Microsoft Office 365 administration is often time consuming, unsatisfying drudge work far too prone to error – mistakes you are blamed for.
Conversely, O365 workflow automation is a game changer – shortening tasks to seconds, offering the satisfaction of steady accomplishment, and reducing errors to near zero.
Workflow is critical for one CoreView customer. “We view CoreView as experts in the field that can guide us to the most pertinent parts of the M365 ecosystem and integrate best practices into workflows,” said Tobin M. Cataldo, Executive Director – Jefferson County Library Cooperative.
Automating the Automation
There are two types of Office 365 (now called Microsoft 365) workflows designed to automate the actual kick off of the workflows – truly automating the automation. These are:
- Report-Based Workflows — Workflows can be directly executed from reports. If you have a report of a risky user, a workflow can automatically perform pre-determined actions to take care of the situation.
- Event-Based Workflows — Instead of taking action based on the report of a risky user, a workflow can kick off when there is a risk event, such as an attack on a user.
Here are 9 ways workflow can transform Microsoft 365 management into a near effortless, totally effective exercise.
- Safe, Secure, Proper and Always Perfect Provisioning
User provisioning and deprovisioning are prone to error, allowing successful cloud attacks. Workflow templates easily create and automate provisioning and deprovisioning processes, eliminating these mistakes. This ensures users have the right licenses and access to the right applications and infrastructure. You can also “clone” users to reduce errors and speed provisioning.
Incorrect user provisioning can have a direct impact on user productivity, while mismanaged deprovisioning can open the doors to potential data breaches.
- Efficient and Secure Onboarding
Onboarding and provisioning are related and complimentary processes. Onboarding is much the same as the provisioning. It is just more extensive. Technically, provisioning refers to the creation of the user object. Onboarding is all the stuff that takes place outside of that user creation.
Onboarding speaks to the authorizations and permissions that are then bound to the object. We might say that a provisioning action is creating the user, giving that person a license, and setting the password. The onboarding is everything else. That person now needs to be inserted into 10 distribution lists, needs to be given a pre-provisioned OneDrive share, or have a script run against them to turn on their access.
“If we have to onboard a user, we can create a fully automated workflow. Inside our own company, we have a 50 – step workflow to onboard a user – and it’s one click,” said Ivan Fioravanti, CoreView Chief Technical Officer. “I create a user, assign the teams membership, group membership, create the mailbox and so on – it is super easy.”
- Fool and Hacker Proof Configuration
According to Gartner analyst Neil MacDonald, “Through 2020, 80% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities.”
In fact, a large number of data breaches are because admins did not complete all required configuration steps, and misconfiguration arises. With a workflow based on a proven and perfected configuration process, regardless of what is being configured, mistakes are never made again.
CoreView workflow eliminates that human error, and ensures that all the dependencies are met. Moreover, it guarantees that desired configuration management practices are met which is critical for setting up user accounts and other data assets like mailboxes, shared mailboxes, and Teams channels.
Gartner finds that most successful cloud attacks exploit misconfiguration. Once you have a secure approach to configuration, map it to a workflow so it is done properly each time.
Customizable IT admin processes can be run from the CoreFlow workflow engine. Steps can be chained together so they are performed in the proper sequence. All management actions can be part of a workflow, including custom PowerShell scripts, leading to unlimited scenarios.
- Protect and Update Active Directory Automatically
Managing Active Directory and Azure Active Directory (AD) is a constant and complex effort. Fortunately, common Active Directory tasks, whether Azure AD or on-premises Active Directory, can be automated, insuring they are done correctly and on time.
By automating admin tasks through workflow, which include updates to the on-premises Active Directory environment, IT administrators will save hours of manual effort each week. One customer automates an array of directory-related tasks, including:
- Adding a remote user from an Organizational Unit (OU)
- Creating an M365 user from Azure AD
- Moving group to a different Organizational Unit
- Moving user to different OU
- Create, Enforce and Manage Policies
Policies are key to M365 administration efficiency and security. Wouldn’t it be great to create, automate, and apply policies that handle every aspect of Office 365 administration. As well as supporting fine-tuned security policies and automated implementation?
You can. The same large CoreView customer referenced above uses myriad workflows for policies, including:
- Setting conditional access policies for users outside the country
- Forcing changed password on next login
- Reactivating compromised account
- Managing SharePoint external sharing policies
- Workflow Gets Dependencies Right Each and Every Time
It is not reasonable to expect a non-expert in Microsoft 365 administration to understand the dependencies involved in a task. Take mailbox administration. You have to create a user before you can create a mailbox, which seems obvious. However, there are many layers of subtleties beneath that. You need to wait until the mailbox is fully created before setting a litigation hold or retention policies on it, and so forth.
Workflow gets all these dependencies right, and even puts in the requisite waits and retries, which are important because M365 is a shared environment of well over 200 million users. Things do not often happen instantaneously within a system as large as Microsoft 365. To set up mailboxes right, you have to know the exact commands to operate, and the order that they needed to be operated in. In practice, people sometimes start the task and then have to wait –15, 30 minutes, an hour — for, say, step three of seven to complete. So they switch to another task, and critical step number four never gets finished due to human error.
A workflow can be designed to know all the intricacies and dependencies – and get the job done right.
- Taking the Trickiness Out of Teams
Workflow is also key to solving the Teams configuration problem. To set up Teams properly, certain tasks must be performed in order. In the case of Teams, a higher-level admin can create workflows to set up Teams-oriented voice functions such as routing and provide that to local employees that simply apply those workflows and those processes to their own individual environments.
With CoreView workflow, these local workers or admins get a form to fill out instead of waiting on a person to execute on that form. CoreView workflow automates the process so it is much timelier, and more straightforward. IT defines exactly what data is needed to process the request, and CoreView workflow processes that request efficiently and precisely.
A person needing to set up Teams’ voice features in Spain, for instance, could use a form provided by higher level admin, and apply that to setting up call features such as auto attendant for their organization, department, or group of users. Even better, this workflow is available on demand, 24 hours a day, seven days a week in their language. There is no need to pick up the phone, or translate user requests.
- Automate License Management
License management is a complex, but necessary task. A great approach is creating and automate a process to reclaim licenses when a user becomes inactive, ask approval to the manager or IT or to start the process to buy additional licenses, OR automate the request to your LSP through a workflow when a usage threshold is reached.
Here is an example of such as scheduled workflow. Every month it targets users with inactive licenses in the last 90 days then:
- Send email to manager asking if removing or not the license.
- If manager is not set send the request to HR or other target.
- If yes remove license
Usually, IT does not enough information to decide if a license must be removed or not. Managing this process manually can be very time consuming – often IT simply decides to do nothing. The workflow, on the other hand, speeds up inactive license deprovisioning by the actual manager who should know if the license must be removed or not.
- Transferring a User in 7 Easy Automated Steps
Transferring a user is tricky – doing so for an admin or manager is even more thorny. The graphic below shows how easily a CoreView workflow gets the job done.
Gorge on the Full M365 Workflow Skinny
Learn how to master M365 workflow with our white paper — Office 365 Workflow Done Right – Automation for Admin Efficiency, Human Error Reduction, and Unrivaled Security
Learn About the CoreView Workflow Solution
CoreView’s CoreFlow is your workflow solution for M365 and myriad other SaaS applications.