Connecting Technology and Business.

Your Messages are Encrypted in Office 365

Message Encryption in O365 is service that lets you send encrypted emails to people outside your company. No matter what the destination-Outlook.com, Yahoo, Gmail, Exchange Server, Lotus Notes, GroupWise, Squirrel Mail, you name it - you can send sensitive business communications with an additional level of protection against unauthorized access. There are many business situations where this type of encryption is essential. Here are just a few.

  • A bank sending credit card statements to customers over email.
  • An insurance company providing details about the policy to clients.
  • A mortgage broker requesting financial information from a customer for a loan application.
  • A healthcare provider using encrypted messages to send healthcare information to patients.
  • An attorney sending confidential information to a client or another attorney.
  • A consultant sending a contract to a client.
  • A therapist providing a patient diagnosis to an insurance company.

Office 365 E3 and E4 users will get Office 365 Message Encryption at no extra cost.

Setting up encryption

Administrators set up transport rules to apply Office 365 Message Encryption when emails match specified criteria. Transport rules provide great flexibility and control, and can be managed via a web-based interface or PowerShell.

Setting up the transport rules is simple. Administrators simply select the action to apply encryption or remove encryption in the Exchange admin center.


You set up Office 365 Message Encryption rules in the Exchange admin center.  

Once the admin sets up the rules, whenever anyone in the company sends a message that matches the conditions, the message is encrypted using Office 365 Message Encryption. The outgoing message is encrypted before it is delivered to the outside mail server to prevent any spoofing or misdirection.

Receiving and responding to encrypted messages

When an external recipient receives an encrypted message from your company, they see an encrypted attachment and an instruction to view the encrypted message.


The encrypted message appears as an attachment in a message in the recipient’s inbox, with instructions for how to view it. 

You can open the attachment right from your inbox, and the attachment opens in a new browser window. To view the message, you just follow the simple instructions for authenticating via your Office 365 ID or Microsoft Account.


Once you are authenticated, the content of an encrypted message appears.

The Message Encryption interface, based on Outlook Web App, is modern and easy to navigate. You can easily find information and perform quick tasks such as reply, forward, insert, attach, and so on. As an added measure of protection, when the receiver replies to the sender of the encrypted message or forwards the message, those emails are also encrypted.


When you reply to an encrypted message you’ve received, your reply is also encrypted.

-gleaned from Office Blogs

Use more than one authentication method to keep identities secure

Microsoft has added Multi-Factor Authentication for Office 365 to Office 365 Business plans, Enterprise plans, Academic plans, Non-profit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This allows organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.

Multi-factor authentication increases the security of user logins for cloud services above and beyond just a password. With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in.

Multi-factor authentication is available for Office 365 administrative roles and also to any Office 365 user and users who are authenticated from a federated on-premises directory.

Microsoft has also added App Passwords for users so they can authenticate from Office desktop applications.

Multi-factor authentication enhances security for Office 365. (Office 365 offers many robust built-in security features for all customers and also optional controls that enable subscribers to customize their security preferences. More information about security in Office 365 is available in the Office 365 Trust Center).

Multi-Factor Authentication for Office 365

Office 365 administrators enroll users for multi-factor authentication through the Office 365 admin center.


On the users and groups page in the Office 365 admin center, you can enroll users for multi-factor authentication by clicking the Set Multi-factor authentication requirements: Set up link.


The multi-factor authentication page lists the users and allows you to enroll a user for multi-factor authentication.

After a user is enabled for multi-factor authentication, they will be required to configure their second factor of authentication at their next login. Each subsequent login is enforced and will require use of the password and phone acknowledgement.


After being enrolled for multi-factor authentication, the next time a user signs in, they see a message asking them to set up their second authentication factor.

Any of the following may be used for the second factor of authentication.

  1. Call my mobile phone. The user receives a phone call that asks them to press the pound key. Once the pound key is pressed, the user is logged in.
  2. Text code to my mobile phone. The user receives a text message containing a six-digit code that they must enter into the portal.
  3. Call my office phone. This is the same as Call my mobile phone, but it enables the user to select a different phone if they do not have their mobile phone with them.
  4. Notify me through app. The user configured a smartphone app and they receive a notification in the app that they must confirm the login. Smartphone apps are available for Windows Phone, iPhone, and Android devices.
  5. Show one-time code in app. The same smartphone app is used. Instead of receiving a notification, the user starts the app and enters the six-digit code from the app into the portal.


Once a user is signed in they can change their second factor of authentication.

The settings menu is the little cog at the top right of the portal screen. In the settings menu clicking the additional security verification link. 

App Passwords in Multi-Factor Authentication for Office 365

Users who are enrolled for multi-factor authentication are required to configure App Passwords in order to use Office desktop applications, including Outlook, Lync, Word, Excel, PowerPoint, and OneDrive for Business.

Once an information worker has logged in with multi-factor authentication, they will be able to create one or more App Passwords for use in Office client applications. An App Password is a 16-character randomly generated password that can be used with an Office client application as a way of increasing security in lieu of the second authentication factor.

App Passwords are not available for use with PowerShell access to Office 365, and they can be turned off entirely for the Office 365 tenant for customers who have special security policies.


After you’ve created an App Password for an Office desktop application, such as Outlook, it is indicated in a list in your account.

- gleaned from Office blogs

SharePoint Server or SharePoint Online – that is the question

Many business enterprises grapple with the dilemma whether to host their SharePoint on-premises or to settle for what is available on the SharePoint online services that Microsoft offers in its Office 365 offerings. There is a third but less considered option – host SharePoint server on the cloud using the Infrastructure as a Service (Iaas) offered by Microsoft (Azure) or other cloud players.

Any decision, according to Gartner, must be based on the business objective of the enterprise rather than any other consideration. As this question gets complex with the increase in the number of users/user teams, their location, connectivity, security, compliance, privacy and controllability, Gartner has published decision frameworks, decision factors and lists of strengths and weaknesses to help enterprises base their decisions on.

While many enterprises that desired an intranet for their staff have already invested in SharePoint for an on-premises solution (SharePoint Online was a late-comer), with the cloud-first principle, Microsoft has started rolling out a lot of new features in the SharePoint online services that has become attractive and is becoming a deterrent in decision making in support of an on-premises solution. Now, a serious decision is looming in the near future for many enterprises whether to go for the next upgrade of SharePoint server or should the enterprise opt for the cloud services.

Some of the factors that influence a decision are listed hereunder:

Is my enterprise content safe on the cloud?

A number of enterprises are still worried about the security of their content. With news of data breaches happening all around the web, this is a factor of grave concern for the enterprises. Many of them still hesitate to consider the online services as a safe bet and are not ready to move their content to the cloud due to legal constraints. While Microsoft, one of the most trusted IT companies in the world, has come up with a lot of information on its trust center about the various steps it has taken to make the enterprise content secure and about the various certification that it has acquired over the years (http://azure.microsoft.com/en-us/support/trust-center/ ), it still fails to offset the fears in the mind of the enterprise decision makers. They would rather live with their content in their datacenter and risk a breach than trust it to a third party vendor.

Where is my data?

Many business enterprises that provide services to their customers and clients are facing this question – where is my data located in the cloud? Many of them are bound by legal compliance requirements that prohibit them from moving their data beyond their national boundaries. Customers and clients might consider it a threat to allow their data to be held in a country that might not align with their political, religious or cultural convictions. While Microsoft allows enterprises to choose a zone of their choice for holding their content on the azure services, it is not so transparent with respect to the Office 365 services.

How is the connectivity?

While a SharePoint server might require only a LAN connectivity, SharePoint online would require an always online kind of a WAN connectivity for accessing content. Many developing countries are still facing a problem of poor internet connectivity which might be a very important factor that influences the decision against SharePoint online services. While there is the 3G and 4G connectivity that is becoming popular lately in the urban areas, this might not be the case in places  that are far removed from the cities where the manufacturing centers are located – in industrial estates and export processing zones that have limited connectivity even today.

How much do I get to store?

SharePoint online provides 500 mb per user subscription apart from the 10GB available for the enterprise. This might become a limitation where the enterprise is content-intensive. While additional space for storage of the content can be bought from the service provider, this might be considered as an additional expense and there might not be an upper predictable limit for budgeting purposes.

Will my search be fast enough?

As SharePoint is made available in a multitenant environment, search capabilities might be slow and not give the user as good an experience as an on-premises solution. There is a potential scalability concern when it comes to the online services.

What limit of customization do I want?

With a SharePoint on-premises solution, there is a possibility of extensive customization. Enterprises can make the solution as user friendly as possible. With the SharePoint designer, a lot of apps can be built in to the solution to make the platform a real collaborative entity. SharePoint online provides limited customization options.

How much am I going to spend?

The online services is available at a fractional cost of the on-premises solution and comes in a subscription model. The underlying infrastructure is of no worry to the enterprise and does not require the upkeep of it. The personnel for maintaining the solution and their skill set requirements become minimal. An on-premises solution would require a Windows server, the respective client access licenses, SQL server, the SharePoint server and the client access licenses and a double investment for high availability scenarios.

How fast do I want to roll out / scale up the solution?

An On-premises SharePoint solution requires details architectural planning and the roll out might take several months. The end-user waiting time for this solution might at some time sap the enthusiasm of the users. An online solution would shorten this time significantly as the infrastructure is readily made available by the service provider. And scaling up and down depending on the requirement is possible in an online solution as it is a pay for what you use model. Scaling down on the number of users in an on-premises model will only reduce the Return on investment (RoI) significantly.

The third option – Hosting the SharePoint server on the cloud

This might be an option that enterprises might want to consider if they are financially crunched on acquiring fresh hardware or provision existing hardware for this SharePoint solution. In this case, not only have they to pay the vendor for IaaS but also have to pay for the software Server licenses and CALS. And the responsibility of running and upkeep of the solution is on the shoulders of the internal IT admins.

Azure Active Directory - Capabilities and Business Benefits (1)

Azure Active Directory provides single sign-on to thousands of cloud (SaaS) apps and access to web apps that an enterprise runs on-premises. Built for ease of use, Azure Active Directory features Multi-Factor Authentication (MFA), access control based on device health, user location, and identity and holistic security reports, audits, and alerts. Azure Active Directory is available in 3 editions: Free, Basic and Premium.

Benefits of Azure Active Directory

Single sign-on to any cloud and on-premises web app

Azure Active Directory provides secure single sign-on to cloud and on-premises applications including Microsoft Office 365 and thousands of SaaS applications such as Salesforce, Workday, DocuSign, ServiceNow, and Box.

Easily extend Active Directory to the cloud

Connection to Active Directory and other on-premises directories to Azure Active Directory is available in just a few clicks and it helps maintain a consistent set of users, groups, passwords, and devices across both environments.

Works with iOS, Mac OS X, Android, and Windows devices

Users can launch applications from a personalized web-based access panel, mobile app, Office 365, or custom company portals using their existing work credentials—and have the same experience whether they’re working on iOS, Mac OS X, Android and Windows devices.

Protect sensitive data and apps

Application access security is enhanced using rule-based Azure Multi-Factor Authentication for both on-premises and cloud applications. Security reporting, auditing, alerting, and “shadow IT” application discovery helps protect the business. Business can also take advantage of unique machine learning-based capabilities that identify potential threats.

Protect on-premises web apps with secure remote access

Users can access their on-premises web applications from everywhere and can be protected with multi-factor authentication, conditional access policies, and group-based access management. They can also access SaaS and on-premises web apps from the same portal.

Reduce costs and enhance security with self-service

Admins can delegate important tasks such as resetting passwords and the creation and management of groups to their employees. Providing self-service application access and password management through verification steps can reduce helpdesk calls and enhance security.

Enterprise scale and SLA

Azure Active Directory Premium offers enterprise-grade scale and reliability. As the directory for Office 365, it already hosts hundreds of millions of users and handles billions of authentications every day. The high availability service is hosted in globally distributed datacenters in 17 regions, with worldwide technical support that provides a 99.9% SLA.

Empower Users

Business enterprises can enable users to work from any location – corporate office, home office, on the go, using any device – desktops, laptops, tabs, smartphones. They can give the users always-on access to all their work resources using a single set of credentials protected with Multi-Factor Authentication. After a user has signed in, they get single sign-on access to their apps and data.

Self-service capabilities

Enterprises can minimize support costs and keep users up and running by configuring self-service experiences. With web-based tools such as Access Panel and Password Reset, users  can be given a personalized, company-branded portal to access SaaS applications.

Users create and manage their own groups

Admins can empower users to create their own groups, assign members to groups they own, approve join requests, and more.

Users change and reset their own passwords

Businesses can give all users in their directory the capability to change and reset their passwords – whether they are in the cloud or on-premises.

Additional certifications for O365 - Now ISO 27018 and HITRUST

Microsoft cares deeply about supporting compliance with specific standards and regulations related to data security and privacy as required by theircustomers in various geographies and industries. They consider compliance a core feature of their services, and they make significant investments in this area to ensure that that they are continuously innovating on compliance as they do with all the other aspects of Office 365. To this end, They announced two new additions to their compliance capabilities—ISO 27018 and HITRUST in the second week of Feb 2015.

ISO 27018 compliance

In their most recent ISO 27001 audit, an independent auditor validated that Microsoft incorporated controls that comply with the ISO 27018 standard for protection of personally identifiable information (PII) in public clouds.

ISO/IEC 27018 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect personally identifiable information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

There are three big commitments enabled by these controls:

  1. Office 365 is “advertising-free,” so customers don’t have to worry that the data they put into Office 365 is used for advertising or marketing purposes;
  2. There are defined policies for the return, transfer and secure disposal of PII; and
  3. Office 365 proactively discloses the identities of sub-processors.

HITRUST compliance

Developed in collaboration with healthcare and information security professionals, the HITRUST CSF rationalizes healthcare-relevant regulations and standards into a single overarching security framework. HITRUST leverages the concepts and rating scheme of the NISTIR 7358 standard – Program Review for Information Security Management Assistance (PRISMA) to assess an organizations security management program. The methodology is a proven and successful scalable process and approach to evaluating an organization’s information security program. The structure of a PRISMA Review is based upon the Software Engineering Institute’s (SEI) former Capability Maturity Model (CMM), where an organization’s developmental advancement is measured by one of five maturity levels.  The rating is an indicator of an organization’s ability to protect information in a sustainable manner.

Microsoft also announced that the Office 365 team, in partnership with an independent assessor, completed an assessment to evaluate their compliance with HITRUST. Viewed as an important standard by U.S. healthcare organizations, HITRUST has established the Common Security Framework (CSF) , a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. HITRUST has a rating scheme to assess an organization’s security management program where an organization’s developmental advancement is measured by one of five maturity levels. The rating is an indicator of an organization’s ability to protect information in a sustainable manner. An independent auditor evaluated the Microsoft security program overall at a Level 5 rating, which is the highest possible rating.

These two announcements further demonstrate Microsoft's commitment as a cloud service provider to build privacy as a foundational component of their services.

Microsoft understands that security and compliance are extremely important to their customers so they make it a core part of how they design and manage the service. As they rapidly innovate in productivity services with Office 365, they will continue to invest in making Office 365 a service that is highly secure and compliant with global as well as regional and industry specific standards and regulations. One can learn more about security and compliance in Office 365 by visiting the Office 365 Trust Center.

Microsoft Azure Compliances and Certifications

ISO 27001-2013

ISO 27001 is an information security standard that is published by the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27. It is a specification for an information security management system (ISMS). Organizations which meet the standard may gain an official certification issued by an independent and accredited certification body on successful completion of a formal audit process.


Payment Card Industry Data Security Standard is a proprietary information security standard for organizations that handle branded credit cards from the major card brands including Visa, MasterCard, American Express, Discover, and JCB. Private label cards --those without a logo from a major card brand are not included in the scope of the PCI DSS.

The PCI Standards is mandated by the card brands and run by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.


The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

SOC 1 & SOC 2

Service Organization Controls are a series of accounting standards that measure the control of financial information for a service organization. They are covered under both the SSAE 16 and the ISAE 3402 professional standards.

SOC 1 reports will be prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. SOC 1 reports provide a means of reporting on the system of internal control for purposes of complying with internal control over financial reporting.

For reports that are not specifically focused on internal controls over financial reporting, SOC 2 and SOC 3 reports should be used. These reports will focus on controls at a service organization relevant to security, availability, processing integrity, confidentiality, and/or privacy.


Federal Risk and Authorization Management Program – FedRAMP - is a U.S. government program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud services used by the federal government.

UK G-Cloud

The UK Government G-Cloud is an initiative targeted at easing procurement by public sector bodies in departments of the United Kingdom Government of commodity information technology services that use cloud computing. The G-Cloud consists of:

  • A series of framework agreements with suppliers, from which public sector organizations can call off services without needing to run a full tender or competition procurement process
  • An online store - the "Digital Marketplace" (previously "CloudStore") that allows public sector bodies to search for services that are covered by the G-Cloud frameworks.


The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is designed to provide fundamental security principles to guide cloud vendors and to assist prospective customers in assessing the overall security risk of a cloud provider.


The Federal Information Security Management Act of 2002 was implemented to provide agencies the ability to document and implement information security programmes within their operational systems.


Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) is available to authorized local, state, and federal law enforcement and criminal justice agencies via any of the three law enforcement communication systems – National Law Enforcement Telecommunications System (NLETS), a more localized state criminal information system (name varies by state), and the International Law Enforcement Telecommunications System (INLETS). CJIS consists of several databases and one subsystem, and its retrieval and update capabilities are online.


Information Security Registered Assessors Program of the Australian Government assess the implementation, appropriateness and effectiveness of a system's security controls.


Multi-Tier Cloud Security Standard for Singapore (MTCS SS) is a cloud security standard, developed under the Singapore Information Technology Standards Committee (ITSC) to provide businesses with greater clarity on the levels of security offered by different cloud service providers. The standard covers areas such as data retention, data sovereignty, data portability, liability, availability, business continuity, disaster recovery and incident management.

FDA 21 CFR Part 11

The Food and Drug Administration Part 11 of Title 21 Code of Federal Regulations, Electronic Records; Electronic Signatures (21 CFR Part 11) applies to entities that maintain records or submit information to include records in electronic form that are created, modified, maintained, archived, retrieved or transmitted under any records requirements set forth in FDA regulations. Part 11 also applies to electronic records submitted to the Agency under the Federal Food, Drug and Cosmetic Act (the Act) and the Public Health Service Act (the PHS Act).


Family Educational Rights and Privacy Act is a Federal law that protects the privacy of student education records and imposes requirements on U.S. educational organizations regarding the use and disclosure of student education records. Restrictions imposed by FERPA include scanning Customer Data for advertising purposes.


The Federal Information Processing Standard (FIPS) Publication 140-2 is a US government security standard that specifies the security requirements for cryptographic modules protecting sensitive information.


China Cloud Computing Promotion and Policy Forum developed the Trusted Cloud Service Certification tests and evaluates a cloud service within an SLA framework in terms of 16 indexes including data management, service quality and rights protection. The test results issued by the CCCPPF are publically available.


Multi-Level Protection Scheme is based on the Chinese state standard (GB/T 22239-2008) and issued by the Ministry of Public Security. The certification labels target systems from level 1 to 5 (with 5 being the highest) based on their risk profiles. The MLPS provides assurance for both the management and technical security of the target system.

Creating A Power BI Data Model From An Excel Table

I have an Excel table with columns and rows of information formatted as a table. It is a price list of items available for selling for the month. I want to upload this on a Power BI site so that my staff can benefit from the Q & A feature of Power BI. Once the data model in the worksheet is uploaded to the site, whoever wants to search for the price or the part number of one or more items in the list can have this displayed immediately as a table or as a card in a browser. Here are the names of the essential fields apart from the others in the table:

PartNumberPart Number
ItemNameName of the item
ProductFamilyFamily of the product
DTPDTP of the item


I open the Excel workbook containing the worksheet. I click on PowerPivot tab and add this table to the data model by clicking the "Add to Data Model" command. A new Excel window with the Power Pivot table opens up and displays the entire worksheet. (Here, I can rename columns, delete unwanted columns and do some data transformation by adding new columns and thereby establish relationships with the columns).

I am now more interested in the info I am going to provide my staff from this table. So, I go to advanced and click on the Default field set to specify the columns and field order in which it will be displayed while visualizing the data in Power BI. I select the four fields that are listed in the table above.

I am also more particular about the Q & A part of Power BI which will enable them to search for the specific item name and its DTP or Part Number. So, I go to the Synonyms feature and start adding some synonyms for the column header named DTP – Price and Cost are two words that come to my mind immediately. I add them as synonyms.

I save this file.

Now, my data is ready for uploading on the Power BI site.

I go to my BI site and drag and drop this workbook from my local system to the workbooks area. I also add this to the Q & A feature by clicking on the ellipsis at the bottom right corner.

Now, anybody who has access to the Power BI site can click on the Q & A feature at the top right corner of the page and start asking plain English questions on the pricelist that is uploaded. A sample question could be "What is the price of A" and immediately, the site helps me with suggestions to the available list of items and once done, displays the results in the form of a table or a card as required.

Very simple and user friendly indeed!

Windows Azure - Primary Models

Azure is an open and flexible cloud platform that enables you to quickly build, deploy and manage applications across a global network of Microsoft managed data centers. You can build applications using any language, tool or framework. And you can integrate your public cloud applications with your existing environment.

Azure models.png 

Virtual machines

VMs are basic cloud building blocks. Get full control over a virtual machine with virtual hard disks. Install and run software yourself. Configure multiple machines with different roles to create complex solutions. VMs are nearly identical to conventional (real) servers, and are the easiest way to move existing workloads to the cloud.

Cloud Services

Easily access and manage these general purpose VMs. Microsoft maintains and updates each VMs as need with system updates. You configure the VMs as needed, and scale out as many copies as needed. You can have two types of VMs – Worker roles and web roles.  Worker roles are made for computing and sunning services. The web role is simply a worker role with IIS already installed and configured.

Web sites

Use these for pure web apps. The underlying system software is hidden from you and managed for you. Focus only on your web code. First choose a web technology from the gallery, then develop with your framework and finally deploy from your source control. Use the data platform of your choice. Develop 1 site of 500. Scale can be automated – by schedule, usage or by a quota trigger.

Mobile services

Mobile service allows you to quickly implement data and authentication capabilities. With mobile service, easily create a web API to store data and execute business logic. Apps on any device call the API, and users are authenticated by third party providers. Apps can also receive notifications when events occur. Worry less about data and authentication and focus more on your service.

Store documents in OneDrive for Business - access them from anywhere

Store your documents in OneDrive for Business and share them with your colleagues. To share your documents, create a folder and invite people you work with.

OneDrive for Business.png 

  1. Select OneDrive in the Office 365 navigation.
  2. Click new > New folder.

    Type a name for the folder, for example Shared with my colleagues.
  3. Click Invite people, and enter names or email addresses.

    Click Create.
  4. Click the folder to open it and upload existing documents or create new ones.

    When you add documents to this folder, you and the people you invite will be able to see the documents in Delve and work on them together. Other people will not be able to see them.
  • To share documents with everyone in your organization, upload or create documents in the Shared with Everyone folder in OneDrive for Business.
  • To share individual documents, select the document in OneDrive for Business, click Share, and then Invite people.
  • To share an existing folder, select the folder in OneDrive for Business, click Share, and then Invite people.