CoreView CEO Michael Morrison recently sat for an interview with Mitch Tulloch, an editor with Techgenix. Tulloch, a 12-time Microsoft MVP, wanted to know why managing Office 365 environments is so manually based and error prone.
The interview is in-depth, so we summarized the points in this blog. To get the full skinny, read Tulloch’s full piece Ease the Frustration of Managing Office 365 in Your Enterprise which is Part One of the conversation.
Just can’t get enough? You can read Part Two How to Take Office 365 Management to the Next Level.
MITCH: Where did the original idea for your solutions come from?
MICHAEL: Our two co-founders, David Mascarella and Ivan Fioravanti, began working together in the early 2000s when they started an ISV to focus on implementing and supporting Microsoft solutions. As Microsoft and the market in general started to move to the cloud, our co-founders recognized some of the challenges with reporting on Office 365, and developed the first SaaS management platform to address this reporting challenge.
MITCH: What other issues did the founders see with managing Office 365 environments?
MICHAEL: After tackling visibility and reporting, the founders saw customer needs grow, especially with governance. For instance, Office 365 Role-Based Access Control (RBAC) was very weak, so they built more granular RBAC capabilities. They moved from there to security, and more recently with application and service adoption. All the new features and solutions are driven by customer feedback, and the desire to improve the user experience with, and maximize the value of their investment in, Office 365.
MITCH: What Office 365 problems/challenges does CoreView solve?
MICHAEL: As Gartner argues, management and administration do not get nearly as much attention when it comes to SaaS, and native administrative capabilities do not always meet enterprise requirements. Gartner spotted these administrative shortcomings and coined the term SaaS Management Platform (SMP), referring to solutions like CoreView that go deep in managing SaaS, and greatly simplify the job of administration.
There are critical Office 365 challenges CoreView addresses, many falling under the area of governance: Visibility, RBAC (Role-Based Access Control), License Management, Adoption, Provisioning and Deprovisioning, and Misconfiguration — which is solved through Policy Management.
Our founders realized that if you do not address these Office 365 challenges, you face millions of dollars in unneeded licensing fees, suffer security vulnerabilities, and fail to maximize the investment in Office 365 productivity tools. Our founders realized that with a solution like CoreView, Office 365 users can optimize and ‘right size’ their license spend, mitigate risk by identifying security vulnerabilities, and maximize their investment in Office 365 through adoption campaigns and just-in-time learning.
MITCH: What is CoreSuite?
MICHAEL: CoreSuite consists of what I refer to as ‘three pillars of value.’ – management, security and adoption.
CoreAdmin automates and simplifies administration chores, and goes deep adding features not found in Office 365 built-in management tools.
CoreSecurity is specially built for Office 365 and Azure protection. CoreSecurity helps organizations identify breaches early, remediates them, and investigates the source of breaches that slip through using in-depth forensics. It finds users with insecure passwords, those spreading malware, identifies suspicious log-ins, improves email security, and produces detailed security and compliance reports.
CoreAdoption is all about getting maximum advantage from your Office 365 investment. It tracks application and service usage, spots areas where end users need improvement, then drives customized adoption campaigns and measures the success of those campaigns.
MITCH: Isn’t the Microsoft Office 365 Admin Center enough for enterprises?
MICHAEL: There isn’t just one Office 365 Admin Center. Instead, there are a dozen or so distinctly different Admin Centers – aimed at different applications and services, each with a different approach – often a very different approach.
It is too much for one administrator to know and master all these areas and it is cumbersome to jump in and out of different Admin Centers to manage all of Office 365. Native Office 365 administration has too much complexity, too much scripting, a lack of automation, too little workflow and policy management, and no singular view and control center.
MITCH: How does CoreView make the life of an Office 365 administrator easier?
MICHAEL: With the Native Office 365 Admin Centers, you have to be a specialist, in say Exchange or SharePoint, to do a good job with administration. Each interface is different, and how you gather data to build reports can be different. Almost all processes are PowerShell driven, manually intensive and error-prone.
With CoreAdmin, one administrator can manage all the different services, and dive deep without scripting, manual processes, and specialized expertise.
MITCH: In native Office 365 administration, all admins have global credentials even if they have limited rights over functions. This means they have access to all end users. How does CoreView’s role-based access control (RBAC) differ from the native Microsoft Admin Centers, and provide least privilege? Are administrators with global rights really that dangerous?
MICHAEL: A global administrator with bad intentions is a serious threat to your Office 365 environment – that person has the keys to the entire kingdom.
In contrast, ‘least privilege’ restricts access rights for users, accounts, and processes to just those resources absolutely required to perform routine, legitimate administrative activities.
Unfortunately, the native Office 365 Admin Center focuses on providing global admin rights, giving admins who tend to work locally too much power and privileges they do not need. This centralized management model gives global credentials — even to regional, local, or business unit administrators.
Any IT pro worth their salt recoils at granting a local or departmental IT administrator global rights.
A proper approach to Office 365 permissions and privileges is partitioning permissions based on roles through RBAC, resulting in far fewer, but truly trusted global administrators. These remaining global admins are augmented by a set of local, or business unit focused admins with no global access, leading to far better protection for your Office 365 environment.
MITCH: Can you explain the concept of multi-tenant or virtual tenant, and how this applies to Office 365 environments, role based access, security, and administrator efficiency?
MICHAEL: Using a simple, intuitive interface, CoreView lets IT segment the Office 365 tenant in myriad ways — for example, by department, business unit, or location. This is what we call a ‘virtual tenant.’ After these groups are set up, IT can dive deeper, using CoreView’s deep RBAC capabilities to define specific permissions for administrators who then can only perform certain tasks — and only against a specific subset of users.
Learn How CoreView Can Help You
Want to learn how CoreView prevents overspending on licenses, underusing applications, or mismanaging security and configurations? Our free CoreView Office 365 Health Check diagnoses all your Office 365 problems. Sign up for an Office 365 Health Check and we will build a detailed 20-page report to cure your Office 365 ills.
Not ready for a full custom report? You can still take a look at a Health Check sample report.
Want to see firsthand how CoreView solves Office 365 problems, just request a demo.