Thought Leader Talks: Office 365 Data Protection, Szymon Bochniak

Home
Posts
Thought Leader Talks: Office 365 Data Protection, Szymon Bochniak

Listen in:

Watch on:

10:00

Thought Leader Talks: Office 365 Data Protection, Szymon Bochniak

Teresa Gracias
October 25, 2023

Try our Backup Interactive Product Tour

Table of Contents

Hello and welcome to Thought Leader Talks – our monthly chat with tech gurus, platform SMEs and cybersecurity experts. In this month’s session, we chat with Szymon Bochniak, founder of the popular Office 365 At Work blog.

He has over 13 years of experience working with Microsoft technologies – as a SharePoint Solutions Architect, and an Office 365 Service Delivery Manager. Szymon currently manages a team of 35+ Office 365 consultants; helping organizations solve their business challenges using Microsoft 365 (Office 365).

Read his practical pointers and insights on Office 365 data protection, optimizing Microsoft Teams for the remote workforce, Microsoft 365/SharePoint migration, and more.

Welcome, Szymon!

Thought Leader Talks: Office 365 Data Protection, Microsoft Teams, and Migration With Szymon Bochniak

Microsoft Teams’ Features for the Remote Workforce

Q: Let’s start by talking about Microsoft’s “hottest product on the block”. Microsoft Teams has witnessed a huge surge in adoption to 115 million users driven by the en masse shift to the remote workforce. What are some of the valuable hidden features in Microsoft Teams that you’ve used to enhance distributed team collaboration, In the course of your implementation and customization of Teams?

Yeah, I think we can see that almost everyone is working on Microsoft Teams right now. We analyzed how employees in organizations use Teams after the rollout of the application. Almost 80 percent of users use Teams only for very basic communication like chats, meetings, and calls.

The collaboration mechanisms of Teams are under-utilized. From my perspective, I can advise that if you’re working on the Microsoft Teams adoption process, focus both on communication and collaboration features.

Training and knowledge sharing for instance should include Teams’ powerful document collaboration aspects. There are a lot of great Sharepoint-based features like co-authoring, versioning tracking control, and processes for document approvals. Collaboration features that you can implement very quickly. These are ways you can encourage employees to use the more advanced collaboration abilities of Teams.

Another aspect is that it’s very easy to add applications, custom applications to Microsoft Teams. If you already have 100+ employees using Teams in your company it’s very easy to navigate them to other apps that could be of service. The apps could be Salesforce, Sharepoint-based intranet, Yammer, an in-house application, or any other.

Simply add it on the left navigation of Teams to showcase it to the entire organization, and make it easy for employees to navigate from Teams to other apps in the organization. I would recommend these two hidden features to enhance distributed team collaboration for the remote workforce.

Microsoft 365 (Office 365) Security Best Practices for The Enterprise

Q: On the flip side, McAfee reported a 199 percent increase in Office-targeted malware last year. What would be your suggestions for Microsoft 365 security best practices for the enterprise?

Yes, securing Microsoft 365 with the remote workforce is challenging. We can assume that business users will always be a kind of weak point from the perspective of security. It may not always be possible to train them at a very high level, but there are features that you can immediately implement in Office 365 that are present by design. One of the things that I always recommend to start with is to implement multi-factor authentication.

It’s something that is present in every license and every subscription of Office 365. It gives an additional layer of security – if there is a leak of the password or the username, there will always be a second layer of security that will help to defend from any kind of attack.

The second thing is to implement some kind of monitoring or auditing solutions based on security and compliance features that are built. For example, if there is any kind of communication from locations that are not connected with your company, you can automatically be notified about suspicious traffic. This is something that could be very easily implemented. Two very basic functionalities that could help you to improve the security level of your company.

Microsoft 365 (Office 365)/SharePoint Migration

Q: Migrating from one SaaS platform to another can eat into any expected ROI, if not handled rightly. What are some of the main challenges that organizations encounter when migrating to Microsoft Office 365 and SharePoint? What would be your suggestions to allay them?

I think the biggest challenge is that often decisions are made squarely based on the cost perspective. When you’re switching from on-premise or a different SaaS platform to Microsoft 365, the starting point typically involves calculating the possible savings for the organization.

This is fair, but it’s missing the business perspective and involvement of the employees. Migration will always involve sorting out the differences and incompatibilities between the two platforms. The involvement of the business is crucial not only to make the migration successful, but their inputs will optimize its adoption.

Stakeholder and employee requirements and feedback will help you make informed decisions about the type and extent of migration. It’s very difficult to make those kinds of decisions without the perspective of the business side. Thus, my first suggestion would be to not only focus on the technical aspect of migration but also involve business inputs.

The second challenge is caused due to poor technical groundwork. Prepare a really good architecture plan before the migration. If this is properly done, before the migration, it can really save a lot of effort. This is because it will prepare a proper setup for the final destination of the data. Do your groundwork well!

Microsoft 365 Features for The Remote Workforce

Q: The renamed Microsoft 365, many would say, is Office 365 tailored for the remote economy. What are some of the new features that are especially helpful for the distributed or hybrid workforce of today?

This is a timely question. Microsoft, since the beginning of this year, has been developing and promoting a new line of products – Viva. Most of these applications are focused on the well-being of remote employees.

These enhancements are less technical but very important to foster team culture and empower distributed remote employees. It’s built from the perspective of working in different locations, both how to help such teams work efficiently and also to take care of their well-being. It’s very difficult to be very productive if you don’t feel connected to your team.

Viva is a platform with apps to build a connected culture, for online training, to help employees with time management, and to offer personalized insights. These are some of the applications on the Viva platform that will be provided to Microsoft 365 users. It will deliver something totally new and something very useful for teams in the next few years.

Microsoft 365 (Office 365)/SharePoint Data Protection

Q: What are your thoughts on Microsoft 365 and SharePoint data protection as far as Microsoft 365 backup / SharePoint backup goes? Do you think it is required?

Well, I would like to say you can save costs by moving out from backup when you’re moving to the cloud from an on-premise environment. But, realistically, it will be impossible to get rid of any kind of backup solution when you’re moving your data to Microsoft 365.

While there are features that help you to retain data after the user deletes it, this is totally not the approach that will secure very important artifacts, critical data, audited data, or validated data in your environment.

It is also clearly stated by Microsoft in the service agreement for Microsoft 365 that your organization needs to provide a backup solution to secure data. Additionally, there will also be a business need to restore data from any point in time. There’s no such feature in Microsoft 365 to meet that business requirement, so there will be a need to deploy some kind of third-party backup solution to address that.

Microsoft 365 (Office 365) Native Options: Retention, eDiscovery, and Litigation Hold

Q: How do native options such as retention policies, eDiscovery, and Litigation Hold suffice as far as backup and recovery of deleted Microsoft 365 data goes?

These features are very useful to restore data lost due to some unexpected reasons. While you can restore something that is deleted by the user, it is time-bound and you can only retain that data for some period of time.

It’s a totally different approach than having the ability to restore data from any point in time, a specific version, to meet the specific expectation from business.

One more aspect is retaining the data with these native options is time-limited. For instance, the basic retention setup for Sharepoint is 90 days, so if you want to restore something from half a year ago, it will be very difficult to do that. Again, holding everything in retention policies for an unlimited period of time will also cause the volume of the data that you will store on Office 365 to grow extremely large.

I will split the strategy into two factors. One – use retention policies to restore the data from a short period of time mostly for the business requirements in very simple cases.

Two – for specific security of critical data that needs to be restored and secured, a backup solution needs to be in place.

Data Privacy and Microsoft 365 (Office 365)

Q: Data privacy by design is growing in importance, demanded both by the digital-savvy customer and compliance regulations such as the GDPR. What in-built provisions does Office 365 come with to facilitate privacy-by-design?

Microsoft provides privacy by design but also by default. A company that would like to implement GDPR processes can use these in-built features to ensure they are compliant. Most of these kinds of features were not present in the old on-premise versions of these applications like Sharepoint or Exchange. These features are new and advanced and are implemented in Microsoft 365 by design.

Few elements, for example, are that all connections for the web-based applications are encrypted. It’s something that is often not implemented in on-premise local data centers, but today we see how important it is to encrypt all communication.

We talked about how retention could help us to restore data, but, at the same time, we can use policies to limit how long we want to store the data from the legal perspective.

For example, we can use retention policies to limit storing of data for three years and after that period of time, it is deleted, because this is our legal requirement.

This was something totally not present in the old on-premise approach and which could be very useful. Implementation of such approaches in SharePoint, OneDrive, and Teams is very easy and is present by design.

Thank you, Szymon for your practical and helpful insights on Office 365 data protection, fine-tuning Microsoft Teams for hybrid teams, and Microsoft 365/SharePoint migration

This is Teresa, signing off till our next chat with a Thought Leader