Learn how to organize your Microsoft Teams with our webinar “MyHub: How To Better Organize Your Teams For End User Productivity.“
Like many of you, ever since March 14th all of my meetings have been held in Microsoft Teams, and the only face-to-face meetings I’ve had have been webcam. As such, since March of this year, Microsoft has been reporting an explosive growth in daily Microsoft Teams users.
These users are not only using the calls and meetings functionality—which is offered for free by Microsoft—but they are also using the collaboration and automatation features. This brings me to the Microsoft Teams Maturity Model.
On November 19th I was a guest speaker at a webinar hosted by our Dutch Microsoft partner Portiva and their CDO and Office 365 MVP Maarten Eekels. Portiva created a Maturity model specifically for Microsoft Teams. This model has three stages switched on that are enabled for the business and fully embedded in the organization.
Each stage has three different maturity drivers:
- Technology (Migration, Integration, and Development)
- Process (Governance, Compliance, and Security)
- People (Usage and Adoption)
- Where is my data?
- Why did they create this environment when I already have one?
- We have tons of unused environments, how to get rid of these extras?
- Who’s responsible for managing these new environments?
- Who has access to my SharePoint, and how can I manage this periodically?
- Where are my guest and external users?
- Do we have a proper process in place for guest user provisioning and lifecycle management?
Are you Greenfield or Brownfield?
Organizations that are just starting with Microsoft 365, specifically with Teams, SharePoint, and Groups, are in the Greenfield space. Many organizations have been in the SharePoint Online arena since the start of BPOS (Microsoft Business Productivity Online Suite). Organizations like this already have tons of SharePoint site collections, and when Microsoft Teams started they went all the way with freedom of creation. These same organizations are asking these questions now and are researching ways to get their Microsoft 365 environments under control.
So how do you approach this? Good question. A lot of times I am asked to craft a naming convention that is built upon Azure AD fields, text, and metadata. But when you have an already heavily used Microsoft 365 tenant, you are probably not going to invest in a restructuring project. However, I would advise this for companies that were creating Site Collections with many subsites. Flattening your architecture will make things so much easier. For this, adding metadata to your Teams / Groups / SharePoint / Guest Users as custom properties is the first step.
After you have crafted your first metadata part (like the type of collaboration), you can start with crafting the policy parts such as:
- An inactivity trigger
- The capability to delete or archive
- Guest sharing capability
- Periodically checking for renewal in permissions and metadata
When you have done this, it’s now time to attach these crafted policies to your unmanaged Microsoft 365 environment. Here’s where the AvePoint Cloud Governance export and import module comes in handy. The export mode will create a large CSV / Excel file.
You first need to modify this Excel file by adding the values for the person who’s responsible for the process, the metadata values, and the crafted policy names. After this, you can import the Excel file for a much better managed Microsoft 365 environment.
Now that you’ve given responsibility to the end-user, the next step is to get more insights into where our content is stored, who has access to it, who your external users are, and what level of risk comes with sharing content.
With Insights you get a clear overview of who your external users are, who has access to your SharePoint content, and what kind of sensitivity is involved with adding sensitivity labels and sensitivity information types. Now it is much clearer for your security and/or compliance department to understand how the Microsoft 365 environment is being used and what type of content is being shared with different types of users, and they have the controls to act and report.
Keeping Tabs on Guest Users
Another topic I covered during the webinar I mentioned at the start of this post was getting control of your guest users, who are stored in Azure B2B. Currently, there is no native out-of-the-box Microsoft 365 element from which an end-user can submit a request to collaborate with a person outside of the business domain. There’s also no included way to receive notifications to indicate that an employee is still working for the company or what they have access to.
AvePoint Cloud Governance makes it easier for assigned business users to do a request for a guest user, add them to a desired Groups/Teams environment, and to receive periodic notifications to check the guest user’s permissions and assigned metadata.
Chances are that you probably already have these guest users in your environment, and that’s why we made it possible to export and import these via Excel files.
You need to modify the Excel file by adding the different values for the policy, the name of the sponsor and, when necessary, adding metadata. When you have done the import, a guest user report is directly available for you like so:
In the end, you can get your Microsoft 365 environment under control just by using the right tools. Everyone needs governance, and depending on where you fall on the Microsoft Teams maturity model, you’ll have a different area to focus on than others. For a deeper dive, give the full webinar a watch here!