What to Use When for Secure Microsoft 365 Collaboration

Post Date: 11/04/2020
feature image

Have data protection concerns? Watch our webinar “More than Security: Public Sector Cloud-to-Cloud Data Protection for Office 365 and Microsoft Teams” today!

This is the 8th installment in a series addressing the challenges facing the DOD as they move into Microsoft 365. The others are here:

By this point you’ve heard of, seen, or read about a post-CVR world and likely have considered the governance implications of leveraging certain technologies within Microsoft 365.

While CVR was limited to Teams, we’ve discussed how Teams creation spins up additional DoD 365 assets. Read this to refresh your understanding of Microsoft 365’s underlying architecture!

In this article, we’ll expand upon the concept of “what to use when” to help drive the most efficient usage of a powerful collaboration platform while maintaining suitable security and compliance posture.

If you’re an IT admin who has been working with the CVR but not a full instance of Microsoft 365, you may be wondering what is provisioned upon Teams/Groups/SharePoint site creation. While SharePoint isn’t directly available in the CVR (but is still the backend of your Team), there will be additional services that are the backend architecture to all Microsoft 365 workspaces n full tenants of Microsoft 365 in the DOD.

microsoft 365

As we take a step back we can look at how information is being shared, but we also have to address the question of how should we collaborate and what our users should use when.

As a knowledge worker or general user of Microsoft Teams (and not with IT), we can shift our focus on the nature of the work we are seeking to complete to drive us towards the best digital workspace possible.

From an IT administration perspective, this means knowing the data management implications of Microsoft 365 services can drive governance and best practices decisions. For end users, this means understanding the same implications that come along with the nuance between scheduling a meeting within Exchange and scheduling one within a channel within Teams.

Historically, the nature of the governance of SharePoint in the DOD was built around your command structure, and in legacy on-premises solutions it’s clear how that traditional information architecture schema prevailed. Now, Microsoft 365 provides an opportunity to build governance models around a combination of the command structure and mission objectives. Microsoft 365 provides an open collaboration platform with a myriad of services that allow the flexibility to create a structure that can both align with the organizational command structure and mission-focused structure that spans a cross-functional team.

microsoft 365

Governance and structure in the Microsoft 365 environment are built on the basis that a “team” is a group of people organized to conduct a specific type of tasking or work. By creating a Microsoft “Team” you are essentially creating the digital workspace for that “team” of people to collaborate together. With the creation of said Team a SharePoint site collection is created for the digital space to collaborate, an Office 365 Group is created to establish the membership boundaries, and an Exchange mailbox is created for the Team as a result of the Office 365 Group.

The following guide provides suggestions based on thousands of collaboration systems built in the commercial, GCC, and GCC-H tenants of Microsoft 365.

What to Use When: SharePoint Sites vs Microsoft Teams

Let me answer your question with more questions!

Do you need to chat with your teammates?

This would immediately necessitate the need for a Team since a SharePoint site would merely provide you the digital collaboration space to work together without any form of instant communication.

Would you like to structure your work with this group of people across various topics?

This also points to a Team. Since you create various channels (which will align with a SharePoint library automatically) a Team will promote an organizational structure to keep documents, attachments, meetings, meeting notes, meeting recordings, as well as threaded chats held within the channel.

microsoft 365

Is this for collaboration or communication?

When you have more for asynchronous communication, such as bulletins, schedules, and notifications, a Modern Communication site may be advantageous.

Do you have lists of information that need to interact with workflows and business processes?

The common collaborative SharePoint site collection, a Team site, may be the right way to go for this, and the good news is this is what is created to support each and every Microsoft Team from the back-end.

Microsoft offers the best guidance here:

  • If you are seeking to Connect, Collaborate, or Create – leverage a Team Site.
  • If you’re seeking to Showcase, Share, or broadcast a Story – utilize a Communication site.
  • Organizational units within Shared Services that have a smaller number of authors that need to convey a message to a broader audience is a great example of a use case that would dictate a Communication site be leveraged.
Want to ensure your data security while working in M365? Check out this post: Click To Tweet

Team Sites and Subsites

This may sound redundant, as a Team site could either be a SharePoint site collection or a subsite itself. Thus, the above considerations should be followed. Do you have a need for persistent communications? Then leverage a Team. However, we should expand upon the structure of a Team site as this is a common workspace that is familiar to business users and IT admins alike.

System admins, architects, and project leads (or anyone with the authority) should consider what they classify as Team sites. Governance best practices suggest that users should resist the urge to create Team sites as subsites which typically happen as command units think, “I have a top-level Team site, I should create subsites for the various teams and their related projects.” While this may align to the command and organizational structure, this creates big governance gaps as the permissions and security boundary tie to that parent Team site.

Microsoft 365 governance is built at the site collection level; thus, if there is a setting within a site collection for external sharing, the entire site collection will have that setting.

Office 365 Groups vs. Microsoft Teams

While the building block of Microsoft 365 has certainly moved to the workspace and the people who collaborate on it together, there are agencies that have forgone the entire “workspace-driven” architecture and have leveraged Office 365 Groups as their foundational unit. Leveraging the membership boundaries that Groups creates seems like an intuitive way to align organizational units to group membership, but this does create its own limitations since Groups has a collaboration function but isn’t designed to provide collaboration spaces.

Groups really are more of a membership boundary and connective tissue between the various capabilities across Microsoft 365 such as Teams, SharePoint Team sites, Planner, and Shared Outlook mailboxes as well as commercially-available solutions such as Stream (coming soon to DOD) and Yammer communities.

Email vs. Microsoft Teams

Is your Outlook inbox your document repository? Are you a power searcher and find all the things you’ve worked on with your team in your inbox? If so you may have also been victim to sorting through complex threads to find the “latest” version of a file that folks keep sending back and forth with revisions. If this sounds familiar, you aren’t alone; many organizations misuse Exchange as a sole collaboration tool, resulting in a quasi-enterprise content management system sitting on your exchange server.

In Microsoft 365 for DOD, while Microsoft is rapidly expanding the capabilities for external collaboration such as External Sharing, Guest Access, and External Access, email still has a strong use case for these requirements. However, for internal collaboration, it’s time to move your collaboration to Teams. If nothing else, shared file collaboration across Teams and SharePoint will drastically decrease the number of times a knowledge worker edits the wrong copy of a document, keeping their commanding officer from using bad information in making mission decisions.


When to Use What

If you aren’t an expert on when to use what Microsoft 365 service, don’t worry. There’s a lot to consider when building your information architecture and intimately understanding that the technical ramifications may be beyond the scope of an end user. However, understanding what assets are provisioned for various workspaces will help you grasp the building blocks of solid governance and ultimately unincumbered adoption.

It’s important to remember that governance isn’t simply about control and restriction; it also provides guidance, especially in collaborative cloud environments such as Microsoft 365.

Beyond doing the right thing, it’s important to make it easy for end users to do so. A solid governance plan and an information architecture that aligns command mission objectives with the technology solutions available are a necessity for successful adoption.

Keep up with our DoD series by subscribing to our blog!

Eddie is a former Senior Solution Engineer at AvePoint, supporting customers in their transition to cloud collaboration technologies by architecting solutions to meet data management, governance and compliance needs.

View all post by Eddie Lee
Share this blog

Subscribe to our blog