Everything is a project! This is my main motto in life. Hey, after all, to get things done, we need to complete tasks. While, for the most part, we use SharePoint and Office 365 to store documents, the second most important function of our daily routine is to track and complete tasks. Tasks for temporary project teams we are part of, tasks for departments and business units, personal tasks. I have written a number of posts lately on various tools that we have now in Office 365. With this article, I would like to revisit the topic and summarize all the available task management options in SharePoint and Office 365 in a single article.
As a follow-up to the flag, the email is also added to the To-Do List in the Tasks tab. Also within the Tasks tab is Tasks. Tasks are items you create from scratch. They are not tied to an email message and you can add important details to your task. In the new task window, you can add details such as a start date, due date, reminder, and priority. Stay on top of your tasks. View your tasks and shared plans across Microsoft To Do and Planner. Tasks can also be created from the To-Do Bar and by dragging an email message to the Tasks folder. How to Repeat Outlook Tasks. To repeat a task created in Microsoft Outlook: Set a reminder for the first occurrence of the task. Pick Recurrence from the Task tab. Define the Task Recurrence pattern such as the 1st day of the month or every Wednesday.
Option 1: Tasks Web Part
The first option is to use the good-old Tasks Web Part in SharePoint. While it may be considered old-fashioned compared to other options we now have, it is still a viable option as it allows you to create own metadata, send emails to those Assigned to the task as well as integrate with MS Project. I provided an overview of its features and capabilities here.
Option 2: Planner
The option that was like a breath of fresh air was when Planner became available in Office 365. Unlike the task list above, Planner was a much more visual, light-weight task management solution, suitable mostly for agile/informal projects. I extensively documented the significant differences between the Task List and Planner here.
Planner is part of an Office 365 Group, and I also documented this important principle here.
Option 3: Microsoft To Do
This is a new kid on the block as far as task management options. Think of it as a Planner but for personal tasks. Just like Planner, it is entirely web-based, and on top of it – it also integrates with Planner pulling all the tasks assigned to you in one spot! I explained To Do in greater detail here.
Option 4: Project for the Web
This is one of the latest major additions to the vault of available task management tools. Project for the Web allows users to manage complicated projects in an MS Project style capacity, but on the web and under the umbrella of an Office 365 Group, just like Planner. As time goes by, I am sure it will get additional features that it will inherit from its older brother we always had – the desktop version of MS Project. If you want to learn more about the tool, please reference this post.
Option 5: Project Online
Last but not least, the elephant in the room when it comes to task management options in SharePoint and Office 365 – Project Online. This one was and still is the best option for hardcore Project/Portfolio Management. This tool allows you to aggregate multiple project plans, manage tasks, and resources for a portfolio of projects. I blogged about the tool earlier. This tool is a bit outdated by now, but I am sure it is a matter of time before Microsoft modernizes it, just like they did with Project for the Web above.
-->Privileged access management allows granular access control over privileged admin tasks in Office 365. It can help protect your organization from breaches that use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bounded approval workflow. This configuration gives users just-enough-access to perform the task at hand, without risking exposure of sensitive data or critical configuration settings. Enabling privileged access management in Microsoft 365 allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access vulnerabilities.
For a quick overview of the integrated Customer Lockbox and privileged access management workflow, see this Customer Lockbox and privileged access management video.
Layers of protection
Privileged access management complements other data and access feature protections within the Microsoft 365 security architecture. Including privileged access management as part of an integrated and layered approach to security provides a security model that maximizes protection of sensitive information and Microsoft 365 configuration settings. As shown in the diagram, privileged access management builds on the protection provided with native encryption of Microsoft 365 data and the role-based access control security model of Microsoft 365 services. When used with Azure AD Privileged Identity Management, these two features provide access control with just-in-time access at different scopes.
Office 365 Task Management
Privileged access management is defined and scoped at the task level, while Azure AD Privileged Identity Management applies protection at the role level with the ability to execute multiple tasks. Azure AD Privileged Identity Management primarily allows managing accesses for AD roles and role groups, while privileged access management in Microsoft 365 applies only at the task level.
Enabling privileged access management while already using Azure AD Privileged Identity Management: Adding privileged access management provides another granular layer of protection and audit capabilities for privileged access to Microsoft 365 data.
Enabling Azure AD Privileged Identity Management while already using privileged access management in Office 365: Adding Azure AD Privileged Identity Management to privileged access management can extend privileged access to data outside of Microsoft 365 that's primarily defined by user roles or identity.
Privileged access management architecture and process flow
Each of the following process flows outline the architecture of privileged access and how it interacts with the Microsoft 365 substrate, auditing, and the Exchange Management runspace.
Step 1: Configure a privileged access policy
When you configure a privileged access policy with the Microsoft 365 admin center or the Exchange Management PowerShell, you define the policy and the privileged access feature processes and the policy attributes in the Microsoft 365 substrate. The activities are logged in the Security & Compliance Center. The policy is now enabled and ready to handle incoming requests for approvals.
Step 2: Access request
Office 365 Tasks Disappeared
In the Microsoft 365 admin center or with the Exchange Management PowerShell, users can request access to elevated or privileged tasks. The privileged access feature sends the request to the Microsoft 365 substrate for processing against the configured privilege access policy and records the Activity in the Security & Compliance Center logs.
Step 3: Access approval
An approval request is generated and the pending request notification is emailed to approvers. If approved, the privileged access request is processed as an approval and the task is ready to be completed. If denied, the task is blocked and no access is granted to the requestor. The requestor is notified of the request approval or denial via email message.
Step 4: Access processing
For an approved request, the task is processed by the Exchange Management runspace. The approval is checked against the privileged access policy and processed by the Microsoft 365 substrate. All activity for the task is logged in the Security & Compliance Center.
Frequently asked questions
What SKUs can use privileged access in Office 365?
Privileged access management is available for customers for a wide selection of Microsoft 365 and Office 365 subscriptions and add-ons. See Get started with privileged access management for details.
When will privileged access support Office 365 workloads beyond Exchange?
Privileged access management will be available in other Office 365 workloads soon. Visit the Microsoft 365 Roadmap for more details.
My organization needs more than 30 privileged access policies, will this limit be increased?
Yes, raising the current limit of 30 privileged access policies per organization is on the feature roadmap.
Do I need to be a Global Admin to manage privileged access in Office 365?
No, you need the Exchange Role Management role assigned to accounts that manage privileged access in Office 365. If you don't want to configure the Role Management role as a stand-alone account permission, the Global Administrator role includes this role by default and can manage privileged access. Users included in an approvers' group don't need to be a Global Admin or have the Role Management role assigned to review and approve requests with PowerShell.
How is privileged access management related to Customer Lockbox?
Customer Lockbox allows a level of access control for organizations when Microsoft accesses data. Privileged access management allows granular access control within an organization for all Microsoft 365 privileged tasks.
Ready to get started?
Start configuring your organization for privileged access management.
Learn more