The AvePoint Solution
To solve these issues, Kao began looking for a new application management system in June 2019. This is when they turned their focus to AvePoint Cloud Governance.
Cloud Governance empowers users with self-service IT resources for provisioning, moving, or restructuring Microsoft 365 content, as well as lifecycle and permissions management. It integrates with Teams and the broader Microsoft 365 platform — including Yammer communities and SharePoint sites — so users have guidelines to make informed decisions.
Implementing Cloud Governance has enabled Kao to support secure collaboration with groups outside of the company while also streamlining and accelerating once-manual tasks. Managing team members was also simplified, thanks to the integration with security groups in Microsoft’s Active Directory. Lifecycles are also now managed by notifying team administrators about teams that have been inactive for a certain period.
Kao worked with AvePoint Japan K.K. (“AvePoint”), a Microsoft partner, to meet these requirements.
“We held meetings with multiple companies to consider their solutions, but AvePoint Cloud Governance was the only one that could address all three issues,” said Koji Kondo, Leader of the Teams Administrators on the ICT Group’s Office Infrastructure Team in Kao’s ESM Department in the Information Systems Division. “We also decided to go with AvePoint not only because of the functionality but also because we were hopeful it would provide more flexible support.”
The company rolled out Cloud Governance in phases starting in January 2020. A pilot project focusing on the Information Systems Division was launched to implement invitations for external users, said Keisuke Nakatani, a Teams Administrator on the ICT Group’s Office Infrastructure Team in Kao’s ESM Department in the Information Systems Division. Last year, the features were released for domestic users and, later, external users for overseas group companies. Kao plans to expand all remaining features to overseas group companies in 2021.
Personalized service from AvePoint has benefitted the project.
“While they already had the ability to manage permissions through integration with security groups for newly created teams, we needed to develop additional functionality to meet Kao’s needs,” said Yuki Watanabe, a Technical Senior Director at AvePoint. “For Kao, with an enormous number of teams already in place, they needed to be able to integrate security groups into previously existing teams, not just new teams. That is why we worked with the development team in the U.S. to release new features.”
Thanks to the AvePoint development team, “they were able to quickly respond to our needs and add the necessary features, and we are very grateful for their support,” said Masami Shiba, a Teams Administrator on the ICT Group’s Office Infrastructure Team in Kao’s ESM Department in the Information Systems Division. The features that now allow them to respond to user requests have been well-received within the company.
“The introduction of AvePoint Cloud Governance and the management of teams with AvePoint Cloud Governance made creating external teams faster,” Nakatani said.
Before, it used to take at least five days to complete the setup process, from application and team launch to external user registration between the relevant departments. Now, those teams can be made available on the same day once an approval is completed.
“This has led to an increase in the use of teams with people outside the company, with 197 teams created by April 2021,” Nakatani said. “We used to mainly use email to exchange messages and share files with people outside the company, but there has been a gradual shift to Teams.”
Managing permissions for team members has been streamlined by the integration with AD’s security groups. By the end of February 2021, 212 teams had been integrated with security groups, which is expected to save more than 100 hours per year in user management. Because even teams created in Microsoft Teams can now be integrated with security groups, added savings in workload are expected.
Managing teams and user lifecycles is more secure. “155 external teams that were previously created but were no longer used have been deleted,” Nakatani said. “By properly managing the lifecycle, we no longer run the risk of leaving files accessible from outside the company.”
Furthermore, audit log management and storage are easier. “Microsoft 365 stores audit logs for a maximum of 90 days, but with the number of global security incidents on the rise, we needed to retain audit logs for longer periods,” Kondo said. “Using AvePoint Cloud Governance, we can store audit logs indefinitely.”
Shiba added that integrating the audit logs from Microsoft 365 has “made it possible to check the audit logs using the management screen provided by AvePoint. The user interface is also easier to use, such as for setting up filter conditions to extract the desired information.”