Nov 18 2019
Six Terrible Office 365 Migration Mistakes
and How to Avoid Them
Migrating to Microsoft Office 365 without governance, auditing, security, license management, a productivity plan or proper administration is a big mistake. Instead of enjoying all Microsoft Office 365 has to offer, your admins suffer under a new and complex workload, end users do not reap full O365 productivity rewards, and hackers have their way with what should be an exciting new SaaS productivity environment.
Unfortunately, many, perhaps most organizations moving from on-premises versions of Office to O365 only focus on the migration of users, data, applications and services. Once the move is underway, problems arise – administration is tougher than they hoped, Office 365 specific attacks threaten data, and the granting of licenses is a willy-nilly money-wasting affair.
Avoid these six mistakes with our new whitepaper, Six Terrible Office 365 Migration Mistakes.
Here are the six migration mistakes you do not want to make.
1. Migrating Without Governance
While a broad topic, in short IT governance is all about aligning IT and IT solutions with business needs and strategy so that IT helps the organization meet key goals and objectives.
In the case of Office 365 governance, the SaaS platform must be secure so it does not threaten business viability, cost effective so it does not harm the bottom line, a maximizer of productivity so it strengthens the bottom line, and reasonably easy to manage so IT can optimize use and quickly solve productivity sapping problems.
Office 365 must also be managed in what Gartner calls “an effective, efficient and compliant fashion”, which means IT administrators must be highly skilled and working with a large enough staff to master all O365 complexities, or get a technology solution that does this for them.
2. Not Having a Plan for Auditing and Forensics
Office 365 has limited log retention, and native tools can make it difficult to analyze whatever logs are there to address security concerns or hunt down breaches through forensic audits. In fact, standard log retention for Office 365 is only 90 or 180 days.
There are many reasons to audit logs, but one of most compelling is performing forensics to track how problems occurred and spread. Breaches, for instance, are a huge concern, and a major compliance problem. The Ponemon Institute says it takes an average of 191 days to discover that a breach has occurred.
Wouldn’t it be better to spot breaches before they happen, and through forensic audits, finding the source of a breach that slipped through the cracks? With long-term log retention, you can conduct deep forensics against events that happened a year or more ago.
3. Ignoring Office 365 Specific Security
Key Office 365 security best practices include strong password policies, multi-factor authentication, tight mailbox security, and file storage security. Proactively establishing best practices in these areas dramatically reduces security risks. Basic layered and defense in-depth security tools simply do not dig into Office 365 specific vulnerabilities and security problem areas.
For instance, did you know that using the native Microsoft O365 Admin Centers, all administrators, even though restricted to a single application or area, have global credentials – meaning they can touch each and every end users’ environment?
Ensuring administrative privileges are limited to those that absolutely need them is critical to a safe Office 365 environment. An internal threat, such as a disgruntled employee with access to global admin privileges, is a major risk that can be prevented simply by limiting the number of users with admin privileges — and restricting the scope of those permissions.
4. Forgetting About License Management
IT often buys Office 365 licenses in batches, and makes a guess at what they need. They do not or cannot perform discovery on all the on-premises end users, and identify their precise license level needs before purchasing Office 365. In addition, the number of workers or partners that use productivity software changes all the time. Invariably, they buy more licenses than they need. In many cases far more than they need. Experts find most enterprises save 30% or more by optimizing their licenses – getting rid of unassigned licenses, reclaiming inactive licenses and rightsizing where, say, the E3 or E5 license paid for is more than end users need.
Uncovering real-world Office 365 usage and licensing metrics across your entire organization is the first step towards identifying potential overspend. If 10% of 10,000+ purchased Office 365 licenses are E5’s when only E1’s were needed, you are looking at a ~$300,000 yearly expense that can be outright eliminated.
5. Neglecting Productivity, Thus Failing to Maximize Application Use
Driving application adoption is essential to maximizing Office 365 investment. Office 365 is a collaboration and productivity suite, so driving adoption of its services improves your end users’ cloud dexterity, overall productivity, and collaboration skills.
Key to a successful adoption plan is clustering users based on different service usage and behavior – which helps drive targeted adoption and training campaigns. For this to work, you must apply the correct metrics to define your clusters, as well as identify incorrect user behavior so you can take corrective action.
Once you have an adoption strategy, it is time to train your users. Experts have found that standard training (classroom and eLearning) are not optimal since users forget 70% of what they learned within 24 hours.
6. Thinking Managing Office 365 is Easy
Microsoft Office 365 applications are so easy to use; it is tempting to believe that administration is just as simple. However, many areas of management are all too thoroughly complex. That complexity is because Microsoft Office 365 is a multi-SaaS environment, meaning it is a collection of different SaaS services. To gain a full picture, IT must collect data from a variety of sources, often using vastly different collection techniques.
A better approach is a single dashboard, a pane of glass if you like, that offers IT visibility into the health and operation of the entire Office 365 environment. This way IT has one unified interface that analyzes and controls all Office 365 services.
The CoreView Solution – Understand Who Your Users Are and What They Are Doing
CoreView helps set up administrators that are specific to a location, functional set of users, or other attributes. This means admins know who their users are, and have a manageable set of end users to handle.
At the same time, CoreView tracks application usage, so you know which applications handle the most work, and when end users are misusing the system. The ‘single pane of glass’ CoreView console offers deep insight into how end users are configured, and where they might be misconfigured.
Learn More about Managing Office 365 Using CoreView
Learn more about Office 365 administration with a CoreView demo.
You can also get a free CoreView Office 365 Health Check that details license savings, state of application usage, and pinpoints security problems in your Office 365 environment.
Find out how to make your cloud environment more efficient by reading our Opportunities for Office 365 Cost savings white paper.