Are you debating whether or not you should enable self-service in your Microsoft 365 environment? In this blog, we explain the pros and cons for productivity and security, as well as a way to get the best of both worlds!
Collaborative governance is a concept that everyone in IT should understand, it’s the process you use to control end users’ access to resources, their adherence to your corporate standards, and the safety of your data. Now, when you combine collaborative governance with enabling self-service in the same sentence, that’s when some people may actually get confused. Isn’t governance the antithesis of the autonomy self-service provides?
Your collaborative governance policies establish how your organization’s employees can work together and how they can work with people outside the organization. Essentially, it sets the framework for the various aspects of IT admin work that take up your time. Self-serve offers end users the ability to have some control over their tools. So if IT is looking to implement collaborative governance, what benefit could there be to also implementing self-serve?
You know all too well that modern organizations employ a wide range of tools. This is incredibly useful in the modern workplace, particularly since the pandemic triggered a wave of remote and hybrid work opportunities.
Thanks to the variety of tools available to end users, this means that different groups within an organization can choose to use whatever tool is right for them to communicate and collaborate with their team—whether it suits the function of their particular job, or it’s simply their preference based on their individual working habits. The leadership team may prefer to send email, while the development team uses team chat, and so on. Add self-service into the mix and it only enhances the end user’s experience.
This blog, the first in our series on self-service, is going to cover the benefits and risks of enabling self-service. If you’ve already done that, then check out the rest of the blogs in our series that offer best practices, 3 different methods for managing your self-service environment, and how an automated solution like ShareGate can simplify management for you:
- 5 Best practices for smarter IT governance in your Microsoft 365 self-serve environment
- 3 methods to avoid sprawl and security risks in your Microsoft self-service environment
- How ShareGate can help you manage your Microsoft 365 self-serve environment
While this flexibility is fantastic for the end users, it can cause challenges on the IT end of things if measures are not taken to preemptively mitigate sprawl and security risk. That’s where a collaborative governance process comes in. But can collaborative governance and self-service work hand-in-hand? We’ll get there.
Table of contents
- Importance of collaborative governance for IT in Microsoft 365
- Pros of enabling self-serve for collaborative governance in Microsoft 365
- Cons of enabling self-serve in Microsoft 365
- Steps for enabling self-service collaborative governance with guardrails for Microsoft 365
- Effective collaborative governance
Importance of collaborative governance for IT in Microsoft 365
Collaborative governance is crucial for every IT team in terms of efficiency and transparency. Plus, it also makes the IT team’s job easier—this is no small point of persuasion. While, yes, you surely want less stress in your role, it’s bigger than that.
If your organization has put in the time and resources to prioritize governance, this trickles down to affect every department, as well as the organization as a whole. When the IT team has clear collaborative process, every question or crisis that comes up afterward is that much easier to navigate—because you thought ahead and planned for it. Here are some specific reasons why collaborative governance is important in IT:
Improved decision making
When an IT team has collaborative governance set up, every decision becomes easier. The reason for this is that you’ve already gone through the steps to think of the what-ifs and essentially designed a rule-book for the collaborative process. Rather than needing to make decisions on each individual situation, your established governance already has the answer for you and for your organization’s end users.
This doesn’t mean that new situations won’t arise that haven’t been accounted for in existing governance. Of course they will! Continuous governance is key (and inevitable). But the fact that you have governance set up for so many other scenarios will at least serve as a precedent in those new situations and will help to guide you in your decision-making.
Better alignment
The simple act of developing collaborative governance forces an organization to consider the vision and goals of the business. It’s not possible to create governance without this, because governance will require some trade-offs, so it’s crucial to have a very clear shared understanding of your priorities as well as key variables.
The detail required for the governance plan documentation should be aligned with the results you hope to achieve. Thus, the vision offers a framework for governance.
Increased transparency
Making IT’s life easier isn’t the only purpose of governance (though, that is a great perk). It also helps every employee at your organization. Collaborative governance offers transparency, which is reassuring because everyone has the ability to understand how and why decisions are made. Transparency also makes it easier to maintain consistency and avoid non-compliance.
All team members can rest assured—not only is the IT team well-prepared for any issues or questions that arise, but team members also have access to that information themselves. This sort of transparency breeds trust, and that’s a core value that every organization should strive toward.
Enhanced communication
Modern collaborative efforts now take place through a comprehensive range of technologies rather than solely in meetings. Furthermore, the use of asynchronous communication has grown, offering employees more freedom to choose when and how to connect with their colleagues.
Microsoft 365 provides a variety of collaborative tools, such as messaging and meeting settings, to assist you in managing communication inside your company. Collaborative governance allows IT teams to enhance this communication experience for end users by ensuring policies are consistent and risk is mitigated.
Not only does collaboration governance enhance communication between end users, but it also enhances communication between IT teams and end users. It has to. It’s crucial that IT managers and their teams have a clear plan in place for how Microsoft 365 will develop with their business and meet their needs. And by having this plan, they are then able to communicate pertinent information to end users.
Pros of enabling self-service for collaborative governance in Microsoft 365
Collaborative governance results in planning, efficiency, transparency and risk mitigation. Self-service may seem to conflict with some of these governance values, but in reality, marrying governance and self-serve may bring the best of both worlds together. Here are some benefits of enabling self-service for collaborative governance.
Increased productivity
Want to boost employee productivity? Try lengthening the leash a little. Trust goes a long way, and self-serve intrinsically involves an element of trust. It also enhances the possibilities for collaborative approaches, which may strengthen a company and its teams when done effectively.
By having clear standards for how tools should be used, providing end-user training, and maintaining self-service, an organization will almost certainly increase productivity and end-user adoption. Why is this? Because the company is trusting and empowering its employees, which makes them feel good about coming to work every day.
Employee empowerment
An empowered employee is an independent and productive employee. If you implement a governance approach that allows end users to have some control, while also safeguarding the content and data they use across all products, you empower employees in a practical way.
Employee empowerment in the context of Microsoft 365 means allowing end users to choose and manage their own tools. That fact is, keeping self-service options enabled increases end-user adoption.
Cost savings
Simply put, self-serve is the more cost-effective option. IT scalability suffers significantly when a system is completely locked down. This model requires IT to conduct extensive research, provide their approval, and accept responsibility for all decisions. The larger your organization, the more bodies are needed to read tickets, execute changes, etc.
Improved data security
When we say that enabling self-serve can actually improve data security, a lot of people think that there must be a mistake. That can’t be right! When we give employees more freedom, it only opens up their organization to risk, right? Well, that neglects shadow IT.
Ahhh shadow IT, the bane of every IT professional’s existence.
One of the ways that Microsoft self-serve actually improves data security is because, once enabled, end users are much less likely to use shadow IT—which mitigates the risk of data leaks. When self-serve isn’t an option, employees often feel frustrated by their lack of control and having to wait for IT to get around to their tickets. So, they find workarounds.
This is why, even when IT has their Microsoft 365 environment totally locked down and controlled, end users could still potentially leak content if they share it via Google Docs, for example. That’s one of the big benefits of enabling self-service and educating your end users about how to use the tools you’re offering them, it can ultimately decrease the use of shadow IT.
Cons of enabling self-service in Microsoft 365
While the pros of self-serve we just listed may have convinced you (or affirmed your opinion), it is possible to have too much of a good thing. Self-service, particularly when implemented without a proper plan for managing your environment, can present some concerns.
Less control over data management
Self-serve without provisioning is kind of like the wild west. The democratization of self-serve could mean that data won’t be managed effectively.
Provisioning in Microsoft 365 serves as a balance between the autonomy self-serve offers end users and IT’s total dominance. By ensuring that assets are created correctly from the beginning, provisioning helps to future-proof situations. IT can create templates that establish guidelines for end users whenever they create spaces in Microsoft 365.
Difficulty in tracking and monitoring usage
All teams eventually become inactive at some point. Without regular monitoring, these dormant teams quickly accumulate in your tenancy, making it harder and harder for you to track and monitor usage.
When self-serve is enabled without effective policies and guardrails, it can be incredibly time consuming to monitor the state of your teams and to deal with those that have become obsolete. Every IT admin knows that inactive teams can build up, and eventually become kind of a big deal. They clutter up your tenant and can cause sprawl, making it difficult for end users to find what they need. Ironically, usage and adoption rates may plummet, which is the core appeal of self-serve in the first place!
Risk of data and security breaches
As mentioned, self-service is a fantastic approach to promote user autonomy and adoption, which can decrease the possibility of data leaks through shadow IT. However, allowing end users to organize their own teams, invite visitors, and share information with less restrictions can pose significant security problems if IT isn’t monitoring and managing the environment. Which, of course, is hard to do manually.
A lot of training and support is needed
The more freedom an organization gives to its end users, the more training and support will be needed (after all, most employees are likely not IT professionals).
Without considering a balanced approach to self-serve, IT teams may find themselves in a situation where end users don’t know where to find anything and don’t know how to use the software at all. At that extreme, the learning curve will be massive and unsustainable.
Steps for enabling self-service collaborative governance with guardrails for Microsoft 365
The goal of collaborative governance is to balance end users’ autonomy and IT’s authority with risk management at the forefront. As we’ve seen above, there are clearly pros and cons to enabling self-serve, so which is the best option? Well, you can have the best of both worlds by enabling self-serve with guardrails.
In order to get there, the first step is to consider some basic big-picture questions as part of planning:
- What are the business goals?
- What value are teams and individuals getting from these collaboration tools?
- How will you measure success?
Once you get to the point of actually devising your governance plan, there will inevitably be trade-offs that need to be made—especially when you intend to develop collaborative governance that balances self-serve with guardrails. That’s why these questions are so important. By having answers, you will have a clear vision to guide these decisions and prioritize policies accordingly.
Here are some key steps to consider as part of the process to enable self-serve collaborative governance with effective guardrails in place:
Establish communication practices
Before developing collaborative governance, you’ll need to develop collaborative strategies. And in order to do that, you’ll need to make sure you know which tools end users are utilizing and to what extent.
Within Microsoft 365, there are three main ways that end users can communicate and collaborate:
- Outlook simplifies email collaboration with a shared group inbox and calendar.
- Microsoft Teams is a chat-based workspace where employees have the opportunity to engage in unstructured, in-the-moment conversations. It’s possible to create sub-groups that are intended to be used for specific subjects.
- Yammer is a business social network that encourages collaboration
Consider how these three tools are most likely to be used by end users in certain situations, and how these situations may pose a security risk. These are important considerations when assessing which policies will be included and how they will apply to Microsoft 365’s collaborative features.
Involve key stakeholders
Don’t underestimate the value of user-input when establishing your collaborative governance with both self-serve and risk mitigation in mind. Figure out which employees use certain collaborative tools the most and meet with them. Get their insight, it will be invaluable in visualizing how self-serve and guardrails could be optimally implemented.
In terms of self-serve functionality, talk about their experience with the tools. Ask them what works and what doesn’t. How do these tools serve their business needs, and how can self-serve be enabled to optimize them?
In terms of guardrails, you may not even need to ask these end users outright if they are engaging in any risky behavior. Consider this as a fact-finding mission and you are the investigator. Simply talking to these end users about their use-patterns can give you insight about any risky practices they may be inadvertently engaging in or considering.
Be flexible and open to change
Every business changes, and technology is constantly evolving. All the decisions you made in terms of collaborative governance were relevant when you made them, but any of them may become obsolete or inaccurate. One self-serve feature may have triggered a risk factor that you hadn’t previously considered. And so the guardrails may need to be re-evaluated to meet this new information.
Always be open to revising, removing, and adding to the governance policies. Set these expectations from the get-go so that everyone is on the same page about this, and plan to meet periodically to review and assess any changes.
Governance planning is a proactive way to mitigate unforeseen circumstances, but it is also a living, breathing set of policies that will inevitably evolve to the extent that your organization and its needs evolve.
For example, perhaps in the process of enabling self-serve you realize that, in fact, more supervision is necessary than you originally thought in order to guarantee compliance. Or, you could discover the opposite—perhaps the guidance of the policies means that end users require less supervision than you thought.
Roles and responsibilities may need to change so they are in-line with the way end users have evolved to use collaborative tools as a result of the governance policies.
Implementing a framework
We’re sure you get the picture by now that self-serve + guardrails = a match made in heaven. Your collaborative governance framework should rest on the foundation of that concept. Remember that collaborative governance is the process you use to manage end users’ access to resources, how they follow corporate standards and the safety of your data. By enabling self-service AND putting guardrails in place, you ensure that end users are using the right tools the right way.
You can create these guardrails using some of Microsoft’s out-of-the-box tools and services, and you can also create your own PowerShell scripts or use Power Automate to create the guardrails you need, though this can be time consuming and require certain skills not all IT admins have.
The most efficient and thorough approach is utilizing a simple tool like ShareGate, the Microsoft 365 management solution that just works, to make your life a whole lot easier. This type of solution allows you to have all the pros of enabling self-serve while mitigating the risk of sprawl and security breaches.
Effective collaborative governance
At ShareGate, we support the advantages of collaborative governance and self-serve IT. This approach relies on trust and collaboration by offering group and team owners the authority to identify their group’s purpose, data priorities, and level of confidentiality. This serves the goal of most IT teams: to adopt regulations that keep things going smoothly, without friction, and without locking down the entire system. ShareGate will offer you the guardrails you need so that you can safely offer end users the autonomy they crave.
