Designing for Operational Success

Your collaboration platform is the hub for workplace productivity. It is where your information workers connect, share, and get work done. While the leading tools and services enable you to quickly launch and add users, your long-term success requires more thoughtful steps and business alignment. Planning is the key to success — and having a strategy for each of the potential risks outlined in the previous section will ensure that your collaboration environment meets or exceeds your end user expectations and will continue to support your growing needs.

Proper planning is also essential because Office 365 is continually evolving, as well. With customers around the world with many different standards and regulations guiding them, Microsoft is constantly reviewing how their platform handles your information assets, adding to the list of compliance and security standards supported while at the same time expanding their data center footprint to reach customers in under-served areas of the world. While Microsoft’s efforts should inform your organizational security and compliance planning, your overall strategy should include a more holistic and comprehensive review of industry research and trends, expert guidance, and your own internal experiences.

Where should I focus?

Organizations that are considering moving to the cloud entirely or using a hybrid model need to understand the differences between reporting, compliance, and governance capabilities within their existing on-premises and online tools and platforms and set expectations about what can be managed out-of-the-box – and where third-party solutions will need to be utilized.

Much of the administration experience inside of Office 365 streamlines and automates tasks that you previously had granular control over within the individual on-premises workloads. From an auditing and compliance perspective, this means you need to understand:

1. Your organizational requirements, standards, and policies.
2. What capabilities are possible within each of your hybrid components, from discovery through technical enforcement.
3. What can be managed centrally versus within each individual system or component, and by whom.

Whether your environment is on-premises, in the cloud, or in a temporary or permanent hybrid state, it is critical that organizations clearly understand their security and compliance requirements, and whether these requirements are being met. All planning should begin with a detailed, step-by-step review of security and compliance policies and procedures, mapping out how each of them is currently accomplished. As organizations consider moving to the cloud, they should use this baseline to understand how each will be accomplished within the future environment, and how current metrics and key performance indicators (KPIs) will be updated.