The Microsoft Viva suite has been expanding and delivering its employee experience platform apps since its announcement in 2021. Integrated with Microsoft Teams, Microsoft Viva offers Viva Learning, Viva Topics, Viva Insights, Viva Engage, and Viva Goals, all accessible through the “home” of the Viva Suite, Viva Connections.
Microsoft Viva Goals supports the Objectives and Key Results (OKR) goal-setting framework for the natural alignment of an organization’s top strategic business priorities with the work that is being performed by its teams to drive results and feed a thriving business, keeping forward momentum. Not only will it align, but it will create, manage, and customize OKR workflows through automated check-ins and OKR templates. With a shared dashboard and advanced insights, OKR rhythms can be boosted through the connection of work and outcomes through deep integrations to projects and tasks such as data sources, critical tools, and advanced OKR configurations such as customizable weights and scoring guidance.
Viva Goals provides business leaders, HR leaders, and employees with the benefits of:
Viva Goals: Capabilities
More exciting capabilities will be added in the future, but for now, the features available with Viva Goals to bring your organization’s OKRs into the flow of work for your employees include:
Viva Goals: Logging In
Once your organization has purchased the license for Viva Goals, you can log in by using your Azure Active Directory credentials. Remain logged in to your Azure Active Directory to log in to Viva Goals. Follow the following steps based on your scenario:
Viva Goals: Creating Your First Organization
To create your first organization:
Viva Goals: Creating Additional Organizations
You may find that you need to create another organization if you are part of more than one organization. To create another organization in Viva Goals:
You can switch between organizations with the organization-switcher dropdown.
Viva Goals: How to Join an Organization
You can join an organization in Viva Goals by:
Microsoft Viva Goals provides employees and organizations the ability to utilize the successful OKR framework for the successful alignment of business priorities by focusing teams on the impact of their contributions on the organization’s success in achieving its goals. Employees and teams will feel engaged, empowered, and invested in the success of their organization through the sense of community and collaboration when real-time data and progression is presented on the centralized dashboard during town halls, team meetings, and at anytime an individual or team checks their progress. The key success of the OKR framework answers the question of “Why am I working here every day?” by providing a visible and mental connection between individuals, teams, and the organization’s strategic business goals and how their contributions impact the progress of the organization to reach these goals. Viva Goals provides a new, collaborative, community-based employee experience while propelling the organization forward as individuals and teams pull in the same direction for the successful completion of the organization’s strategic goals.
The Microsoft Viva suite, including Viva Learning, Viva Topics, Viva Insights, and Viva Goals, are all available through the Microsoft Teams app. The latest addition to the Viva family is Viva Engage. With Viva Learning, employees hone their skills and grow their knowledge. Viva Topics organizes expertise and knowledge, making it easily discoverable for your staff. Geared towards individual employees, Viva Insights encourages productivity balanced with self-care for one’s healthy well-being. Viva Goals improves business results by aligning teams. Viva Engage will connect people across an organization by creating communities, encouraging conversations, participating in activities like events, and sharing openly on topics ranging from personal experience to data-driven analytics. Viva Engage is a place where people in your organization can connect, share, and create a sense of belonging by creating communities with each other, regardless of their work environment, whether they are working onsite or remotely or a combination of both.
Viva Engage and Yammer: Their Relationship
The surfacing of new and existing employee-high-value experiences in Viva Engage, such as knowledge sharing, community building, self-expression, and leadership engagement, is powered by Yammer services. Being integrated into Microsoft Teams, Viva Engage also introduces Storylines and Stories, and both features will appear in the web, desktop, and mobile versions of Yammer. Users will see the same content and effectively access the same feature set whether they launch Viva Engage or Yammer.
In comparison to Yammer, there are a few features that are limited in Viva Engage:
Viva Engage and Viva Connections: What’s the Difference?
The best way to describe Viva Connections is that it is the “home” for the Microsoft Viva suite. It is the gateway, the place for your employees to start their day, and easily and quickly catch up on organizational news, resources, and tasks. Viva Connections is a branded company app where staff can find everything they need to stay connected and complete their tasks. As the overall arcing home of Microsoft Viva, Viva Connections provides a structured, tailored, and curated experience that reflects the user’s job role and the organization’s priorities, including resources, tasks, and organizational news. Featuring content from Viva Engage and SharePoint News, Viva Connections’ feed includes announcements, storyline posts from people who staff follow, and @Mentions.
Focusing on individuals, co-workers, leaders, and communities, by connecting and engaging each other, Viva Engage is the social layer of Microsoft Viva and Microsoft 365. Viva Engage provides a space for people to socialize through conversations (and they may come onto some unexpectedly), volunteering and sharing of their expertise and knowledge, and asking questions (and these can be work-related or “get to know each other” types such as “Post a pic of your pet”), hosting and/or participating in virtual events, and most importantly, extending their work network with more in-depth interactions and engagement.
Viva Engage: What is it?
Connecting. Sharing. Belonging. Microsoft Teams Viva Engage encourages a positive, inclusive, engaging, and community-based work culture as a social platform. Viva Engage allows individuals to connect with their co-workers, leaders, and communities regardless of their physical location in the work world. By fostering a social work culture, Viva Engage enables all members of a community and network to share:
Viva Engage: Setting Up
Installing Viva Engage App for Yourself in Teams
Note: Check with your Teams admin if you do not see Viva Engage in the available apps as they may have renamed the app.
Installing Viva Engage App for Your Organization
If the Microsoft Teams admin chooses to deploy Viva Engage for specific departments, then this can be done through a Teams app setup policy. If the Microsoft Teams admin chooses to deploy for the entire organization, then they deploy and pin the app for all users.
Licensing for Viva Engage and Yammer
As Viva Engage is included in the existing Yammer license, enable Yammer users will be enabled to use Viva Engage.
Configure and Review Privacy and Security Settings in Yammer
The content in Yammer and Viva Engage is managed by the Yammer administrator. However, Privacy and security controls from Yammer are shared with Viva Engage.
Viva Engage: Customizing the Appearance in the Teams Store
For organizations that have given their network custom branding to reflect their corporate identity, Viva Engage can be customized in the Teams app store. The appearances that can be customized for Viva Engage include:
The Microsoft Viva suite has provided Microsoft Teams with several apps, including Viva Learning, Viva Topics, Viva Insights, Viva Goals, and Viva Connections (the home for the suite). Now, with Viva Engage, there is a place where people in your organization can connect, share, and create a sense of belonging by creating communities with each other, regardless of their work environment, whether they are working onsite or remotely, or a combination of both.
In 2020, Microsoft announced Microsoft Teams Rooms to the MS Teams platform to support corporations and users adapting to the hybrid environment that was and continues to be, affected by the global pandemic. Microsoft Teams Rooms was developed to close the difference in the gap between onsite and remote staff meetings in a virtual space. Two years later, the work environment has morphed, demanding sophisticated, realistic, integrated, and interactive capabilities for meeting in the combined spaces of face-to-face and virtual. Microsoft Teams has kept the pace, but more importantly, focused and elevated these experiences for users in combination with ease of use and management. Understanding that users are both onsite and remote, Microsoft has met this challenge through an innovative approach by rethinking and designing Microsoft Teams Rooms. Unlike previous licensing, Teams Rooms licensing is based on the number of devices rather than users. Changing from the previous licensing format, the new Microsoft Teams Rooms licensing offers two forms – the Basic and the Pro. Notably, there are some major differences in the offerings between the plans.
What is a Microsoft Teams Room?
Microsoft Teams Room is a virtual space for staff to meet regardless of their location at the time of the meeting. Microsoft Teams Room facilitates attendees to meet virtually, even if they are on-site in their own office or a board room, offsite in their home or cottage, or a combination of both on-site and off-site. This hybrid meeting environment has challenges, including creating an environment whereby attendees interact as if face-to-face, ease of use, realism, and on-the-fly meetings. Microsoft Teams Rooms eliminates the barriers that exist between places, people, and spaces. It is a splace (space and place) for attendees and participants to inclusively meet, engage, create, collaborate, and be together regardless of their physical location.
What is Microsoft Teams Room Basic Plan?
Previously, Microsoft Teams Room was available in the Basic and Premium Plans. With the introduction of Pro, the former Premium plan is no longer available.
Microsoft Teams Room Basic is just that. The Basic plan will provide small businesses the ability to create hybrid meeting spaces through scheduling, sharing wireless content, and joining meetings. However, if your small business requires assistance in managing core and hybrid meeting features, then the Pro plan is the one that will meet these needs.
Teams Room Basic is included with all certified Teams Rooms devices at no extra charge if purchased before September 1, 2022. For licensing, 25 Basic licenses, or rooms, can be applied by the customer to their tenant.
What is Microsoft Teams Room Pro Plan?
The new Teams Room Pro Plan focuses on ease of usability, security, flexibility, inclusivity, and management while providing a simplified purchasing process for customers. Teams Room Pro offers one license that includes the existing Teams Room features, innovative advancements in hybrid meeting experiences, and the Teams Rooms managed service platform.
Some features are currently available in Teams Room Pro while others will be rolled out in the future. These features include:
Microsoft Teams Rooms Pro: Teams Rooms Managed Services, IT Service Management (ITSM) Integration
In the previous Teams Rooms Premium plan, Microsoft provided a paid service for 24/7 monitoring and management of the room operating system and software with the permission to perform remote action to address any issues or deficiencies. With the new Teams Rooms Pro plan, Microsoft will no longer provide this paid service but instead will enlist partner remediation. Beginning October 1, 2022, all incidences will remediate automatically or route to either the designated management partner of the customer or the customer’s IT department, negating the need for Microsoft engineers to be the intermediary.
Preparing for the Transition to Microsoft Teams Rooms Basic and Pro
The deadlines for the transitions are coming up quickly, and as administrators, these deadlines are outlined in Microsoft’s documentation under “Important” notes.
One detail to be noted is that “legacy licenses” will not automatically transition to the new licenses. When a legacy or older license expires, an organization will have to switch to Basic or Pro, which can be done through the Microsoft 365 Admin Centre Portal. Alternately, licensing for the Teams Rooms Pro plan can be purchased from sales channel partners of Microsoft.
An important detail regarding user licenses used with Teams Rooms devices, as noted in Microsoft’s documentation, will no longer be supported effective July 1, 2023. User licenses will need to be replaced by a Teams Rooms Basic or Teams Rooms Pro license as Teams Rooms licensing is based on the number of rooms, not the number of users. It was also made clear that meeting devices that have a user license will be blocked from signing in until a Teams Rooms license is assigned.
Once again, Microsoft has focused on the Microsoft Teams collaborating app with changes and enhancements that continue to support interactive, real-time, engaging, and collaborative meetings in Microsoft Teams Rooms. Whether it is the Basic or Pro license, organizations will be able to schedule, join, and share content with the Basic license to fully immersed, innovative, collaborative participation with high-definition audio, visual enhancements, multi-user whiteboarding, side-chat bubbles, and live reactions with the Pro license. Whichever plan is implemented, Microsoft Teams Rooms continue to provide an excellent solution as a key method of hosting and delivering meetings regardless of participant location. Seamless and easy to use, Microsoft Teams Rooms transcends barriers and brings together participants who are onsite, remote, or a combination of both into one space as if they are face-to-face for real-time collaboration.
In continuation from our first article, Part 1: Security and Compliance Across SharePoint, OneDrive, and Teams, we will continue to examine the announcements from Ignite 2022 of how Microsoft is offering new measures of cybersecurity as it resolves to meet the high Zero Trust standard of cybersecurity. Cybersecurity has been highlighted with the hybrid work environment with many organizations being prey to hackers, and in some situations, being held hostage to pay fines and ransoms. These situations can cause severe loss of income to the bankruptcy of an organization.
Not to be taken lightly, Microsoft has introduced six new security and management capabilities to help counter these cyberattacks. As announced at Ignite 2022, these counter measures include:
In our previous article, we examined Advanced Assess Policies for Secure Collaboration, and in this article, we will review the remaining new announcements for security and management.
Security Controls to Safeguard Content
User-Defined Permissions (UDP) Support for Office Files in SharePoint, OneDrive, and Teams: Private Preview
Expanding and innovating with Sensitivity Labels, User Defined Permissions, Office files will be protected with labels containing User Defined Permissions (UDP). Admins will be able to apply sensitivity labels that are associated with admin-defined permissions, such as who can view and co-author files in SharePoint, OneDrive, and Teams.
Protected PDFs Support in SharePoint, OneDrive, and Teams: Private Preview
By bringing the security controls that power Office files to protected PDF files, sensitivity labels can now be viewed in the Document Library’s sensitivity column when labeled and encrypted PDF files are uploaded to SharePoint, OneDrive, and Teams. Compliance and security admins, by using their established DLP or eDiscovery policies, can govern these protected PDFs.
Default Sensitivity Labels for SharePoint Document Libraries: Public View
The default sensitivity label for SharePoint Document Libraries can be set through the Library Settings in the information panel. Once the appropriate sensitivity label has been assigned, all documents in that library will be labeled automatically. These documents can be newly created ones or ones that are being modified. The concept of labeling with rich sensitivity labels that have been applied with Office files, SharePoint Sites, Teams, and Microsoft 365 groups can now be applied to new and uploaded documents in SharePoint Document Libraries.
Programmatic Way to Assign Sensitivity Label to a File in SharePoint, OneDrive, and Teams: Private Preview
A premium capability, a programmatic endpoint in the Microsoft Graph Beta will allow users and applications to allow the labeling of files.
Anti-Malware Scan on File Download: General Availability
Advancing towards Zero Trust, the third layer of protection is added in addition to the asynchronous antimalware scanning in SharePoint and OneDrive with anti-malware scanning during downloading of unscanned files through the browser or in Teams.
Forensic Malware Identification and Extraction: General Availability
Through the use of the simple SharePoint PowerShell cmdlet, administrators will not need to elevate their access to the SharePoint or OneDrive site where malware and infected content is present. They will be able to determine what type of malware is present in a file that is marked infected and extracts the infected file from the site in order to perform further analysis, circumventing the existing challenge of how to gain access to infected files without needing to gain access to all the files in the source site.
Information Barriers (IB) 2.0: IB Modes and Multi-Segment Support: General Availability
The needs of users can be tailored with the capability provided through the Information Barriers (IB) modes while maintaining corporate information barriers. With five IB modes (Owner-moderated, Open, Explicit, Implicit, and Mixed), there is flexibility and customizability to support site/team owners to bring in incompatible segments users to the site/team to participate in multiple regulatory projects to successfully complete projects while meeting mandatory regulatory needs.
With Migration Manager, Bulk download reports, Migration filters, and Estimated time to migrate are new features added to simplify the migration of content from file shares, Dropbox, Google Drive, Egnyte, and Box.
Bulk-Download Detailed Reports
When performing cloud migrations, gone is the time-intensive download of detailed reports that are chosen one by one. Instead, this can now be done with one click by selecting tasks in the scans and migrations tab.
Content can be curated in M365 by filtering the files and folders containing invalid characters, excluding by folder names and file extensions, and by date of creation and modification. There is an option to replace invalid characters with valid characters.
Estimated Time to Migrate
An estimate of time to complete the migration project and the task level is provided based on scans, file sizes, and other factors.
SharePoint Migration Tool (SPMT) Improvements
Scanning and migration from On-prem Server are streamlined within one tool while the navigation page flow is intuitive for managing migration jobs and creating migration-by scenarios.
Advanced Sites Lifecycle Management
SharePoint Data Access Governance (DAG) Insights V1: General Availability
The lifecycle of a site starts at the time of its creation and evolves to the active state when content and collaboration occur with users. During this active state is when oversharing or accidental sharing occurs. With DAG, administrators can discover the top 100 and the top 10,000 sites of millions of sites that an organization may have and that requires the closest monitoring/validating/tailoring for share and access policies for these sites.
Sites Lifecycle Policies – Inactive Sites: Preview
With Sites Lifecyle Policies, administrators can create tailored inactive site policies that target specific SharePoint sites, Teams created sites, Public labeled sites, or sites with information segment of Research. These policies will trigger an alert to the respective site owner, providing them the option to delete, keep or exercise other actions on these inactive sites.
Site History and Recent Admin Actions: Preview
The Site History capability in the SharePoint Admin centre addresses the inability of SharePoint admins to troubleshoot inaccessible team sites, know the lifecycle state of a site, manage the lifecycle, and know the activities carried out by site owners. The Site History will provide a history of all changes made to site properties by all site owners and admins in the admin actions panel and will show the latest site changes such as site URL, site name, storage limit, and share settings. Admins will also be able to export 30 days of changes.
Organization Lifecyle Management
SharePoint Tenant Rename: General Availability
For tenants with less than 10k sites, SharePoint Tenant Rename allows SharePoint admins to rename the tenant’s SharePoint URL should the organization need to rebrand due to a merge or expansion across satellite locations.
OneDrive Cross-Tenant User Data Migration: General Availability
With OneDrive Cross-Tenant User Data Migration, admins can move users’ OneDrive and mailboxes across two tenants by implementing a simple set of SharePoint PowerShell cmdlets. Sharing links to old URLs will continue to work even though the URL of OneDrive has changed. Why would admins need to migrate users across two tenants? Situations arise when companies expand through mergers and acquisitions, which are part of an organization’s lifecycle. When mergers and acquisitions occur with a common footprint in Microsoft 365, OneDrive Cross-Tenant User Data Migration makes easy work of moving users from one tenant to the next while retaining content integrity and security.
Microsoft Ignite 2022 has had some exciting announcements, including its stance on Zero Trust concerning cybersecurity and the many ways it is addressing and proactively implementing to achieve this standard. From sensitivity labels to access policies, from site lifecycle management to secured migration tools, Microsoft is providing organizations, admins, and their users several layers, methodologies, and processes to retain control of content at the organization, admins, and user levels. Cybersecurity with Zero Trust is the new standard and Microsoft is working adamantly towards this high bar of security.
Around the world, we hear how corporations fall prey to cyber predators. Cybersecurity has never been more important than now with the hybrid conditions for work. The challenge has been to ensure the cybersecurity of data and content for staff who work remotely on their systems and Wi-Fi network in conjunction with staff who work on-site. With so many possibilities of threat entries, cybersecurity has reached Zero Trust as the standard and norm. Microsoft is committed to enabling its customers to diligently, smoothly, and easily as possible manage content, people, and context across SharePoint, OneDrive, and Teams.
Microsoft announced at Ignite today, six new security and management capabilities including:
In this article, we will review Advanced Access Policies for Secure Collaboration and we will review the remaining in the next article, Part 2: Security and Compliance Across SharePoint, OneDrive, and Teams.
Advanced Access Policies for Secure Collaboration
Advanced access policies for secure collaboration are currently available as either private preview, general availability, or premium feature and span across SharePoint sites, OneDrive, and Teams.
Restricted Access Control (RAC) Policy for SharePoint Sites: Private Preview
Unauthorized access to content can occur when content is overshared by users. Users commonly share content with good intent, but they are unknowingly and mistakenly, sharing with a broad audience, resulting in unauthorized access to content by the broader audience. Oversharing has always been an issue, but with hybrid work environments, this has bubbled to the surface with an expansion of oversharing and unauthorized access to content.
With the RAC Policy for SharePoint Sites, administrators can now restrict access to SharePoint Sites, instantly restricting access to content to a confined set of users, regardless of how widespread the content has been shared or where inheritance was broken at the content level.
This advanced policy, RAC Policy v1 (Private Preview), allows administrators to restrict Microsoft 365 Groups-connected sites to having the same membership as the parent Microsoft 365 Group, even if the site or content was shared outside of that group membership. Microsoft announced that this policy will be extended to all SharePoint Site templates by configuring the RAC policy with a security group.
Restricted Access Control (RAC) Policy for OneDrive in Your Organization: General Availability
Announced at Ignite this week, the Restricted Access Control Policy for OneDrive is generally available. Similar to oversharing of SharePoint sites with external users, OneDrive content is also overshared.
By creating security groups in Azure Active Directory that contains all the organization’s employees and then configuring the Limit OneDrive Access to those groups in the SharePoint Admin centre, only those groups granted access will now have access. By restricting access to all OneDrives in your organization to a determined set of users such as only employees, your organization’s content is secure from being accessed by externals who should not have access in the first place.
Conditional Access Policies for SharePoint Sites, OneDrives, and Teams: General Availability
There is flexibility with the Conditional Access Policies for SharePoint Sites, OneDrives, and Teams by allowing admins to determine whether the content is classified as business strategic or general training content. Both types of content will require different levels of security whereby classified business strategic content is accessible only when certain conditions are met, and general training content should be easily accessible. The conditional access requirements should match the security posture of these sites.
This can be achieved by utilizing SharePoint Online PowerShell to set the appropriate access policy for a site. This will dictate the conditions that are required to access the specified site. For example, a site containing business strategic information can have the condition of multi-factor authentication (MFA) to be met in order for a user to access this site. Additionally, these policies can be associated with sensitivity labels, if deployed, by labeling the teams or sites appropriately. The key benefit of this policy is that it allows the admin to have users go through additional credentialing only when they are accessing critical sites or teams that contain business strategic content.
Access policies are just one of the methods that are being applied for cybersecurity by Microsoft. As Microsoft moves closer to Zero Trust, increasing security controls, safeguards, malicious malware protection, and lifecycle management are all integral parts of this advancement. In our next installment, Part 2: Security and Compliance Across SharePoint, OneDrive, and Teams, we will examine these closer in detail.