Editor’s note: This post is one in a series of posts about identity management. Check out the others below!

AvePoint is the Microsoft Cloud Expert. This means we partner with Microsoft to ensure and optimize cloud solutions for Azure-based customers.

As an Independent Software Vendor, we both offer collaboration and application experts as well as our own solution set to help businesses maximize their cloud investments.

Every customer has their unique culture regarding collaboration and Microsoft products, but there are some unifying themes we see in cloud services and online application investment that may help you and your teams manage both end users better and prepare better for costs to the business of supporting access to online applications.  


Be sure to check out our upcoming webinar, “Government Agencies & Compliant Migration: Moving To O365 & Hybrid Environments,” May 29 at 11:00 am EST


A. Every seat counts Microsoft and AvePoint both use user-based license models to charge businesses for access to cloud services in Azure.

As such, keeping tabs on active licensed accounts becomes a crucial part of the process. Even if a business is in hybrid cloud mode, Active Directory is the primary location for identity and user management.  

SaaS Microsoft Identity Management

B. Reviewing seat counts- Keeping a tight tab and building sustainable and repeatable processes and alerts around who is an employee, who is going to become an employee, and who is leaving or who is temporarily an employee can help reduce cost of online applications.  

  • This is something that is not just an IT burden. HR, Legal, Finance, and Security teams are also essential partners in employee management. Creating regular channels, reports, and alerts around employee changes, and tasking/charging teams with this function is an essential first step in effectively securing your applications and content, and also ensuring the pool of accounts for use is kept accurate.  

C. Instituting “Need to Know” rules for Software as a Service (SaaS) – perhaps “Need to have application x?”  

I. Coming from the federal government services consulting world, access to government systems or government owned applications which can contain sensitive or classified information is based on a simple principle: need to know. Does this person, in order to do their job, need to know this information?  

SaaS Microsoft Identity Management

II. For Cloud based applications, perhaps a twist on this – need to have? Does a user, in order to complete tasks and their day to day work, need to have access to this application? Nice to have versus essential can help scope down active license accounts while also helping IT Services team hone in on training for applications needed by the business.  

III. This can also tie into access lifecycle – how long does a user need access to a system? Setting up regular audit for access activity as well as regular quarterly or sooner reviews can help IT admins stay on top of regularly used and unused applications the business is paying for.  

D. Follow up incumbent upon IT services for need to have- schedules, reminders, and scripting audit/reports for regular task-based review of current state of applications.  

  • Keep a visual map of IT service based applications. This can help show where there may be overlap or relations between IT enabled applications in the cloud. It can also show potential convergence between management systems, and also provide gap analysis for user demand for specific applications.  

E. Solutions for automation and identity management  

I. Building out forms, not just email requests, for users to ask for access to systems.  

II. Part of the joy and fear of O365 services related to identity management is permissions. Permissions is not just an IT related task or burden. The business must be made aware of their role and responsibility here.  

III. Training on permissions management and the “Need to Know” Principle for application and access management can help mitigate security risks and application sprawl.  


Like what you read? Be sure to subscribe to our blog to stay in the fold for all things Office 365, SharePoint and more!