prompts when they use our services.

This prompt asks the user if they would like to remain signed in. Responding “Yes” to this drops a persistent refresh token, the same behavior as when the user checks the old “Keep me signed in” checkbox.

For federated tenants, this prompt will show after the user successfully authenticates with the federated identity service. Some things to consider: – During the Public Preview period of the new sign-in experience, this new “Keep me signed in” prompt will only show when users opt-in to the new sign-in experience. Users using the old experience will continue to see the checkbox and will not get the prompt. – You can choose to hide this new prompt for your users by using the “Show option to remain signed in” setting in company branding. Existing configurations of this setting will carry forward, so if you previously chose to hide the “Keep me signed in” checkbox on your tenant, we won’t show the new prompt to your users. – This change will not affect any token lifetime settings you have configured.

Configuring Idle Session Timeout

Idle-session timeout is configured using Windows PowerShell.

Before you get started using PowerShell to manage SharePoint Online, make sure that the SharePoint Online Management Shell is installed and you have connected to SharePoint Online.

Install the SharePoint Online Management Shell by downloading and running the SharePoint Online Management Shell. You only need to do this once for each computer from which you are running SharePoint Online PowerShell commands.

To open the SharePoint Online Management Shell command prompt, from the Start screen, type sharepoint, and then click SharePoint Online Management Shell.

To connect to SharePoint Online with a username and password run the following commands at the SharePoint Online Management Shell command prompt:

Connect-SPOService -Url https://<Tenant>-admin.sharepoint.com

To configure idle-session timeout run the following commands at the SharePoint Online Management Shell command prompt:

Set-SPOBrowserIdleSignOut -Enabled $true -WarnAfter (New-TimeSpan -Seconds 1200) -SignOutAfter (New-TimeSpan -Seconds 1500)

Where:

-Enabled specifies whether idle session timeout is enabled or disabled using $true, $false respectively.

-WarnAfter specifies the amount of after which a user is notified that they will be signed out after a period of inactivity as a New-TimeSpan which can be configured in seconds, minutes, or hours.

-SignOutAfter specifies the amount of time after which is a user is signed out of Office 365 if they do not respond to the -WarnAfter prompt.

To view the idle browser sign-out settings, use the Get-SPOBrowserIdleSignOut cmdlet.

NOTE

  1. Mouse movement or scrolling up and down is not included as activity. Activity is counted as requests sent to SharePoint Online.  Mouse clicks within the context of a site are considered activity.
  2. Idle-session timeout is limited to SharePoint Online browser sessions; however, will sign users out of all Office 365 workloads within that browser session.
  3. It will not sign out users who are on managed devices or select Keep Me Signed In during sign-in.
  4. Idle session timeout is currently limited to Classic sites.  A fix will be rolled out to support Modern sites soon.
  5. The WarnAfter and SignOutAfter values cannot be the same.
  6. The policy scope is Tenant-wide.

Frequently Asked Questions

When will idle session timeout start rolling out as preview?

November 6, 2017

Is idle session timeout enabled by default, can I control the settings?

No.  Idle session timeout is disabled by default.  The warning and timeout timespans, as well as enabling idle session timeout are administrator controlled.  Instructions will follow as we start to roll out this feature.

Does the policy effect existing signed in sessions?

No, only new sign-ins to new browsers

How long does it take to effect?

Approx. 15 minutes

What is considered a managed device?

A device is managed if Azure Active Directory indicates to SharePoint Online that the device state was evaluated and the device is at least one of the following:

  • Domain joined
  • Compliant

Device state claims are not passed in Google Chrome or when using inPrivate mode – device claims are only available on Internet Explorer or Microsoft Edge on Microsoft Windows.

Can I hide the Keep me signed in prompt?

During the public preview period of the new sign-in experience, the updated “Keep me signed in” prompt will only show when users opt into the new sign-in experience. Users using the old experience will continue to see the checkbox and will not get the prompt.

Admins can choose to hide this new prompt for users by using the “Show option to remain signed in” setting in company branding.

NOTE 

Existing configurations of this setting will carry forward, so if you previously chose to hide the “Keep me signed in” checkbox in your tenant, we won’t show the new prompt to users in your tenant.

This change won’t affect any token lifetime settings you have configured.

When will idle-session timeout be generally available?

April 2018

Standard
Administration, OneDrive for Business, Security and Compliance, SharePoint

Office 365 Data Loss Prevention Block Access with SharePoint and OneDrive

Last week we announced Office 365 Data Loss Prevention Block Access (https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Policy-Tips-in-SharePoint-Online-and-OneDrive-for-Business-at/ba-p/116158) with SharePoint Online and OneDrive for Business.  Office 365 Data Loss Prevention Block Access prevents the potential for overexposure of sensitive information by allowing a Tenant administrator to configure Data Loss Prevention Policies limiting how and with whom sensitive information can be shared.

For example, if a document is determined to contain sensitive information, for example U.S. Financial Data, a DLP policy can prevent that information from being shared externally or with guests while providing real-time policy information to the user attempting to initiate the share.

Users are presented with a Policy Tip when viewing information about the document in addition to the option to view the specific policy that limits sharing of the document.

In addition, if the user attempts to share content that violates the policy configuration, they are notified at the time of sharing with a Policy Tip and link to additional information.

Configuring Office 365 Data Loss Prevention Block Access policies in the Security and Compliance Center

To configure Office 365 Data Loss Prevention Block Access policies browse to https://protection.office.com/, and expand Data loss prevention.

Under Data loss prevention select Policy.

Select Create new policy to create a policy and choose from one of the available templates.

Provide a Name and Optional description of the policy and click Next.

Select one or more locations to protect and click Next.

Under Policy settings select Detect when this content is shared: and choose With people outside of my organization and click Next.

On the What do you want to do if we detect sensitive info? dialog select Restrict who can access to the content and override the policy and click Next.

Optionally you can configure additional settings for the policy such as:

  • The ability to block specific people from accessing sensitive content that meets the criteria of the policy.
  • Allowing policy override with or without business justification.

Click Next to save the policy settings.

On the Review your settings page, click Create to save and apply the policy.

Configuring Existing DLP Policies

In addition to the creation of new policies, a Tenant administrator can use Windows PowerShell to configure existing data loss prevention policies for block access.

To update one or more existing policies, connect to Office 365 Security and Compliance Center PowerShell, refer to the Windows PowerShell example below:

Get-DlpComplianceRule | Where-Object {$_.BlockAccess -eq 'true' -and $_.BlockAccessScope -ne 'PerUser' -and $_.AccessScope -eq 'NotInOrganization' -and $_.NotifyUser -ne ''} | Set-DLPComplianceRule -BlockAccessScope 'PerUser'

NOTE

The script above will turn any DLP policy rules that previously blocked everyone (except Last Modifier, Owner, and Site Administrator) into a rule that only blocks access to external users.

Resources

To learn more about data loss preventions policies in Office 365 visit Overview of data loss prevention policies at https://support.office.com/en-us/article/Overview-of-data-loss-prevention-policies-1966b2a7-d1e2-4d92-ab61-42efbb137f5e.

Standard
Administration, Security and Compliance, SharePoint

Security at the Site-Collection Level in SharePoint Online

Balancing security and usability are core to ensuring people can collaborate effectively without interrupting the necessary flow of information across organizations.  With SharePoint Online we’ve been at work developing security and sharing controls that are scoped at the site collection level.  This allows Tenant administrators to configure more restrictive controls at the site collection level, than those that are configured at the Tenant level providing a balance between the need to protect corporate information and the requirement to collaborate effectively across and outside of the corporate boundary.

Site Collection Controls

Restricted Domain Sharing Controls

With SharePoint Online sites can be shared with users from specific domains by using the restricted domains setting. This is useful for a business-to-business extranet scenario where sharing needs to be limited to a particular business partner or external user.

Administrators can configure external sharing by using either the domain allow list or deny list. This can be done at either the tenant level or the site collection level. Administrators can limit sharing invitations to a limited number of email domains by listing them in the allow list or opt to use the deny list, listing email domains to which users are prohibited from sending invitations.

To configure restrict domains in external sharing in SharePoint Online at the site collection level:

  1. From the SharePoint Admin Center, select the site collections tab.
  2. Select a site collection, and then click Sharing.
  3. Under Site collection additional settings, select the Limit external sharing using domain check box.
  4. From the drop-down list, choose either Don’t allow sharing with users from these blocked domains to deny access to targeted domains or Allow sharing only with users from these domains to limit access to only to the domains you list.
  5. List the domains (maximum of 60) in the box provided, using the format domain.com.. If listing more than one domain, separate each domain with a space or a carriage return.

Site-Scoped Conditional Access Policies

New to SharePoint Online are site-scoped conditional access policies.  Device-based policies for SharePoint and OneDrive in help administrators ensure data on corporate resources is not leaked onto unmanaged devices such as non-domain joined or non-compliant devices by limiting access to content to the browser, preventing files from being taken offline or synchronized with OneDrive on unmanaged devices at either the Tenant or site collection level.

Site-scoped device-based access policies can be configured with SharePoint Online Management Shell.

Before you get started using PowerShell to manage SharePoint Online, make sure that the SharePoint Online Management Shell is installed, and you have connected to SharePoint Online.

NOTE

The Tenant-level device-based policy must be configured to Full Access prior to configuring site-scoped policies.

Connect-SPOService -Url https://<URL to your SPO admin center>
$t2 = Get-SPOSite -Identity https://<Url to your SharePoint online>/sites/<name of site collection>
Set-SPOSite -Identity $t2.Url -ConditionalAccessPolicy AllowLimitedAccess

Read more about site-scoped conditional access at https://blogs.technet.microsoft.com/wbaer/2017/10/08/site-scoped-conditional-access-policies-in-sharepoint-online/.

Additional Controls

Allow users to Invite new partner users:    In certain site collections, admins can optionally allow users to invite new partner users. In this model, an email invite is sent to the partner user and the user must redeem that invite to access the resource. See Manage external sharing for your SharePoint Online environment for details.

Sharing by site owners only:    Ability to have site collections where only site owners can bring in or share with new users. Site members, who are typically external partner users, can see only the existing site members in the site. This helps in governing what partners can see and with whom they can share documents.

To learn more about security and compliance with SharePoint and OneDrive:

Standard
Administration, Security and Compliance, SharePoint

Site-Scoped Limited Access Policies in SharePoint Online

In March 2017 we introduced device-based policies for SharePoint and OneDrive, that enable administrators to configure Tenant-level policies.

Device-based policies for SharePoint and OneDrive help administrators ensure corporate data is not leaked onto unmanaged devices such as non-domain joined or non-compliant devices by limiting access to the content to the browser, preventing files from being taken offline or synchronized with OneDrive.

On September 1st, 2017 we’ve continued to evolve our conditional access investments to address the ever-changing security landscape and business needs by introducing new levels of granularity with conditional access that allow administrators to scope device-based policies at the site collection level.  In addition, this granular policy can be configured to allow users on unmanaged devices to edit Office Online documents in the browser.

In the demonstration above, the Tenant is configured with a permissive device access policy, allowing full access from unmanaged devices to include desktop apps, mobile apps, and browsers.  The Marketing site inherits the policy configured at the Tenant; however, the Legal site has a policy configured less permissive than that configured at the Tenant level.  In addition, members of the Marketing site, while limited to browser only access on unmanaged devices, can continue to edit content they have access to provide a seamless collaborative experience.

Configuring Policies

Once available in First Release Tenants site-scoped device-based access policies can be configured with SharePoint Online Management Shell.

Before you get started using PowerShell to manage SharePoint Online, make sure that the SharePoint Online Management Shell is installed and you have connected to SharePoint Online.

NOTE

The Tenant-level device-based policy must be configured to Full Access prior to configuring site-scoped policies.

  1. Connect-SPOService -Url https://<URL to your SPO admin center>
  2. $t2 = Get-SPOSite -Identity https://<Url to your SharePoint online>/sites/<name of site collection>
  3. Set-SPOSite -Identity $t2.Url -ConditionalAccessPolicy AllowLimitedAccess
Standard
Administration, Events, OneDrive for Business, Security and Compliance, SharePoint

Stay ahead of data residency requirements with Multi-Geo Capabilities in Office 365

Governments around the world are strengthening laws and regulations to protect citizens’ data, preserve national security, and protect business interests.

Last week at Microsoft Ignite we announced new Multi-Geo Capabilities in Office 365 to help ensure you remain compliant with services to include SharePoint, OneDrive, and Exchange.

The new Multi-Geo Capabilities in Microsoft 365 with SharePoint and OneDrive provide global organizations a solution to maximizing the value of Office 365, including SharePoint and OneDrive, while meeting data residency and compliance requirements.

Multi-geo capabilities provide you with a choice of geographical locations in which to store, manage, and secure your data by allowing a single Office 365 tenant to span multiple regions, storing data on a per-user or per-site basis.  So, whether you’re adding a new user to your organization or need to move an existing user, as well as their data, seamlessly and transparently to that user, to a new region, new multi-geo capabilities are designed to address those needs.

 

In a multi-geo configuration, your Office 365 Tenant consists of a central, default location, such as North America and one or more satellite locations.  In this scenario, a single Tenant can span across multiple locations ensuring your data resides within the boundaries of each respective geo.  Each geo in a multi-geo configuration is addressed with a unique Url specified when configuring the Office 365 Tenant, such as contosona or consotoeur to represent North America or Europe respectively.

Information about multi-geo enabled Tenants such as geo locations, groups, and user information, is mastered in Azure Active Directory (AAD).  Since the Tenant information is mastered centrally and synchronized into each geo location, sharing and experiences involving anyone from your company contain global awareness.  For example, a user whose preferred OneDrive data location in Europe, can share with users in North America or other configured geo locations, and discover content created across the tenancy using services such as search and Office Delve.  In addition, independent policies can be configured at each geo location to include explicit sharing policies, eDiscovery, etc.

Multi-Geo capabilities for OneDrive is in private preview today. If you’re interested and want to learn more visit the links below.

OneDrive http://aka.ms/OneDriveMultiGeo

Resources

To learn more about Multi-Geo Capabilities in Office 365 refer to the resources below:

Watch and download Understanding Multi-Geo Capabilities in Office 365 at https://myignite.microsoft.com/sessions/54705?source=sessions from Microsoft Ignite.

Watch and download Multi-Geo Capabilities in OneDrive and SharePoint Online at https://myignite.microsoft.com/videos/53873 from Microsoft Ignite.

Watch and download Exchange Online Multi-Geo Capabilities at https://myignite.microsoft.com/sessions/55160?source=sessions from Microsoft Ignite.

Read more about Multi-Geo capabilities in Office 365 at https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Introducing-Multi-Geo-in-Office-365/ba-p/107016.

Watch Introducing Multi-Geo capabilities in Office 365 on Microsoft Mechanics at https://www.youtube.com/watch?v=3d9-Vt2fArk&feature=youtu.be.

Standard