Two Microsoft MVPs from Creospark—Daniel Glenn, Senior Director of Hybrid Office and US Operations, and Noorez Khamis, CTO—share their impressions on the difference Microsoft 365 maturity can make to your organization.
In our experience helping organizations build their digital workspaces with Microsoft 365, we notice how many of them grapple with change. They want new tools, but they also want to keep doing things the old way—all’s well, so why try something different? Besides, the plethora of services available with Microsoft 365 makes it hard to quickly understand what each app allows you to do.
As a result, the majority of the services go unused or aren’t used efficiently (like people sharing files on OneDrive instead of the much more agile SharePoint), people start resorting to unsanctioned tools, and productivity goes down. And just like that, this powerful, all-in-one platform for collaboration and efficiency ends up misused and underappreciated. So much for your return on investment.
Making the most of Microsoft 365 comes down to your maturity level—or how close you are to achieving success with the platform based on how you’re managing it. Just to give you an idea, according to a Forrester study, SMBs that successfully implement Microsoft 365 across their organization see an ROI of 163% over just three years.
We’ve been ShareGate resellers for a long time, so when they invited us to experiment with their maturity assessment tool, we jumped right in. It consists of a series of questions that help you identify the areas where you need to improve in managing your Microsoft 365 environment.
This tool is so helpful for organizations adopting the platform that it inspired us—based on our experience with clients of all types and sizes—to discuss the five main elements essential to Microsoft 365 management and how they’re central to your success.
Table of contents
1. Governance: where the journey starts
Governance, in a way, is where it all starts. It’s the framework of how things will work in your Microsoft 365 environment, guiding everyone in how they’ll use their tools. And if anything goes wrong, chances are there’s an issue with your governance plan. For example, collaboration and efficiency may be going down because of duplicate teams and the usage of unsanctioned tools in your organization.
From our viewpoint, most organizations are not doing a great job on governance, and there are two reasons for that. First, we see them rolling out the many Microsoft apps and services based on their experience with other applications rather than paying attention to policies, compliance, and best practices that are specific to Microsoft 365.
Second, organizations that make investments in platforms such as Microsoft 365 want to see things rolling as soon as possible. Well, this may not be ideal, but it’s understandable. As the saying goes, “you don’t know what you don’t know:” Microsoft 365 provides so many services, solutions, and possibilities that it’s hard to make sense of all that at once. Sometimes clients ask us, “Show me what it can do,” and we get the urge to reply, “Well, do you have a few days?”
However, we could adapt the saying to: “you can’t govern what you don’t know.” As far as Microsoft 365 success goes, governance is central, and there’s no such thing as too much planning. Make sure to dedicate enough time and resources across your organization to build your governance strategy. And if you already migrated but feel it’s been rushed and something’s missing in terms of policies, maybe it’s time to step back and see things from a higher perspective.
This guide on Microsoft 365 governance in self-serve environments can help your organization get the best of both worlds: seamless collaboration and security.
2. Security: always a hot topic
Unlike governance, security is front and center in most IT professionals’ minds. This is a permanently hot trend, given the commonplace scares and menaces in digital environments. However, worrying about security is one thing; managing it correctly is another.
The good news is that Microsoft 365 has some solid basic security setups by default, adding a good layer of protection to your tenant from the get-go. But once end users start working with their tools, IT must be on top of the best practices to secure the tenant properly.
Again, it all comes down to governance. Security is one of your governance plan’s most critical aspects. It involves following best practices to minimize data loss and breaches and using security services such as Microsoft Purview and the Defender stack.
However, it’s common for IT to prioritize security over governance planning. In other words, they let the “business” make policy decisions while focusing on building up the fortresses and enforcing rules on what people can and cannot do. That’s not very productive. Using their expertise, IT professionals should collaborate with the rest of the organization on security and governance. Your Microsoft 365 maturity depends on ensuring IT plays its role in this decision-making process.
3. Shadow IT: communicate and mitigate
Shadow IT is the use of tech within an organization without approval from the IT department, and mitigating it is essential to boost collaboration and adoption in Microsoft 365, a topic we’ll discuss later. Typically, shadow IT starts when IT has too much control over the tenant, not giving users wiggle room for installing tools or apps on their own. Shadow IT can also happen when employees don’t have information or training about their tools, so they resort to the ones they already know, even if they’re not sanctioned by the organization.
With shadow IT, we typically notice two different scenarios:
- Scenario #1—Organizations don’t seem to care about it. They don’t have a governance plan or policies in place, and since IT is overloaded with work, you’ll see employees downloading all kinds of file share and task management tools to get their jobs done. Upper mnagement might think, “Well, people are getting things done, so no problem,” but without realizing (or maybe looking the other way) that shadow IT is a threat to security and a barrier to collaboration.
- Scenario #2—The opposite: to prevent shadow IT as much as possible, organizations adopt the heavy-handed approach we mentioned before, locking everything down, preventing users from installing software, or even blocking websites. Sure, this might circumvent shadow IT, but without adoption and education efforts (which don’t happen very often), productivity will suffer.
In the two scenarios, communication is key. In the first case, building a governance strategy should include an end-user communication plan, ensuring everyone has the resources to do their best work. In the second, informing and educating employees is a great way to avoid the stress of having such a tight control over the tenant and dedicate your efforts elsewhere.
This reminds us of something Microsoft MVP Martin Eekels said in a recent panel at ShareGate: how IT is often perceived as “the Department of No.” In our experience, this is often true. We’ve all seen more than a few riffs between IT and the rest of the organization regarding the “no’s” that are frequently said. But, as we see it, IT should be the “Department of Here’s How To Do It.” And, once more, governance is vital. A governance plan ideally answers the questions of “who, what, where, when, why, and how”; all IT has to do is educate end users accordingly.
4. Sprawl: it’s not a problem until it is
Microsoft advocates that anyone can use its services and apps to create sites, pages, or teams easily. And this has been made even clearer with the latest SharePoint announcements, which made everyone excited and eager to try Copilot and the other new functionalities.
But, as much as your end users might want to start creating content, you’ll need to ensure all the checks and balances of a good governance plan (yes, governance again) are in place. Otherwise, you’ll see duplication, unnecessary teams, and files being stored without the proper procedures. Hence, sprawl.
We already mentioned that some organizations don’t prioritize whether end users are using their tools correctly; they only care that the users are doing their jobs. The same goes with sprawl: some organizations don’t see how duplicate SharePoint sites, teams kept active well after their lifecycle ended, and files being replicated in different folders will affect daily work.
Well, that’s until employees start getting pushed back in their tasks and feeling paralyzed by the confusion and misinformation spreading in their apps. Besides, sprawl has an impact on finance (think of the storage costs of inactive teams and irrelevant SharePoint sites) and security (it’s hard to keep track of dispersed data). Keeping the tenant organized increases findability, visibility, and productivity, making it fundamental to achieving Microsoft 365 maturity.
5. Adoption: the bottom line
Now, we’ve come to the bottom line. You set up your governance strategy, raised all your security guardrails, and made your efforts to prevent shadow IT and sprawl. But governance is nothing without adoption. It’s adoption that will take your organization to total efficiency, productivity, and the best possible return on your Microsoft 365 investment.
But adoption is not a peak you climb to once in your life or a ball you hit out of the park, and that’s it. You must maintain it so people keep using their tools correctly and productivity stays up. Also, software and platforms are constantly changing: to give you an idea, Microsoft released more than 240 updates to M365 since 2017. So, keeping everyone updated can be daunting.
That brings us to why organizations typically don’t hire people to do internal training and adoption management: they see it as a call center or, in other words, a cost center. It makes no money, or, at least, not instantly. We should also consider that many companies are in growth mode, so they don’t have the means to make such an investment—even if eventually they witness a great ROI, as we’ve seen in the Forester study mentioned before.
Enter the change agents. Dealing with all kinds of clients, we’re able to identify those resourceful users that can see where change is happening, either with new apps or new features, and figure out how to deploy it within their teams or even across their organizations. IT should partner with end users to identify these change agents, introducing “champions programs,” for example. Also, keep in mind that training and education should be ongoing, so you can keep users engaged, maintain adoption, and ensure your maturity journey is complete.
Efficiency is staring at you: don’t blink!
In this article, we’ve talked about the struggles and challenges organizations face in their Microsoft 365 maturity journeys. In some cases, they don’t seem fully conscious of how important it is to enforce policies and best practices to fully benefit from what Microsoft 365 has to offer. We believe, however, that most companies will eventually become more aware of it.
Actually, they’re going to be forced to. Every day, we see more and better tools to drive efficiency, such as Copilot and other AI-powered technologies. Efficiency will stare these organizations in the face, and those who get behind will stay behind. It’s a matter of survival.
Having Microsoft 365 staring at you, though, is good news. It’s so quick to get started with it and create content, write emails, create sites, generate reports, and so on. But before that, be sure to build (or review) your strategies, like your governance plan. You could also explore ShareGate’s maturity assessment tool to check where you stand in your journey to success.
There might be a learning curve, and it’ll definitely take some effort, but the productivity, efficiency, and cost-savings you’ll get out of it will make it all worth it.