Yes, the cloud is amazing. Yes, Office 365 can do just about everything. Yes, it is the answer to many business management challenges. BUT …. do not be fooled by clever marketing. The Microsoft / Office 365 platform and all the platforms inside of it, have one of the most complex permissions and settings models of any software available today. Don’t for one second thing you can get a handle on it with a few Google searches. It takes years to get your head around how it all fits together. Why?

• 7 Overall licensing packages
• 116 Additional services available for purchase
• 14 Admin Centres in Microsoft 365 (E3 License)
• 4 User types
• 4 Group types with 2 privacy levels
• 3 Main external access switches
• 4 Sharing options in SharePoint and OneDrive
• 3 Sharing options in Teams
• 23 Administrator levels
• 33 Roles that can be assigned
• 3 Places to manage passwords
• 28 Services and Add-ins to configure
• 4 Additional admin levels in the Security Centre
• 15 Additional admin levels in Exchange
• 8 Ways for Users to create Office 365 Groups
• 7 Connected content storage platforms
• 8 Places to configure Yammer access settings
• 20 Default Security and Compliance Reports to monitor and configure
• 38 Settings to configure in the Security and Compliance Centre
• 19 Default alert policies on tenant level
• 6 Categories for new alerts with 3 severity levels
• 68 Actions that can be monitored with alerts on tenant level
• 4 Main additional sharing access levels in SharePoint
• 4 Main template types in SharePoint and 1 new way to connect them
• 3 Default site permissions in SharePoint (one with a security flaw)
• 33 Custom permission levels in SharePoint
• 5 Content levels you can apply permissions to in SharePoint
• 279 Apps you can add to Teams
• 7 Ways to communicate internally or externally across Teams, SharePoint, Outlook and Yammer
• 100’s of Permission levels in Dynamics365

Please exercise caution when implementing this platform, especially if you have a medium to large business. It takes significant planning and management to keep all these checks and balances in place, and not only that; but keeping them from conflicting with each other. Everything is connected to everything else. It is critically important to understand the dependencies.

It is even more important to get this governance under control with direction Microsoft has taken with “empowering the end user”, as it has created massive amounts of content sprawl and inadvertent sharing of information; and to the detriment of easily managing business content in a centralised manner. Deep-dive the Security and Compliance Centre first if nothing else, as that is where all content across the platform will be governed from now on. Also, get governance in place for Office 365 Groups and Teams as a matter of urgency. They have created a governance crisis that many companies simply don’t understand. There has not been nearly enough transparency in the industry around this.