Learn how a government agency achieved robust governance, compliance, and data protection in Microsoft 365, enhancing security and reducing complexities, with AvePoint.

Success Highlights


Protection for 131 TB of Microsoft 365 data


Reduced BCS classifications by 60%, minimizing complexity


Successfully purged 5,000 records in first-ever content disposal


Revoked access to 11,000 inactive guest users and reduced risk

Anon banner
Case study public Sector logo

Customer Location New Zealand

Industry Public Sector

Platform Microsoft 365

Download the Case Study PDF

The customer is a public service department in New Zealand charged with overseeing one of the country’s key government services. They are responsible for developing policies, providing guidance, and managing funding allocation for programs.

Critical Needs

  • Implement Microsoft 365 governance
  • Deploy records management architecture in SharePoint
  • Meet Archives New Zealand’s regulatory requirements
  • Robust and comprehensive data protection for Microsoft 365

The Challenge

The New Zealand government organization recently embarked on a digital transformation journey, with the goal of migrating 10 TB of data from their legacy system into SharePoint.

As part of this migration, the organization was keen to implement records management practices to ensure that their content was properly managed, easily accessible, and adhered to strict governance requirements.

Compliance and security were critical considerations, and the organization needed to ensure that its data was governed, secure, and backed up as its adoption of Microsoft 365 grew.

Anon 01

The AvePoint Solution

To address their challenges, the organization worked with AvePoint, through its managed services provider, Datacom.

First, they decided to implement AvePoint Cloud Governance, a solution that delivers a wide range of IT services while automating and controlling the management of content ownership, policies, and lifecycle according to evolving business needs. The implementation process involved a series of workshops conducted by AvePoint to tailor the solution to the organization’s specific requirements.

The top priority was streamlining Teams provisioning. With the implementation of Cloud Governance, staff could create their own workspaces while adhering to the conditions set by the organization for different types of Teams. For example, more stringent controls were required on external teams than on internal private teams.

The organization also implemented AvePoint Opus to establish records management practices for their Microsoft 365 content. Members of the AvePoint delivery team were sent to the organization’s headquarters to work with its staff for a week to expedite the deployment of AvePoint Opus.

The first order of business was to simplify the organization’s complicated business classification scheme (BCS). The organization followed two schedules - Archives New Zealand's General Disposal Authority 6 and an internal authority - which resulted in over 650 classification terms. During the workshops, the team was able to simplify the BCS by reducing the number of terms by more than 60%. This simplification made classification and disposal easier to manage and more efficient.

Next, policies were set up around each classification, particularly regarding disposal. Prior to AvePoint Opus, the organization had never disposed of content before, but with the solution, the organization established retention periods for each classification and enabled the disposal of content based on these periods. With these policies in place, the organization built a structure for each content type in SharePoint and ran practice runs of content disposals.

The government organization finally achieved a record management best practice the day AvePoint Opus was deployed by disposing of 5,000 records. While they still have 6 million records managed by the solution, they took a critical step towards their defensible disposal of content and is confident that the new process set by AvePoint Opus will help reduce risk while still meeting compliance.

While the delivery team was in town, they performed a security scan using AvePoint Insights, which checks for security vulnerabilities and risks. One of the biggest red flags uncovered by Insights was the existence of 14,000 guest users, indicating that they needed to clean up its Azure AD and revoke access for anyone who was unnecessary. After this issue was flagged, the organization took action and revoked access for nearly 80% of its guest users. This was an important step in improving the security of their system and reducing the risk of unauthorized access.

The government organization used AvePoint Cloud Backup to protect over 130 TB of their data across Microsoft 365. This cloud-to-cloud backup solution offers four automatic backups a day and provides built-in storage, encryption, and efficient restores. It seamlessly protects all Teams chats, files, and pages with customizable retention policies to meet public sector compliance regulations and enhance the organization’s business continuity strategy.

The Road Ahead

The AvePoint solutions have enabled the New Zealand government organization to create a more agile and secure workspace, thereby enhancing its ability to serve the community.

The organization is highly satisfied with the comprehensive solution provided by AvePoint, which has effectively addressed its governance, information management, security, and data protection needs.

They see the potential for additional solutions – they are already in talks about leveraging AvePoint EnPower for multi-tenant management – to be a one-stop-shop for confidence in the Microsoft platform.

Interested to learn more about AvePoint Opus? Start your free trial.

Find out how AvePoint can help throughout your digital transformation journey in our free guide to Digital Workplace Enablement.

Ready to Discover How AvePoint Can Transform Your Data Protection Strategy?

Get a Demo
Information ManagementRecords ManagementRisk Assessment

AvePoint Products