Professional Documents
Culture Documents
b GET STARTED
Glossary
Groups in Microsoft 365 and Azure, and Which is Right for You
d TRAINING
Accessibility by Design
d TRAINING
d TRAINING
Versioning in SharePoint
Planning Permissions with Group-based SharePoint Sites when you're used to Regular
SharePoint Permissions
Importing Data
Information Architecture
d TRAINING
How Do Site Columns Become Managed Properties - Thus Available for Search?
Effective Communication
d
d TRAINING
p CONCEPT
Auto Apply Retention Labels in Office 365 Using Content Types and Metadata
Can Machine Learning be used to assign managed metadata attributes for items?
Useful Scenarios
p CONCEPT
Library scenarios
i h d h l f l ll b i
Using Shared Channels for External Collaboration
Automation
c HOW-TO GUIDE
Security
p CONCEPT
The Power Platform Data Loss Prevention (DLP) policies you should be considering on Day 1
In Preview
p CONCEPT
Yet another Tool? Why you will probably love Project Moca aka Outlook Spaces
References
i REFERENCE
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
As with any technology, there are lots of terms we toss around to explain things. Just
understanding what each term means can be half the battle. Whether you are entirely
new to Microsoft 365 or have been using it for years, there are always new terms to
learn. The fact that Microsoft uses common English words for many capabilities can add
an additional layer of confusion.
This Glossary is an attempt to demystify some of the terms and acronyms we use every
day in working with the platform. See one missing? Feel free to add an Issue with what
you want added.
Also consider checking out the additional glossaries listed in the Additional Resources
section.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Access
Microsoft Access is a database program which is part of the Microsoft Office suite of
products.
Access Reviews
Azure Active Directory (Azure AD) access reviews enable organizations to efficiently
manage group memberships, access to enterprise applications, and role assignments.
User's access can be reviewed on a regular basis to make sure only the right people
have continued access.
Accessibility
There is no limit to what people can achieve when technology reflects the diversity of all
who use it. Microsoft are dedicated to providing accessibility tools and features that
help people achieve more at home, school, and work.
Activity Explorer
Activity explorer provides a historical view of activities on your labeled content. The
activity information is collected from the Microsoft 365 unified audit logs, transformed,
and made available in the Activity explorer UI. Activity explorer reports on up to 30 days
worth of data.
Adaptive Cards
Adaptive Cards are a platform-agnostic method of sharing and displaying blocks of
information without the complexity of customizing CSS or HTML to render them. You
author Adaptive Cards in JSON format, with integrations that cloud apps and services
can openly exchange. When delivered to a specific host, such as Microsoft Teams, the
JSON is transformed into native UI that automatically adapts to its host. Therefore,
process designers can now offer consistent UI patterns whenever they need to display
information as part of a business process/automation.
Administrative units
Administrative units restrict permissions in a role to any portion of your organization
that you define. You could, for example, use administrative units to delegate the
Helpdesk Administrator role to regional support specialists, so they can manage users
only in the region that they support.
Advanced eDiscovery
The Advanced eDiscovery solution in Microsoft 365 builds on the existing Microsoft
eDiscovery and analytics capabilities. Advanced eDiscovery provides an end-to-end
workflow to preserve, collect, analyze, review, and export content that's responsive to
your organization's internal and external investigations.
Alert Policies
You can use the alert policy and alert dashboard tools in the Microsoft Purview
compliance portal or the Microsoft 365 Defender portal to create alert policies and then
view the alerts generated when users perform activities that match the conditions of an
alert policy.
Always on VPN
Always On VPN provides a single, cohesive solution for remote access and supports
domain-joined, nondomain-joined (workgroup), or Azure AD–joined devices, even
personally owned devices.
App
An App is a term in SharePoint that means a packaged extension or customization that
you can add to a site. An app can simply be a list that you add to a site to store
information, or it can be a package that installs web parts that are available to use on
pages, customizations that give you extra functionality within existing lists and libraries,
or it could be an entire application that runs outside of SharePoint but has the ability to
read and write back to your SharePoint site.
App Catalog
As a SharePoint or global admin in Microsoft 365, you can acquire solutions from the
SharePoint Store or distribute custom apps that can be used across SharePoint,
Microsoft Teams, and Viva Connections. The first step in acquiring solutions is to have an
App Catalog you can use to store and distribute solutions.
Application Customizer
See SharePoint Framework
Application Proxy
Azure Active Directory's Application Proxy provides secure remote access to on-
premises web applications. After a single sign-on to Azure AD, users can access both
cloud and on-premises applications through an external URL or an internal application
portal.
Attack Simulator
If your organization has Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2,
which includes Threat Investigation and Response capabilities, you can use Attack
simulation training in the Microsoft 365 Defender portal to run realistic attack scenarios
in your organization. These simulated attacks can help you identify and find vulnerable
users before a real attack impacts your bottom line.
Audit Log
Use the audit log search tool in Microsoft Purview compliance portal to search the
unified audit log to view user and administrator activity in your organization.
Authenticator App
The Microsoft Authenticator app provides an additional level of security to your Azure
AD work or school account or your Microsoft account and is available for Android and
iOS. With the Microsoft Authenticator app, users can authenticate in a passwordless way
during sign-in, or as an additional verification option during self-service password reset
(SSPR) or Azure AD Multi-Factor Authentication events.
Azure AD Connect
Azure AD Connect is an on-premises Microsoft application that's designed to meet and
accomplish your hybrid identity goals.
Azure Marketplace
The Microsoft commercial marketplace is a catalog of solutions from our independent
software vendor (ISV) partners. As an ISV member of the Microsoft Partner Network, you
can create, publish, and manage your commercial marketplace offers in Partner Center.
Your solutions are listed together with our Microsoft solutions, connecting you to
businesses, organizations, and government agencies around the world.
Azure Virtual Desktop
Azure Virtual Desktop is a desktop and app virtualization service that runs on the cloud.
With Azure Virtual Desktop, you can set up a scalable and flexible environment.
B2B
Azure Active Directory (Azure AD) business-to-business (B2B) collaboration is a feature
within External Identities that lets you invite guest users to collaborate with your
organization.
B2C
Azure Active Directory B2C provides business-to-customer identity as a service. Your
customers use their preferred social, enterprise, or local account identities to get single
sign-on access to your applications and APIs.
Backup
Always a hot topic. There is no native traditional backup and restore capability within
Microsoft 365. The link to the left shows Microsoft’s stance in relation to backup of
Exchange Online as an example. Third-party products are available, but are they worth it,
and are they needed? The debate goes on.
Billing
Learn how to buy and manage business subscriptions, perform license management
tasks, and manage billing and payments for your business accounts with Microsoft.
Best Practices
Best practices for collaborating with Microsoft 365.
Bookings
Microsoft Bookings is for scheduling and managing appointments. Bookings includes a
web-based booking calendar and integrates with Outlook to optimize your staff’s
calendar and give your customers flexibility to book a time that works best for them.
Calendar
Calendars in Exchange Online mailboxes are available for users. Shared, Resource, and
Room mailbox calendars are also available.
Camel Case
In programming, Camel case is the practice of naming variables or controls by
capitalizing all words except the first, giving the name a look like a camel's hump.
Examples: iPad , intQuantity , myEmailAddress .
Channels
Channels in Microsoft Teams are dedicated sections within a team to keep conversations
organized by specific topics, projects, and disciplines! Files that you share in a channel
(on the Files tab) are stored in SharePoint.
Citizen Developer
A user whose job definition does not include any development activities and/or without
formal software development training, but who nevertheless creates new business
applications for consumption by others using development and runtime environments
sanctioned by corporate IT.
Classic SharePoint
Classic SharePoint refers to the user interface (UI) that was available starting in
SharePoint 2013 - what you might think of as the blue and white UI. Classic SharePoint
uses master pages and page layouts for content structuring. These capabilities were
built on the .NET framework.
Column Formatting
Column Formatting is a SharePoint feature that allows users to customize the display of
fields in Document Libraries and Lists. Colors, icons, images and other elements are used
to highlight content and improve the user experience. Links are used to make content
actionable.
Some columns types, like Date and Choice, include ready made design templates. All
column types allow for advanced formatting using JSON code.
Command Set
See SharePoint Framework
Communication Compliance
Protecting sensitive information and detecting and acting on workplace harassment
incidents is an important part of compliance with internal policies and standards.
Communication compliance in Microsoft 365 helps minimize these risks by helping you
quickly detect, capture, and take remediation actions for email and Microsoft Teams
communications. These include inappropriate communications containing profanity,
threats, and harassment and communications that share sensitive information inside and
outside of your organization.
Communication Site
A Communication Site is generally used to communicate from a smaller group to a
larger group. For this reason, Communication Sites are often used in Intranets.
Community
The Microsoft Technical Community is a wonderful place. If you are not using it then you
are truly missing out.
Compliance
If your organization needs to comply with legal or regulatory standards, start with the
link to the left to learn about compliance in Microsoft 365.
Compliance Center
The Microsoft Purview compliance portal provides easy access to the data and tools you
need to manage to your organization's compliance needs.
Conditional Access
Azure Active Directory (Azure AD) Conditional Access brings signals together, to make
decisions, and enforce organizational policies. Conditional Access is at the heart of the
new identity-driven control plane.
Content Search
Use the Content search tool in the Microsoft Purview compliance portal to quickly find
email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations,
and instant messaging conversations.
Content Types
Content types help make it easy to provide consistency across a site. You create or
customize a content type with the characteristics that you want, such as a certain
template, specific metadata, and so on.
Content Type
See: What is a Content Type?
Crawled Property
A Crawled Property is one of the basic units of the Search Schema. They are created
automatically by the SharePoint Search Indexer (or Crawler) when it is discovering
content that can be searched. The information stored in Crawled Properties is made
available in queries by mapping them to Managed Properties.
Customization
Improving specific aspects of SharePoint functionality by changing settings through the
end user interface. See also SharePoint Framework
Microsoft Dataverse
Microsoft Microsoft Dataverse is the premium data backbone that enables people to
store their data in a scalable and secure environment dynamically. Microsoft Dataverse
enables organizations to look at data as a service spun up on-demand to meet ever-
changing business needs.
Microsoft Dataverse for Teams is built upon Microsoft Dataverse, and provides a 'lite'
version equivalent, for free, under the existing licensing requirements of Microsoft 365.
Defender
Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that
natively coordinates detection, prevention, investigation, and response across
endpoints, identities, email, and applications to provide integrated protection against
sophisticated attacks.
Delve
Use Delve to manage your Microsoft 365 profile, and to discover and organize the
information that's likely to be most interesting to you right now - across Microsoft 365.
Desktop Analytics
Desktop Analytics is a cloud-based service that integrates with Configuration Manager.
The service provides insight and intelligence for you to make more informed decisions
about the update readiness of your Windows clients. Desktop Analytics is deprecated
and will be retired on November 30, 2022.
Direct Access
DirectAccess allows connectivity for remote users to organization network resources
without the need for traditional Virtual Private Network (VPN) connections. With
DirectAccess connections, remote client computers are always connected to your
organization - there is no need for remote users to start and stop connections, as is
required with VPN connections. In addition, your IT administrators can manage
DirectAccess client computers whenever they are running and Internet connected.
Direct Routing
You're ready to add cloud voice workloads to Microsoft Teams, and you've decided to
use your own telephony carrier for Public Switched Telephone Network (PSTN)
connectivity by using Phone System Direct Routing. With Direct Routing, you can use
Phone System with virtually any telephony carrier.
DKIM
DKIM is one of the trio of Authentication methods (SPF, DKIM and DMARC) that help
prevent attackers from sending messages that look like they come from your domain.
DMARC
Domain-based Message Authentication, Reporting, and Conformance (DMARC) works
with Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to
authenticate mail senders and ensure that destination email systems trust messages
sent from your domain.
Document Library
Document Libraries are a primary storage location in SharePoint and Microsoft Teams. A
Document Library is a special type of list where documents or other files are added as
items, but no further file attachments can be added. Other files are added as separate
entries in the library.
By default, every file uploaded to a Document Library is created with a Content Type of
Document.
Domains
Custom domains can be added into Microsoft 365. Your company might need multiple
domain names for different purposes. For example, you might want to add a different
spelling of your company name because customers are already using it and their
communications have failed to reach you.
Dynamics 365
Dynamics 365 is a set of intelligent business applications that helps you run your entire
business and deliver greater results through predictive, AI-driven insights.
eDiscovery
Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic
information that can be used as evidence in legal cases. You can use eDiscovery tools in
Microsoft 365 to search for content in Exchange Online, OneDrive for Business,
SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer.
Endpoint Manager
Microsoft Endpoint Manager helps deliver the modern workplace and modern
management to keep your data secure, in the cloud and on-premises. Endpoint
Manager includes the services and tools you use to manage and monitor mobile
devices, desktop computers, virtual machines, embedded devices, and servers.
Entitlement Management
Azure Active Directory (Azure AD) entitlement management is an identity governance
feature that enables organizations to manage identity and access lifecycle at scale, by
automating access request workflows, access assignments, reviews, and expiration.
Enterprise Applications
The Microsoft identity platform supports authentication for a variety of modern app
architectures, all of them based on industry-standard protocols such as OAuth 2.0 or
OpenID Connect.
Excel
From planning meals to comparing colleges, linked data types help achieve goals by
bringing data on a variety of subjects right into Excel. Easily browse data, add to
workbooks, and work with it the way you want.
Exchange Online
Exchange Online is part of the Microsoft 365 and Office 365 suite of products and
provides email functionality to users.
F1 licence
Empower your frontline workforce with a secure, intuitive and connected experiences.
Protect and secure your organization and empower your frontline to work in new and
flexible ways. Equip your frontline workforce with powerful communication,
collaboration and productivity experiences.
F3 licence
Empower your frontline workforce to achieve more. Equip frontline workers with
powerful and intuitive tools that deliver a connected and secure experience. Transform
business processes with customized apps and workflow automation to save time and
money. Safeguard company assets with intelligent security that won’t slow down
frontline productivity.
Farm
A set of on premises servers that hosts the SharePoint application, including SQL servers
that host the SharePoint databases. A Farm can be single server or multi-tiered
architecture containing multiple servers.
FIDO2
Sign in to web-based applications with your Azure AD account using a FIDO2 security
key.
Field Customizer
See SharePoint Framework
File Plan
Although you can create and manage retention labels from Information governance in
the Microsoft Purview compliance portal, file plan from Records management has
additional management capabilities.
First Release
Deprecated - please see Targeted Release.
Folders
With your files saved to OneDrive, SharePoint, or Teams, you can create files and folders
to manage your work.
Forms
Microsoft Forms allows your users to quickly and easily create custom quizzes, surveys,
questionnaires, registrations and more.
Frontline workforce
Frontline workers are employees whose primary function is to work directly with
customers or the general public providing services, support, and selling products, or
employees directly involved in the manufacturing and distribution of products or
services. Your frontline workforce is essential to your business. Invest in them with
simple, intuitive, and secure solutions from Microsoft 365
Fundamentals
Microsoft 365 Certified: Fundamentals is a certification to prove that you understand the
options available in Microsoft 365 and the benefits of adopting cloud services, the
Software as a Service (SaaS) cloud model and implementing Microsoft 365 cloud service.
GCC
To meet the unique and evolving requirements of the United States Federal, State, Local,
and Tribal governments, as well as contractors holding or processing data on behalf of
the US Government, Microsoft offers the Office 365 Government GCC environment.
GCC High
To meet the unique and evolving requirements of the United States Department of
Defense, as well as contractors holding or processing DoD controlled unclassified
information (CUI) or subject to International Traffic in Arms Regulations (ITAR), Microsoft
offers GCC High and DoD environments.
GDPR
The General Data Protection Regulation (GDPR) introduces new rules for organizations
that offer goods and services to people in the European Union (EU), or that collect and
analyze data for EU residents no matter where you or your enterprise are located.
GitHub
GitHub is where over 73 million developers shape the future of software, together and
contribute to the open source community,
Global Administrator
Users with this role have access to all administrative features in Azure Active Directory,
as well as services that use Azure Active Directory identities like the Microsoft 365
Defender portal, the Microsoft Purview compliance portal, Exchange Online, SharePoint
Online, and Skype for Business Online. Furthermore, Global Administrators can elevate
their access to manage all Azure subscriptions and management groups.
Global Reader
Users in this role can read settings and administrative information across Microsoft 365
services but can't take management actions. Global Reader is the read-only counterpart
to Global Administrator.
Governance
Microsoft Purview Data Lifecycle Management provides capabilities to govern your data
for compliance or regulatory requirements.
Graph API
The Microsoft Graph API offers a single endpoint, Microsoft Graph , to provide access
to rich, people-centric data and insights in the Microsoft cloud, including Microsoft 365,
Windows 10, and Enterprise Mobility + Security. You can use REST APIs or SDKs to
access the endpoint and build apps that support Microsoft 365 scenarios, spanning
across productivity, collaboration, education, people and workplace intelligence, and
much more.
Groups
Add members to groups in Microsoft 365 to simplify administration.
Group
A Group in SharePoint can generally refer to one of three things. It may mean:
SharePoint Group
A container to organize users and other security groups. A SharePoint group can be
assigned permission levels on an object such as a site, a list or library, a folder or a
document (or page, or item). Generally only a Site Owner can manage who is in a
SharePoint Group.
A Group is the foundation of a Microsoft Teams Team. A Team gives users within that
Group channels to collaborate in the context that is relevant to their work and the ability
to have scheduled and ad-hoc meetings. Teams can be public (they can be accessed by
everyone inside of the organization), private (users need to be invited explicitly) or org-
wide (everyone in the organization is automatically a member of this team). Roles and
permissions are simplified to Owner (create, delete, manage memberships), Member
(collaborate, create channels and add tabs) and Guest. Guests are outside of the
organization and need to be added explicitly as an External User, otherwise they can't
see nor access a Team. They can only work in the structure provided to them, which
means they can't add tabs, apps or channels.
Security Group
A security group is a container of users defined in Active Directory, one or more of these
can be added to SharePoint Groups. Adding users in the security groups applies
permissions in SharePoint.
H
Health Attestation
The Device Health Attestation (DHA) service validates the TPM and PCR logs for a device
and then issues a DHA report.
As with all web parts in SharePoint, this we part will only display content which the
current user has permission to see.
Hololens
An ergonomic, untethered self-contained holographic device with enterprise-ready
applications to increase user accuracy and output.
Home Site
A Home site is the top site of your intranet. It is a Communication Site with a few extra
superpowers:
The Home Site is the destination for the home icon in the SharePoint mobile app.
The Home Site provides an organization-wide search scope, making ALL content in
your tenant findable.
Home sites are intended for use as the landing page for your organization. There is only
one Home Site per tenant allowed and its set using PowerShell
Hub Site
A Hub Site is a SharePoint site that can have other sites associated to it. This allows you
to group sites by department, region, or project, etc. Features such as News, Events, and
Highlighted Content can be used to produce rolled up views of content - like pages and
documents from the associated sites - on a page on the Hub Site.
Hybrid Exchange
A hybrid deployment offers organizations the ability to extend the feature-rich
experience and administrative control they have with their existing on-premises
Microsoft Exchange organization to the cloud. A hybrid deployment provides the
seamless look and feel of a single Exchange organization between an on-premises
Exchange organization and Exchange Online.
Hybrid Identity
Today, businesses, and corporations are becoming more and more a mixture of on-
premises and cloud applications. Users require access to those applications both on-
premises and in the cloud. Managing users both on-premises and in the cloud poses
challenging scenarios. Microsoft’s identity solutions span on-premises and cloud-based
capabilities. These solutions create a common user identity for authentication and
authorization to all resources, regardless of location. This is called hybrid identity.
Idempotent
In a development sense, idempotent means that code you run more than once with the
same inputs will always produce the same outputs. In other words, you can always
expect the same effects, no matter how many times you do something.
Identity Models
Microsoft 365 uses Azure Active Directory (Azure AD), a cloud-based user identity and
authentication service that is included with your Microsoft 365 subscription, to manage
identities and authentication for Microsoft 365. Getting your identity infrastructure
configured correctly is vital to managing Microsoft 365 user access and permissions for
your organization.
Information Barriers
Microsoft cloud services include powerful communication and collaboration capabilities.
But suppose that you want to restrict communication and collaboration between two
groups to avoid a conflict of interest from occurring in your organization. Or, perhaps
you want to restrict communication and collaboration between certain people inside
your organization in order to safeguard internal information. Microsoft 365 enables
communication and collaboration across groups and organizations, so is there a way to
restrict communication and collaboration among specific groups of users when
necessary? With information barriers, you can!
Information Governance
Microsoft Purview Data Lifecycle Management provides capabilities to govern your data
for compliance or regulatory requirements.
Information Protection
Implement capabilities from Microsoft Purview Information Protection to help you
discover, classify, and protect sensitive information wherever it lives or travels. MIP
capabilities are included with Microsoft 365 Compliance and give you the tools to know
your data, protect your data, and prevent data loss.
Inheritance
Inheritance refers to the cascading of default site permission levels (i.e. Owner, Member
and Visitor) to site Document Libraries, Lists, Site Pages etc.
Intune
Microsoft Intune is a cloud-based service that focuses on mobile device management
(MDM) and mobile application management (MAM). You control how your
organization’s devices are used, including mobile phones, tablets, and laptops. You can
also configure specific policies to control applications.
Javascript
Often abbreviated JS, Javascript is a programming language that is one of the core
technologies of the World Wide Web, alongside HTML and CSS.
Journaling
Journaling can help your organization respond to legal, regulatory, and organizational
compliance requirements by recording inbound and outbound email communications.
When planning for messaging retention and compliance, it's important to understand
journaling, how it fits in your organization's compliance policies, and how Exchange
Online helps you secure journaled messages.
JSON
JSON is a standard format for representing structured data as text. JSON is commonly
used to store data in text files and to exchange data between programs over a network.
JSON files usually have a .json filename extension.
Junk Email
In Microsoft 365 organizations with mailboxes in Exchange Online, organizational anti-
spam settings are controlled by Exchange Online Protection (EOP). For more
information, see Anti-spam protection in EOP. But there are also specific anti-spam
settings that admins can configure on individual mailboxes in Exchange Online:
Just-enough-Access
Just-enough-access is the core principle of Privileged Access Management in Microsoft
365 and enables on-demand access to roles and tasks instead of having them
permanently assigned.
Kaizala
Microsoft Kaizala is a mobile app and service designed for large group communications
and work management. Kaizala makes it easy to connect and coordinate work with your
entire value chain, including field employees, vendors, partners, and customers wherever
they are. With Kaizala you efficiently assign and track tasks or collect data with
individuals or large groups–even if they’re not within your organisation.
Kanban
When it comes to day-to-day task management for teams, the Kanban board is a simple
and powerful tool that can have a big impact on your productivity, efficiency, and
bottom line. First popularized in the 1940s by Toyota in Japan, the Kanban solution has a
long history of using physical boards to help visualize potential bottlenecks and manage
and improve workflow. Today, it’s also easy to create digital boards using task
management software, which offers many convenient features and customization to
help you save time and automate processes.
Kubernetes (Azure)
Deploy and manage containerised applications more easily with a fully managed
Kubernetes service. Azure Kubernetes Service (AKS) offers serverless Kubernetes, an
integrated continuous integration and continuous delivery (CI/CD) experience, and
enterprise-grade security and governance. Unite your development and operations
teams on a single platform to rapidly build, deliver and scale applications with
confidence.
Learn
Whether you're just starting or an experienced professional, Microsoft Learn training’s
hands-on approach helps you arrive at your goals faster, with more confidence and at
your own pace.
Lens
Office Lens is a great way to capture notes and information from whiteboards, menus,
signs, handwritten memos, or anything with a lot of text. You don’t need to jot down
notes, rely on blurry images, or worry about misplacing anything. It’s great for capturing
sketches, drawings and equations too, and even images without text.
Library
See: Document library
Licensing
Microsoft 365 offers multiple licensing options (Kiosk, F1, E1, etc.), each of which turns
on a different basket of capabilities for the user to whom the license is assigned.
Lighthouse (Azure)
Gain full transparency into service provider actions and manage access without
compromising security. Decide who can access your tenant, what they can access, and
when. Talk to your service partners about implementing these security and access
control protocols for free with Azure Lighthouse.
List
A List in SharePoint is a table used to store information in a SharePoint site. A list has
columns that can be used to store different types of information, and each row in a list
is known as an "Item". SharePoint attempts you to very carefully design lists if you
attempt to store "large" amounts of data (more than 5,000 items), including things like
limiting the number of "Lookup Columns" that can be used. Therefore, if you are
planning on storing more than a few thousand items, be sure to follow Microsoft
guidelines on storing large amounts of data in lists.
An item in a list can have multiple file attachments added. This is useful if you use a
custom list as an Issue Tracker for example, and want to be able to add screenshots to
an item in.
A library is a type of list where documents or other files are added as items, but no
further file attachments can be added.
Log Analytics
Log Analytics is a tool in the Azure portal used to edit and run log queries with data in
Azure Monitor Logs. You may write a simple query that returns a set of records and then
use features of Log Analytics to sort, filter, and analyze them.
Loop
Microsoft Loop is a new app that combines a powerful and flexible canvas with portable
components that stay in sync and move freely across Microsoft 365 apps.
Managed Metadata
Managed Metadata is a SharePoint feature that allows the business to create a hierarchy
of terms that can be used in SharePoint Sites to tag content. This is used by creating the
hierarchy using Term Groups and Term Sets, then adding a column to a list of type
"Managed Metadata" and setting the Term Set to use for tagging. When an item is
added to that list or library, the new column is used to tag that item or document.
Managed Property
A Managed Property is one of the basic units of the SharePoint Search Schema. It's an
entry in the Schema that you refer to when doing search queries that use specific
properties, or when specifying which information you want to return.
Managed Properties can be created (if you have the appropriate permissions), although
SharePoint automatically creates Managed Properties that are useful for a wide range of
scenarios.
Meetings (Teams)
Meetings in Teams include audio, video, and screen sharing. They're one of the key ways
to collaborate in Teams. And you don’t need to be a member of an organization (or
even have a Teams account!) to join a Teams meeting—just look in the invitation for
instructions about calling in.
Mesh
Microsoft Mesh enables presence and shared experiences from anywhere – on any
device – through mixed reality applications.
Metadata
Generically, metadata means information about something else. In SharePoint metadata
is additional information applied to documents, pages, or list items. We use metadata all
the time in our lives, but rarely think of it as metadata. For example, the information we
write on a file we put into a filing cabinet or the way we organize spices in the kitchen is
driven by metadata.
Migration
Microsoft 365 or Office 365 supports several methods to migrate email, calendar, and
contact data from your existing messaging environment to Microsoft 365 or Office 365
as described in Ways to migrate multiple email accounts to Microsoft 365 or Office 365.
Modern SharePoint
Modern SharePoint refers to the user interface (UI) that has been available in SharePoint
Online to larger and larger degrees starting in about 2016. Some aspects of the modern
UI are also available in SharePoint 2019 (on premises). Modern SharePoint does not use
many of the underpinnings of classic SharePoint, such as master pages and page
layouts. It is built using more current Web development tools and practices than classic
SharePoint.
Modern Workplace
The nature of work has changed. Employees expect to work securely from anywhere, on
any device, and they put a high premium on work that enriches and fulfills them. When
their productivity tools enhance the quality and effectiveness of their work experience,
they’re happier, more valuable, and more likely to stay. Companies need to provide that
empowerment, but they also need to protect vital IT assets. It’s a fundamental
operational change for your organisation. With Microsoft Modern Workplace solutions,
you can improve employee productivity and satisfaction, and create more seamless
communication and collaboration across locations and platforms while maintaining the
security and integrity of systems and data.
Namespace
A namespace refers to the conventions we use to determine major and minor names
within a specific domain. For example, we need to use the /sites namespace carefully so
we don't have collisions. If Harold Robinson wants to create a site at /sites/HRm, then
Human Resources will have a problem.
Named Locations
Locations are named in the Azure portal under Azure Active Directory > Security >
Conditional Access > Named locations. These named network locations may include
locations like an organization's headquarters network ranges, VPN network ranges, or
ranges that you wish to block. Named locations can be defined by IPv4/IPv6 address
ranges or by countries.
Network Assessment
In the Microsoft 365 Admin Center's network connectivity, network assessments distill
an aggregate of many network performance metrics into a snapshot of your enterprise
network perimeter health. A network assessment tells you how much the customer
responsible network design is impacting Office 365 user experience.
OAuth
The Microsoft identity platform endpoint for identity-as-a-service implements
authentication and authorization with the industry standard protocols OpenID Connect
(OIDC) and OAuth 2.0, respectively. While the service is standards-compliant, there can
be subtle differences between any two implementations of these protocols.
OBS
Now you can schedule, produce, and deliver live events more effectively for a variety of
scenarios like company wide events, leadership updates, training and more using
Microsoft Stream.
OEM licensing
OEM software is software that comes pre-installed when you purchase a new computer.
When you purchase a new PC it may come with an OEM licensed copy of Windows 11
pre-installed on it.
Office
With Microsoft Office, you can deploy, configure, and manage Office products and
services in your business or school – from small to enterprise scale.
On premises
On premises refers to running servers yourself, whether they are in your physical
building, a data center where you rent space, or at a hosting company that runs servers
specifically for you.
OneNote
OneNote is a popular note-taking tool that's available online and on many mobile and
tablet platforms. By integrating your apps with OneNote, it's easier than ever to create
empowering apps on your favorite platforms and reach millions of users worldwide.
Outlook
Microsoft Outlook is an email program for Windows, Mac, and mobile operating
systems. Outlook may be used for personal accounts and also work or school accounts.
Pascal Case
In programming, Pascal case is the practice of naming variables or controls by
capitalizing all words. Examples: TotalQuantity , EmailAddress , ShippingPlant .
See Wikipedia . Also see Camel Case
Permission Level
A Permission Level is a set of specific permissions such as "Add an item" or "Edit Lists".
SharePoint comes with a set of Permission Levels as standard, such as "Contribute" or
"Design", which have different capabilities.
Custom Permission Levels can be created for business-specific scenarios, such as "Can
add documents but not delete" by choosing the correct options, and applied to a User
or Group.
Phishing
Phishing attacks attempt to steal sensitive information through emails, websites, text
messages, or other forms of electronic communication. They try to look like official
communication from legitimate companies or individuals.
Planner
Microsoft Planner is an intuitive, collaborative task management tool that enables
people to plan, manage, and complete task-based initiatives. Users assign and manage
tasks on a Kanban board using task cards, which they can populate with various
important plan information, such as due dates, status, checklists, labels, and file
attachments. Planner integrates with several Microsoft solutions, including Microsoft
Teams. As a web-based tool, Planner is accessible from anywhere and available as a
mobile app for both iOS and Android.
PnP
See Patterns and Practices
PowerApps
Power Apps is a low-code/no-code development platform that provides a means for
both Citizen Developers and Pro-Developers to build custom apps for your business
needs.
Using Power Apps, you can quickly build custom business apps that connect to your
business data stored either in the underlying data platform (Microsoft Dataverse) or in
various online and on-premises data sources (SharePoint, Excel, Microsoft 365, Dynamics
365, SQL Server).
Power Automate
Power Automate is a low-code/no-code workflow platform that helps you create
automated workflows between your favorite apps and services to synchronize files, get
notifications, collect data and more.
Power Automate provides a means to quickly automate your workflows, enable business
logic to simplify app building, and model your processes across connected data sources
and services.
Power BI
Power BI is Microsoft's Business Intelligence and Reporting application. It allows you to
connect and visualize any data using the unified, scalable platform for self-service and
enterprise business intelligence (BI) that’s easy to use and helps you gain deeper data
insight.
Power BI provides a simple, intuitive, easy to use experience for end users to create their
own reports and dashboards.
PowerPoint
Create, share, and effectively present your ideas. Design impactful slides with the help of
Designer in PowerPoint.
PowerShell
PowerShell is an automation scripting language from Microsoft, which was originally
only available on Windows devices, and built on top of the .NET Framework. Since 2016,
we also have PowerShell Core which is open-source, cross-platform, and built on top
of .NET Core.
The version that ships on Windows devices is called Windows PowerShell, and the cross-
platform version is called PowerShell Core, and is also available on Windows.
Empower your teams by allowing them to easily build bots themselves without
needing intermediaries, or coding or AI expertise.
Reduce costs by easily automating common inquiries and freeing human agent
time to deal with more complex issues.
Improve customer satisfaction by allowing customers to self-help and resolve
issues quickly 24/7 using rich personalized bot conversations.
There are multiple types of environments that an organization can create (Developer,
Sandbox, Production). The type indicates the purpose of the environment and
determines its characteristics.
Project
Microsoft Project offers the following applications to help meet your organization's
needs for project and work management:
Public Folders
Public folders are designed for shared access and provide an easy and effective way to
collect, organize, and share information with other people in your workgroup or
organization. Public folders help organize content in a deep hierarchy that's easy to
browse. Users will see the full hierarchy in Outlook, which makes it easy for them to
browse for the content they're interested in.
Putability
The term 'putability' is the complement to the term 'findability'; it is a measure of how
easy and obvious it is for content creators to know where to store or create files or other
information in a system. It is linked to elements of UI and UX design, leaning on
information architecture, signposting, and navigation.
QBasic
QBasic is Quick Basic interpreter.This application can be used to run quick basic
program and software developed for your Windows10 desktop or tablet.
QnA Maker
QnA Maker is a cloud-based Natural Language Processing (NLP) service that allows you
to create a natural conversational layer over your data. It is used to find the most
appropriate answer for any input from your custom knowledge base (KB) of information.
QnA Maker is commonly used to build conversational client applications, which include
social media applications, chat bots, and speech-enabled desktop applications.
Quantum (Microsoft)
Quantum computing presents unprecedented possibilities to solve society’s most
complex challenges. Microsoft is committed to responsibly turning these possibilities
into reality – for the betterment of humanity and the planet. Over decades of research
and development, Microsoft has achieved advancements across every layer of the
quantum stack – including software, applications, devices and controls – and is
delivering true impact today through quantum-inspired classical computing.
Quarantine
In Microsoft 365 organizations with mailboxes in Exchange Online or standalone
Exchange Online Protection (EOP) organizations without Exchange Online mailboxes,
quarantine holds potentially dangerous or unwanted messages. For more information,
see Quarantined email messages in EOP.
Quorum
Quorum is designed to prevent split-brain scenarios which can happen when there is a
partition in the network and subsets of nodes cannot communicate with each other. This
can cause both subsets of nodes to try to own the workload and write to the same disk
which can lead to numerous problems. However, this is prevented with Failover
Clustering's concept of quorum which forces only one of these groups of nodes to
continue running, so only one of these groups will stay online.
RBAC (Azure)
Access management for cloud resources is a critical function for any organization that is
using the cloud. Azure role-based access control (Azure RBAC) helps you manage who
has access to Azure resources, what they can do with those resources, and what areas
they have access to. Azure RBAC is an authorization system built on Azure Resource
Manager that provides fine-grained access management of Azure resources.
RBAC (Azure AD)
Built-in roles are out of box roles that have a fixed set of permissions. These role
definitions cannot be modified. There are many built-in roles that Azure AD supports,
and the list is growing. To round off the edges and meet your sophisticated
requirements, Azure AD also supports custom roles. Granting permission using custom
Azure AD roles is a two-step process that involves creating a custom role definition and
then assigning it using a role assignment. A custom role definition is a collection of
permissions that you add from a preset list. These permissions are the same permissions
used in the built-in roles.
Retention
For most organizations, the volume and complexity of their data is increasing daily—
email, documents, instant messages, and more. Effectively managing or governing this
information is important because you need to:
Comply proactively with industry regulations and internal policies that require you to
retain content for a minimum period of time—for example, the Sarbanes-Oxley Act
might require you to retain certain types of content for seven years.
Reduce your risk in the event of litigation or a security breach by permanently deleting
old content that you're no longer required to keep.
Help your organization to share knowledge effectively and be more agile by ensuring
that your users work only with content that's current and relevant to them.
Rights Management
Azure Rights Management (Azure RMS) is the cloud-based protection technology used
by Azure Information Protection. Azure RMS helps to protect files and emails across
multiple devices, including phones, tablets, and PCs by using encryption, identity, and
authorization policies. For example, when employees email a document to a partner
company, or save a document to their cloud drive, Azure RMS's persistent protection
helps secure the data.
Risk Management
Gain visibility into user activities, actions, and communications with native signals and
enrichments from across your digital estate.
Roadmap
The Microsoft 365 Roadmap lists updates that are currently planned for applicable
subscribers.
Roll up
Rolling up content refer to the practice of consolidating a specific set of content from
multiple locations. Common examples are:
More complex roll ups are also possible using the Highlighted Content Web Part or
custom code.
Root Site
The base address in a web application or tenant for the first SharePoint Site collection.
Typically, defined without use of managed paths ("/sites/" or "/teams/"), for example
https://mytenant.sharepoint.com . In an on-site installation, there may be a vanity URL
in place, such as https://sharepoint or https://intranet .
SARA
The Microsoft Support and Recovery Assistant works by running tests to figure out
what's wrong and offers the best solution for the identified problem. It can currently fix
Office, Microsoft 365, or Outlook problems. If the Microsoft Support and Recovery
Assistant can't fix a problem for you, it will suggest next steps and help you get in touch
with Microsoft support.
SCCM
Starting in version 1910, Configuration Manager current branch is now part of Microsoft
Endpoint Manager. Version 1906 and earlier are still branded System Center
Configuration Manager.
Screen Recorder
Screenshots work great, but sometimes a quick how-to video can create a more
powerful message. Using Microsoft Stream, you can create short screen recordings of up
to 15 minutes, including your camera and microphone, without any additional software.
SDK (Windows)
The Windows SDK (10.0.22000) for Windows 11 provides the latest headers, libraries,
metadata, and tools for building Windows applications. Use this SDK to build Universal
Windows Platform (UWP) and Win32 applications for Windows 11 and previous
Windows releases.
Seamless Single Sign-on (SSSO)
Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically
signs users in when they are on their corporate devices connected to your corporate
network. When enabled, users don't need to type in their passwords to sign in to Azure
AD, and usually, even type in their usernames. This feature provides your users easy
access to your cloud-based applications without needing any additional on-premises
components.
Search
Microsoft Search transforms the way people in your organization find the info they need
—no matter where you are in your cloud journey. Either integrated with Microsoft 365
or as a standalone solution, Microsoft Search is a secure, easily managed, enterprise
search experience that works across all of your applications and services to deliver more
relevant search results and increase productivity.
Search Schema
The Search Schema refers to the customizable data dictionary used by SharePoint
Search to allow users to query for and return specific information from SharePoint using
the available Search tools, such as the Search Results web part in Classic SharePoint or
the Search REST API.
Secure Score
Microsoft Secure Score is a measurement of an organization's security posture, with a
higher number indicating more improvement actions taken. It can be found in the
Microsoft 365 Defender portal.
Sensitivity labels
Sensitivity labels from the Microsoft Purview Information Protection solution let you
classify and protect your organization's data, while making sure that user productivity
and their ability to collaborate isn't hindered.
Sentinel
Microsoft Sentinel is a scalable, cloud-native, security information and event
management (SIEM) and security orchestration, automation, and response (SOAR)
solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence
across the enterprise, providing a single solution for attack detection, threat visibility,
proactive hunting, and threat response.
SharePoint Framework
The SharePoint Framework (also known as SPFx) is a way for developers to extend
SharePoint online, Microsoft Teams and in a slightly more limited way SharePoint 2019
and SharePoint 2016. This framework provides a scaffold for developers to build client-
side custom extensions which may include:
Web Parts - functionality that can be added to a page. Web parts can also be
extended as tabs in Microsoft Teams.
Application Customizers - which are extensions that run on every page of a site
and allow the developer to add visible or non-visible content to the page via the
top or bottom placeholder
Field Customizers - which allow the developer to build modified renderings of
fields in a list.
Command Sets - which extend the command surface in lists to provide custom
actions.
SharePoint Home Page
Soon to be known as the SharePoint Start Page, this page (at
/_layouts/15/sharepoint.aspx in your tenant) provides a personalized view of SharePoint
based on who you are. You see:
SharePoint Online
Microsoft SharePoint is a cloud-based service that helps organizations share and
manage content, knowledge, and applications to empower teamwork, quickly find
information, and seamlessly collaborate across the organization.
SharePoint Server
Beautiful and fast, familiar yet intuitive, SharePoint Server 2019 gives you instant access
to people, applications, and content. You’ll spend less time searching for information
and more time working with it.
Shifts
Shifts, the schedule management tool in Teams, keeps your frontline workforce
connected and in sync. It's built mobile first for fast and effective schedule management
and communications. With Shifts, frontline managers and workers can seamlessly
manage schedules and keep in touch.
Site
In modern SharePoint, a site refers to a modern site. (In classic SharePoint, the term was
often used for both sites and sub-sites.)
Site Column
A Site Column is a metadata column that has been defined at the site level. Site
Columns are available for use in any list or library in the site where it is defined. Site
Columns also become Crawled Properties (See: How Do Site Columns Become Managed
Properties - Thus Available for Search) which can be used to improve search
effectiveness.
Site Collection
A Site Collection is a group of websites that have the same owner and share
administrative settings.
In SharePoint Online, site collections are the top level available to admins, and
visible in the SharePoint Admin Center under "Active Sites".
In SharePoint on-premises, site collections are created within a Web Application,
which is a level higher.
When you create a site collection, a top-level site is automatically created in the site
collection (called root site). You can then create one or more sub-sites below the top-
level site. The entire structure of the top-level site and all its sub-sites is called a site
collection.
SKU
A SKU is a Stock Keeping Unit, and in the context of Microsoft 365, a SKU refers to
licencing bundles available for purchase.
Spam
In Microsoft 365 organizations with mailboxes in Exchange Online or standalone
Exchange Online Protection (EOP) organizations without Exchange Online mailboxes,
email messages are automatically protected against spam (junk email) by EOP.
SQL
Learn how to use SQL Server and Azure SQL, both on-premises and in the cloud.
SSL Certificate
To encrypt communications between your clients and the Microsoft 365 environment,
third-party Secure Socket Layer (SSL) certificates must be installed on your infrastructure
servers.
Standard Release
Standard Release is an option to receive updates to the Microsoft 365 platform when
they are broadly available to all customers. This is the default option for new tenants
and can be modified later on.
As both Standard and Targeted Release options can be applied to all or certain groups
of users, it is a good practice to leave the majority of users in Standard Release and set
the IT pros and power users in Targeted Release to evaluate new features and prepare
teams to support business users and executives.
Style Library
The Style Library is a document library in the Root Web of a SharePoint site that is used
mainly in Classic SharePoint Sites. One of the purposes of this library is as a recognized
"secure location" to store XSL Templates that are used by the Content Query Web Part
(XSL templates outside of the Style Library cannot be used in Content Query Web Parts).
Store
Download Windows apps for your Windows tablet or computer. Browse thousands of
free and paid apps by category, read user reviews, and compare ratings.
Stream
With video that will be stored in Microsoft 365, the new version of Stream builds on the
rich content management features of SharePoint and unlocks the intelligence of
Microsoft Graph to enhance videos across Microsoft 365. The earlier version of Stream
will now be known as Microsoft Stream (Classic) and the new version will be known as
Microsoft Stream (built on SharePoint) or Stream (on SharePoint).
Subsite
A Site is a container that has lists, libraries, pages, apps, and sites (as children). A site
that is a child of another site is a subsite.
Sway
Sway is an app from Microsoft Office that makes it easy to create and share interactive
reports, personal stories, presentations, and more.
Synapse Analytics
Azure Synapse Analytics is a limitless analytics service that brings together data
integration, enterprise data warehousing and big data analytics. It gives you the
freedom to query data on your terms, using either serverless or dedicated options – at
scale. Azure Synapse brings these worlds together with a unified experience to ingest,
explore, prepare, transform, manage and serve data for immediate BI and machine
learning needs.
Targeted Release
Targeted Release is an option to receive updates to the platform earlier than with
Standard Release Targeted Release should not be used in production tenants (you need
to decide how you define this), as there are occasions where Target Release functionality
is buggy or is withdrawn. Consider it similar to the old term "beta".
Targeted Release can be enabled in two ways: per tenant and per user. The two different
ways of setting this preference result in different changes. Some updates only make
sense in the context of a tenant (e.g., Communication sites) and others can make sense
in the context of a person. Giving users Targeted Release does not mean they will see all
updates sooner, only those which make sense in a person context.
Finally, once you have Targeted Release turned on, it is very hard to go back. Your users
will be used to new functionality, and you would be removing it. Thus the warning
above about not using Targeted Release in a production tenant is also relevant from a
change management perspective..
Taxonomy
Team Site
Team Sites are generally used to facilitate teamwork. It generally has a set of people with
permissions to work on content collaboratively, though not all people can create or edit
content in all cases.
Teams
Teams is built on Microsoft 365 groups, Microsoft Graph, and the same enterprise-level
security, compliance, and manageability as the rest of Microsoft 365 and Office 365.
Teams leverages identities stored in Azure Active Directory (Azure AD). Teams keeps
working even when you're offline or experiencing spotty network conditions.
Teams Administrator roles
Using Azure Active Directory (Azure AD), you can designate administrators who need
different levels of access for managing Microsoft Teams. Administrators can manage the
entire Teams workload, or they can have delegated permissions for troubleshooting call
quality problems or managing your organization's telephony needs.
Teams Advisor
Advisor for Teams walks you through your Microsoft Teams rollout. It assesses your
Microsoft 365 organization environment and identifies the most common configurations
that you may need to update or modify before you can successfully roll out Teams.
Then, Advisor for Teams creates a Deployment team (in Teams), with channels for each
workload you want to roll out. Each workload in the Deployment team comes with a
comprehensive Planner plan that includes all the rollout tasks for each workload.
Teams Apps
As an admin, you can view and manage all Teams apps for your organization. The
Manage apps page gives you a view into all available apps, providing you with the
information you need to decide which apps to allow or block across your organization.
You can then use app permission policies, app setup policies, and custom app policies
and settings to configure the app experience for specific users in your organization.
Teams Devices
You can manage devices used with Microsoft Teams in your organization from the
Microsoft Teams admin center. You can view and manage the device inventory for your
organization and do tasks such as update, restart, and monitor diagnostics for devices.
You can also create and assign configuration profiles to a device or groups of devices.
Teams Settings
In Teams settings, you can set up features for teams including notifications and feeds,
email integration, cloud storage options, and devices.
Teams Policies
Policies are used to accomplish many tasks in your organization across different areas
such as messaging, meetings, and applications. Some of the things you can do include
allowing users to schedule meetings in a teams channel, enabling users to edit sent
messages, and controlling whether users can pin apps to the Teams app bar.
Teams Rooms
Transform meeting spaces ranging from small huddle areas to large conference rooms
with a rich, collaborative Teams experience that's simple to use, deploy, and manage.
Start meetings on time with one-touch join, then instantly project to the display in the
room and share to remote participants.
Team Templates
A team template in Microsoft Teams is a definition of a team's structure designed
around a business need or project. As an admin, you can use templates to easily deploy
consistent teams across your organization. With templates, your users can quickly create
rich collaboration spaces with predefined settings, channels, and apps.
Tenant
Creating a path to your organization's digital transformation with cloud computing
requires a firm foundation upon which your workers can rely for productivity,
collaboration, performance, privacy, compliance, and security. Correct configuration of
your Microsoft 365 tenants provides that foundation, leaving your workers to focus on
getting their work done and your IT department to focus on end-to-end solutions that
provide additional business value.
Threat & Vulnerability Management (TVM)
Threat and vulnerability management serves as an infrastructure for reducing
organizational exposure, hardening endpoint surface area, and increasing organizational
resilience.
Threat Analytics
Threat analytics is Microsoft’s in-product threat intelligence solution from expert
Microsoft security researchers, designed to assist security teams to be as efficient as
possible while facing emerging threats.
Threat Policies
Preset security policies provide a centralized location for applying all of the
recommended spam, malware, and phishing policies to users at once. The policy
settings are not configurable. Instead, they are set by us and are based on our
observations and experiences in the datacenters for a balance between keeping harmful
content away from users and avoiding unnecessary disruptions.
Threat Tracker
Threat Trackers are informative widgets and views that provide you with intelligence on
different cybersecurity issues that might impact your company. For example, you can
view information about trending malware campaigns using Threat Trackers.
TLS
Transport Layer Security (TLS), the successor of the now-deprecated Secure Sockets
Layer (SSL), is a cryptographic protocol designed to provide communications security
over a computer network. The protocol is widely used in applications such as email,
instant messaging, and voice over IP, but its use in securing HTTPS remains the most
publicly visible.
To Do
Microsoft To-Do is an intelligent task management app that makes it easy to plan and
manage your day. Connect to Microsoft To-Do to manage your tasks from various
services. You can perform actions such as creating tasks.
TPM
Trusted Platform Module (TPM) technology is designed to provide hardware-based,
security-related functions. A TPM chip is a secure crypto-processor that is designed to
carry out cryptographic operations. The chip includes multiple physical security
mechanisms to make it tamper-resistant, and malicious software is unable to tamper
with the security functions of the TPM.
Trials
Get a free trial and you’ll have access to the latest AI-powered apps, 1 TB of cloud
storage per person, and premium mobile features to stay on top of things wherever you
are on any device.
Trust Center
Microsoft Trust Center products are built with data in mind. Microsoft handle your data
securely and in compliance with privacy and legal requirements.
Unified Communications
Investing in a UC service that delivers a consistent, multi-device, UI and UX platform can
free your organization from the need to download, install, and learn new software. With
the right UC provider, all your communications are streamlined, reducing friction within
your organization.
Unified Labeling
The Azure Information Protection unified labeling client for Windows helps you keep
important documents and emails safe from people who shouldn't see them, even if your
email is forwarded or your document is saved to another location. You can also use this
client to open documents that other people have protected by using the Rights
Management protection technology from Azure Information Protection.
Unique Permissions
Unique Permissions do not inherit default site permission levels and are applied to site
Document Libraries, Lists, Site Pages etc.
Universal Print
Universal Print is a modern print solution that organizations can use to manage their
print infrastructure through cloud services from Microsoft. Learn how to get access.
Universal Print runs entirely on Microsoft Azure. When it's deployed with Universal
Print–compatible printers, it doesn't require any on-premises infrastructure. Universal
Print is a Microsoft 365 subscription-based service that organizations use to centralize
print management through the Universal Print portal. It's fully integrated with Azure
Active Directory and supports single sign-on scenarios.
Update Rings
Create update rings that specify how and when Windows as a Service updates your
Windows 10/11 devices with feature and quality updates. With Windows 10/11, new
feature and quality updates include the contents of all previous updates. As long as
you've installed the latest update, you know your Windows devices are up to date.
Unlike with previous versions of Windows, you now must install the entire update
instead of part of an update.
Update Windows
In Windows 11, you decide when and how to get the latest updates to keep your device
running smoothly and securely. To manage your options and see available updates,
select Check for Windows updates. Or select Start > Settings > Windows Update.
Usage reports
You can easily see how people in your business are using Microsoft 365 services. For
example, you can identify who is using a service a lot and reaching quotas, or who may
not need a Microsoft 365 license at all. Perpetual license model will not be included in
the reports. Reports are available for the last 7 days, 30 days, 90 days, and 180 days.
Data won't exist for all reporting periods right away. The reports become available
within 48 hours.
User Accounts
You can manage Microsoft 365 user accounts in several different ways, depending on
your configuration. You can manage user accounts in the Microsoft 365 admin center,
PowerShell, in Active Directory Domain Services (AD DS), or in the Azure Active Directory
(Azure AD) admin portal.
View
A View is a way to show data stored in a list or library. It consists of a set of columns that
are shown, and a way to pre-filter and sort the information. A View can be considered as
a rudimentary "Query" against a list that is used when visiting the list or library.
View Formatting
View Formatting is a SharePoint feature that allows users to customize the display of
rows in Lists using JSON code. Like Column Formatting, colors, icons, images and other
elements are used to highlight content and improve the user experience.
Virtual Machines
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing
resources that Azure offers. Typically, you choose a VM when you need more control
over the computing environment than the other choices offer.
Visio
Find how-to content, sample code, SDK and API documentation, VBA references,
training, and technical articles for developing solutions and customizing Visio.
Viva
An employee experience platform that brings together communications, knowledge,
learning, resources, and insights.
Web Part
A web part is a consolidated piece of functionality that can be added one or more times
to a page. Web parts can be first-party, those created and maintained by Microsoft or
third-party being those created by developers in your own organization, the community
via the PnP, or by a consulting service.
Windows 365
Windows 365 combines the power and security of the cloud with the versatility and
simplicity of the PC. From contractors and interns to software developers and industrial
designers, Windows 365 enables a variety of new scenarios for the new world of work.
Windows
Windows is Microsoft’s desktop operating system. The current version is Windows.
Windows Autopilot
Windows Autopilot is a collection of technologies used to set up and pre-configure new
devices, getting them ready for productive use. Windows Autopilot can be used to
deploy Windows PCs or HoloLens 2 devices. For more information about deploying
HoloLens 2 with Autopilot, see Windows Autopilot for HoloLens 2.
Word
Microsoft Word is a word processing software developed by Microsoft.
XP
No, not the outdated Windows operating system. In this case, XP stands for Experience
Points in Microsoft Learn training.
Yammer
Engaging your people is more critical than ever. Yammer connects leaders,
communicators, and employees to build communities, share knowledge, and engage
everyone. Yammer helps you connect and engage across your organization, so you can
discuss ideas, share updates, and network with others.
Zero Trust
Today’s organizations need a new security model that more effectively adapts to the
complexity of the modern environment, embraces the hybrid workplace, and protects
people, devices, apps, and data wherever they’re located. Zero Trust is that model.
Additional Resources
Common terms and definitions used in Teams Developer Documentation - While
focused on Teams developers, this glossary defines most of the important
components you see in Microsoft Teams.
Principal authors:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Social media also give you direct access to expertise. Use one of the help tags listed
below to get the attention of community experts.
Tip
Example: "Folks who customize #SharePoint list forms with #PowerApps: how do
you back up your customization? #SPhelp"
7 Note
References to Azure and Dynamics 365 are beyond the scope of this document.
General
If you're having general issues with Microsoft 365, be sure to check the Microsoft 365
Service health status page and/or follow @MSFT365Status for information about
any known service incidents.
) Important
You can reach out to Microsoft Customer Service & Support directly on twitter:
@MicrosoftHelps .
Hashtag Official Account
#Microsoft365 @Microsoft365
#MicrosoftDocs @docsmsft
#MicrosoftSearch @MicrosoftSearch
#MicrosoftLearn @MicrosoftLearn
#M365CommDocs @M365CommDocs
#MSUSPartner @MSUSPartner
) Important
#MicrosoftTeams @MicrosoftTeams
#Microsoft365Groups
#AzureAD @AzureAD
#MSOutlook @Outlook
#MSExchange @MSFTExchange
#Yammer @Yammer
#AdaptiveCards
Content Management
) Important
#OneDrive @OneDrive
#MicrosoftStream @MicrosoftStream
#MSFTViva
Office Suite
Hashtag Official Account
@Office
#OneNote @msonenote
#Excel @msexcel
#MSWord
#PowerPoint @PowerPoint
Power Platform
Hashtag Official Account
#PowerPlatform @MSPowerPlat
#PowerApps @MSPowerApps
#PowerAutomate @MSPowerAutomate
#PowerPages
#PowerVirtualAgents @MSPowerVirtual
#Dataverse
#AIBuilder
Other Apps
Hashtag Official Account
#MSVisio @msvisio
#MSProject @project
#MSWhiteboard
#MSForms
@SkypeBusiness
@MS_StaffHub
@sway
@MicrosoftToDo
#ProjectMoca
Development
Hashtag Official Account
#SPFx @Microsoft365Dev
#MicrosoftGraph @Microsoft365Dev
#PnPPowerShell @PnpPowershell
#PnPjs @m365pnpjs
#M365PnP @m365pnp
#CLIMicrosoft365 @climicrosoft365
Security
TBD
#MSBizAppsSummit Spring
#MSInspire May
#MSBuild May
Environments
The following tags are used in combination with product tags to identify information
specific to a national cloud platform.
Hashtag
#GCC
#GCCH
#DoD
#TeamsForGov
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
In Microsoft 365, content can be searched for using various search technologies. The
existing variants are based on the same search index, but differ in usage and
configuration.
The Search verticals in Search from office.com and SharePoint online modern sites
contain much-used content in SharePoint and OneDrive. It's possible to create your own
search verticals with Microsoft Search. Custom connectors can also be added as verticals
and are displayed for use in both Microsoft 365 and Microsoft Search in Bing. Some
standard connectors are available, but these can also be added via third-party providers
or through in-house development.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Basic Idea
A Site Column is a template of a configured column. By creating a Site Column, you can
reuse it anywhere else in the site and not have to manually rebuild its configuration at
each reuse.
When creating a new column in a list or library, you have a choice to either "Create
column" or "Add from existing site columns". Selecting the latter will add a replica of the
Site Column to the location you are working.
You can return to a Site Column's configuration at any time and make changes. Changes
you make to Site Columns are reflected in the places you have used them. This helps
bring consistency to your information architecture, whether within a site or across a
farm or tenant.
On the check below, we can see six individual fields which we use all the time: check
date, pay to the order of, amount, written amount, signature, and memo. (For those of
you outside the USA, you may not see checks very often - if at all!)
Those common fields are something we rarely think about, but they make sense to us
by virtue of their commonality.
Back to Work
In the workplace, we have similar common fields. If we work at a financial institution, the
fields in the check above may be important to us. If we work in a different industry or on
different topics, then we will have our own set of common columns.
For example, if we work with Contracts, we may want reusable columns for Start Date,
Contracted Party, Contract Topic, Expiration Date, etc. Where there is an existing, out of
the box Site Column - as with Start Date - we can choose to use it. In other cases, we
may decide we need to create our own Site Column to represent the field we need.
Extra Detail
Site Columns each have a field type (like Single line of text, Multiple lines of text, Choice
(menu to choose from), Currency ($, ¥, €), Date and Time, etc.) Each Site Column also has
the settings we can use whenever we add a column to a list or library directly, such as
whether the Date/Time column should be Date only or Date & Time or whether the
column should be required.
When we create a Site Column and choose the settings we want, we get a column which
we can add to multiple lists and libraries in the same site. If we want our columns to be
consistent across several sites, we can create them in the Content Type Hub or with Site
Designs. The latter is preferable these days, as the Content Type Hub was built in the
days when we tended to have larger Site Collections, with many subsites.
Summary
Site Columns are a way to instantiate common fields across our organization as part of
an effective information architecture. We can use Site Columns in lists and libraries to
provide consistency. By bundling different combinations of Site Columns together, we
can build Content Types which provide reusable structures with benefits in display and
search.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Basic Idea
The easy answer here is a Content Type is a type of content, but that isn't very helpful. A
Content Type is like a business object: something that you move around your desk or
computer every day.
SharePoint comes with some out of the box Content Types which represent generic
things - like Item and Document - and some others which may be the same as what we
use - like Event. When we create a new Content Type in SharePoint, we inherit from one
of these generic Content Types and embellish it to represent the object we work with.
For sake of discussion, let's say you do have a mortgage and you've put it into a manila
folder in your drawer.
Wouldn't it be useful if you wrote some things on the outside of the folder so you could
identify what was inside more easily? Maybe you'd add the date the mortgage was
signed, the mortgage company, their phone number, and how much the mortgage was
for.
Now, you may wonder why we're looking at a folder at all. Folders are supposed to be
bad! But the analogy holds up: the folder is like the skin of the document, and we've
added metadata on the outside to help us make sense of it.
Back to Work
Now imagine you work at a mortgage company. Instead of one (or maybe two)
mortgages, you're responsible for thousands. The Content Type becomes even more
important, and you may want some additional metadata, like maybe the mortgage
originator, the servicing company, and the mortgage due date.
We don't add these metadata columns just for fun. We decide to collect the metadata
which will enable the use cases we want, but not too much more than that. For example,
if we'd like to have a view which shows all the mortgages which are going to be due in
the next month, we need the Content Type = Mortgage and the mortgage due date >=
[Today] and mortgage due date <= [Today+30]. We can't satisfy that use case unless
we've made the document a Mortgage and added the mortgage due date metadata
column - and populated it!
Extra Detail
Content Types can be defined in an individual site, in the Content Type Hub, or using
Site Scripts. We make this choice based on the scope where we want to use the Content
Type. We may have a Content Type which only makes sense in the context of a single
site, like perhaps a Benefits Description in the Human Resources site. Other Content
Types may have utility across the tenant, like perhaps a Contract, if we want each
department to store and manage their Contracts in their own sites.
Summary
With Content Types, we can define the business objects which matter to us in our daily
jobs. In many cases - whenever a piece of content matters to our organization - we want
to create our own Content Types based on one of the generic ones to represent how we
do our real work. The metadata we collect with each instance of the Content Type
enables us to do our jobs better.
Principal author: Marc D Anderson, MVP
Groups in Microsoft 365 and Azure, and
Which is Right for You
Article • 10/31/2022 • 7 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
PowerShell can also be used to manage Azure AD Security Groups with the Azure AD
Module. This module does not work with .Net Core, so it requires a Windows PowerShell
5.x host.
Microsoft 365 Groups have two roles, Owner and Member. Owners can change the
settings and the membership of the Group. Members can remove themselves, add
members to a Public Group, and recommend Guest users be invited. Notably, Microsoft
365 Groups do not have a way to grant a user read only access to resources.
SharePoint Permissions should be handled with Microsoft 365 Groups. Native SharePoint
permissions should be avoided when possible. SharePoint sites can be Groupified later if
the site isn't part of a group, but that should be done sparingly. Communications sites
are mostly read only by nature, and they do not support Microsoft 365 Groups.
Principal author: Todd Klindt, MVP
What kind of apps can you build on
Microsoft 365?
Article • 05/02/2022 • 4 minutes to read
Microsoft 365 is a rich platform for building applications. Here are the types of apps you
can build on Microsoft 365.
Microsoft 365 is also a highly extensible development platform. All the information
about its users as well as the content they create is stored in Microsoft 365 and, bearing
the necessary permissions, available for you to interact with in your applications.
Users start their journey in your app. Because your app is connected to Microsoft 365,
you can show relevant information from Microsoft 365 along your app's functionality.
And because you can present the data in your app seamlessly, users might not even
realize that they're looking at data coming from Microsoft 365.
To get the most out of integrating your custom app with Microsoft 365, you need to
allow users to sign in to your app with their Microsoft 365 account. That way, you will be
able to retrieve the relevant information on their behalf from Microsoft 365.
Extend conversations
Microsoft Teams host conversations on Microsoft 365. You can bring your app as a part
of a conversation in several ways.
First of all, you can build conversational bots. Bots help people complete tasks through
conversations. They're a great way to expose relevant features of your app and guide
users through the scenario like a personal assistant.
Another way to expose your app in a Teams conversation is through messaging
extensions. Messaging extensions help people complete tasks in a visually-compelling
way. They're similar to bots but are more visually oriented and ideal for showing rich
data
Finally, you can send notifications from your app to conversations via webhooks. By
using adaptive cards, you can show the data in a rich and actionable way.
Extend portals
Many organizations that use Microsoft 365 use portals to facilitate communication
and manage knowledge. Using rich pages, they publish content and build interactive
dashboards. These pages consist of reusable building blocks - web parts, that end-users
put together.
You can extend portals on Microsoft 365 in two ways. First, you can build widgets, called
web parts. Users, who create pages, can put your web parts on pages to enrich the
content. Your web parts can show data from Microsoft 365 as well as any other API.
Extend documents
When creating documents on Microsoft 365, users can enrich them with interactive
elements, like maps or charts. These elements can be connected to APIs and make
documents interactive and present data that is always up-to-date.
You can also build task pane extensions for Microsoft Office applications that help users
work with their documents. A task pane could help people lookup their customer
information when writing contracts or order information when creating invoices.
Connect your application to Microsoft 365
There are several types of applications that you can build on Microsoft 365. No matter if
you want to develop a custom application or extend Microsoft 365, you can connect
your app to Microsoft 365. To get information and insights stored in Microsoft 365, you
would connect to Microsoft Graph - the web API for Microsoft 365. To help you
communicate with Microsoft Graph, Microsoft offers SDKs for the most popular
platforms.
Building apps for Microsoft 365 offers a great opportunity to reach millions of users and
help them work more effectively. If you want to have a quick look at what kind of data
you can retrieve from Microsoft 365, I'd suggest you look at the interactive Graph
Explorer. If you're considering building a web app, I would also recommend that you
take a look at Microsoft Graph Toolkit - a set of web components that make it very easy
to show data from Microsoft 365 in your app. When you're ready to start building your
app, sign up for the Microsoft 365 developer program to get a dev environment.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The URL is a core tenet of our online lives. Despite all the apps, browsers, and tools that
occasionally obfuscate it, behind the scenes the Internet is glued together in part by the
Uniform Resource Locator (URL). The data that populates the Teams app on your phone
wouldn't make it there without the URL of the Graph API endpoint.
As a site owner or Microsoft 365 admin, you'll see URLs all the time: SharePoint sites,
Microsoft Forms, shared links, and even application shortcuts like
https://office.com/launch/onedrive .
This article will cover some powerful parameters that you can stick on the tail end of a
URL to change what's shown on the page... and to make your job easier. These URL
parameters will give you more options for solving problems.
Overview
https://learn.microsoft.com
And this one brings you to a specific section of that same website:
https://learn.microsoft.com/search/
https://learn.microsoft.com/search/?terms=community%20content
It has a ? at the end with a key (terms) and a value (community content). This is a query
string. Based on the key and value in it, we can infer that it might affect or influence the
page to show different content.
In this example, we can change the value in our address bar (and hit return) and the
page content may be different. Example:
https://learn.microsoft.com/search/?terms=large%lists
Multiple filters
Here's an example of multiple filtering with two keys (products and languages) with their
corresponding values (m365 and javascript):
https://learn.microsoft.com/samples/browse
https://learn.microsoft.com/samples/browse?products=m365&languages=javascript
And here's that same page loads different content with different values (ms-graph and
html)
https://learn.microsoft.com/samples/browse/?products=ms-graph&languages=html
How does this mental modal of URL-as-page-transformer work in Microsoft 365? Keep
reading!
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/default.aspx
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/default.aspx?
Mode=Edit
This isn't really easier than clicking the button on the page, but it's a good example of
changing a page's look or function dramatically with a query string URL.
Tip
Sharing (links) is caring - The URL, like the one in your browser's address bar,
usually support spaces. So something like ?terms=policy security works just fine.
Where it might not work consistently is when you share the URL via Email, text or
Teams by copying and pasting it. As a best practice, replace any space in your URL
query string with a %20 , like ?terms=policy%20security .
Safety first.
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/home.aspx
… can be placed into Maintenance Mode by adding this query string to the URL: ?
maintenancemode=true
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/home.aspx?
maintenancemode=true
This gives you a behind-the-scenes view of the web parts on the page, and the data
being sent back and forth between the page and the browser. This is helpful for
diagnosing issues with pages including those using the SharePoint Framework (SPFx).
Read the official documentation on this in the article Maintenance mode for client-side
web parts
This hides the main navigation, footer, side navigation (and App bar) on just about
anything in your SharePoint site, including:
Pages
List views
Site Contents
Site Analytics
Recycle Bin
px?env=Embedded
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/default.aspx?
env=Embedded
If your page or list are living on a Hub Site, you may notice the Hub Site navigation will
remain when using env=Embedded . If this is not desirable, e.g. if you are embedding a
page using the embed webpart, you can append ?env=WebView instead.
Take your list, remove any existing query string on the end down to this:
https://<yoursite>.sharepoint.com/sites/<sitename>/Lists/<yourlistname>/allitems.a
spx
?env=WebViewList
Like this:
https://<yoursite>.sharepoint.com/sites/<sitename>/Lists/<yourlistname>/allitems.as
px?env=WebViewList
That's it! Now your SharePoint list displays in Microsoft Lists. This is a great way to
maximize screen real estate and help focus people during collaboration. This list remains
housed in the original SharePoint site, but now with all the user interface polish of
Microsoft Lists.
Tip
Filter your filters - Sometimes you need to apply two or more query string filters to
the same URL – two keys and two values. The format for that is generally to use the
question mark ( ? ) first, and the ampersand ( & ) for every additional key/value pair.
Example:
page.aspx?mykey=myvalue&thisotherkey=someothervalue
Example: users visit a SharePoint page containing a link/button/banner to let them fill
out a form by adding a new SharePoint list item. The SharePoint page has the following
URL:
https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/<yoursitepage.aspx>
A SharePoint list uses an out-of-the-box .aspx page, to let users fill out a form and add a
new item. For example:
https://<yoursite>.sharepoint.com/sites/<sitename>/Lists/<yourlistname>/NewForm.as
px
After adding a new item, the ?Source= query string will redirect users to the previous
SharePoint page or any other web resource. A new item URL containing the ?Source=
query string would have a structure like this:
https://<yoursite>.sharepoint.com/sites/<sitename>/Lists/<yourlistname>/NewForm.asp
x?
Source=https://<yoursite>.sharepoint.com/sites/<sitename>/SitePages/<yoursitepage.a
spx>
7 Note
This method works even if a user clicks on the "Cancel" button of a list form!
Therefore, a redirect to a "Thank you" page would lead to a misleading and
inconsistent result, whereas an e-mail message from a Power Automate flow could
be a better option, based on a new list item creation or not.
https://<greatsharepointsite>.sharepoint.com/sites/Lists/<ListName>/AllItems.aspx
https://<greatsharepointsite>.sharepoint.com/sites/Lists/<ListName>/AllItems.aspx?
view=7&q=tax%20documents
And if you change the value of the q key in the URL query string, the results shown on
the page will change:
https://<greatsharepointsite>.sharepoint.com/sites/Lists/<ListName>/AllItems.aspx?
view=7&q=consultants
You can share this link, in a way that works almost like a SharePoint list view.
Tip
Kick things up a notch by also adding the focused-mode query string filter in
combination, like:
https://<greatsharepointsite>.sharepoint.com/sites/Lists/<ListName>/AllItems.a
spx?view=7&q=engineering&env=Embedded
Read the official documentation on View the vertical in the search result page.
disable3PCode=1
Read the official documentation on Disable SPFx web parts and extensions.
A use-case might be using Power Automate Flow to email a list view status report based
on a given product in a list… with hundreds of possible products. You wouldn't want to
make separate views for each product. So, you make a single base view and append URL
query strings to create dynamic URLs for your Flow emails.
?useFiltersInViewXml=1&FilterField1=<internalFieldName>&FilterValue1=<value>
(No < > brackets, you'd type the actual column value)
The useFiltersInViewXml=1 tells the List or Library you're appending some filtering
criteria.
The FilterField key needs to be the internal name of the SharePoint column. If
you rename 'Title' to 'Product' in your list, you'll need to use 'Title' in your query
string URL.
Tip
You can find out the internal name by going to List Settings, choosing the column,
and looking after the &Field= key in the URL. That's using a query string URL to
help you make a query string URL!
When filtering yes/no columns, use the number 0 for no and the number 1 for yes.
Filtering like this (with the query string URL) means never having to wait for search.
SharePoint Search can sometimes take a few minutes to pick up on a change, but
this filtering is immediate.
You can filter by multiple keys/values by incrementing the numbers, like this:
?useFiltersInViewXml=1&FilterField1=[internalFieldName]&FilterValue1=
[value]&FilterField2=[internalFieldName2]&FilterValue2=[value]&FilterField3=
[internalFieldName3]&FilterValue3=[value]
Nate Chamberlain: How to filter a SharePoint list or library using URL parameters
Conclusion ?article=done
This article has hopefully given you awareness of the hidden power of query string URLs,
and how they can let the platform do some of the work for you.
If you know of other useful query strings like these, you should consider contributing
them to these Microsoft Community Content documents. You can open an issue in the
GitHub repo, or submit your own pull request!
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Working for the government can be a privilege, a job that comes with a feeling of pride
and satisfaction in working on behalf of your fellow citizen. If you're a SharePoint site
owner or Microsoft 365 expert who's working in the United States government (Federal,
state, local or Tribal) you may be working in the government cloud. Read on to learn
about what that means to you and to your customers.
Your SharePoint and M365 content is kept separate from commercial tenant
content, and is stored within the United States.
Microsoft personnel who can access your tenant are restricted to those screened
for it.
For more context on licenses, review the Microsoft Government Cloud License Types
chart.
Not every feature that's available in the commercial M365 offerings will be available in
the government cloud on day one, and those that do become available might involve
waiting a bit longer to get.
In order to maintain compliance, new features and functionality need to be certified for
your government cloud instance. This certification might mean waiting six months to a
year or more for new functionally or occasionally not getting the new feature at all
(especially in GCC-High and DOD ).
For high level availability context, check out the Microsoft Government Cloud
Feature Availability table.
For monthly updates, bookmark the Microsoft Business Applications Product and
Feature Experience Parity PDF report.
1. Bookmark the Microsoft 365 Road Map and tune it to to the government cloud.
2. Set the Cloud Instance to match your tenant ( GCC , GCC-High , or DOD ) and toggle "In
development" or "rolling out". Remember that the dates provided are estimates.
3. The Road Map has an RSS feed so you can stay up to date and changes.
For example, while your friends in the banking sector might build their Power Apps at
the commercial tenant URL of https://make.powerapps.com , you'd be making yours at
https://make.gov.powerapps.us ( GCC ), https://make.high.powerapps.us ( GCC-High ),
or maybe even in https://make.apps.appsplatform.us ( DOD ).
Specifying your specific government cloud type ( GCC , GCC-High , DOD ) will help align
support guidance with your environment.
Vendors selling web parts, support, training content, and Teams apps won't always be
fully aware of the differences in the government cloud. Insist they demonstrate
awareness and understanding of the Microsoft 365 government cloud before making a
purchase.
DOD endpoints
GCC-High endpoints
Detailed learning
When you're ready to learn more, start with the Service Description, as it details what it
means to operate Microsoft 365 in the government cloud. Office 365 Government.
Then for specific guidance, review the SharePoint for US governments, OneDrive for US
governments, and Teams for governments guides.
7 Note
Government cloud offerings might not be the right call for educational customers.
Learn more about M365 educational offerings here: Office 365 Education
Social media – mention your government cloud instance with these hash tags
Thanks to these community members for article input: Adrienne Andrews, Ed Bellman,
Sean Bugler, Jason Byrd, Nate Chamberlain, Joseph Dunn, Christophe Humbert, Naveen
Karla, Matt Wade, Fred Yano.
Introduction
Recently, the topics inclusion and diversity have gained more and more attention. The
tech community, in general, is very diverse and does a lot to include people from
different backgrounds. But those topics are much bigger than many people realize. Way
more people are affected than most of us assume.
At the same time there are a lot of positive statements, like "We don't want to exclude
anyone!". This is a very good starting point, but when we get to the bottom of the
statement and ask what is being done to include people from different backgrounds,
the discussion often becomes difficult. Many people want to live inclusion actively but
don't know how.
When we think of an accessible workplace, we often think of ramps, wide doors, and
elevators. Few think about what they produce at work every day: documents,
presentations, images, and much more. All this outstanding content is not accessible for
many people, as we would like it to be.
That's why it's important to talk about the topic of "accessibility by design".
Quite often, we read and repeat values like "include everybody", "sharing is caring" or
"we're all in this together,". Most people don't want to be exclusionary on purpose. But
there can be a gap between wanting to be inclusive and knowing what's necessary to be
it.
Often it is a trade-off between effort and benefit. As already explained, many people do
not know what to do, i.e., how significant the effort is. And when we turn to the benefit,
we must, of course, be able to assess how great it actually is. How many people would
actually benefit if we made our app, article, or report inclusive and accessible?
When we start to ask the question "Is it really worth it?" that can be a scary thought. The
question of whether it is worthwhile should never be decisive, but it often is.
Many of us have privileged lives with access to good education, a safe home, and
resources. Many have a good job and a network of helpful people. We are so privileged
that we can afford to take care of everyone.
Now, let's first talk about who is affected when we go for poorly accessible design. Why
are there barriers, while thinking about inclusion and accessibility? Let's then see what
we can do to design more accessible stuff, how much work it is, and what our target
group looks like.
After we know all that, let's have a closer look at the benefits: what we might get out of
it.
We all can see and recognize those things quickly; that's why they come to mind first.
But actually, there are far, far more things we should think about.
There are physical impairments that we can not recognize well, like poor vision,
motor impairment, or challenges that affect our hearing. Just because we can't
recognize them easily doesn't mean that those don't impact people's life and
behavior.
We all know a lot of mental conditions that have a considerable impact on our
behavior: anxiety disorder, obsessive-compulsive disorder, or dyslexia, to name just
a few of far over 200 different conditions that affect our behavior. Once again, we
can't detect those conditions that easily but they have a massive effect on peoples'
lives.
Even if people are not diagnosed, that doesn't mean that they can't be affected.
Many of these can also be temporary afflictions. If we lack sleep, our eyesight may
suffer; if we're dehydrated, we may find it challenging to focus on a specific type of
fonts. If we're calming our baby, we maybe realize how hard it is to complete even
simple tasks with just one free hand.
All of these examples give us a sense that we often can't really tell who is affected in
their daily lives. And this also makes it clear that the target group for accessible design is
much larger than we initially anticipated.
The second step is to spread the idea. It is not telling people to simply do it or asking
people to do it. Nor to claim that it is necessary. It's not about arguing; it's about
spreading the idea that there is a need.
The right arguments can follow as soon as we have the right mindset; instead of telling
people what to do and what not, it is essential to appeal to their attitude. If we can set
the core idea about including everybody and sharing is caring into people's mindset, the
following steps will be a lot easier.
Do we want to do more than just realize there is a need? Here are three simple steps we
all can do right now:
1. Let's take the Accessibility fundamentals learning path provided by Microsoft Learn
training.
2. Let's start using the accessibility tools like the Accessibility Checker or descriptive
text for pictures .
3. We can switch the grammar settings in Word for inclusiveness to become more
aware of the language we are using.
This shows us that a first step requires little effort. And perhaps we can already simplify
people's lives significantly. We can also make it possible for people to work with our
solutions in the first place.
Once we get started, we can include accessibility in more areas of our work life. Get
inspiration from the article 10 Habits to create accessible content or include the idea
of accessible content in our company by discussing the Accessibility Evolution Model .
Many people assume that the effort is huge, because we are used to orienting ourselves
to familiar patterns. As already explained, it is difficult to look for solutions when you do
not even recognize the problem. The first step is not to build ramps and bigger doors,
or to ask ourselves how we can include deaf people. In reality, the first steps look like
this:
First of all, we're doing a good thing by thinking about others. It doesn't feel good to be
excluded. Psychologists even argue that rejection or feeling excluded is processed in our
brain the same way, as if we get hurt physically. It hurts to feel excluded, and that leads
to feeling sad and angry. Feeling excluded can cause people to lose self-confidence, feel
a loss of control, or even feel they have nothing valuable to contribute.
Apart from that, we are making a better product. If it's an app, a piece of code, or a
PowerPoint presentation, it will be better in the end because it is more complete. It's
more versatile, and more people can have access to it.
And that means more people can buy or use our product. That in turn leads to us
getting more and better feedback, which makes our product better as a whole.
Iceberg model
Well-known slogans that convey values include "Sharing is Caring" or "Include
Everybody." Many people are driven by these values, which are anchored in their mental
model. Instead of telling other people how to behave, it can be helpful to start with the
mental model. When that mental model is closely linked to an accessibility thought,
change can happen much more easily.
There is the possibility to use the iceberg model for that explanation of the iceberg
model, and it might be beneficial to analyze accessibility by design with that model as a
next step to get a clearer picture of what is happening right now.
Conclusion
The first step of using accessible design is to recognize that there is a need to. Period.
Once there is realization, progress can occur because exclusion often happens
unintentionally. Exclusive design affects far more people than meets the eye, and the
effort to change it is tiny.
If we want to give more people a sense of community and belonging, we need to start
thinking about accessibility. Then we can get people to contribute their knowledge and
skills. That's how we grow as a community and as individuals.
Additional Resources
Accessibility terms- Write in a way that puts people first.
Bias-free communication.
The Microsoft Accessibility Blog .
More details about the iceberg model in Why Microsoft 365 adoption projects fail
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Content types are a central part of SharePoint. This article will not go into deep details
on how to use content types because it depends too much on the use case. This article
will cover the backend "stuff" that propagates the content types to our end users.
Content type: At most basic level, Content types work as a "Template" for lists and
libraries. When they are added to a list or a library upon new item or document
creation, the item will then be created using the same list fields or file template.
Used in Lists
We use content type in lists when we want to be able to create different list forms
without the need of creating multiple lists.
The content type will contain different fields based on the use case.
Many 3rd party solutions for SharePoint are built with lists, and often rely on list
content types.
Used in Libraries
This is often for different Office file templates.
We use this when we want to provide easy access to document templates to our
users.
The content type will contain different fields based on the use case.
1. Use the Content Type Gallery (this is the modern version of the "content type hub")
The content type will be propagated to all SharePoint sites in the tenant.
Users can manually add the document template to the library, the new
content type is only available in the current library.
Site owners can create a new content type at the site-level, this can be used
by all libraries in the site and "sub-sites".
7 Note
The option you choose will mainly depend on your internal technical competency,
governance model, and your users needs.
) Important
When you are in the "Content Type Gallery", please don't modify or delete any of
the standard content types, only work with your own custom content types.
Before you start to create your content type consider the following:
7 Note
Content types created in the Content Type Gallery, when published, will be
available to all sites and libraries in your SharePoint tenant.
Click "Create content type" to start the dialog to create a new content type. Always
make use of a custom category as this will make management of the content types
easier in the future.
7 Note
The "Parent content type" defines what your content type will be based on, we
mostly use Document Content Types or List Content Types.
The Company presentation content type is created but it's not completed yet. On the
content type page click "Settings | Advanced settings".
This is where you will add your document template. We have two options:
1. Use an existing template, currently this options doesn't work in the Content Type
Gallery, only with site content types.
2. Upload a new document template.
Use "Upload" to upload your Office template and choose save. This file is now saved
"within" this content type and will be propagated (copied) to new document libraries
when used.
When ready, use the "Publish" option to publish the content type to your
users.
Using the Content type
The publishing of the the content type should go pretty fast in Microsoft 365 now,
compared to what it did a couple of years ago.
Before you can add the new content
type to your library or list you need to make sure the "Settings" in "Advanced Settings"
| "Allow management of content types" is set to "Yes"
When ready navigate back to the Document library | Add column | Content Type.
7 Note
Adding a new Content type can also be done in the document library settings
page.
Choose your newly published "content type" and hit "Apply".
Your new content type is now ready to be used, repeat the process for any library where
you want this content type to be available.
If you want to add back the standard empty
Office templates, use "Edit New menu" to rearrange the options.
2. Create a new content type in your current
site
The process of creating a new content type for a site or Teams is similar to the steps for
the Content Type Gallery, just simpler. Content types created in the site will be available
for all document libraries in the current site and sub-sites.
In your site, navigate to Site Settings | Site content types | Create content type, and if
you are creating a content type for Teams, then you need to first navigate to the Teams
SharePoint site.
For site content types, you can use a file saved in the current site as a document
template- all you need is the path to the file. Adding the content type to the document
library is the same as above steps.
Pros/Cons
Below is some pros/cons that should help you choose the right content type
propagation method for your business scenario.
Pros
Easy to get started
Content types are automatically propagated to all sites in the tenant
SharePoint Online search can surface search content based on the content type
across all sites
Easy to update the content type if changes are required, update of template might
take some time before auto updates, but can be manually updated by site owner if
needed.
Doesn't require much technical competency to manage
Cons
This requires SharePoint tenant administrator right to get started, might not be a
good fit for small environments.
Needs a strong central governance model, might not be a good fit for small
environments.
All content types might not be needed in all sites
) Important
If a content type is deleted from the content type gallery the following happens:
If the content type is added to a library (in use), it will be converted to a site
"local content type", and will be available for that site
If the content type is not added to a library, it will be removed from the site
Pros
Can be created by site owner
Content types can be used by all lists/library in the site
Doesn't need a central governance model
Cons
Required that site owners "knows" what she/he's doing
Content type is not available to other sites
Because it's not centrally managed, Office templates need to be managed
separately
) Important
If a content type is in use in a library or lists the content type cannot be deleted
from the site. Meaning you need to manually change the contents(file or list item)
to another content type before you can delete the content type.
Using "PnP, Site scripts or similar methods"
Pros
This is very flexible way to propagate content types
Combined with site provisioning you can create new sites with content types ready
to be used
You can manage creations/updates/deletions without the needs of manually
clicking through the Settings, especially handy when cleaning up content types.
This is a better choice for large environments, with need for lots of content types
Cons
Requires strong technical competency
Needs a strong central governance model, might not be a good fit for small
environments.
Conclusion
Content types propagation are a "way" of making predefined Office templates,
metadata, and/or list items available to all SharePoint sites in your tenant and because
Teams is using SharePoint as a backend to store the templates which are also available
in Teams files and lists.
If you don't have the technical resources to make use of "PnP
Scripts" to auto propagate the content types to new SharePoint sites, then I
recommended the use of "Content Type Gallery" to propagate your content types.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
OneDrive PC Folder Backup is a OneDrive sync feature that works with Windows 7,
Windows 8/8.1, Windows 10. This feature allows business users to automatically
backup/redirect their Windows clients Desktops, Documents and Pictures folders to
OneDrive for Business.
7 Note
OneDrive PC Folder Backup was previously known as Known Folder Mode (KFM)
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Adoption is hard because people don't understand WHY they need to change their
working behavior. Without this, they resist change or only change superficially;
they don't stay curious and don't adapt to the evergreen approach.
Simply explaining Microsoft 365 will increase productivity is not enough because
statements like that don't sell anymore. They don't connect to people's
experiences, nor do they reflect their beliefs. People easily confuse being
productive (adding value in a meaningful way) with being busy (fulfilling tasks
somewhat chaotically and under time pressure), so that increased productivity is
rather perceived as putting even more pressure on them.
Without a shared vision and common understanding, we will only scratch the
surface of what Microsoft 365 can do in an organization.
VUCA
The necessity of understanding the real challenge isn't that new: In the '90s, the term
VUCA (Volatility, Uncertainty, Complexity, Ambiguity) was coined by the US military to
describe our modern world and the challenges any organization (not only the military)
was facing. This acronym describes a world in which change becomes a new constant, so
playability and consistency are not the factors to explain current markets and
environments for organizations.
Volatility
The world is changing faster than ever before, BUT the world will never change as slowly
as it is right now. In other words, the pace of change will continue to increase. New
challenges, competitors, and different unpredictable factors are something we have to
deal with. That means that long term planning and the reliability of this planning won't
be sufficient for modern organizations.
Uncertainty
Predictability and calculability of events are rapidly decreasing; forecasts and
experiences from the past due to shaping the future are losing their validity and
relevance. Just look at how quickly and comprehensively COVID-19 changed the way we
work. Do we have to say more?
Complexity
We live in a complex and connected world with various connections that are difficult to
keep track of, making it challenging to clearly define cause and effect. The world is not
just complicated; it's complex.
Ambiguity
The aspects described above make it clear that decisions today are no longer
straightforward. 'One size fits all' is rarely a suitable model anymore. It is often not a
question of WHAT, but of HOW and WHY. This leads to the fact that the demands on
organizations today are paradoxical, sometimes even contradictory.
Ultimately, we need a new way of thinking about organizations and the way we work.
We need new guidelines and principles that fit the challenges we're facing right now:
that fit this new world.
In other words, this new world comes with a need to transform along multiple
dimensions.
Profit into Purpose
Maximizing profit was the main driver for successful businesses for a long time. Yet
within a connected world full of information, that isn't the only thing that ensures
success nowadays. Customers often have enough information to compare different
organizations and can choose who they're engaging with. This appears to customers
and employees to the same extent. Now, many factors need to be considered for a
successful business: ethics, social responsibility, ecological aspects, etc. Those things
often come when an organization has a clear or higher purpose: a WHY. Organizations
that know why there are doing something - rather than just relying on how - often have
a far better standing in the markets than others: With purpose comes profit, but it
doesn't work the other way around. Customers and partners have a pretty good idea of
whom they want to deal with, and that's what differentiates a successful organization
from an unsuccessful one.
This comes from every agile approach. Short sprints are way more efficient than the old
waterfall approach. Yet, often the structures we find in modern organizations don't allow
such a system because they still are solidified around an old mindset.
Digitalization needs to be an accelerator for this, but can rarely be the primary driver.
We need a new approach to think about work in general.
Microsoft 365 can be one step to achieve transformation, but it is not a goal by itself.
Just rolling out Microsoft 365 (or a subset of its tools and services) won't solve our
VUCA problems. We need to see the bigger picture to figure out which part of it
Microsoft 365 can help with, because we won't solve any problem by assigning licenses
to users.
As we know, an iceberg shows only its tip above the water and most of it is hidden
underneath; it works as a good metaphor for things that are not obviously visible to us.
The iceberg model introduces us to four different stages.
Level 1: Events
Very visibly, we see events. An event is the answer to the question What is happening
right now?
On this level, people only react to what just happened and then stop to think about it.
For example: "I caught a cold."
Level 2: Patterns
Already underneath the surface, we will find patterns: What has been happening over
time? What are the trends?
On this level, people think about what led to the visible event and try to connect the
dots, for example: "I caught a cold more often in the past when I slept less."
Level 3: Structures
Digging one level deeper, we see which system supports and influences these patterns:
What affects these patterns? Where are the connections between practices?
On this level, people think about what influences these patterns and try to
understand the Why, for example: "Working crazy hours, worrying about problems
at work, and eating late at night affected my quality of sleep."
We can dig into which thinking generated the structures that are in place. For example:
our belief of "work is the most important thing, even more important than health and
the more I do, the more valuable I am" leads to behavior (which seemed to be expected,
because everyone did it), which resulted in a physical manifestation of unhealthy work
ethics that showed as catching colds quickly.
People can't focus, experience both a lack of efficiency AND effectiveness, waste their
time with tasks they shouldn't do, and are instead more busy than productive.
Typical organizations look like a pyramid, with a few decision-makers at the top
(leadership) and the rest of the workforce at the bottom, resulting from the approach of
designing companies like military institutions, with a defined chain of command
compartmentalized structures. This led to departments, which don't communicate well
and are now rather information silos. The given structure leads to processes that ensure
that this structure stays as it is - which conflicts directly with the need to convert from
privacy to transparency, from planning to experimentation, and from controlling to
empowering.
Leadership, who don't generally understand details of issues and a workforce that can
not regularly connect to their leadership team lead to processes that do not reflect the
work that needs to be done, structures that cement the status quo, and decisions about
tools and working methods that serve old principles: privacy, planning and controlling.
Let's look at which collective beliefs in our culture (which is then only reflected in
corporate cultures and way too often reduced to "individual mindset": What do we
people believe in, that they design organizations like this? Of course, redesigning takes
a tremendous amount of energy (and money), and indeed it is easier to keep the status
quo than to change. But why is this status quo, this broken system, still in place?
Because we (or at least enough of us in critical positions) believe in "knowledge is
power" instead of "Sharing is Caring." The "command and control" approach looks as if
it also provides security and predictability, and although we already know better, we
stick to this ego-system instead of an eco system.
What can we now do about it? Make people aware of the broken system that doesn't
meet our needs anymore, and that forces people into workarounds, unhealthy work
ethics, and poor connection to their organization. Please stop trying to fix users when
we need to fix this system.
Because in the end, we are confusing cause and effect. If we only focus on the reason
and just try to fix the symptoms, we barely fix the underlying issue. We need to work on
the cause to end up with a different effect in the end. What we want to achieve in the
first place is a sustainable change of habits towards a better work environment and a
healthy mindset. If we're going to change people's behavior, which we see in level 1, we
will need to change our core beliefs and mental models of level 4.
To give you a little guidance, we will turn the iceberg upside down and start at the
bottom:
Our core beliefs are a representation of the 'Sharing is caring' - mindset. We don't
compete against each other but value and listen to every voice. We are convinced that
we can face challenges better together and that Learning, experimenting, and sharing
failure and success are essential.
Over time, this leads to a healthy understanding of productivity with some very
beneficial implications: awareness of mental load, reorganization of priorities, and
connectedness to the broader organization. As a result, we can see that people make
fair use of their time and do not need to face obstacles that are usually in the way.
How do we change?
The million-dollar question now is, what needs to be done at Level 4 so that we see the
good effect on Level 1? As consultants, we will, of course, say "it depends," but we've
identified some core concepts, which of course represent our iceberg.
It is time to consciously reflect on corporate values and how they are fulfilled with life in
the organization. As an example: We can say that we have a culture of being allowed to
make mistakes, but if everyone is cc-ing everyone massively to share responsibility /
cover themselves, then it is evident that the excellent culture only existed on paper.
Therefore we need to question ourselves about our values and how they resonate for
employees, partners, and customers. Without doing this heavy lifting, all approaches to
roll out tools, to use champions programs, use case shopping, and end-user training will
only scratch the surface and come to nothing or won't be sustainable. This means that
we will see perhaps some quick wins, but no long term change.
Do we trust our employees and how much? How many control mechanisms that
also interfere with people's productivity and frustrate them do we have in place?
Do we foster transparency? Which structures and processes did we follow to
promote information silos instead and prevent people from connecting dots?
Do we encourage people to learn and share? Which restrictions prevent employees
from doing so actively, and how much time is reserved for that?
Do we have an organizational purpose? How is this why communicated to
employees? Is this only one-way communication or a vivid discussion in which
everyone's voice matters?
Frictionless collaboration
Healthy productivity
Good working morale
Next steps
To achieve all this, we will need:
Advocates
Advocate are people who explain, evangelize, and openly discuss change with their
peers. It is essential to include people rather than giving the impression that ongoing
change would be a fait accompli. Good communication is critical. Just sending an email
or printing some posters won't light a fire in an organization. Explain the big picture and
elaborate on the why of this enterprise. This makes sure that all stakeholders will have
an excellent understanding to drive change even further.
Persistence
Rome wasn't built in a day, and we first need to unlearn the practices from the old
world. This is challenging, as we easily fall back into old role patterns. The path requires
us to be patient and to make it easier to follow a new approach. Gamification can help
a lot here, but yet again - if we only work on this level, the effects will quickly fizzle out.
Conclusion
To see the bigger picture of adoption and how Microsoft 365 can support our digital
transformation efforts, it is important to investigate the corporate mental model, the
organizational structures, and patterns. Focusing on visible events only, underestimating
the mental model's complexity, and cherry-pick quick-wins will not lead to sustainable
change. If we want to evolve from our inherited understanding of work into meaningful
collaboration, we need to adopt new working behavior properly. This is only possible if
we first care about corporate culture, which will be reflected in all levels above.
Useful resources
Iceberg Models
Involved in transformation? People love this model
The Systems Thinking Playbook by Linda Booth Sweeney and Dennis Meadows
Other
Satya Nadella on growth mindsets: “The learn-it-all does better than the know-it-
all.”
Microsoft 365 Maturity model
Microsoft 365 Adoption guide
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Names are important as they imply meaning, and in many experiences such as Microsoft
Teams, names serve as a key navigational aid for end users in locating the correct Team
quickly and easily. However, with many organizations, it is difficult – if not impossible –
to enforce consistent Microsoft Teams naming standards, even if Team and Group
creation is limited to a small number of individuals. While this enforcement cannot be
completely overcome without a third-party tool, the first step is to define a single or set
of consistent naming standards that will enable better adoption and success when it
comes to its usage of Microsoft Teams.
Without consistent Microsoft Teams naming standards, this process becomes taxing and
inaccurate as end users have no reliable “memory” from which to draw to assist in
accurately identifying whether certain information is the information they are seeking.
Findability: Multiple studies have shown that users spend a huge part of their day
(some suggesting as much as 2.5 hours a day) simply searching for information. In
the context of Teams, especially in organizations with a high volume of Teams
workspaces, bad naming can seriously hamper the findability of Teams which
creates friction and irritation for end users trying to jump quickly between tasks.
Redundant Effort: Poor naming can also lead to duplication of Teams and effort, as
end users who cannot find the object of their query will quickly abandon a search,
sometimes creating a new space for this information and replicating content that
may already exist elsewhere.
Not only does this problem occur in Microsoft Teams, but the same name used when
creating the Team is also carried throughout the Microsoft 365 ecosystem and applied
to several related objects (e.g., SharePoint Site, email address, etc.) which essentially
serves to multiply the problems shared above.
Prefixes
Adding consistent prefixes to the beginning of Microsoft Teams team names can be a
useful way to add organization, structure, and consistency to your Teams. In western
cultures, our eyes have a tendency to scan left to right reading the first 11 characters so
a prefix can be valuable as it creates a column of essential information down the left-
hand side of the Teams experience.
Recommendations - Prefixes
Prefixes can be useful but do not make these overly long as they can lead to the
Team name being cut off. Generally, limit yourself to acronyms or prefixes no
longer than 12 characters.
While emojis can be tempting to utilize, keep in mind that these can cause issues
for search and are not supported in all the areas where a Team’s name gets
applied.
Spaces
Spaces are proven to make names more scannable while improving overall readability
for end users, which further aids with finding the right name in Microsoft Teams. They
should, however, also be used with some thought, especially when considering prefixes
and suffixes you may choose to implement.
Recommendations - Spaces
When using prefixes or suffixes, we are now combining different “components”
into the name, and it is typically helpful to aid users in differentiating the
delineation between these segments. One way to do this is to keep spaces within a
Team’s Workspace name but use another delimiter (such as a dash or underscore)
for the prefix or suffix. This allows the brain to quickly assess the Team’s category
from the Team’s name.
Length
An understandable response to remedying a Teams' findability is to add more detail to
the Team name, ultimately adding more length to each name – but this can lead to
other problems. Microsoft Teams only allows a certain team name length before it
becomes truncated (trimmed). The length available depends on the case of the
characters and therefore the maximum length falls within a range of between 30 and 36
characters.
Recommendations - Length
Keep your team names to 30 characters or less as a rule to ensure they are fully
visible
The Result
The result of applying a naming convention can be powerful. Observe the immediate
difference in scannability between the two sides below:
Principal author: David Francoeur
Maturity Model for Microsoft 365
The Maturity Model for Microsoft 365 concentrates on defining a set of business
competencies that resonate with Microsoft 365 yet underpin real business activities.
Overview
e OVERVIEW
What's New
h WHAT'S NEW
Competencies - A-L
p CONCEPT
Collaboration Competency
Communication Competency
Infrastructure Competency
Competencies - M-Z
p CONCEPT
Management of Content Competency
Search Competency
Elevating
c HOW-TO GUIDE
Elevating Collaboration
Elevating Communication
b GET STARTED
Practical Scenarios
p CONCEPT
Practitioner Sessions
q VIDEO
References
i REFERENCE
Automation Maturity Model: Power Up your RPA and hyper-automation adoption journey!
Maturity Model for Microsoft 365 -
Introduction
Article • 11/14/2022 • 4 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Purpose
We often hear from people in the community that they know they aren't using Microsoft
365 capabilities as fully or as efficiently as they would like. Sometimes this can be an
existential dread rather than a specific set of clear ideas about what is missing or what
to do to work smarter.
Taking a holistic view of the technology through the lens of the Maturity Model for
Microsoft 365 and gaining an understanding of current state vs. desired state can help
organizations in these important ways:
In developing a maturity model for Microsoft 365 we aimed to create a toolkit which
follows a set of principles:
Non-partisan, i.e. informed by but not driven by today’s features in any specific
platform
Led by business needs rather than technology features
Identifies key business *and- technical competencies
Enables organizations to evaluate the current state in a systematic and consistent
way
Applicable to various roles in the organization
Competencies
Published
Business Process
Collaboration
Communication
Customization & Development
Governance, Risk, and Compliance
Infrastructure
Management of Content
People & Communities
Search
Staff & Training
In progress
Data & Analytics
Maturity Levels
The 5 levels within the Maturity Model for Micorosft 365 can be summarized as:
What's next?
The goal of expanding the SPMM to the Microsoft 365 level is to help practitioners in
the community think through how they can improve their capabilities or decide which
capabilities matter most to them. These decisions should be based not just on the
technology capabilities themselves, but driven by specific outcome objectives derived
from the organizational strategy, possibly at a reasonably granular level as well as at the
over-arching organization level.
Our goal is to apply the same core competencies that were the core of the original
SharePoint Maturity Model, updated and extended to reflect the current business and
technical environment. As Microsoft 365 is a much deeper and wider toolkit, the project
is creating a guidance document for each competency, in a consistent format. Although
these are clearly linked to Microsoft 365, we have deliberately avoided detailing
particular features and functions, focusing on the business needs and processes in the
competency documents. We will continue to expand the document set to drill into the
technologies; provide a ‘how to’ for achieving different levels with the tools Microsoft
365 provides; and highlight some practical scenarios.
Resources
Origin of the Maturity Model for Microsoft 365
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The SPMM was, of course, focused squarely on SharePoint. At the time, SharePoint was
exclusively an on-premises product and generally stood alone, unless you did a lot of
work to change things. The principles, however, remain valid.
The tools have changed, but we still see similar levels of capability when using
Document Libraries:
Not every organization needs to be at the top level. NASA or Airbus have different
goals, constraints, and risks to manage than a small marketing or retail organization.
Not every department, team or function needs to be at the same level; Operations often
needs to function with higher levels of maturity than, for example, Sales and this is
reflected in their respective technology strategy and investment. As with any
organizational capability, the organization should decide if the capability should be a
strategic differentiator or simply a basic operational capability based on the
organizational strategy. The former may require optimized and fool proof capabilities,
where the latter only requires relative efficiency.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
General
Business processes are undefined or only loosely defined through user experience.
There may be no use of process technology, instead relying on paper-based
process and legacy technology such as email for notifications, hand-offs and
approvals.
Users of the system rely on institutional knowledge to get things done ("I know
who can help me with this") rather than agreed-upon roles and business logic.
Exceptions cause long delays (e.g., a key resource is out of the office, or the first
time a new situation is encountered there is no method for defining what should
happen).
Business Process
Changes to the process are untested or tested in concept only.
Exceptions and failures are not captured, tracked and addressed
Processes have evolved from prior approaches. New needs and exceptions have
been bolted on rather than engineered in.
Level 100 Impacts
At this level you can expect the following:
General
If there is a known workflow, e.g., for request approvals, there can be long delays
between steps because there are no system notifications, no status updates, and
no consequences for inaction. This requires the requestor to chase down the
person at the next step in the process.
Transactions are very costly in terms of time spent and user frustration.
Staff (and clients / customers) have limited confidence in the quality or timeliness
of the process output.
The team loses credibility and will be hard to get future buy in of new processes.
Exceptions and priorities, troubleshooting and remedial intervention become a
drain on resources and pose a risk to business outcomes.
Basic questions can't be answered because there is no reliable data (e.g., "How
long does it take us to process a typical invoice?")
People feel stressed due to the lack of ability to plan and estimate how long a
process will take.
Deadlines are missed or require heroic effort to meet due to lack of transparency
in business process.
Business Process
It's not possible for anyone to see the status of a particular request. Activities can
stall or remain incomplete indefinitely.
Activity owners invest their time in pushing activities through the process. Activity
prioritization is ad hoc and not driven by business priority or objective value/risk
General
Business Process
Business processes are documented / defined at the department level and
communicated to the organization. Process maps exist for many processes but
adopted technology solutions are weakly documented.
Out of the box SharePoint workflows (approval, collect feedback) might be
leveraged sporadically.
A document library or list provides a central base of operations.
Workflows tend to be document-centric or task-centric vs. application-centric.
There is an understanding of the functionality within M365 to support business
process automation.
Some "no-code" workflows (e.g., Power Automate) may be implemented to handle
simple business rules at the department level (decision-based routing).
There may be inconsistency between the documented process and the deployed
process, as individuals hold to the way they traditionally completed workflow tasks.
Many processes are built solely at the role or department level, by citizen
developers in response to business needs. They do not go through formal
application development cycles and the development itself is undocumented
(though the process may be)
Processes lack governance, oversight, testing and control. Changes and
improvements are ad hoc or responsive.
There is some attempt to use feedback to enhance the process, though this lacks
formality rigor or commitment.
Business ownership to maintain the processes is not consistent; changes in
business need may not be effectively reflected in the process.
Business processes exist in isolation; typically solving point problems without
integrating with a larger strategy.
Reporting and tracking of activity through the process is attempted, but not always
reliable or reflective of the business needs and often incurs further manual effort.
Process development is not effectively coupled to process re-engineering, leading
to faster/better completion of the process rather than creation of better processes.
No strategy around automation, including standardization of technology platform
and approach has been developed. Automation tasks are approached in different
ways.
There is often inconsistency between the documented process and the deployed
process.
One department may have automated workflows while the rest do not, which
creates an inconsistent experience for internal customers.
A process may be automated in one geographic location but not in others, even
within the same line of business.
Single points of failure exist within the technology and within the expertise to
maintain or improve it
There is often disagreement or conflict between a company-wide approach vs.
embedded capabilities in line of business systems
General
Individuals have transitioned from procedural document workflow to orchestration
of dynamic business process.
A business process automation technology platform has been selected and is the
basis for new Business Process activities, though legacy solutions remain in use.
Third party tools and/or custom Business Process Management tools are
integrated to support more complex business rules and legacy systems.
The organization has begun to develop business process skills, often in a central
team and including process re-engineering and technical platform specialists.
Training is available to both specialists and citizen developers
There is a recognition of the pros and cons of citizen development and attempts
are made to allow and manage these approaches
There is minimal inconsistency between the documented process and the
deployed process.
There is recognition that different solutions are associated with different risk and
compliance profiles and can be designed and managed accordingly
Quality Systems incorporate key business process solutions, and the solutions are
tested for compliance for processes that impact quality
New solutions are designed with tracking, performance metrics and out of bounds
notifications
Business Process
Management and users can begin to feel confidence that processes and activities
are compliant.
Productivity / efficiency gains are observable if not yet fully measurable.
Increased transparency supports better productivity and planning and lowers user
stress.
There is increasing employee confidence in following the processes because they
provide better results than prior manual processes.
The credibility of the team is improved, that helps user acceptance for new
processes.
Level 400 - Predictable
Organizations at this level have set goals for the process, such as reduced time between
steps, lower cost, fewer errors, customer satisfaction, etc., and the process is being
measured against these goals. The system is supporting and driving the business
process rather than the individuals involved in the process. The results are predictable,
and the users have come to depend on the system and no longer feel the need or desire
to work around it.
General
Workflows on the platform may have connectivity to LOB systems.
Users have access to process analytics and audit trails around the workflow. (e.g., a
user can report on document approval (person, date and comments).
There is greater transparency to the process at the end user level (e.g., a user can
see the status of a particular request at any step)
Collaboration happens in the context of a work item as part of a dynamic,
nonlinear business process (the "case").
There is a well understood continuum from citizen developed small scale, pilot and
prototype business process solutions through intermediate to fully developed and
managed approaches.
The organization has a register of the BP solutions in use, with assessment of their
risks, ownership, technology and interactions with other processes and systems.
Process performance is monitored using established metrics.
APIs and information sources are well established and made available for BP
process development
Technology standards are in place and adhered to.
Development standards, including UI, UX, API, reporting, error trapping and
exception monitoring are well established; there is support for implementing these
in small scale developments.
Staff are trained in the standard approaches and required to undertake training in
these as well as the technology and process development methodologies. Business
Process training is part of the training program for M365, with centralized
documentation / resources.
New processes and introduction of new line of business systems are considered
against the strategy and standards in place to ensure they are compatible
BP solution development is led by 'whole system thinking'
All critical processes are designed for and assessed against compliance and quality
needs. Formal documentation, methodologies, audit and review are applied to key
systems.
Process control such as SPC (Statistical Process Control) may be enabled
Process outputs and metrics data are collected and used for business intelligence
reporting
All processes have clear ownership. Changes in staff and expertise are considered
and processes are resilient to these changes
Users feel that a particular automated process is stable. They have come to rely on
it and shudder at the thought of the "bad old days."
The organization is looking for other places to automate processes, asking the
question "is this a candidate for automation?"
New insights gathered from process analytics support restructuring of business
processes for continual process improvement, earlier identification of issues, and
data to support additional headcount, where needed. (e.g., for headcount: showing
long lead times in SharePoint project requests where the delay is due to limited
headcount to build solutions)
General
Power users can edit existing workflows to adapt them to changing business needs
on the fly with an understanding of the implications of these changes.
Standardized workflows, data sources, connectors, UI and process components
exist for re-use and guidance
Users leverage data from the business process management platform to optimize
process, simulate on real data, clear bottlenecks, and balance work across
workloads.
Business processes may extend to external users.
The enabling technology platform is being upgraded and managed proactively as
an enterprise solution.
Staff are highly skilled and engaged in the processes, providing feedback, ensuring
compliance and adapting to edge cases as required
All processes are well understood, managed and leveraged
Processes reach outside the organization, to interact efficiently with 3rd parties
including suppliers, clients and regulators
There is an active and ongoing process of process review against operational and
other objectives and processes and supporting technologies are re-engineered
accordingly
Processes drive and ensure compliance while also improving productivity.
Business Process
Users have visibility into the process and can provide feedback to process
improvements.
Output metrics from business process solutions provide insights into business
improvement and drive process enhancements at all levels. Impacts in one part of
the process are understood up and down the event chain.
Business Processes are continually measured as part of a whole-system approach
and collectively improved or adapted to changing needs.
Advanced tools are used to drive optimization, including AI, Statistical Process
Control and cross industry benchmarking
There is a high level of continuous process oversight and remodeling
Innovative approaches are taken to automation of tasks; as new technologies and
techniques emerge these are proactively introduced, freeing up time for staff to
deal with complex cases and 'out of bounds' scenarios.
It's possible to plan innovations because the baseline of performance is well known
and trusted.
The organization can adapt its processes with less stress and more agility to
respond to changing business conditions (e.g., mergers, acquisitions, new product
lines, etc.)
There is increased productivity across the organization as roles and responsibilities
are focused on tasks that cannot be automated.
There is an increase in employee engagement as mundane, repetitive tasks are
automated and viewed as a competitive advantage for how the organization
works.
Scenarios
Employees require manager approval for time off requests.
Employees can request new hardware, equipment, or supplies which then follows
an approval and procurement process.
A subject matter expert updates a policy, which then requires multi-level review
and approval.
A proposal to a customer requires multiple areas of review and approval before it
can be sent to the customer.
A customer opens a support case which requires multiple steps and escalations to
resolve.
Conclusion
Improving your Business Process maturity requires an investment in business process
mapping, as well as an understanding of M365's functionality and how it can support
your business processes. This investment in defining and educating will be repaid in
clear, measurable ROI for the business processes that you modernize and automate on
the M365 platform. This ROI can take the form of bottom-line cost and time savings, as
well as more top-line advantages in terms of competitiveness and customer and
employee satisfaction.
Common Microsoft 365 Toolsets
Connectors / Custom Connectors to access other line of business apps and
services
Dataverse
Microsoft Forms
Microsoft Lists
Planner
Power Apps
Power Automate
Power Virtual Agents
Project Online
Viva Goals
Viva Sales
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
Business process flows overview
Defining a Power Platform Environment Strategy
The Power Platform Data Loss Prevention (DLP) policies you should be considering
on Day 1
Principal authors:
Contributing authors:
Marc D Anderson, MVP
Simon Doy
Simon Hudson, MVP
Emily Mancini, MVP, UXMC
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
In many ways, this revolution is following a similar track to other world changing
technologies, creating opportunity, threat, FUD, excesses of imagination and paranoia
and more. While the technology and its monetization are fearsomely rapid, forward-
thinking organizations should be anticipating the roles of various forms of cognitive
business and incorporate these into their culture, ways of working, processes and
thinking. While pessimists may be concerned about these technologies displacing
‘white-collar’ / knowledge worker roles, pragmatic organizations will be considering the
impact of the changes and planning how they can be integrated into their cognitive
functions – knowledge creation and access, analysis and assessment, task planning and
decision making.
Definition of this competency
Cognitive businesses are those that actively employ thinking in its many forms across
operational activities and decision making. They are characterized by having significant
numbers of ‘knowledge worker ’ staff in operational roles, not just management roles.
This Cognitive Business Competency considers how and where organizations might
deploy advanced, computer based cognitive services across their teams and operations.
The technologies used will encompass (narrow and generalized narrow) AI, Machine
Learning and other advanced technologies that simulate or mimic human intellectual,
analytical and creative activity. For convenience, these will be referred to simply as AI in
the rest of this article. The technology scope includes pre-built AI, including those
integrated into off the shelf products and suites, ‘invisible’ technologies that don’t
provide an apparent user interface, direct human-machine interfaces (such as voice
assistants & chat bots), AI platforms and services and custom-built engines for the using
organization’s own data. The competency also acknowledges the continued and
essential role of human cognition and the relationship between how people and AI work
together.
See the Maturity Model for Microsoft 365 - Introduction for definitions of the Maturity
Model levels.
100 Technology
100 Impacts
AI has no direct impact, which may mean that disruption, when it comes, is
unanticipated. Competitive advantage arises through investments in the skills or staff;
human limitations may create intractable challenges.
200 Technology
Content and document management uses some automated classification, though
largely with the default configuration and limited training on topics etc.
Categorization may be used to improve existing processes, often in a narrow way,
usually with out-of-the-box capabilities.
AI may be in active use by the platforms used in the organization, such as
protecting against security risks, or supporting web searches. Only a few people
recognize that this is the case.
No technology-stack choices have been made and different platforms and services
are being played with a different part of the organization at different depths.
Cognitive capabilities are not designed into applications, products and services.
Training data sets are used as-is, without considering ethics, bias or errors that may
result from the data
Limitations are not considered, and no safeguards are in place to correct poor AI
decisions.
Intellectual Property implications are not considered.
300 General
Attempts are made to ensure source and training data is well structured, clean and
of sufficient quality. The quality of the training input to cognitive models is
managed, with attempts to minimize bias and errors. A set of metrics is established
to confirm this.
Staff have some understanding of how to ask questions of the AI tools to get
useful outputs.
The limitations of the insights, knowledge and behaviors of people as the
benchmark for AI ‘accuracy’ are considered.
The organization has laid out a broad strategy for AI setting out their aspirations.
Elements of this may be naïve, lacking actionable detail and measurable objectives,
and may lack resources and senior sponsorship, but it acts as an important starting
point and touchstone.
The technology is not treated as internally or externally disruptive.
300 Technology
A range of AI services are used to improve existing processes, with multiple areas
of improvement. Mostly these improve human-driven knowledge activities and
support existing staff, however some areas no longer require human intervention.
Categorization is used to improve existing processes, often in a narrow way,
usually with out-of-the-box capabilities; often this makes things easier for staff
later in the process.
Content and document management actively uses automated classification,
configured and trained with the organization's information and document set.
Developments are focused on the application of pre-trained models. Custom AI
models are used in some cases and are being evaluated for wider application.
Staff have use public tools, such as AI-driven internet search, saving time allowing them
to focus on more creative and valuable activities. Some processes are improved through
AI and an appetite has developed for doing more, with some limited funding. AI
supports staff in their cognitive tasks. Risks and concerns are emerging that the
organization is unsure how to address.
400 General
Staff are trained and competent in interacting with tools to optimize their useful
outputs.
Policies are adopted regarding AI transparency, ethics, performance and scope.
These are regularly reviewed and updated in recognition of the pace of change of
the technology and regulatory environment.
AI services frequently work alongside human staff, with each complementing the
other. Areas that do not require human intervention have human and AI oversight,
with both reviewing feedback.
AIs that replace staff roles have line management processes, performances reviews,
code of conduct guidelines etc. that perform the equivalent role to the staff they
replace.
There is board level oversight of the cognitive business approaches and ensuring
they support the organizations values, ethics and strategy.
Cognitive AI outputs are routinely audited and subjected to quality control in the
same way as other quality processes. Methods have been developed to validate
that training, queries and other inputs produce ‘correct’ outputs.
Cognitive business approaches enable the activities that could not have been done
without the tools. Processes are transformed rather than simply enhanced.
The level of trust in the tools is understood, continuously re-evaluated and
deficiencies addressed.
The limits of AI are well understood, and ‘unusual’ cases are handed off to experts.
There is a coherent approach to people and AIs working together, with well-
defined hand-offs.
Source and training data are actively managed to ensure quality, with metrics and
active feedback.
400 Technology
The cognitive business landscape is scanned, and changes and improvements are
previewed and incorporated into the business roadmap; the tools are actively
‘upskilled’ as technology advances.
Sources and training data are robust, updated, assessed and managed against
quality and ethics standards.
Technology limitations are well understood; safeguards and feedback loops are in
place.
Voice interfaces, natural language processing and other human-centric UIs are
present across staff workspaces. There is some use of ‘always-on’ monitoring
within the workplace and process areas.
New applications developed within or for the organization actively incorporate
cognitive elements, and these incorporate AI ethics and governance by design.
Developments using custom AI models have a well-established process which
includes data quality security, responsible use and audit.
A generalized narrow AI, capable of performing many different types of tasks and
with a holistic view of the organization, starts to replace many discreet cognitive
services.
The AIs are capable of identifying issues and carrying out auto remediation,
handing off to a person where necessary.
There are policies that define how cognitive business should be introduced,
assessed, performance managed and monitored for effectiveness and fairness.
Responsible AI initiatives and standards form the basis for this.
The implications of compliance around AI use are broadly understood and actions
are taken to minimize risks relating to regulations, Human Resource obligations
etc. A board level role has accountability for responsible, ethical and fair
application of AI, ensuring compliance with regulations and values.
Training in Cognitive business for staff, management and the leadership team are
maintained. This ensures understanding of ethics, compliance, best practice and
drives trust. Assessment is used to improve the training and identify staff
competency.
Training data is reviewed regularly for historical bias and gaps that might
compromise the ethics of the AI. There is special care taken with externally sourced
and public data that may include such bias.
Attention is given to national and organizational culture and how this might create
bias in the cognitive business. Systems are reviewed against clearly stated values
and principles in place in the organization.
There are processes to hand off ethically complex issues or outliers from the
systems to human arbiters.
Inputs to Cognitive systems are recorded so that they can be used to validate
outputs.
The risks of cognitive business tools deskilling staff are understood and addressed
appropriately, such as through actively retaining skills or accepting that these are
lost to the organization and external expertise is used when required.
Staff and processes are productive, though there may be concerns about resilience of
the technology and exposure to regulatory change.
500 General
Resources and capabilities in the organization are sufficient to drive rapid and
effective cognitive business value. This is supplemented by a broad range of
partners and associates with expertise in specific applications of cognitive business.
The organization uses these to both rapidly react to changing needs and
proactively advance the business in response to strategy and vision.
Content and document management actively uses automated classification,
configured and trained with the organization's information and document set, with
continuous retraining and active redesign to incorporate future-looking strategic
and tactical changes in the business
AI assistants, versed in the knowledge and processes of the organization, are
available to all staff to assist with their activities. They also have ‘a seat at the board
table’ where they can retrieve relevant information, capture decisions and actions
and provide summaries and feedback on the state of both the organization and
previous meetings.
AIs are used in the board room to advise directors/VPs, capture and track decision
and actions and summarize and analyze information
Advanced human-machine interfaces are in careful use, which may include active
monitoring of conversations and activities, prospective advice and insights.
Cognitive business is built into the organization by design. It pervades staffing
criteria, product and process development, sales and marketing strategy and
pervades operations.
500 Technology
State of the art technologies are proactively reviewed and incorporated into the
Cognitive Business strategy and roadmap. AI services may be used to help identify
these.
Active experimentation takes place, and the learning is used internally and shared
with partners and aligned vendors to drive future improvements.
The generalized narrow AI has reached a level of capability that exceeds the sum of
the parts and becomes a core strategic platform specific to the organization. Most
discreet cognitive services are now incorporated into this service, increasing its
reach and reducing the overhead of training and integrating individual tools.
Cognitive systems exhibit proactive interfaces; not just reactive. They will prompt
humans as and when appropriate. The use of such systems follows policy and
values, with appropriate safeguards.
AIs are routinely capable of autonomous action. Where they make mistakes or
choose to involve a person in the decision making, the output of this is fed back
into the AI to improve it.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
From the days of a knowledge management focus - from which much of the current
thinking about collaboration has sprung - we have the paradigm of data turning into
information, then into knowledge, then into insight, then into wisdom. Some
organizations were able to move along that path, and others were not.
Document collaboration
Team collaboration
Cross-organization collaboration
Serendipity
Innovation
Information Architecture
Content
Task Management
Shared activities and tasks are managed via personal lists or post-it notes. There is
little visibility of status and activity of shared tasks other than via weekly reporting
or by asking for updates.
External collaboration may be actively blocked
Impacts
At this maturity level, many people in the organization are likely to be asking: “So what?”
They may feel they are working harder to accomplish the same goal, without seeing a
benefit. Staying at this level is generally a recipe for dissatisfaction.
Process
There is agreement (but not enforcement) not to send attachments.
Training and knowledge remain inconsistent.
Governance, Risk, Compliance and Security
Some mechanisms are in place for new site requests, whether instantiated
technically or by convention.
External access uses default settings and is not controlled.
Most users have had little training on how to use the tools.
Better practices have not been established.
Information Architecture
Unique document libraries are created for specific team needs.
Specialized views become more common to enable better decision making.
Metadata is used to organize documents beyond the default values e.g. status,
dates etc.
Content
Links are shared or emailed rather than documents as attachments, starting to lead
to one version of truth.
Collaboration efforts are collected in document libraries using coauthoring and
automatic versioning.
External access uses default settings and is not controlled.
Introduction of File naming conventions.
Task Management
There is some use of status indicators in documents or metadata.
Shared lists allow visibility of activities and task status; interaction with the list is via
read-only views or require downloading of a file. There is no aggregated progress
overview or reporting within the shared activities; requiring manual reports to be
issued.
Culture
Impacts
At this level, users begin to have confidence in the platform and start to see it as an
improvement over file shares: they are thinking beyond the file share. The way they
collaborate will still vary widely by functional area.
The process of collaboration is well defined and agreed as a standard business process.
There are sets of defined and documented standard processes established, signed off, in
use and subject to some degree of improvement over time. The processes may not have
been systematically or repeatedly used to the extent needed for their users to become
fully competent or the process to be validated in a range of situations, hence there are
gaps in adoption and consistency. This could be considered a developmental stage -
with use in a wider range of conditions and user competence development the process
can develop to next level of maturity.
Process
Teams are able to determine their own style of collaboration; this is defined in
policy and procedure
Processes exist to manage site and content lifecycles, external access, document
status, ownership, task allocation etc.
Culture
Discussions, meetings and actions are wrapped around collaboration activities.
Collaboration is enabled and encouraged within projects etc.
Content
Site templates are developed for specific site needs.
Sites are provisioned with rich solutions, including template documents and
features appropriate to the need.
Collaboration extends beyond documents and is supported by other apps and
features
Mobile access is considered with every solution implementation.
There is a mechanism to differentiate Work-in-Progress from Final / Approved.
Task Management
Tools to allow shared ownership and management of tasks are in place and
adopted by project teams and some other task-focused teams. Where this is the
case, there is a degree of automated reporting and ‘at-a-glance’ insights into
progress.
Impacts
At this level, the organization sees a path to real ROI for the solution. There are clear
standards around the implementation, although they may not be used throughout the
entire organization. Users have a sense of security and consistency as they collaborate.
Process
Collaboration is governed and compliant
Collaboration supports line of business systems.
Diary management is well-established, and availability for collaborative work is
managed (including real-time presence and ‘focus’ time slots).
Asynchronous collaboration is facilitated by features (e.g. @mentions) that
signpost colleagues to content and actions, ensuring notifications are productive
rather than interruptions.
Productivity and other collaboration metrics provide insights.
Opportunities for informal conversations are actively created (water-cooler
conversations), especially within disciplines
Information Architecture
Company-wide metadata may integrate with other enterprise systems (e.g., ERP,
CRM). Consistency extends across platforms.
Enforcement of information structure, metadata, site and directory design ensures
consistent use across roles and departments
Content
Task Management
Task management tools are consistently and widely used to track and monitor
team, department and organizational activities.
There are shared notifications for activity updates alongside on-demand ‘at-a-
glance’ insights.
There is active support for multiple collaboration modes, including real-time co-
working and co-editing, ‘as-needed’ collaboration.
Collaborative activities are largely unconstrained by geography or time zone.
Most activities can be completed collaboratively, with simple mechanisms to find
and access co-workers.
There are tools and processes in place to protect individuals’ time from
interruptions.
Diary management is well-established, and availability for collaborative work is
managed (including real-time presence and ‘focus’ time slots).
Mobile, remote, and office scenarios are equally supported.
Asynchronous collaboration is facilitated by features (e.g. @mentions) that
signpost colleagues to content and actions, ensuring notifications are productive
rather than interruptions.
Productivity and other collaboration metrics provide insights.
Impacts
At this level, users rely on the platform for their day to day work as well as for special
interest areas that contribute to company culture. The platform is seen as work-
enhancing, not detrimental. Users understand and follow governance best practices,
with a high degree of trust in the platform. The collaborative experience is fluid and
largely frictionless, allowing easy access to internal and external colleagues on demand.
Culture
Collaboration is baked into the culture.
Staff are expected to do non-traditional/non-task collaboration
Deep collaboration enabled through cross-skilling, placements and multi-
disciplinary meetings.
Informal and formal knowledge transfer are designed into the organizational
culture (water-cooler conversations) across disciplines. No one needs an excuse to
collaborate.
Process
Information Architecture
Metadata is used across site collections to centralize relevant information so that it
can live anywhere but still be found / leveraged.
Automated tagging may be present.
Sensitivity labelling is automated and related to the content, purpose and risk of
the collaborative activity.
Better practices are continually developed to enable effective collaboration across
a wide range of tools, scenarios and roles; existing practice is routinely reviewed
and teams are helped to collaborate more effectively based on insights.
Content
Site designs or templates are enforced and used to reflect project phases.
Content and task status are actively used to provide insights and trigger actions,
including automation of downstream processes.
There is active monitoring of content shared across organizational boundaries.
Lifecycles, redaction, and access revocation are enabled and largely automated.
Live documents are shared as attachments in email only as exceptions.
Task Management
The collaborative platform is highly integrated, serving a wide range of tools and
capabilities that seamlessly support many simultaneous modes of collaboration.
Task management tools are required at multiple levels across an organization and
individuals and teams are held accountable for their collective tasks, including to
board level.
There is organizational level monitoring of collaboration activities, with targets for
the degree of interaction expected based on roles.
There is specific focus on optimizing collaborative activity to enhance productivity,
minimize cost and risk.
Collaborative work is a strategic element of the organization’s culture.
External partners are supported in adopting collaborative approaches.
Legacy ways of working are actively replaced or removed through an active
continuous improvement.
Impacts
At this level, business leaders and platform administrators are implementing continuous
improvements based on user activities and feedback. Users are proud of their
collaboration platform and can show real ROI over the way they previously worked.
Faster time to produce results and respond to requests (reduced time spent in
searching, locating latest version, collating changes from multiple users, etc.)
Reduced travel and overhead costs
Increased employee satisfaction (feeling supported rather than hindered by tools
and systems)
Innovation is common (generating and executing on ideas through making
connections that would not have been possible in the old file-share world)
Anecdotes can be incredibly important for demonstrating benefit. It’s powerful when a
team says they reached a goal faster or better and are willing to be quoted on it.
“Better” cannot always be quantified, but if the professionals in your organization claim
it, it is probably real. Collect these anecdotes as you go along; they will prove useful.
Conclusion
Leveling up your collaboration maturity means you are rethinking processes. This leads
to direct benefit as you shift from “the way we’ve always done it” to “how could we do
this better?”
With collaboration at its core, the Microsoft 365 platform can be an incredible enabler of
better practices. This can only be realized if your organization continues to learn, grow,
and evolve its practices, striving for improved collaboration.
Excel
Loop
Microsoft Teams
OneDrive
OneNote
Outlook
Planner
PowerPoint
Project Online
SharePoint Team Sites
To Do
Viva Engage
Viva Goals
Viva Insights
Viva Sales
Viva Topics
Word
Yammer
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
The Collaboration Competency article provides an overview of communication concepts
within Microsoft 365 and details for each of the five maturity levels from Initial to
Optimizing (100 through 500). It adopts a broad, technology-agnostic approach to the
business characteristics of communication plus the expected benefits.
This article
explores how organizations at any level could use the Microsoft 365 suite (and
associated technologies) to reach a higher maturity level.
For example, you may being exploring automation of metadata and centralized
knowledge management through tools like Viva Topics to create topic cards,
automatically surface related documents, and showcase subject matter experts.
Conclusion
Leveling up your collaboration maturity means you are rethinking processes -
continually. This leads to direct benefit as you shift from “the way we’ve always done it”
to “how could we do this better?”
With collaboration at its core, the Microsoft 365
platform can be an incredible enabler of better practices. This can only be realized if
your organization continues to learn, grow, and evolve its practices, striving for
improved collaboration.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
Introduction to the Microsoft 365 Maturity Model
Maturity Model for Microsoft 365 - Collaboration Competency
Contributing authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Knowledge in the board room must get to the mailroom; likewise, senior staff need to
hear the thoughts of people further down the reporting lines. The breadth of
communication needs to be appropriate to the nature and urgency of the message and
its intended audience. This competency focuses of the levels of maturity which
organizations can achieve.
100 Content
100 Impacts
200 Content
Use of templates for messages, newsletters, documents are in place, but not
enforced
Standardized images and logos (stored in a shared location)
More than a single method of pushing communication to internal users, leading to
some consideration of which tool in the portfolio is best for specific
communication
Publication of key messages to an intranet or other persistent system for ad hoc
access and later retrieval
Some mechanisms for feedback or further interaction resulting from
communications
Ability to schedule future communications
200 Impacts
At this level, communications often don’t follow expected layouts, style, and standards.
A central set of policies may exist, managed by a central owner, but there is no shared
understanding across the organization of what these are.
300 Content
Templates, images, and logo assets etc. are available and encouraged.
Top down, bottom up, and peer to peer communications are supported
Mechanisms to prioritize messages exist in multiple channels, are well defined and
broadly understood
Basic, mostly manual mechanisms are in place for scheduling communication,
updating, removing or archiving superseded or expired communications.
300 Impacts
At this level, there is a stated strategy for communication that is understood and
supported at executive level. This encompasses the many types of communication, with
different purposes, approaches, and audiences. Communication is widely accessed and
is broadly effective. There are mechanisms with agreed processes for centrally delivering
the common communications needs using images and templated layouts.
Users experience consistency in core communication and know where to go for specific
information. They can use feedback mechanisms, and most people can access what they
need regardless of device, location etc. Less common scenarios are somewhat
overlooked, ad hoc or lacking consistency. Higher priority/importance communications
can be prioritized, so that they are not lost in the ‘noise’. It is possible to sequence
communications, allowing planned campaigns and timed release of information.
400 Content
Templates and standards are mandated and embedded in the communication
process
Mechanisms to prioritize messages are standardized and broadly adopted.
Processes exist to manage inappropriate use and these processes are connected to
incentives
Organizational Assets, such as agreed imagery, iconography, are standardized for
communications use.
Written content is formatted and presented to support online reading patterns and
accessibility standards
Communications are sampled for style, effectiveness etc. and guidance on
improvement is offered.
Some Compliance and DLP rules are enabled
400 Impacts
At this level, users have a high degree of trust in organizational communications. They
understand the communication mechanisms that are available, and feel confident in the
source and appropriateness of what they receive. This maturity level still may create
dissatisfaction in some users who remember the “wild west” days of the organization
when it was less mature, and who feel restricted in their ability to communicate if they
do not have the appropriate role or level of rights.
500 Content
Formatting and publication of content to different media types is automated or
instantiated in robust processes (e.g. text to speech, speech to text, automated
publishing, multi-lingual or multi-cultural content)
Longitudinal communications are well understood and carefully managed.
A-B testing of messaging may be in place.
Focus time (non-communication periods) are encouraged and protected.
500 Impacts
At this level, the ROI to the organization is demonstrable, and all users feel they have a
voice through feedback mechanisms and content submission channels. The system
supports communication governance, so users don’t need to remember the rules,
making interactions more intuitive and lightweight.
Scenarios
Campaigns
Changing work practices during unusual circumstances are announced and
updated on a rolling basis, with confirmation from staff that they understand and
will comply or adjust
Newsletters
A monthly, mobile-friendly news digest is published in a form that different staff
will access and consume, including frontline shop-floor workers and field-based
staff
Innovation
The organization fosters innovation and improvement by inviting employees to
make suggestions on how to improve the way the business works and suggest
new product ideas.
An employee asks for help across the organization to create a response to tender.
An employee asks a question around whether product X can do Z
Costs are driven by the need to deploy and support the communication technologies,
up-skill staff in their use and, most importantly, by investing in best practice and policy
adherence.
Conclusion
Organization communication is much broader than email and newsletters. Effective
communication is highly sophisticated, enabling many types of corporate
communications using a range of technologies in order to provide the right message to
the right people in the best format at the right time. Great communications incorporate
feedback, enable action and organizational change, and develop the culture whilst
ensuring compliance and addressing risk.
Organizations should define their desired maturity, based on their needs, circumstances
and capabilities. They should recognize that embedding good communication is more
than implementing a range of technology solutions.
Email
Delve / people cards
Mobile device notifications (via Flow, Teams etc.)
Microsoft Teams
SharePoint Communication Sites
SharePoint News / News Digests
Stream
Sway
Viva Amplify
Viva Connections
Viva Engage
Viva Goals
Viva Insights
Viva Pulse
Viva Topics
Yammer
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
International Association of Business Communicators
Example style guide
Organizational communications: Guidance, methods, and products
How to Share Org-Wide Communication in Microsoft 365
Principal authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
The Communication Competency article provides an overview of communication
concepts within Microsoft 365 and details for each of the five maturity levels from Initial
to Optimizing (100 through 500). It adopts a broadly technology-agnostic approach to
the business characteristics of communication plus the expected benefits.
This article
explores how organizations at any level could use the Microsoft 365 suite (and
associated technologies) to reach a higher maturity level.
Communication leads train the organization on writing for the web to support
compliance with the communication guidelines. More formal support is added to
ensure all authors have a deep understanding of accessibility standards and online
reading patterns. The focus in this training is creating engaging and inclusive
communications that convey a message resulting in a change in behavior (taking
the action in communication, engaging in communication, etc.).
Communication leads begin monitoring communication sources to ensure there is
one source when topics are shared across channels.
For example, there is a SharePoint news post on the Intranet about the
company’s upcoming re-branding. This post is then shared on Teams within the
Marketing Department, so the team is up to date on what has been shared with
the company for their current initiative. The same post from SharePoint news is
then also shared on Yammer to invite crowd sourced ideas.
Formally add communication templates and imagery to Microsoft 365 removing
friction for company-wide usage. This may include usage of document
templates , site designs for common news layouts across site collections, or
organizational assets.
The Steering Committee and communication leads begin reviewing feedback for
trends and areas of improvement across communication channels. This feedback is
then shared through the communication leads to their respective teams. Page
analytics and other usage data are used to expand on anecdotal feedback. This
usage data is also tracked to proactively identify trends in engagement with
communication better informing ideal communication channels and posting times.
For example, usage data may show leadership posting on Thursday mornings in
Yammer about employee resource groups gets the highest engagement.
Communications may have previously been sent via email with little
engagement, so the first shift was to bring these messages to Yammer allowing
more interaction from employees. The second shift may be around the time
these posts are released as the posts on Mondays showed little engagement as
employees focused on their tasks for the week.
Implement a business process to review employee profile data with the cross-
functional teams who are responsible for this data. In many companies this may be
Information Technology, Human Resources, or a mix of both. The review of this
employee profile data is to ensure alignment on which fields are being completed
to support the specific audiences the Steering Committee has identified for
targeted communications.
Communication leads begin training their respective teams on alternate media
types in addition to text to ensure the multimedia format communication is shared
and also supports engagement with the messages.
For example, you may have a desk-less workforce who finds news updates
easier to consume in short videos rather than a written page. The teams are
trained on usage of Microsoft Stream functionality to embed videos in
SharePoint news posts. Key messages are also written in text on the news posts
to support varied learning styles.
If communication approvals need to be implemented (as determined by the
steering committee), the impacted communication channels are identified, and a
business process is in place. For most organizations, the focus should remain on
keeping as much freedom in sharing communication across the organization as
possible to ensure timely updates. Highly regulated industries may need more
control.
Communication leads and the steering committee shift focus from creating
audience targets and groups to ensuring these groups are used effectively in the
right places at the right times. Begin filtering communication across channels with
an automated process. This may include Power Automate flows, Teams
connectors , or automated news digests .
Communication leads and the steering committee focus on a consistent and
robust information architecture of topics across all communication channels to
support the Microsoft Graph’s ability to understand the reader’s interests and role
creating linkages across knowledge and communication systems, pushing content
to that individual based on known information.
Page-level metadata may be added to surface and filter news. This page-level
metadata may also be used to pull similar news content into search-based web
parts so employees can consume news by topic across sites.
Communication leads and the steering committee identify the period of lowest
engagement from employees on all communication channels to create dedicated
focus time for work deliverables that is strongly protected across the organization.
For example, company-wide news is never shared on Monday mornings unless
urgent and business critical to that day’s tasks. Monday mornings are reserved
for team-wide news to ensure each group can focus on their deliverables for the
week before focusing on higher-level goals across the organization.
Employee feedback and usage data are applied to communication formats. In
addition to the user research and interviews conducted previously for feedback on
communications, begin A-B testing communication iterations to gather
quantitative data on which format best supports engagement, understanding, and
action.
Conclusion
Organizational communication is much broader than email and newsletters. Effective
communication is highly sophisticated, enabling many types of corporate
communications using a range of technologies to provide the right message to the right
people in the best format at the right time. By utilizing different communication
channels for their best use cases and focusing messaging to specific audiences,
organizations can improve engagement and gain more understanding of the business.
Great communications incorporate feedback, enable action and organizational change,
and develop the culture whilst ensuring compliance and addressing risk.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
Introduction to the Microsoft 365 Maturity Model
Communication Competency* Maturity Model for Microsoft 365
The Principles of Communication
How to Share Org-Wide Communication in Microsoft 365
The Evolution of Company-Wide Email Communication to SharePoint News
Contributing authors:
Simon Doy
Simon Hudson, MVP
Marc D Anderson, MVP
Sadie Van Buren
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Over the years as platforms have evolved, it became increasingly possible for viable
business applications to be delivered without code. Today there is a continuum from out
of the box, through configuration (No Code), to citizen developer (Low Code) and finally
'proper' development (Pro Code). The separation between these stages can be highly
porous; artificially segregating them is frequently meaningless and often counter-
productive. Management tools traditionally associated with Pro Code development are
gradually providing an opportunity to wrap development rigor around the No Code and
Low Code approaches and to introduce many of the effective development operations
(DevOps) techniques and tools.
At the same time, even nominally out-of-the-box products and services often support
options for customization and extension. The ways of achieving this vary widely,
including interaction via Application Programming Interfaces (APIs), 'overlay' coding of
UI, deep configuration, Add-ins and more.
Increasingly, Machine Learning and AI based solutions operate in the same way as
software solution development, also providing a continuous path through configuration,
Low Code and Data Science driven professional development. As such, this competency
applies equally to this technology
The concepts of customization and development have evolved over the lifespan of
Microsoft 365 and the IT landscape in general. In the early days of SharePoint, for
example, almost all organizations found themselves developing Pro Code solutions to
make the platform work well for them. Fast forward to today, and Microsoft 365 offers a
wide variety of apps and services that meet many needs right out of the box or with
minimal configuration.
Our ability to extend the platform has changed significantly as well. Rather than writing
code that is packaged and deployed to the server, almost all custom development for
Microsoft 365 is done using client-side scripting, extensions via SaaS platforms like
Microsoft Azure, or some combination. The SharePoint Framework (SPFx) allows us to
build solutions for SharePoint, Microsoft Teams, Microsoft Outlook, and potentially other
products in the future, potentially extending to other products in the Microsoft stack.
Further the Office Add-In model also uses client-side scripting methods to extend Office
applications. And finally, the Microsoft Graph gives us an API layer that exposes much of
the Microsoft 365 landscape to help build robust and integrated solutions across the
workloads.
The reality is that there has always been a dynamic equilibrium between what can be
delivered with different technologies by people with a range of skill sets. Perhaps
unexpectedly, increasing maturity is less about a progression from Out-of-the-Box and
No Code to Pro Code; it is more about how organizations coordinate and integrate this
continuum.
100 No Code
Configurable platforms and products are generally used in their default state.
There is little appreciation of the capabilities of platforms to meet business needs
more closely.
There is no systematic review of platform capabilities, feature road map or
application of features sets to unaddressed business needs.
100 Impacts
Staff are frustrated with poor functionality but have no mechanism for requesting or
implementing change.
Development is characterized by build to live, though there may be some testing and
control within that environment.
200 No Code
Some Power Platform projects have consistent color standards and make use of
components.
Some low-code solutions are exported to basic source control.
Some low code solutions have separate environments for development, user
acceptance testing, and production.
There is some guidance on the decision to use low-code approaches and who to
engage to do the development, for instance a citizen developer or an external
partner.
Developers don't know the platform, so write code instead of using native features
which often creates unnecessary technical debt and confusion.
Some projects deliver systems with user guides and administration guides.
Release Management is considered, and the delivery of a system and its upgrades
are announced before deployment. However, there are no testing environments
which the deployment is released to first.
The organization's Microsoft 365 community start to share wins and stories via ad
hoc discussions.
There are no development standards shared between projects.
Solutions are often developed, especially using no-code and low-code, without
having a related plan for deployment, support and management and without
assessment of impact on other processes and solutions.
Basic Source Control maybe used, with multiple source control systems in use.
Some projects make use of Cloud platforms such as Microsoft Azure.
There are little in the way of DevOps Practices.
200 Impacts
At this level you can expect the following:
Staff are generally satisfied with functionality but struggle to consistently get non-critical
feature gaps, inconsistencies and updates rolled out. Support is generally available.
300 No Code
Steps to create customized business solutions are captured with some form of
specification, setup is documented, and a final solution description exists.
Developers are aware of and use some normal development methodologies or
hybrids of them.
Legacy approaches are modified to take advantage of platform capabilities and
some business processes are actively redesigned to deliver improvement based on
these.
Updates and enhancement should be scheduled, planned, and executed, but
exceptions to this are frequent.
User documentation and training is appropriate to the system, though tends to lag
updates. Documentation is still not seen as part of the deliverable.
Solutions considered important to the business are recognized and some level of
support has been implemented. Support staff are skilled up to maintain the
platform and any solutions, reducing the reliance on 'solution experts'.
There is some consolidation of no-code platforms; road maps and updates for
standard platforms are actively tracked.
Customization of live platforms is only carried out after consideration of impact on
staff and other systems.
Low code solutions are backed up as solutions and stored in source control.
There is an appreciation of the limits of the no-code approach, low-code, and pro-
code approaches. Needs that trigger a transition from one approach to another
are often identified and options for delivering extended needs or features with pro
code are understood. This is often based on business need with measurable return
on investment.
Good practice is understood by a core of experts and is used to guide solution
development. There is a recognition of the roles of no-code and low-code
alongside pro-code approaches. The 80/20 rule is increasingly applied, using out
of the box functionality that is good enough to provide utility, often adapting a
process to accommodate Out of the Box (OOTB) functionality rather than build
customer solutions.
Build is focused on solutions that represent the organization's "special sauce",
delivering the highest impact.
There is understanding around technical debt and how to service it.
Systems are delivered which are documented and can be managed, maintained,
and supported.
The pro development team and citizen developer community understand how to
build solutions on the Microsoft 365 platform. Resources from Microsoft and the
community are used to enhancing their knowledge. Pro developers and citizen
developers support each other.
Development at all levels starts to be underpinned by training and learning to
improve skills. There may be formal certifications to support and demonstrate
competence.
Release Management processes are put in place but are manual.
Standards for user interface (UI), themes and styling are created and shared.
Design standards are published and allow a consistent approach for UI and
functional behavior. Existing solutions may be updated in line with these.
Source Control is standardized and used for Pro-code development but not for low
code approaches.
DevOps practices are being introduced, though non-Pro-code often are not
included in these standards.
User research employed to define requirements for some systems; there is some
attempt to standardize approaches to capturing and defining requirements, such
as user stories, etc.
There is an emergence of a community of M365 Champions. This supports the
need for governance, documentation, training, and development processes to
support alignment of solutions to the strategic plan. Community members meet
periodically to discuss problems citizen developers are trying to solve. These meet
ups are part tech therapy and part continued training as Microsoft 365 is
continually changing. There is management appreciation and support for these
efforts.
Separate environments or equivalent are available for Development, Test, and
Production for Pro Code and, often to a limited extent, for other approaches.
300 Impacts
At this level you can expect the following:
Staff are able to work efficiently across the spectrum of solutions and adopt new
solutions readily due to their consistency and interoperability. Support-driven insights
are used to proactively feedback to solution teams to drive improvements. Upcoming
changes are communicated clearly and well in advance.
400 No Code
Configurations are well documented and used as the basis for scripts and
templates to automate site creation and updates. These are well managed and
maintained via source control.
Solutions are developed and tested against a set of good practice guidelines that
include common layout based on good User Interface/User Experience (UI/UX)
approaches, incorporating company branding and standards.
No code developers have strong knowledge of the platform and are supported to
maintain and extend their knowledge. They also know when to reach out for advice
and guidance from colleagues with complementary development skills.
Solution design and information architecture are carefully considered; constraints
are understood and approaches to avoid these are implemented, including
inclusion of or switch to low-code and pro-code development.
Security, governance, management, and integration are considered as part of
solution design and are included in the specification for important business
solutions. These are therefore tested as part of the development lifecycle.
The purpose, impact, and anticipated lifecycle and scale of the solution are
considered, and appropriate development methodologies are applied accordingly.
Solutions are reviewed to ensure they remain fit for purpose. Changes are
managed appropriately.
Changing platform capabilities are proactively applied to existing solutions.
Important business solutions are actively managed and supported.
The organization invests in a full range of platform skills against a broad
development strategy that includes no-code, low code and pro-code standards
and an integrated design and development approach.
400 Low Code
Solution design is carefully considered; constraints are understood and approaches
to avoid or mitigate these are implemented.
Low code solutions make use of source control to help manage the release
process, where possible. The release process includes metrics which can be shared
within the organization to show the benefit of the low code solutions.
Low code solutions use metrics from tools such as Application Insights to measure
adoption. This allows decisions to be made as to where to focus effort on
successful applications and cancel or rework unsuccessful applications. These
metrics are published and shared within the organization.
There is an active process for testing and for user evaluation and feedback, which
is used to drive a road map for ongoing enhancements.
Lifecycle of the solutions is anticipated, and solution designs take this into
consideration.
Standardized User-Centric-Design processes ensure that the solution meets the
needs of the users and is designed appropriately for the audience.
The organization continues to invest in training for citizen developers and in the
tools to support them.
The organization has invested in the licensing to ensure that there is low friction
and decisions are easier to make when building low code solutions.
Pro code components are developed to extend low code solutions, as part of a
well-understood, holistic 'systems' approach.
Pro code methodologies are adopted wherever appropriate.
400 Impacts
Analytics on the use of APIs for data sources, functions and business automations is
used to optimize their use and performance.
500 Impacts
Scenarios
Customer service representatives can easily answer common questions by
customers, improving customer support and satisfaction.
An electrical engineer can perform a site survey. They capture the required
information with their mobile device so that the installation of the electricity point
can be planned and executed successfully and minimize the cost.
A salesperson can produce and send a quote to a customer in a consistent way
which meets the quality standards of the organization.
Employees can submit their ideas and suggestions to a panel via the corporate
Intranet.
A manufacturer can produce the required certificates and documentation to
support the release of a new product in a managed way.
Using Machine Learning to improve the efficiency in how a logistics company
routes its delivery drivers.
Conclusion
Customization and Development is an essential ingredient to get the most value from
Microsoft 365. However, it is important that customization and development is not
entered to lightly and there is an understanding of the commitment that is taken on.
When customization and development is performed there will be a level of management
and support required to ensure solutions continue to work as the platform evolves and
unforeseen issues can be resolved.
Traditionally, organizations have treated no code and low code approaches as 'second
class citizens' to pro code. In maturing organizations, however, each approach has a part
to play, and the right blend can create an integrated approach to addressing business
using a code-continuum. As silos and 'code-snobbery' are reduced, opportunities to
improve standardization, development efficiency/assurance and to provide increased
rapidity or cadence on delivery of solutions to the business improve.
When development is performed it needs to be done in a way which reduces the risk to
the organization. So, implementing source code repositories to backup code and ensure
that the developers are productive. This is important as too often there are stories where
an organization has a solution which is used but they have lost the source code.
Common Toolsets
Artificial Intelligence / Machine Learning
Azure DevOps
Dataverse for Teams
Microsoft Azure
Microsoft Graph
Microsoft PnP Frameworks
Microsoft Teams App Source
Power Platform
SharePoint Framework (SPFx)
Serverless Technologies
Dynamics
Microsoft 365 apps
Microsoft Forms
Microsoft Lists
Microsoft Teams
Outlook/Exchange Server
Power BI
Project
SharePoint
Visio
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
Simon Doy
Simon Hudson, MVP
Contributing authors:
Emily Mancini, MVP, UXMC
Marc D Anderson, MVP
Sadie Van Buren
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
Risk enables an organization to evaluate all relevant business and regulatory risks and
controls and monitor mitigation actions in a structured manner.
For Microsoft 365, this means implementing specific policies, operational processes, and
technical controls to protect the data in Microsoft and cover some or all of using,
storing, sharing, disclosing, erasing and destruction of data. The data should also be
secured appropriately to guard against loss, theft and misuse.
Smaller organizations may only need to comply with the baseline general data
protection rules that apply to every organization. Other organizations must comply with
industry-specific and/ or country specific regulations which may overlap and/or conflict.
Compliance is not the same as security, but security should be considered when
building your plan as effective security is frequently a compliance requirement.
Compliance requires only that the legally mandated minimum standards are met
whereas data security covers all the processes, procedures and technologies that define
how you look after sensitive data and guard against breaches.
To address the gap between compliance and security many organizations also follow
compliance and regulatory frameworks, such as COBIT, ISO 27001, or ITIL. These provide
guidelines and best practices to meet regulatory requirements, improve processes,
strengthen security, and achieve other business objectives (such as adopting a ‘cloud-
first’ strategy).
See the Maturity Model for Microsoft 365 - Introduction for definitions of the Maturity
Model levels.
Management does not consider investing in the Governance, Risk, and Compliance
(GRC) related systems necessary for the overall business strategies. In addition, the
organization does not assess the business impact of its vulnerabilities and it does not
understand the risks involved due to these vulnerabilities.
Organizations at level 100 maturity pay little attention to compliance and are
characterized by the absence of policies and procedures for information/ data
compliance of governance.
Process (100)
No process for keeping up with regulations that may affect their market and
industry.
GRC processes and controls are either absent or ad hoc or out of date.
Risks assessments not undertaken.
Compliance and governance obligations are not reviewed or monitored
There is ad-hoc implementation and response to incidents (reactive).
Compliance controls and evidence is ad hoc or does not exist.
Technology (100)
No standardized storage location for documentation and supporting evidence.
No technical controls in place to support compliance.
Impacts (100)
Due to the lack of policies, controls and user training to support information/ data
compliance in Microsoft 365 the organization is at risk of:
Process (200)
Governance and compliance management is local, uncoordinated or sporadic It is
dependent on individual people to action and monitor.
Processes exist but are manual and lack standardization, making it hard to measure
their effectiveness, enforce them or obtain an overview of activity and status.
Limited collaboration between compliance and operational teams. Often
compliance is an afterthought.
Response to incidents is reactive /ad hoc, lacking consistency, formality and may
result in ineffective actions.
Risk management is perceived as a process.
Technology (200)
Storage locations for documentation and supporting evidence are inconsistent and
fragmented.
Basic technical controls may exist but may not be appropriately implemented to
ensure compliance.
There is a tendency to focus on email rather than a wider view of content and
processes that need to be compliant.
Technical controls to manage retention and deletion exist, however there are
minimal processes to implement these effectively; retention and deletion is largely
a manual, ad hoc activity, though there may be reminders and triggers in
processes to act as prompts.
Impacts (200)
At this level you can expect the following:
The leadership team see compliance as essential to business continuity and may
value the rigor as a business improvement tool.
Compliance roles and responsibilities are assigned to accountable individuals, who
have been trained but may lack expertise and experience. They understand the
importance of the role and will reach out, reactively to legal and other experts for
guidance and counsel.
Where GRC sits across multiple departments and activities in the organization
individuals with those roles will coordinate their activities, possibly through a
Compliance committee or similar mechanism.
A Compliance framework, in some form, has been documented and communicated
to process owners. However, the implementation decisions are left to local
business and system owners so GRC initiatives are managed in silos.
Compliance activities are frequently event driven, such as an audit or a regulatory
deadline.
Training, education, and awareness are run annually. Staff have a broad awareness
of their responsibilities.
The organization invests significant time on stakeholder education, ensuring that
the new ways of working together and the value of risk and adopting compliant
processes are understood. However, commitment to upholding standards varies
across the organization.
Process (300)
There are staff with a role that includes monitoring regulatory updates and
translating them into new company policies. In large organizations or those in
industries with strong compliance needs, example roles may include Director of
Compliance, General Counsel, Senior Information Risk Officer, Data Protection
Officer). In smaller organizations it is likely to sit with members of the executive
team or the functional head of departments with strong compliance alignment.
This is in addition to staff dedicated to security measures (for example a Chief
Information Security Officer).
The organization measures and assesses controls and activity, but largely at an
individual or devolved level.
Risk level is periodically reviewed & updated.
Limited information and records available for audit, these are generally specific to
the function rather than providing an aggregated or holistic vie.
There is limited or misplaced confidence that all governance and compliance risks
are known and managed.
There are systems, tools and processes for managing the Governance, Risk and
Compliance processes. While these vary according to the standards and
requirements imposed, they may include: training and knowledge content; risk,
issue and status logs; asset and impact lists; action plans; processes for reviews and
updates; systematic audits and assessments, staff training and competency logs.
Strong content management tools and processes that include effective lifecycle
management are in place.
Technology (300)
Has a central (digital) system of record for compliance. However, usage varies
across the organization and local solutions may be in use.
Software solutions are used but typically in a tactical manner, without a thought
for a broader set of requirements. This results in multiple systems to manage
individual governance, risk and compliance initiatives, each operating in its own
silo.
Governance, risk and compliance controls are implemented but are reliant on the
user to apply the right controls to the right content.
Technical controls to manage retention and deletion are in use and are generally
effective for recognized classes of content (e.g. finance and HR files). A degree of
automation supports this, reducing user burden and driving some level of
consistency.
Use of automated tagging, sensitivity labelling and policies is not broadly or well
implemented, though it may be being piloted.
Impacts (300)
At this level:
The organization starts to build a compliance culture with roles and responsibilities
being defined.
A Governance, Risk and Compliance framework, consisting of strategy, policies,
processes, controls, technologies and staff competence, is implemented. However,
implementation is uncoordinated and siloed
Employees start to understand the impact of non-compliance in their job roles.
eDiscovery investigations are still complex and costly as multiple versions of data
exist
Not all Governance, Risk and Compliance risks are addressed and there are
frequently unknown risks.
There are processes for dealing with finding, breaches and risks, however there are
gaps and a tendency to be reactive.
Technology (400)
Productivity and analytical tools are in place to make tracking tasks, reporting and
collaboration easy.
Compliance controls are automated and tailored to different usage scenarios.
There is a central digital system of record to manage compliance program and to
store evidence.
There is an auditable history of data activities with an understanding of how it can
help support effective Governance, Risk and Compliance.
Content can be shared across organizational boundaries enabling efficient and
secure collaboration with partners, clients, and other third parties without loss of
control or governance.
Compliance specific solutions purchased to manage compliance requirements.
Integrated dashboards, balanced scorecards etc. are available to executives and
across the organization as needed.
Impacts (400)
At this level
Everyone in the company at all levels shares accountability for following a higher
standard.
Compliance is embedded in the culture of the organization so all employees
understand the importance of compliance and their role in protecting the
organization. Policies are understood and the reasons behind the policies are
clearly explained. Engagement is high at this level because all members of the
organization are now responsible for the success of the program.
Data investigation become simpler due to advanced tools and only the right data
being retained.
Metrics are reviewed regularly & updated as needed; results monitored & processes
continuous improvement.
Technology (500)
Compliance and DLP rules are comprehensively applied and enforced.
Controls are automated and subject to continuous improvement
Tailored compliance controls with policy enforcement are implemented to provide
different levels of protection during collaboration depending on sensitivity, risk,
and environment.
The organization invests in compliance management solutions that encompass
multiple systems.
Impacts (500)
At this level, the governance, risk and compliance controls are aligned to the
organizations risk appetite. Employees, managers, and executives understand their
responsibility to the organization to ensure the success of the compliance program.
Honesty, accountability, respect, and leadership are principles of these organizations,
and transparency is a default.
Scenarios
TBD - please submit suggestions or role plays for this
Cost & benefit
Many characteristics can be delivered using the M365 platform to develop Governance
and Compliance solutions and processes, especially using SharePoint, Microsoft Teams,
Power Automate etc. available with any Business or Enterprise license. The native
compliance capabilities of M365, such as those in the Compliance Center, do depend on
the Microsoft 365 licensing level. While there is not a direct mapping, a useful guide is
provided below. Some functionality requires additional licenses.
Download the Microsoft 365 Comparison table to see which security and compliance
features are available with each option.
Common toolsets
Organizations have different compliance needs depending on the national, regional and
industry-specific standards they need to comply with. Microsoft 365 provides a set of
integrated capabilities that you can use to help you manage end-to-end compliance
scenarios. The 4 groups of compliance and risk management capabilities are listed in the
following section. Capabilities that require an E5 license are marked with an asterisk (*).
Information protection
Customer key*
Data Loss prevention
Data Loss prevention for Teams DLP*
Hold your own key*
Message encryption
Advanced message encryption*
Multi geo (extra)
Sensitive information types*
Sensitivity labels
Sensitivity labels for automated labelling*
Information governance
Records management*
Retention labels
Retention labels for automated labelling*
Retention policies
Retention policies for rules based policies*
The available compliance capabilities in your tenant will depend on your Microsoft 365
licensing. Some of the functionality requires additional licenses. Download the Microsoft
365 Comparison table to see what security and compliance features you have with
your licensing.
Resources to learn more
Microsoft 365 compliance documentation | Microsoft Docs
Microsoft 365 guidance for security & compliance - Service Descriptions |
Microsoft Docs
Get started with the Microsoft Service Trust Portal - Microsoft 365 Compliance |
Microsoft Docs
Microsoft Purview compliance portal
Conclusion
Achieving compliance is not a project. It is an ongoing process that needs embedding
into the culture of the organization. Regulations continually change, your environment is
always changing, and the operating effectiveness of a control may break down. Regular
monitoring and reporting are a must, and guidance on exactly what “regular
monitoring” entails is also outlined within each framework.
Principal authors:
Nikki Chapple
Simon Hudson, MVP
Mike Cox
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
The Maturity Model for Microsoft 365 offers a wide set of tools, approaches and insights
into the platform, allowing organizations to:
Understand the benefit and impact that Microsoft 365 can have on their business.
Support building a holistic view of the organization to gain an understanding of
current state vs. desired state to help
Understand and compare options for solving business problems
Focus time, energy, and resources on the right priorities
Establish a baseline to measure improvement over time
There are many possible approaches to doing this successfully, just as there are many
approaches to the MM4M365 itself. This article describes a multi-level workshop
approach that has been used successfully. It is designed to provide both a 'quick and
dirty' assessment of the current and desired maturity and a more analytical and granular
assessment, with an option to use either or both in your organization or practice. These
are supported by tools developed for that purpose.
Challenges when planning and running a
workshop
Introducing the MM4M365 approach in any organization is a complex undertaking. It is
worth bearing the following in mind:
Microsoft 365 is HUGE, complex and addresses many different needs across
different parts of the organization.
It's difficult to know where to start, both with the platform and with the
organizational needs.
Doing everything, everywhere, if that's what your intention is, will take a long time
and substantial commitment. It's a strategic change management process, not a
technological first-aid dressing (though it can help with emergency improvements
when needed).
Because of the above, people can easily become overwhelmed, lose faith or lack
commitment. This is compounded by an individual and/or organizational desire to
run before learning to walk.
Not everyone sees the benefit in thinking it through, establishing a base line and
assessing your current position and future target before jumping in – the “Can't we
just do it?” and “How hard can it be” mindset needs to be headed off before you
even begin with workshops. Equally, there are those who may ask, “Wouldn't it be
better to focus on what the technology can do?” instead of defining what the
organization and its departments or teams need.
Different levels of seniority/different roles and skills will have a different view.
People identify needs and solutions through the lens of their own role and
experience. Also be aware that staff will often defer to managers and managers to
directors, rather than expressing their view.
Some people think it's ITs job to make the company more mature (Hint. It's not)
Every business and culture are different. This approach may work brilliantly for
some and not at all for others.
It's hard to get everyone together to do the deep dive analysis (and keep them on
mission if you do).
You don't need to be great at everything. A good rule of thumb is to be level 300
for all the functions that really matter (because they impact quality, profitability or
liability), higher for critical functions (400) and allow low impact or early stage
activities to start low (200) and mature when needed.
An approach
The suggested approach is to gain executive support for doing something, then run a
few of simple, rapid, qualitative assessment workshops to confirm where the biggest
needs are and the quickest benefits. Follow these up with deep dive workshops
targeting specific competencies in particular parts of the organization. It can be helpful
to think of these like an Agile sprint, where you do an assessment and action the
findings, review and either repeat or move on to a different workload (a different
competency or area). Where resources allow, you can run parallel 'sprints'. Keep these
going until you run out of resources (or have achieved everything you desire!).
Six or 12 months later, review progress and set new goals by running some of the
process again.
Start with the 'Why'. What is the purpose and vision for the change program being
undertaken.
A good way to phrase a Purpose statement is “We will do X in order to
achieve/deliver/improve Y'
A good way to phrase a Vision statement is “We imagine a
world/organization/future where…”; for example, “We imagine our company
having elegant business processes that improve the experience and
effectiveness of our teams and our clients”
Emphasize how it makes life better for individuals in the company, how it
removes the 'grit in the machine' and how it protects the organization (and
thereby the execs) from financial, compliance and legal risks.
Carefully review the MM4M365 Introduction and the definitions of each
competency. Now ensure you understand what each Competency Level
signifies.
Once you have completed these and gathered some insights, you may need to drill in
deeper, using one of the Characteristic-based Deep Dive tools. This could be to:
If you have the buy-in you could do these in multiple departments, however it's also fine
to have multi-disciplinary or interdepartmental groups participate.
It is often a good plan to separate decisions makers (managers and executives) into a
different group from staff and colleagues. People often are less forthright in front of
senior staff.
Overview Workshops
These workshops are about getting a representative group of staff to say what maturity
level they think the organization is at for each Competency. It is based on the
judgement of participants rather than detailed analysis if individual characteristics in
each competency (as that would take far too long), and should provide a 'helicopter' or
'fifty thousand fot' view of the organization that can be used to prioritize next steps.
The Workbook - MM4M365 workshop tool (Quick assessment) Excel tool includes the
definitions and links to the Competency documents. The Data Capture tab allows you to
capture the consensus scores for each competency and allows you to run the workshop
with different groups and/or focus on specific teams. It takes care of presenting the data
in a set of 'radar' charts and highlights high and low performers. It also highlights and
maturity improvements that should be addressed in a couple of phases. It includes
further instructions on using the tool.
Take care, as the facilitator, not to impose your view on the discussion, be impartial and
support the group in reaching a consensus even if it isn't one you agree with (you can
comment on that in the report/action plan).
You could even run something similar with suppliers and clients if you can get them on
board.
When it is complete you should do some analysis and prepare an executive summary
highlighting issues, opportunities, quick wins and any insights or concerns that arise.
You should give some thought to how the M365 platform could be used to address
these and be ready to offer an Action Plan that could include Deep Dive workshops that
might be needed.
Running these workshops can be challenging. Participants should be ready for several
hours of concentration; as a facilitator you will need to keep things moving along,
avoiding the debate getting bogged down on particular issues. You should elevate the
discussion back to a general case any time it is in danger of getting stuck or generating
significant dissent.
There are a set of workbooks that include 4 thematically related competencies each; it is
not practical to put all the competencies and sub-competencies into a single sheet. They
function in broadly the same way as the Quick Assessment tool; you should modify
them by combining whichever competencies you need. Once again, scores are reached
via consensus, but at a more granular level and you should drill into individual
characteristics to confirm that the full spread of activities has been considered.
As before, outliers and comments should be captured and fed into an Action plan and
report.
Progress Workshops
It is very useful to review progress of the Action Plan and confirm that it is having the
desired effect of shifting the Maturity Level. This can be done by repeating the Overview
or Deep Dive workshops after an appropriate period of time, using the same workbook
tools. There are radar charts that will allow progress to be visualized.
It is not essential (or even likely) that you have the same participants.
As before, use these to refine the action plan, redirect focus onto new areas of the
organization, or even to celebrate success!
Resources
All MM4M365 workshop tools
Workbook - MM4M365 workshop tool - Content Set
Workbook - MM4M365 workshop tool - Hardcore Set
Workbook - MM4M365 workshop tool - People Set
Workbook - MM4M365 workshop tool - Quick Assessment
Principal authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Types of content
Documents
Web pages & News
Conversations
Items (e.g. snippets of information, FAQs, tasks, contacts, notifications, list items)
Email
Media
Presentation
Consistency
Standards
Views, marking, formatting, RAG, iconography
Headings and styles
Readability and cognitive load
Accessibility
Lifecycle Management
Creation
Co-authoring
Templates
Content Structure and sematic design
Release/Approval/Scheduling
Management
Versioning
eDiscovery
Protection of content
Information Rights Management, DLP, Permissions, security
Versioning and Version History
Retention and Disposal
Archive
Destruction
"Cradle to grave"
Identification
Tagging
Sensitivity Labelling
Retention Labelling
Protection Labelling
Metadata
Storage
Structure
Platforms and tools
Information Architecture
"Putability"
Duplicate management
Costs
Offline and sync
Lifecycle Management
Content is created and stored inconsistently in a variety of applications, in many
styles. Often the content format is not appropriate, for example, notifications are
created as documents attached to an email, contacts are stored in Excel, images
are stored in slide decks.
File formats for newly created content are not standardized and out of date or
unexpected formats are in use.
Content creation tools are not standardized, may uses use older versions of
software or tools from different companies, creating further content
inconsistencies.
Templates may exist, but they are "lost" in the folder hierarchy and infrequently
used; templates are not integrated into the into the ‘New Document’ setting
Editing, updates and reviews are largely serial activities or conducted in parallel via
email which results in multiple versions which must be manually reassembled.
Users are uncertain of how and where to create list items, typically creating them
as documents.
Lists do not contain granular items. They are mostly embedded in a master
document.
Options for sorting, filtering and grouping items are limited or absent.
Identification
Presentation
Templates are not managed and deployed across the organization to ensure
standards. Templates that do exist are not managed, updated, tested for
effectiveness nor do they include appropriate settings such as language, default
fonts.
Consistent styling and branding are not used consistently. Formatting is left to the
end user, without guidance. Staff make their own decisions on logos and images to
include.
A large proportion of content fails to meet accessibility guidelines.
Users are not well trained in use of content creation tools, not is there a process
for review and quality improvement.
Regionalization has not been implemented. Documents are in variants on core
languages, custom dictionaries are not used.
Headings and styles are unmanaged and no guidance on what to use is in place.
List items are frequently stored as files in spreadsheets, in word processor
documents or as simple text files. Formatting is arbitrary; presentation and
readability are left to the individual.
There little or no guidance on emails footers; some staff use the tools in their email
client to add these, but most are unaware of the value or mechanism of doing this.
Storage
Users are uncertain where to save documents; frequently creating multiple copies
in different places.
No strong file management strategy is in place. While a file server may be in use,
users may store content on a local hard drive or a removable drive.
Access permissions to content may exist but are not managed or documented.
Impacts
Users have to guess where content is stored and where to store their content,
consuming significant amounts of time.
Cognitive load is high due to inconsistencies in document layouts and styles; staff
find it hard to scan, understand and assimilate information.
Multiple copies of content with slight differences exist and there is no central
source of truth.
Applications that use the content have usability issues and mistakes are easily
made.
Poor decisions are made due to incomplete or out of date information.
Productivity is poor as staff recreate content that already exists. Timescales are
often missed and quality is often low and inconsistent, leading to poor outcomes.
Staff are unnecessarily busy, stressed and frustrated.
Lifecycle Management
While there is some expectation that content is created and stored consistently in
appropriate applications, a lack of staff awareness and monitoring results in
inappropriate content approaches. Notifications as attached documents, contacts
are in personal lists, etc. remain widespread. Managers do not set observable
standards or expectations and inadvertently undermine improvement attempts.
There is an understanding of lifecycle management and some process for this is
outlined but not embedded in the organization other than in a few key areas.
Document lifecycle tracking is largely managed through external lists and
document registers. Documents are generally created from a blank copy or by re-
using a previous version. Staff remain free to deviate from the processes and there
is little enforcement by the system or management.
Lifecycle management of list items is largely absent.
Content creation tools and file formats have been standardized across the
organization, but this is not enforced and some staff continue to use non-
compliant formats. There is no systematic standardization of legacy content. There
may be overzealous application of the standards in some areas, overlooking the
specific business need in the local pursuit of standardization.
Templates exist, but are not well managed and not published in a way that
promotes their active use across the organization; templates are not integrated
into the 'New Document settings
Some teams and staff understand the power of multi-author editing by storing
their content in an online content management platform. While they use and
promote this approach, many staff still expect to receive attachments rather than
live link, resulting in serial editing in many cases. Content management approaches
are rarely mandated outside critical documents. Version control is in use in these
cases though much remains unmanaged or handled through manual update of
document registers. Staff members are often unaware of how to use version
history and version control.
Files within the content management platforms have some level of role-based
access, governance and protection, though this is not mandated, well documented,
centrally managed or built to best practice.
Disposal of superseded content remains ad hoc, though there may be a periodic
clean up and bulk review, especially for managed content. This is true of
documents, web pages, items and most other forms of content. There is limited
appreciation of the need to declutter, deduplicate, decommission and delete.
There are no standards or expectations for how emails should be managed; staff
frequently have thousands of emails in their Inbox, many unread. Flagging, storage
in email folders or offloading of content and actions to other systems is not well
understood and adopted.
List items tend to be created in spreadsheets, allowing a limited degree of item
level management. Some users understand how to sort and filter. Headings, field
types and structure remain inconsistent. Default names are used rather using a
naming convention
List items are not connected, centralized or created for reuse.
Identification
Tagging and metadata is sporadic, via file metadata or within the content
management system; though a document register often services this purpose.
There are some efforts to standardize some terms and categories, though this is
not applied uniformly across the organization. Status (e.g. Not Started, In Progress,
Ready for Review, Complete), is in place for routine processes, however there is no
consistency across the organization and the status is often out of date.
Naming conventions are in place for many classes of content, though this is not
enforced and there are large amounts of content where naming approaches are
opaque to other users.
Documents frequently lack clear sections with structured headings. Subject lines in
emails are often unclear and not updated as a conversation evolves. Contacts are
labelled arbitrarily or inconsistently.
The same names are used for different things and v.v. The organization lacks a
maintained glossary and agreed set of terms.
Presentation
Templates are created for many types of content and are made available to staff.
They are often updated. Users generally know where to find them, but default to
using previous published documents. Some staff have added templates to their
default location to make it easier to access, especially for frequent processes;
however, this is not embedded across the organization. Some effort has been put
into creating well-formed templates and many have been tested for standardized
style, language and other settings. These have reasonably consistent styling and
branding.
Many users understand the importance of using Headings and other styles in
content, however poor, ad hoc formatting remains commonplace.
A large proportion of content fails to meet accessibility guidelines.
Some users are trained, however most are expected to learn on the job, line
management are thought to manage this process to drive improvements, however
it is likely that most managers also lack the understanding and skills.
Regionalization is imperfect and users are often unaware of how to address this.
Custom dictionaries are generally not used.
There are often standard libraries of images, logos and iconography for use, this is
generally at a department level.
List items generally are not well formatted to improve the presentation of the
content or to automatically highlight important items or elements.
There is guidance on emails footers and staff are asked to manually update these
when changes are needed.
Storage
Users remain uncertain where to save documents and content; frequently creating
multiple copies in different places. No deduplication process exists.
Multiple file management strategies exist, often with overlap. File server storage is
the predominant approach, with local storage on hard drives or removable devices
discouraged or disallowed.
There is often an attempt to create structure within the storage solution, especially
at department or project levels; however, the limitations of hierarchical approaches
is poorly understood and largely unaddressed. Folder/directory structures
inconsistent across different parts of the organization and rely on "local"
knowledge to navigate. Where content management platforms are used, storage
strategy replicates directory structures.
Access permissions are applied at the directory or "drive" level and some attempt
is made to manage these; however, the lack of a robust process results in
inconsistencies and out of date permissions.
Impacts
At this level you can expect the following:
Applications that use the content have usability issues and mistakes are easily
made
Users understand where content should be stored, but find that there are many
exceptions, conflicts and inconsistencies; this consumes significant amounts of
time and creates uncertainty and degrades compliance with the recommendations.
While there are improvements in key areas, overall cognitive load remains high
due to inconsistencies in document layouts and styles; staff find it hard to scan,
understand and assimilate information.
Multiple copies of content with slight differences exist and there is no central
source of truth.
Applications that use the content have usability issues and mistakes are easily
made.
Poor decisions are made due to incomplete or out of date information.
Productivity is poor as staff recreate content that already exists. Timescales are
often missed and quality is often low and inconsistent, leading to poor outcomes.
Staff are unnecessarily busy, stressed and frustrated.
Multiple attempts are made to introduce improvements, however adoption
remains poor and managers are unnecessarily busy, stressed and frustrated by the
lack of progress.
Lifecycle Management
Basic Content Lifecycle Management is in place for key business operations,
commonly via content management systems (CMS) rather than file servers; this
ensures that draft, active/published and superseded content items are easily
identified. Document registers are discouraged in favor of tools with the CMS,
though legacy registers may persist. There is some effort to ensure important
content is retained and there are occasional efforts to cleanse old documents; this
may result in loss of important information due to absence of robust controls. Staff
can deviate from many processes, though this is actively discouraged.
Content creation tools and file formats have been standardized across the
organization, policies and management processes actively discourage use of non-
compliant formats. Some effort is made to update legacy content where it is in
current use.
Templates are lifecycle managed and processes make it easy to create new content
from these.
Use of CMS storage widely enables multi-author editing and staff are generally
aware of this approach, though some (passive and active) resistance remains. Use
of email attachments is in decline, many staff actively discourage this and remind
others about the storage and sharing policy.
Version control is in general use and version-duplicates are largely absent (though
other sources of duplicates do occur)
Important content has processes for lifecycle tracking, with periodic clean up and
disposal. Retention mechanisms are attempted, sporadically. Many documents lack
appropriate protection or governance, despite an understanding of the need for
compliance and other controls.
The use of List applications enables content reuse, with list items able to act as
data sources. Column/field headings show some evidence of standardization as a
result. Column/Field types are generally appropriate; some consistency and
standards are emerging.
Identification
There are standard content categories, and these are frequently used to group and
tag content, aiding in search and productivity. A standard set of consistent content
statuses have been developed (e.g. Not Started, In Progress, Ready for Review,
Complete), however there is no consistency across the organization.
Naming conventions are in place for many classes of content, including items, files,
media and these are often enforced using technical or process measures.
Some areas are experimenting with "content classes" that describe organization-
wide document and items, however this is not widely adopted nor
comprehensively designed.
Presentation
Routine processes have well defined and maintained templates which are
accessible from withing the process and are mandated and adopted for those
processes. Templates are generally "on-brand", fit for purpose and have been
reviewed for quality. These have reasonably consistent styling and branding. Re-
use of previous documents is avoided, though prior content is often copied into
the new documents. Some staff have added general templates to their default
location to make it easier to access and there may be efforts to implement this
across the organization.
Emails have automated footers.
Templates and many ad hoc documents are developed using Headings and other
presentation and layout formats; some effort has been put into creating company-
wide document styles. Content tends to meet basic accessibility guidelines by
default. There are some management processes to drive adoption of this practice
and to drive improvements.
Basic content skills are provided through training or self-learning as well as
through on the job mentoring and feedback.
Regionalization is actively addressed through templates, configuration and policy;
however, gaps remain and are often allowed to persist.
Custom dictionaries use is in place in some parts of the organization, though there
is limited understanding of how to maintain and cleanse these dictionaries, leading
to degradation over time.
Standard media and content libraries are commonly used, through maintenance is
variable and managed at a department level.
Lists of items generally are presented using out of the box formatting and layouts.
Automatic formatting and standardized layouts, column ordering etc. is not well
developed.
Some use of views to sort, filter and group items is in use is emerging, but users
frequently overlook these tools. Standards for views and view naming conventions
have not been established
Storage
Use of content across core business process applications has improved markedly,
resulting in fewer mistakes and less wasted time.
Users understand where content should be stored. Exceptions, conflicts and
inconsistencies are greatly reduced and staff have some confidence, begin to
understand the benefits and are more willing to adopt it.
Staff find it easier to find, understand and act on existing content. Productivity
improves; rework and errors are noticeably in decline.
Staff recognize central sources of truth and turn to it in preference to other
sources.
Improvements are able to be introduced and are widely adopted in key processes.
Managers are seen as leaders of this adoption and benefit from their staff
productivity. Some changes remain ineffective, rushed or only partially effective
due to the corrosive effects of legacy content and some staff resistance.
Lifecycle Management
File servers and local file systems are not in general use except where there is a
documented need.
Multi-author content creation and editing is the norm and extends beyond
organization boundaries to incorporate suppliers, partners and clients where
appropriate and with well understood and monitored security and governance
(such as use of time windows for editability). Use of email attachments is the
exception within the company and is in decline with external content sharing.
Duplication of content is actively avoided and there are periodic checks to identify
unnecessary duplicates. There is good understanding of version control and
version history, and these are appropriately used.
Document Retention mechanisms are in -lace for all important classes of content
and are reviewed annually to ensure policies and technical controls are effective
and appropriate. attempted, sporadically. A governance board reviews new needs
and oversees decisions on retention, disposition and destruction of content.
Schema exist for common list types, often based on open standards, to ensure
consistency and interoperability. Extensions to schema are carefully considered,
reviewed against other schema in use and rolled out in an integrated way that
updates all dependent lists.
There are standard content categories and these are widely used to group and tag
content, aiding in search and productivity. A standard set of consistent content
statuses, classifications and other business wide approaches to naming and
identifying content are in place. There is some automation of tagging and
classification.
"Content classes" are widely in use and there are processes for creating new
classes as needed.
Presentation
There is an active process for updating templates across the organization to ensure
they are up to date, fit for purpose and support brand and style guidelines
Emails have automated footers, with role-based variants and active insertion of
content in support of campaigns and other business communication needs.
Documents are carefully structured, with consistent use of semantic elements such
as headings, default styling, insertable standard content and images. They are
designed to support appropriate and effective presentation of content (i.e. the
purpose of the document defines the style of the document) while supporting
accessibility guidelines, effective search and other busines needs. Staff are well
versed in use of these and use them consistently.
Staff are familiar with best practice across a wide range of content creation.
Presentation and management and actively skilled for the needs within their role.
Regionalization is actively addressed and implemented through templates,
configuration and policy. There are processes for identifying errors and
inconsistencies and flagging these for action
Custom and industry dictionaries are deployed to users" computers. There is a
process for correcting and updating these.
Standard media and content libraries are commonly used; there is centralized
management of core tags and information architecture used for identification,
classification and management.
Tagging and topics allow systems to recommend content to users.
Lists employ dynamic formatting, layouts and views to highlight important insights
and to aid both item level and aggregated use, comprehension and insights.
List items are actively used across the content management environment, acting as
data sources, lookups and choice field content. Changes are managed and
dynamically update other content
Storage
Impacts
Lifecycle Management
Content tagging for classification, access, sensitivity, status and retention is widely
automated as are relationships between content.
Retention policies are actively managed and tested. Unmanaged documents are
the exception. Document Retention is applied to almost all content, including
items in lists, emails other non-file types of content.
Policies and technical controls are actively updated in response to changing needs
and regulatory and business landscape.
Default removal policies and notifications drive broad compliance and clutter
avoidance. Removal of content is largely automated.
Metrics describe the entire content position across multiple dimensions including
status, usage, value and more.
Highly efficient, flexible and productive approaches to the entire content lifecycle
are the norm and encompass almost all the organizations actions and interactions.
Live, multi-author use of content via links, active discovery and graph-based
personalization is the norm, ensuring content remains live, up to date and relevant.
Identification
Presentation
Storage
There is a wide reaching, flexible and inclusive strategy for storage of all types of
content which ensures everything is available to staff and partners who need it,
regardless of location, device, region etc. "Putability" is actively guided or fully
automated, based on AI classifiers.
Storage is largely "invisible" to staff. Content is created, stored and accessed
without a need to learn the storage structures.
There are effectively no limits to the volume of storage or type of content that can
be stored and accessed.
Impacts
Scenarios
The company needs to manage its staff and process policies in order to remain
complaint and ensure staff only work to the latest version of each.
The sales team need to issue new quotations and access previously issued versions,
similar quotations for other clients and different quotations to the same client. These
need to have consistent layouts and information.
Company vision and values need to be updated and communicated across the
company, with previous versions removed.
Project teams need to be able to access all documents related to a project and
understand their status.
Information Governance need to ensure that all sensitive information is identified and
not shared externally.
Marketing wants to ensure all internal and external documents use the new company
logo, colors and mission statement.
Staff need to know where to store the product specification information, QA reports and
analysis data for a new product. They also need to update the new product pipeline
overview for the sales and marketing teams.
Conclusion
Management of Content remains a challengingly broad and deep competency for
organizations to address. It is vital that the broad concept of content is incorporated
into any content strategies, to ensure that approaches are not limited to just documents.
Equally, many organizations invest in file storage technologies that provide performance
and security, but do not address the regulatory and legal obligations around sensitivity,
compliance and retention/disposal. Equally, the corrosive effects of clutter,
inconsistency, poor presentation and clear identification of content at all levels is
overlooked, with attendant impacts on productivity and risk.
Burgeoning automation and AI make achieving high levels of maturity realistic for most
organizations; however, the fundamentals need to be put in place before these can be
effectively deployed.
Common toolsets
Azure
Azure Information Protection
Data Loss Prevention
Email
File services
Microsoft Lists
Microsoft Purview
Microsoft Syntex
Microsoft Word
OneDrive
OneNote
Power Automate
SharePoint
Stream
Teams
Viva Topics
Resources
There are a variety of helpful documents on lists, libraries, information architecture,
plus related competencies such as search, communication and collaboration on
this site.
The slides we've used in this article are available in the backing repo on Github as
Management of Content - Content Lifecycle
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
Contributing authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Despite claims to the contrary, the Admin or IT Pro job does not go away when an
organization moves to the cloud. There are still administrative decisions to be made and
tasks to be accomplished. How well those are performed will impact how much value an
organization gets out of their cloud platform.
It's equally true that organizations still have their own infrastructure, whether in the form
of hybrid environments, highly diffused remote workers' technology, and the necessary
core infrastructure for connecting to the cloud at all.
Desktop devices are not covered by this competency, though it should be remembered
that these interact with infrastructure and have not been handed off to the cloud
provider and need to be managed in order to connect to the organization resources.
There may continue to be servers under staff desks, portable hard drives in drawers and
a file server for organizational files.
Initial level characteristics include:
100 Process
There is often no one responsible for infrastructure management; there may be
external support used on an ad hoc/break fix-basis. Resources are provisioned ad-
hoc, when requested. Staff and leadership are unaware of good practice, the
importance of this and the impact of their current practices.
Process changes that are performed are manual, ad hoc, undocumented and done
'in the moment'. Changes are made in a reactive fashion when something breaks,
or something is needed.
Changes are purely application-feature driven and any infrastructure changes are
driven by 'having' to do something vs. 'needing' to do something.
The organization may be using a single environment for development and
production but are unaware that there is a difference.
There may be some use of resource groups, such as distribution lists and security
groups, however these lack governance, standardization, granularity, and naming
standards.
Object-like sites, mailboxes, and users are created without a formal request
process and with no consideration of how they fit into the wider information
architecture.
User processes are not defined. There are no official onboarding or offboarding
processes. User access to shared resources is assigned ad-hoc without a formal
request and review process.
No company-wide business processes are defined.
No consideration has been given to backup, data recovery, and business
continuity.
Software is largely installed locally and manually, mostly by users.
Directory services are often not used (AD and/or AAD for example), with staff able
to use local or unmanaged identities.
100 Technology
100 Storage
There is no knowledge of storage used across the organization (until they get a
bill). This extends to types and location of storage. Storage frequently includes use
of removable drives, DVDs, personal storage, and isolated PCs.
There is no control, management, or standards of storage devices.
Access control to storage is largely absent; people have access to things they
shouldn't and don't have access to things they should.
No backup for significant proportions of the storage. Backup strategies have not
been developed, implemented, or tested.
100 Impacts
When operating at Level 100, processes are not defined so there is little consistency for
users. Similar types of data may be stored in different ways throughout the company or
duplicated in several places. It is also difficult to get users and other resources created
as there is no defined process. Users do not make efficient use of their time when using
cloud technologies as they are constantly looking for things and reinventing processes
that others have already done but are not published as standards.
There are also likely security vulnerabilities as authentication and authorization isn't
standardized, and platform security functionality is not likely to be taken advantage of.
Files are routinely duplicated, file storage lacks effective structure, search is ineffective.
200 Process
200 Technology
200 Storage
200 Impacts
At this level you can expect the following:
When operating at Level 200, processes are beginning to emerge but are likely not
documented or enforced so users may be frustrated with inconsistent experiences.
Regular processes are beginning to follow a regular routine and many of them are
documented and repeatable. However, they are still specific to the person doing the
task, and communication is not governed or enforced holistically.
Security becomes more of a concern as user adoption grows, custom features and
functionality increases, and citizen development enters the mix. Passwords are stored in
some way and service accounts are beginning to be used for processes that cross
boundaries.
300 Process
300 Technology
300 Storage
Content storage is well understood, with the architecture reflecting performance,
resilience, security, access, and content type needs. Legacy content continues to
cause pain and duplicates, superseded and unnecessary content persisting despite
multiple attempts to address the issue. Access control is similarly in place but not
perfect.
The content strategy responds to current needs and future needs are considered.
This encompasses storage volumes, governance and compliance and other known
considerations.
Content and application data backup is effective in most cases.
300 Impacts
When operating at Level 300 processes are documented and enforced. Automation,
audit, and testing are a regular part of each process allowing for bandwidth to create
proactive processes and tasks.
Data is more organized by area or application and most likely is being accessed via
some sort of enterprise master data management architecture. Data governance is
beginning to emerge organically and more advanced features such as compliance, DLP,
and eDiscovery are being used to identify and manage data.
Process management is becoming well defined, documented, and enforced. Users know
what to expect and how to interact with each process. Repetitive tasks and ongoing
processes are automated and error handling is part of that process.
Security is a priority and regular testing leads to proactive tasks to ensure that
vulnerabilities are minimal and managed.
400 Process
There are formalized lists of requirements, including security requirements,
operating constraints and defined and enforced Service/Operating Level
Agreements (SLA/OLA) and a basic control framework where evidence of meeting
requirements is evidenced manually, via documentation and reviewed and audited
periodically.
There is a formalized and appropriately sized (perhaps medium to large) team of
developers and Site Reliability Engineers (SRE) supporting multiple and diverse
applications following a DevSecOps model overseen by a Chief Technology Officer
(CTO) or Chief Information Officer (CIO) and dedicated representation from an
accountable security function overseen by a Chief Information Security Officer
(CISO).
Developers / SRE submit pull requests for small changes that are batched up to
implement on a daily or weekly basis during an agreed and well communicated
change window after being successfully tested and reviewed.
Infrastructure is managed with the same rigor as application code and managed
through source control and Infrastructure as Code principles with several
exceptions where it is very complex to automate and is quicker to do as a 1-off
manual configuration.
Automated subscription lifecycle (automation) is used as much as possible where
appropriate.
Synthetic user-journeys from quorum nodes outside platform feed into application
telemetry.
Applications are architected in a distributed fashion and use retries and caching
layers to work around transient failures with short or minimal outages or impact to
end-users, this process is tested at least annually via a planned outage.
400 Technology
Consistent deployment is achieved via pipeline tooling.
There is widespread use of scripted configuration checks for common faults and
with scripted remediations (e.g. restart/redeploy VM, container).
Just in Time access for VMs has been implemented and tooling is used to
configure and control VMs.
VMs are treated as ephemeral resources and frequently re-deployed from a
known-good state via Infrastructure as Code rather than upgraded, patched etc.
Auto-remediation of security vulnerabilities is in place.
Ephemeral environments are a core part of the strategy. The organization can
spawn as many environments as required (VM, PaaS or container) based on a
Continuous Deployment pipeline; these have basic automated release tests with
staff doing final QA and UAT activities.
400 Storage
Content storage is fully managed. Legacy content has been largely eliminated and
tools, policies and processes are effective at preventing or remediating duplicate,
superfluous and superseded content. Content labelling, retention and sensitivity
scanning occurs across most content. Access control is effective; updates and
changes, especially related to personnel role changes, are timely.
The content strategy anticipates future needs, analyzing future needs, actively
anticipating governance and compliance obligations and technology capabilities;
horizon scanning, and scenario modelling are used to anticipate possible future
needs and impacts.
Disaster recovery, business continuity and content protection are planned,
implemented, tested, and enhanced as a continuous cycle.
Role Based Access Control is well implemented, with custom roles and sitting
alongside a 'least-privilege' approach using tools such as APIM to automatically
audit and enforce any admin elevations required.
Conditional access is fully adopted. A 'break-glass' access process is in place for
extreme situations, to allow access to senior executives and key staff as a fall back.
A dedicated security team ensures policies and processes are automated and
regularly enforced across the organization. Tools are in place for security
information and event management (SIEM).
Zero-trust architecture exists between elements of applications and internal users
through access control and centralized firewalls.
The Internet perimeter is secured and tightly controlled; it extends to selected 3rd
parties over private interconnects or the Internet.
400 Impacts
Data is documented, architected, and managed at the enterprise level. All source data is
governed and backed up automatically on a regular basis. Records management,
sensitivity labels, and data governance are part of an enterprise strategy to ensure the
right information is being managed, disposed of, and archived according to corporate
and regulatory requirements.
Security is a priority and regular testing leads to proactive tasks to ensure that
vulnerabilities are minimal and managed.
500 Process
Dedicated teams proactively prioritize infrastructure project needs in alignment
with business initiatives driven by corporate leadership.
Team members are cross trained, certified, and follow a consistent methodology.
Existing processes and lessons learned are regularly reviewed to create
improvement tasks.
Changes are proactively planned and automated to minimize disruption and avoid
outages.
In addition to defined non-production and production environments, sandboxes
and demo environments are available for additional R&D planning and testing.
Architecture, hardware, and software needs all follow best practice including
defined roles/groups and policy management.
Processes are all well-defined and documented for public reading and review at
any time.
DevOps/SREs submit pull requests frequently through the day to make changes to
components in the environment which are automatically tested and deployed
immediately if they pass.
500 Technology
Hardware/software is inventoried, managed, and all versions are the latest
"accepted" version.
Network design and management is defined, documented, and managed.
VMs are treated as ephemeral resources and frequently re-deployed from a
known-good state via Infrastructure as Code rather than upgraded, patched etc.
Auto-remediation of security vulnerabilities is in place.
Ephemeral environments are a core part of the strategy. The organization can
spawn as many environments as required (VM, PaaS or container) based on a
Continuous Deployment pipeline; these have basic automated release tests with
staff doing final QA and UAT activities.
Applications are architected in a truly decoupled, microservice fashion and make
extensive use of retries and caching layers to work around transient failures
without impacting service.
Changes are small, incremental, and simple to rollback.
500 Storage
Storage is defined and strategic. Processes and policies manage what is stored
where and minimized for maximum ROI.
Storage is treated cross functionally as an enterprise level shared resource.
Storage management effort is minimized and instead data is governed and
managed by SRE and DevOps with an enterprise MDM strategy and available API
libraries.
500 Impacts
Processes are consistently reviewed and improved with qualitative and quantitative
benefits being proudly recognized by leadership. A culture of education, innovation, and
stewardship is observed and shared publicly through articles, white papers, and
presentations.
Security is well documented and understood and risk is easily identified and managed
via well documented and defined controls within each part of the business all rolling up
to the enterprise level.
Resources
Maturity Model for Microsoft 365 - Introduction
Principal authors:
Sharon Weaver
Mark Williams
Maturity Model for Microsoft 365 –
People and Communities Competency
Article • 08/02/2022 • 13 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
100 Culture
At this maturity level, many end users don’t know much about their colleagues and
are unclear on how they should engage with them or reach out for help with
projects and activities; this is also reflected in the amount of untargeted
communications.
Team building is based on personal knowledge and has little scope. Many staff feel
left out or under-utilized for their skillsets. Expertise in different locations is rarely
leveraged. Insights and support are often a matter of luck or chance.
There is little reinforcement of organizational culture and vision.
Limited internal communities inhibit supportive colleague relationships beyond
immediate co-workers.
Little has been done to actively support the concepts around people and
communities, relying on organic and traditional approaches.
Email distribution lists are the hub of community activity; the processes to update
information belong to IT, are essentially manual, undocumented, and lack formal
processes to manage their members.
100 Process
There is, at best, basic profile data. This is inconsistent across different systems
(e.g. Active Directory, Human Resources Information Systems, etc.).
Staff profiles, accessible to colleagues, are absent or largely unmaintained; there is
no expectation that profiles are completed and updated. Any that do exist are
likely to be limited to identifying who works in the organization and in which
department (with contact information). Hard copy staff directories may be in use.
Organization charts are created manually, inconsistently published, and frequently
out of date. They may also be shared via email to department members.
Because staff have no access to a reliable directory and may not know the best
communication mechanisms to use, colleagues are often overlooked or
uninformed. Long-term staff are frequently interrupted with requests for their
knowledge, even when others might have been able to assist.
People use “reply all”
despite the impact this has in colleagues’ inboxes. Employees are unable to easily
identify who-does-what in the organization, find subject matter experts, or
understand the reporting structure. Requests for expertise and questions are often
asked via email and then forwarded around the company until the correct subject
matter expert is identified; minimal shared insights are created.
There is no company guidance on where to have different types of conversations,
share interests, or seek advice and engagement from colleagues.
No process exists for discovering whether colleagues have particular skills, areas of
expertise, or common interests and values. Communities of interest are
serendipitous and do not take place digitally. They are effectively invisible to the
organization.
Personal contact, telephone, and email are the primary means of communication.
100 Impacts
Systems may exist to support identifying who works in the organization and in which
department. Distribution lists are used to communicate with groups such as “All
Company” and each department. The processes to update information fall to IT, are
essentially manual and undocumented, and lack formal processes to manage their
members.
Level 200 - Managed
At this level, the focus tends to be on creating communication channels for the inner
loop. This represents groups of people working together on projects - the organizations
usual units of work. Each team may decide how to communicate internally, but there is
no enterprise-level guidance on which solution to use based on the project goal. There
may be pilots for capturing outer loop conversations (corporate communications, CEO
town halls, employee interest groups) in another communication channel.
200 Culture
The focus tends to be on creating communication within known groups of people
working on projects (the inner loop).
Community spaces may be piloted, though these are likely to be somewhat ad hoc
with little management, oversight, or intended purpose.
Use is encouraged in some teams, but not enforced.
200 Process
200 Impacts
Staff productivity is reduced due to the time spent trying engage the right people in
activities, source knowledge and expertise. The attempts to provide technology to
support people, groups, and the company culture are compromised by poor data
quality, inconsistent approaches, and a lack of commitment at all levels. Staff and
management are equally frustrated by this but lack outlets for addressing the issue.
Avoidable mistakes are made due to the right people not being engaged.
Project and
other teams are slow to form.
Employees may begin to see the value in separating
communication into different channels where the communities are more focused on
specific tasks and topics. Email communication diminishes as inner loop and outer loop
conversations move to different and more targeted solutions. The way different
communities communicate still varies widely by functional area.
300 Culture
Commonality across teams starts to drive where communities are created and set
up. Microsoft Teams or Yammer Communities are created based on the type of
work people are doing rather than a one-size-fits-all approach.
Team communication channels are well defined and agreed upon as a standard
business process.
Community spaces connect a targeted set of users. The purpose and etiquette of
community spaces is defined.
300 Process
Processes may not be systemically or repeatedly used to the extent needed for
their users to become fully competent in which community they should share
information forming gaps in adoption and consistency.
People profiles have additional information populated for skills, expertise, and past
projects which can maintained by each individual.
People begin using search to identify subject matter experts in the organization
instead of emailing multiple people across the organization because they can find
better results with people profiles.
Processes exist to create and populate staff profiles in appropriate systems in
response to trigger events (new starter, role change, leaver). Compliance with
maintaining profiles is a matter for line management.
Staff have the ability to update elements of their profile and request updates to
other attributes.
Custom profile fields support subject matter expertise identification and other
attributes important to the organization.
Photos are updated from a central source.
Profile information is sometimes used as a data source and integrated within
systems and processes. It becomes possible to automate organization charts;
attempts are made to resolve the inconsistencies this reveals.
Local directories are in the process of being eliminated.
Staff know how to identify groups, distribution lists and other groupings for
communication and engagement.
300 Impacts
End users begin to see the ROI for completing their profiles as they can more easily
identify who-does-what across the organization. Working teams and employee interest
groups experience an increase in engagement and productivity as they connect in
communication channels specific to their goals. In order to solve problems in daily work,
employees frequently reach across organizational boundaries based on content
ownership, and subject matter expertise they recognize as useful.
400 Culture
A strategic view of all communication channels including email, Yammer
Communities, Teams (backed by Microsoft 365 Groups), distribution lists, and
security groups increases engagement in the respective communities. These
opportunities lead to serendipitous connections between people who might not
have previously collaborated.
Communities flourish under governance.
Communities and their members are easily discoverable through search. End users
begin following the groups and communities which match their interests, even if
not directly aligned with their work.
400 Process
There is an increased focus on self-service for end users to apply solutions and
technologies to their work so they can manage their own membership.
Manually maintained distribution lists are uncommon having been replaced by
dynamic distribution lists and groups, based upon employee characteristics for all
company communication, Microsoft 365 Groups for teamwork conversations, and
Yammer for company-wide and cultural communication.
Profile fields may integrate with Line of Business data.
Dynamic organization charts are available based on up-to-date data about each
employee.
Staff photos are updated across multiple systems and profiles from definitive,
managed source. Photography style is defined.
400 Impacts
Users rely on different communication channels to stay informed for their day-to-day
work as well as for special interest areas that contribute to company culture. They
understand and follow governance best practices to share knowledge in these separate
channels, with a high degree of trust in the platform getting their message to the right
people. Communication in separate communities is fluid and largely frictionless,
allowing easy access to inner loops and outer loops, when useful. Organization charts
are no longer manually created as end users use the dynamic organization chart in
people cards to identify company structure.
500 Culture
People are connected across the organization based on their skills, interests, and
work.
Innovative collaborations arise without formal structures.
Communities and conversations extend to external participants when it makes a
process more effective.
Employees are finding opportunities to innovate within the company spurred by
new connections.
500 Process
End users use people cards to find more than just organization structure and
expand the usage to seeing common documents to spur further collaboration.
Viva Insights / MyAnalytics helps inform end users on how they are spending their
time working with different people and empowering them to keep stronger
connections across the organization.
Users can maintain important profile data that writes back to Active Directory or
Human Resources Information Systems.
500 Impacts
At this level, business leaders and platform administrators implement continuous
improvements based on user activities and feedback. Users are proud of the
communities they have built and can show real ROI for increased engagement over the
way they previously communicated. Senior leadership is actively engaged across the
organization, walking the walk and talking the talk.
Scenarios
An employee interest group is forming and needs a place to share how to get
involved.
An employee needs to share a personnel change with the rest of the organization.
A project team has been setup to investigate a new product and needs a place to
work together, plan, and manage the project.
A new employee reaches out to the organization for help understanding a
technology the company uses.
A manager wants to recognize an employee or team for their hard work.
A marketing person is looking for success stories from the organization.
Conclusion
Improving your People and Communities maturity means rethinking your processes and
decentralizing communication from one channel to multiple areas which best support
the topics and tasks at hand. Embracing different levels of persistence and types of
interaction with communication in these channels supports end users’ ability to be more
focused and deeply engaged in conversation, achieving better results. Empowering your
end users to manage their own communities enables IT professionals to focus on a
higher strategic level and reduce friction with end users.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
How to Share Org-Wide Communication in Microsoft 365
Join and create a community in Yammer
Manage Dynamic Distribution Groups
Principles of Communication
Principal authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
The People and Communities article provides an overview of People and Communities
concepts and then details each of the 5 People and Communities maturity levels from
Initial to Optimizing (100 through to 500). It adopts a broadly technology-agnostic
approach to the business characteristics of People and Communities, plus expected
benefits.
This article aims to specifically explore how organizations at any level could use the
Microsoft 365 suite (and associated technologies) to reach a higher maturity level.
A department, depending on the size and company culture, may also benefit from a
Microsoft 365 Group. Large departments where all members are not actively
collaborating may be best served by a Dynamic Distribution Group as communication is
primarily one way and the smaller functions within the department are then
collaborating with Microsoft 365 Groups.
Begin to pilot open community spaces like Yammer or an org-wide Team. The "outer
loop" is focused on sharing information widely across an organization outside the
known working groups. There is not a known set of members as it can be fluid and
communication is often focused on surfacing new ideas, gathering feedback, knowledge
sharing, breaking down silos, and connecting the business with senior leaders. Focus on
moving company-wide communication that seeks to foster two-way communication to
Yammer or an org-wide Team (depending on company culture and size).
For example:
A project team previously worked with IT to manage a distribution list for a set of
colleagues responsible for revamping the procurement process. This project team
has a known set of members who need to collaborate on files privately until the
new program is ready to be launched to the organization. This group should now
transition to a Microsoft 365 Group (potentially with a Microsoft Team) as their
audience is limited, their collaboration on documents is critical, and this content
may need additional retention given the impact to the organization's business
processes. After the project is completed, the new business process materials are
moved from this working space to the company intranet (likely a SharePoint
Communication Site) to support the larger audience consuming the new
information.
The most effective guidelines are simple and easy to consume supporting quick decision
making across the organization. They may be in the form of a simple one-page chart:
People profiles have additional information populated for skills, expertise, and past
projects which can maintained independently. People begin using search to identify
subject matter experts in the organization instead of emailing multiple people across
the organization because they can find better results with people profiles.
Meet with your existing champions group or begin to form one in your
organization for each of the community platforms (Teams, Yammer, and
SharePoint). The champions are not necessarily only the top users of these
platforms. Including end users who push your governance boundaries, ask lots of
questions in training, open tickets for common issues, or who are in the project
queue for IT support can all add value to this group by offering diverse
perspectives. When forming the champions group, including a spectrum of
viewpoints, roles, and technical abilities will ensure you do not come to a false
consensus as a group for what works best for the entire organization.
Form a meeting and communication cadence with this group to share Microsoft
announcements, project initiatives, and to serve as an open door for feedback.
Staying closely aligned with the end users actively working in these systems will
ensure you understand how people are working in Microsoft 365 and what they
need to be productive. Your guidance will continue to evolve to meet their needs
and as Microsoft makes shifts in their offerings.
Continue training and showcase the efforts of end users utilizing self-service
opportunities. Share case studies of teams who created their own communities by
following the training and guidance. Include specifics around their starting point,
pain points that drove the change, and improvements while using new solutions to
communicate.
Highlighting the end results will support end users across the organization as they
separately work through change management for each new community they are
building. Sharing these stories also gives end users the opportunity to showcase
their efforts innovating their teams' communications. Elevating these case studies
to company-wide communication perpetuates the message across the
organization that shifting to multiple communication solutions for different types
of communities is an initiative that is critical to the company's success in
collaborating more effectively.
Review the Microsoft 365 search logs to identify most searched for terms and
abandoned search results. Understanding what people are looking for will help
guide which terms should be used in the profiles.
For example:
When searching for a subject matter expert, explore the Delve profile of your
colleague to see documents you both have access to. This can help you better
understand where they sit in the organization, what they are actively working
on, and areas you might already overlap.
On your own Delve profile, explore the "discover documents from people
around you" section to get a better idea of the initiatives your colleagues are
working on. You will only see documents you have permission to though you
may spot some activities where you should be involved or that impact your
current projects. This is a great way to proactively explore what is happening
around you.
Use the "Favorites" board to create a place for all the helpful documents across
Microsoft 365 that help you work more effectively.
Spend time each week in MyAnalytics to get data-driven insights to help you be
more productive by seeing data on your work, network, and collaboration
habits.
Increasing awareness of your focus can reduce lost time due to distractions.
Being aware of your wellbeing can reduce stress and anxiety as you create
space to disconnect from work.
Keeping an eye on your network can ensure you are spending time with the
colleagues who need your attention the most.
Reviewing your collaboration data supports keeping your meeting time
focused on critical discussions and raises your awareness to which meetings
are unproductive as you are often multi-tasking in them.
Conclusion
Improving your People and Communities maturity means rethinking your processes and
decentralizing communication from one channel to multiple areas which best support
the topics and tasks at hand. Embracing different levels of persistence and types of
interaction with communication in these channels supports end users' ability to be more
focused and deeply engaged in conversation, achieving better results. Empowering your
end users to manage their own communities enables IT professionals to focus on a
higher strategic level and reduce friction with end users.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
People and Communities Competency- Microsoft 365 Maturity Model
How to Share Org-Wide Communication in Microsoft 365
The Evolution of Company-Wide Email Communication to SharePoint News
Principles of Communication
Manage Dynamic Distribution Groups
Welcome to Microsoft Teams
Create and Share News on your SharePoint Sites
What is Yammer?
What is Delve?
MyAnalytics
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
With modern organizations creating huge volumes of content and data every year, a
search experience where users can find what they want, when they want is essential.
A good search experience benefits the organization by reducing time to find knowledge
in the organization. This becomes particularly powerful when users do not need to know
where the content is stored. It helps reduce "re-inventing the wheel" and content
duplication because the originals could not be found.
The evolution of Search starts from the basic 'index card' concept, which tells you where
to find the document etc. you are looking for, epitomized by the Dewey Decimal system
found in libraries. As technology developed, it become possible to search limited
metadata (filename) in file repositories, then other attributes and eventually search
engines were able to index contents (Semantic analysis), file properties and
metadata/tags across multiple repositories. In parallel, the user experience of the search,
especially for creating the query and presenting results has improved from basic or
cluttered to strongly structured with previews and interaction points, plus post-search
filtering or refinement. In parallel, the technologies have become aware of security and
governance, reporting and feedback, content weighting and relevance (e.g. headings are
more important than text), context, relevancy and 'freshness' (more recent content is
likely to be more useful) and can deal with advanced content management
technologies.
Search provides two 'experiences' within Microsoft 365 – classic and modern - both of
which use the same Search Index.
Classic search, which is configured via the SharePoint Admin Centre and available
through SharePoint Online.
Modern search, which is also known as Microsoft Search.
Microsoft Search has evolved through the improvement of the search indexing and
categorization processes using Microsoft Graph, Artificial Intelligence, and Bing
algorithms to build results which are personalized for each user. This enables more
insightful results based on understanding of the context, where the search is performed
and importance of the content.
Today we are moving into AI driven search which understands the person and provides
very context specific results based on who they are, where they search from. This is
supplemented by AI driven interfaces, including voice and image search. We can expect
to see AI increasingly pervade search experiences combined with greatly enhanced
personalization based on a wide range of context types.
100 Technology
Search may be restricted to File System search and a few specific applications.
Default out of the box configuration is in place; often with very limited capabilities
(filename, title, date).
No customizations have been made to Microsoft Search.
Search indexes a small volume of organization content.
There is no customized search experience to support specific business
requirements.
No enhancements are made to the search experience to aid the user.
Configuration of authoritative data sources have not been configured to help
relevance ranking.
User's may not always find content that they want without knowing the right
search terms.
User confusion with the different ways of searching.
Search is scoped to the current application; there is no global search, the search
experience, presentation, and features vary widely according to the current
application. Many systems have no search capability at all.
Users use search as a last resort after asking someone browsing and other forms of
discovery.
Search requires users to know how to ask the right question, possibly with very
specific syntax, query structure and case sensitivity.
100 Impact
Users rarely rely on search; accessing known documents in known places (which are
potentially superseded); they rely on browsing rather than search (failing to find the
correct document); asking colleagues (consuming their time and attention) or creating
new versions of content that already exists. Users frequently make copies of documents
so that they 'know' where they are.
Most users turn to external search engines to search for information that probably exists
in the organization.
In many instances Microsoft 365 usage is primarily focused on use of email. This content
is unstructured, has minimal and frequently inaccurate document metadata beyond the
filename and the content. User expectations are of a 'Google' search without context,
scope, or organizational awareness.
At this level, the organization is using the out of box search experience which gives
varied results and often leaves the user with difficulty finding the content that they are
looking for. The search corpus is small with only a fraction of the organization's content
being made searchable.
Users don't really trust search as they are unable to find the content that they are
looking for, they find duplicate or out of date material and are not assured what they
discover is authoritative. Worse, they may find the wrong content and consider it
authoritative.
Some individuals are key knowledge sources, impeding their work and/or becoming
'single points of failure'.
Productivity is compromised; compliance activities are weak; organizational and
colleague knowledge are poorly leveraged and there is a pervasive frustration at the
inability to find things.
Some search tools respect user access rights, but inconsistencies exist, and
inappropriate content may be surfaced.
Some effort is made to promote or identify current or authoritative versions, but
with limited consistency.
Filenames are used as a substitute for metadata.
There is no overall search governance and strategy plan.
Users are not encouraged to use Search instead of legacy approaches.
No role defined to administer and refine search experience.
200 Technology
There are some search-based point solutions which have enhanced configuration
to improve user experience.
Some custom specific organization search results have been configured.
Microsoft Search may be enabled within Bing for Business, however most users
bypass this and open other search engines.
There are efforts to standardize search interfaces from system to system, however
this tends to be limited to the presentation, not the format of the underlying
business logic.
Re-indexing is automated and typically occurs overnight. As such new content isn't
initially findable.
Different search syntax exists between applications.
Users have basic awareness of search, do use it for some tasks and in some
systems, but rely on other methods of finding the majority of what they need.
Most users are unaware of advanced search features or even the availability of
search in some applications.
Results layouts are somewhat consistent but lack refinements and high value
content is not promoted to the top of the results. Result layout and features do
vary between applications.
Search tools do find content; however, this can be slow.
Some standardization is attempted for terms, metadata, naming conventions etc.
However, this is not enforced and does not apply to legacy content.
Users frequently cannot find the content they need and fall back to other methods
to confirm that they are using the correct document etc.
Some signposting is in place, i.e. there are visual or text devices to assist the user
to navigate to the correct content or location.
200 Impact
At this level, search usage is not ubiquitously or consistently present throughout the
organization but is more popular as employees see the benefits of being able to find
content. However, the search experience differs depending on where the search takes
place. There may have been the migration of file content from file servers into
SharePoint; it becomes possible to search across all content stored in platforms, such as
Microsoft 365.
There is an increase in usage of search in general, as users find out more about the
benefits of search within the organization. Users begin using search when they don't
know where a specific document or item is, however, differences between search
experiences confuses staff and they avoid using search in systems they are less familiar
with. Colleagues remain a primary source of information or signposting to where to
look. Lack of immediacy in search ensures duplicate creation remains commonplace,
especially across different teams.
Productivity and compliance remain compromised; and frustration at the inability to find
things persists.
300 Technology
Commonly searched keywords are configured with tailored results.
An enterprise search exists that is connected to other file repositories and line of
business applications to break down information silos and allow search across the
enterprise. (This could be hybrid, Salesforce etc.). This may not be consistently
available nor address all the needs of users, however.
Search is applied consistently across services.
'Search verticals', which provide scopes focused on specific topics, business
functions, file types and more are available, specific to the business and aim to
improve precision and findability for key business functions.
Search results are customized for key organization assets to improve findability
and discovery of useful assets.
Search is used in business applications to access large volumes of content quickly
and efficiently. This gives users access to information in a way that they have not
had before.
The business is using modern search web parts to enhance the user interface and
search experience.
People are understood as information assets. Skills and expertise are captured and
returned in response to search queries.
300 Impact
Search actively adds value to organizations, releasing staff time, improving compliance,
and creating confidence that correct versions of documents, etc. are in use. Staff can
locate some physical assets, skills.
At this level, Search becomes an asset to the organization. This has been recognized as
an enabler that develops more efficient and effective employees. The capabilities of
search are harnessed to improve the experience of businesses applications.
Processes are in place to ensure staff maintain their profiles, including skills and
expertise.
Search is used to identify records and other artifacts that should be tagged.
Centrally managed thesauri and term sets are used across search scopes that
understand synonyms.
There are tools and processes to ensure staff maintain their profiles and update
content to improve findability.
400 Technology
Search usage is analyzed and used to improve search results.
Contextual search is embedded in line of business systems.
Most systems and workplace tools provide consistent access to the enterprise
search.
Information is stored in such a way as to enhance findability.
Search extends beyond files and information to locations, physical assets,
relationships and more.
Content discovery emerges as a business tool that exposes content to users who
might not have known about it, by displaying information related to the search
items.
Prospective search is used to display content without the need to enter a search
term, such as commonly viewed news, article documents; context drives the
relevancy of this.
Predictive search begins suggesting matches to search terms as the user enters the
search query.
Advanced queries can be created using a defined query language.
Frequency of content indexing is appropriate to the periodicity ("freshness") of
change of different repositories and business processes.
400 Impact
This level sees Search being managed throughout the organization. Processes are in
place to add new content, search verticals and search result layouts and Microsoft
Search configuration.
Search is a key business information tool that enables most processes. It is widely seen
as the most effective means of discovering, retrieving, and confirming business
information, for identifying skills and expertise across the business and integrating
knowledge from multiple systems. Most staff update profiles and participate in
appropriate tagging
Search results can be relied on; the current versions are reliably returned; inappropriate
or incorrect content is rare.
Search is part of everyday life for an employee at the organization. New innovative ways
of exposing content are investigated. Search metrics are used to analyze user behavior
and understand gaps in the information that is being returned.
500 Technology
The search corpus is broadened with search being available across bespoke and
line of business systems.
The search corpus is used to enhance knowledge management tools such as
Project Cortex.
Opportunities to enhance search are looked for to ensure data is surfaced to
improve productivity based on effective analysis.
Effective search is ubiquitous and uniformly available across desktop, mobile and
other experiences.
External resources are included in the search scope.
Staff profile updates are monitored and automated to ensure accuracy and
completeness.
Search is used to discover and auto-tag content.
Users are highly skilled at finding information using tools and new staff are trained
in the tools for their role.
Automated classifiers are used to add tags to all content types, including image,
audio and video, in order to ensure it is discoverable.
SEO approaches are applied to content.
Custom Search Results are created to augment key information in the search
results to support improved discovery and findability. These are monitored and a
process exists for updating search scopes, presentation, filters etc. as the business
needs evolve.
Search is ubiquitous; users can access search consistently from all applications and
locations within their digital workspace, including mobile and voice.
Users can proactively provide feedback on search results, to drive improvements.
AI is used to enhance search based on deeper knowledge of the user context and
business activity.
Search experiences are embedded in business processes and in many cases, users
aren't even aware that search is supporting their work.
500 Impact
Search technologies are considered critical business systems, carefully managed with
designed-in resilience. They are a key tool for ensuring compliance; it also unpins staff
and process effectiveness.
Staff are committed to the content processes that maintain search; at the same time
search is highly automated and 'invisible' delivering insights and finding knowledge
without user input. Search itself provides management key insights into the health,
activities, and productivity of the business.
Scenarios
A project manager looking for similar projects to the one that they are just about
to start and then needing to recruit an appropriately skilled team.
A salesperson searches for similar proposals to use when creating a new proposal.
A junior member of staff needing to find the company tax number.
Staff searching for internal and market news relating to an insight or innovation
they are considering. An engineer researching a solution to a manufacturing
failure, who needs to collate procedure, machine manuals, line SPC data and
actions alongside reports of similar events outside the company.
The legal team finds contracts which will expire soon and can work on renewals
where appropriate.
Reduced user frustration when trying to find content they know is available.
Reduced time wastage finding information or the right person (commonly upwards
of 20 minutes per person per day at level 100
Increased innovation.
Increased awareness of useful information and knowledge. Improvement in
employee engagement.
Increased sharing of knowledge and best practice.
Decentralized management of content but with centralized consumption.
A modern Search experience is part of a modern digital workspace which can attract the
right workforce.
Benefits are found in sharing stories, knowledge and understanding but are difficult to
quantify and measure.
Conclusion
Organizations that implement a successful Search strategy will see direct impacts to the
bottom line. Employees being able to "discover" information which leads to innovation
within the organization, reduced costs and time efficiencies can have a huge impact on
worker productivity. The cost benefit in users not duplicating work and finding
corporate knowledge are difficult to quantity but exist.
Search enhances the other competencies and is a great way to begin reaping rewards
from the Microsoft 365 platform.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Principal authors:
Simon Doy
Simon Hudson, MVP
Contributing authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
100 Impacts
Due to a lack of training or assistance, end users begin using the system as they
interpret it should be used. This can create new change management challenges down
the road as the use cases and better practices need to be communicated against new
patterns of behavior. This is often a replication of old business processes in a new
environment (for example, using SharePoint for file storage only).
The solution was launched without consultation with the business for needs or
challenges they are facing so these new solutions are viewed as unnecessary or
redundant to existing applications. It can actually seem as though work gets harder, not
easier.
Short and long-term system support was not considered so no formal business
processes exist to support issues or requests. End users are left to problem solve with
internet searches or by sending emails around the organization seeking assistance.
As the system is growing in usage, some of the end users who are responsible for their
own content have received one-off training. Training is focused on power users using
the solutions and has not been launched to the entire organization yet. Some level of
departmental or functional expertise begins to develop, and people start to know who
the experts are to turn to.
200 Process
Content owners from some functional areas are trained and using the system.
200 Impacts
The wait time for system support may be incredibly long due to limited support staff
and limited knowledge requiring longer periods of time to troubleshoot end user
problems. No support exists for a consultative approach to solve business problems
leaving end users to silo solution, often with competing products from a lack of
knowledge for what exists already at the organization.
Content owners may begin to share the message of positive impacts of the solution
across the organization, raising interest, as they are empowered to work independently
with the solution.
300 Process
An end-user training plan is in place.
Onboarding and off-boarding is addressed in the training plans.
Training is focused on interaction with specific systems.
Roles and responsibilities for support and training are clearly delineated and
funded.
300 Impacts
New hires use the system properly from the outset because they attend training focused
on how to interact with the new system as it has become commonly used across the
organization.
As comfort with the system increases, end users are interested in increasing their usage
of the system to solve other business problems.
Now that the IT support staff has expanded, there are opportunities for the business to
receive coaching, guidance, and innovation on their existing business processes in
partnership with the IT department. The IT support staff have begun to proactively share
updates and changes coming in the system to better involve business need in their
strategic decisions. This involvement with the business reflects increased understanding
in the platform and the organizational importance of developing business processes
with the available enterprise solutions.
400 Process
IT has more than one resource knowledgeable on the system.
Requests for new functionality are tracked and prioritized.
Communication strategy in place for sharing system changes and improvements.
Training viewed as a program, not just string of individual system training.
Positive outcomes are collected and measured to share with the organization and
cross-pollination in training.
Usage of the solutions becomes less IT-driven and more business encouraged due
to clear benefit demonstration in ongoing training.
400 Impacts
Once training is viewed as a program, this allows for strategic planning on how to
advance the technical literacy of the organization. The training is no longer focused on
which buttons to click within a system and instead focuses on changes in behavior or
business processes to work more efficiently. For example, a OneNote training would not
focus solely on making sections and pages. The training would include productivity tips
for how to use OneNote to increase efficiency in meeting note taking.
As technical literacy increases, so does the interest from employees outside of IT.
Content Owners are taking active roles working with their teams and the system to
gather feedback, share with IT, and collaborate on solutions. Training attendees who are
not content owners may begin to show a greater interest in the system and seek to be
more involved. There still may be some challenges in leadership supporting time spent
working with the system for non-IT roles.
Now that the entire company is actively using the system for common business
processes, there are regular updates shared with the entire company for changes and
improvements on a regular cadence. There is a process in place to receive feedback
from the organization which influences future enhancements and continuous
improvement. The system support staff has increased enabling the business to shift
support from reactionary to proactive and decreases wait times for help.
The most common support scripts and training content are developed with Chatbot and
AI technology, allowing IT staff to focus on escalations, proactive initiatives, and
reducing the amount of time spent on break/fix. Support ticket analytics are reviewed
on a scheduled cadence to identify and prioritize closure of training gaps, minimizing
employee downtime, and increasing organizational productivity.
500 Process
System changes and improvements are first discussed within Centers of Excellence or
Communities of Practice which comprises of content owners, key stakeholders, and
other system owners. These groups provide feedback on a continual basis and are often
used for pilots before launching new solutions to the entire organization. Having these
communities enables IT to complete better user research, align system changes with
departmental-level goals, and receive more transparent feedback. If the business
explores self-service options, empowering end users to manage their own solutions
(with IT guidance) enables IT professionals to focus on a higher strategic level and
reduces friction with end users.
Training is viewed as an integral part of the learning road map and no longer only run
by members of IT; training isn’t just technical, it’s transformational, often using “what if”
scenarios. Content owners or Center of Excellence members offer training specific to
tasks and business processes, replacing generic system-based training that was
previously offered. Skill advancement is widely recognized and rewarded.
Scenarios
Human Resources content owner shifts recognition process to automated solution
within system after seeing increased engagement with a Communication Site for their
department.
Anecdotes are still very valuable as some processes may not be possible to directly
measure or might be new given expanded capabilities. New processes will not have the
same opportunity to measure ROI so anecdotes of added value are critical to showcase
business enablement.
Conclusion
Launching a system without full support or training risks a lost investment in the
technology as employees use the system incorrectly or don’t take advantage of features
that could help them. When planning, ensure there is time and adequate resources to
engage the business early on in discussions around their needs and challenge areas.
Focus your solutions on existing issues.
Providing solutions to existing problems will generate higher interest across the
organization and justification for employees’ time spent learning how to use them.
Having a clear business process for feedback and transparency in the decision-making
process will build trust with the organization, supporting the time and effort they are
spending to understand the new systems. Developing these deep, trusted relationships
with the business changes the focus of the conversations from specific technical
requests to open dialogue around challenges or opportunities for innovation.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
The Microsoft 365 Maturity Model – Introduction
Why SharePoint Training is Important
Identifying Your Microsoft 365 Champions
Empowering Your Microsoft 365 Champions
Principal author:
Contributing authors:
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
Emeritus:
Sadalit (Sadie) Van Buren
Elevating Staff and Training
Article • 08/02/2022 • 11 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The Staff & Training Competency article provides an overview of Staff and Training
concepts and details each of the five Staff and Training maturity levels from Initial to
Optimizing (100 through to 500). It adopts a broadly technology-agnostic approach to
the business characteristics of Staff and Training plus expected benefits.
This article explores how organizations at any level could use the Microsoft 365 suite
(and associated technologies) to reach a higher maturity level.
Senior leadership support is critical at this stage so Microsoft 365 is treated like
other enterprise solution in the organization, as they will be the budgetary decision
makers. Begin meetings with senior leadership to better understand their goals,
drivers, and provide clear ways Microsoft 365 is supporting these initiatives.
Building these relationships now will support senior leadership’s ability to drive
prioritization of projects at the 400 level. Delaying these efforts will make it
incredibly challenging to show the value in their time spent in steering committee
meetings without their foundational understanding of how Microsoft 365 helps the
entire organization reach their goals faster.
Now that the technical literacy of the organization has increased to understand
what-to-use-when across the Microsoft 365 solutions, training is focused on
highlighting the integration between the solutions and how this can increase
productivity.
For example, Microsoft Teams can change the way teams collaborate by
supporting multiple people working on one document within the Teams desktop
application. Comments can be added to the Word document with @ mentions that
automatically add tasks to the team Planner. What formerly may have been a
Microsoft Teams training specific to functionality within the system is now a
training about working better together, with supporting technology and aligning
with company culture.
Now that the IT support staff has expanded, there are opportunities for the business to
receive coaching, guidance, and innovation on their existing business processes in
partnership with the IT department. The IT support staff have begun to proactively share
updates and changes coming in the system to better involve business need in their
strategic decisions.
For example, the Learning and Development team may be focused on supporting
the company goal to increase transparency in decision making. The Microsoft 365
support team and business process owners can highlight features such as
SharePoint news, news digests, and even the roll up of decision Lists across
different site collections as opportunities to increase transparency across the
organization.
Conclusion
As you navigate how to elevate Staff and Training from current state to desired state
keep in mind your company size, goals, and culture will heavily impact which level best
supports the organization. A smaller company may never reach the 400 level with senior
leadership support as the Microsoft 365 support team has the time to meet with all
functional leads and the authority to drive decision making aligned with company goals
and initiatives. Maturity levels should be elevated as the need dictates.
Maintaining a focus on training, at any level, enables employees to use the systems for
their best use cases and take full advantage of all features. When planning your training,
ensure there is time and adequate resources to engage the business early on in
discussions around their needs and challenge areas. Focus your solutions on existing
issues.
Overall, providing solutions to existing problems will generate higher interest across the
organization and justification for employees’ time spent learning how to use them.
Having a clear business process for feedback and transparency in the decision-making
process will build trust with the organization, supporting the time and effort they are
spending to understand the new systems. Developing these deep, trusted relationships
with the business changes the focus of the conversations from specific technical
requests to open dialogue around challenges or opportunities for innovation.
Resources
Tip
Join the Maturity Model Practitioners : Every month we host sessions exploring
the value and use of the Microsoft 365 Maturity Model and how you can
successfully develop your organization using Microsoft 365. Each of these sessions
focus on building a community of practitioners in a safe space to hone your pitch,
test your thoughts, or decide how to promote your use of the Maturity Model.
Sessions may also include a brief presentation about the Maturity Model including
recent updates.
Related documents
Maturity Model for Microsoft 365 – Introduction
Maturity Model for Microsoft 365 – Staff & Training Competency
Identifying Your SharePoint Champions
Empowering Your SharePoint Champions
The MM4M365 core team has evolved over time. These are the people who have been a
part of it.
Core team:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
As the Maturity Model for Microsoft 365 has become more well-known, people have
found uses for it in many different contexts. In this set of articles, we're gathering
examples of the application of the Maturity Model applied to specific content areas or
to solve specific problems.
As with all aspects of the Maturity Model, we'd love to get your examples and feedback,
so if you've found an interesting use and would like to write it up, please do!
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Working as a developer on Microsoft Teams solutions you might not have heard about
the Microsoft 365 Maturity Model. Yet it is a great resource to get familiar with! The
model is based on the Capability Maturity Model and with some imagination you can
apply the same logic for the building blocks of Microsoft Teams.
Some of those different scenario’s have a different developer experience and might
require different components in Azure as well. If you are new to Microsoft Teams
Development a great place to start is the getting started overview. If you have been
building Teams solutions you might recognize some of the options. If you are new to
the game be aware that a Teams solution can consists of several different opportunities
and you can combine multiple components into a single solution.
Teams Development sample
Considering a straight forward solution presenting information in Microsoft Teams with
a tab. If you are already using SharePoint you can expose this information with minimal
code. The advantage of this scenario is that you can walk through all App package
components without having to write Microsoft Teams specific code. And there are a few
great SharePoint samples out there so things look good straight away.
You can find a detailed blog with all steps to achieve this by Bob German -Building
Microsoft Teams apps with SharePoint Pages – Part 1, Get Started
Or you can use Power Automate to send messages, including adaptive cards and build
more complex processes. With a flow you can both send these adaptive cards and add
additional business logic. A loved building a Reading Reminders solution and demo
with that approach, combining both adaptive cards to gather user input and Power
Automate to respond. A great way to quiz myself on books I have read and hopefully
still can remember.
Adaptive cards can also be used in Teams itself and send from custom applications. It
does require some additional configuration and some code, but you will have more
control over the experience. I wrote a sample to recognize active team members with
the CLI for Microsoft 365 that you can run anywhere. But you can obviously
implement any other scenario that requires you to notify a user or team.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The purpose of this guide is to help document the initial setup of a site and provide
resources for next steps and ongoing support.
Checklist
[ ] Site build
[ ] Site information
[ ] Site Ownership
[ ] Site permissions
[ ] Site features
[ ] Document libraries
[ ] Lists
[ ] Apps
[ ] Site owner training
[ ] Site user training
[ ] Site support
[ ] Next steps
Site build
Site information
Title:
URL:
Type (Communication/Team):
Group enabled (Yes/No):
Teams enabled (Yes/No):
Description:
Hub site (Yes/No):
Joined to Hub site (Yes/No):
HUB site name:
Site Ownership
Content Owner 1:
Content Owner 2:
Technical Owner:
Site permissions
Members Edit
Visitors Read
Name Description
Custom Groups
Name Description
Document Libraries
New Description Retention label Sensitivity label Content type Workflow name
entry name name name trigger
Lists
Apps
Name Description
Name URL
Name URL
Microsoft training resources
Name URL
Name URL
Name URL
Name URL
Name URL
Name URL
Site support
Name Description
Next steps
Name Description
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Basic Idea
Document collaboration, co-authoring, and List updates with human beings is much
better with Versioning enabled. People make mistakes, and Versioning provides the
safety net.
Emotionally, it reinforces the idea that SharePoint is a good place to store your work
product.
SharePoint Lists items (data) and Library documents (files) have the ability to store, track,
and restore the previous state of the item or document to how it was before a user
changed it.
Versioning creates a historical record of all changes, with the date/time and indication of
the user who made the change, on a per-file/list item basis. The end user can view,
delete, and restore a version if they have the correct permissions in the library or list.
Enabling Versioning
In SharePoint Online or On-Premises, versioning is enabled in the List Settings or Library
Settings screens by clicking on the 'Versioning settings' link. An interface is provided to
let you control how many versions you'd like to retain. The user must have the Manage
Lists permission capability to enable versioning.
Disabling Versioning
If you can Enable versioning, you can Disable versioning. Disabling versioning doesn't
delete the old versions. End users receive no notification of this change.
7 Note
A Cautionary Tale: As site owner, if you disable Versioning and don't tell your end
users, they'll notify you. In person.
In SharePoint on-premises (2010, 2013, 2016, 2019) you can view version history by
clicking on the link in the ribbon menu.
In both products, Version History opens in a modal dialog box, with options to View,
Restore, or Delete the entry. If any SharePoint Metadata columns were changed, that
column and its new value will be displayed.
Libraries Enabled at creation (and set to 500 versions) Not enabled at creation
7 Note
A Cautionary Tale:
As Site Owner, you're responsible for not exceeding your
allotted space limit. 500 versions of an Excel file won't cause any trouble. A 500-
version library with hundreds of 300MB PDF documents might push the site over
the limit and prevent users from working in the site. Watch your Storage Metrics on
storage libraries.
7 Note
All versions count against your SharePoint storage usage, as do files in the recycle
bins and files preserved due to retention policies. In calculating the SharePoint
storage usage, the full file size of each version counts towards the total usage. For
example, if only metadata changes were made to a 10 MB file with no change to its
file size, the total storage usage will be 10 MB (original version) + 10 MB (updated
version) = 20 MB.
When co-authoring is enabled in SharePoint, multiple users can work on the same
document simultaneously. Each user's changes are tracked and saved as a new version.
When a user saves changes to a document that is being co-authored, SharePoint will
save a new version of the document that includes all of the changes made by all co-
authors.
It's important to note that co-authoring can have an impact on versioning in SharePoint.
If multiple users are working on the same document at the same time, it can be difficult
to keep track of who made which changes and when. SharePoint does its best to track
changes and create new versions as needed, but it's still important for users to
communicate and coordinate when co-authoring to ensure that changes are properly
tracked and versioned.
Further Reading
Microsoft: Planning Versioning, Content Approval & How does versioning work in a
SharePoint list or library
Blog: SharePoint Maven on Versioning
Blog: ShareGate: SharePoint Version Control to the Rescue
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Basic Idea
When you're a Site Owner of a SharePoint Site Collection, you should ask yourself - Is
this SharePoint site collection associated with a modern Office 365 Group?
A Cautionary Tale:
As Site Owner, you may want to discourage other Owners of the
Group Site not to use the traditional Designer/Contributor/Reader SharePoint Levels.
This can lead to a support nightmare.
This has been the model for On-Premises SharePoint Site Collections for some time.
Traditional SharePoint Site Spawned from O365 Shared with Teams, Planner,
Site Group Outlook, etc
Owners Owners No
Designers n/a No
Contributors n/a No
Visitors n/a No
It is still possible to create a Modern SharePoint Site that isn't part of a group, and in
that case you get the usual permission levels.
Best Practices
If you're adding users to a traditional SharePoint site, add them using the Gear
Icon and Site Permissions link.
If you're adding users to a Group-spawned SharePoint Site Collection - who need
to participate in Teams, Planner, Outlook - add them with the Members link in the
SharePoint Group Site, or add them in Teams, Planner, or Outlook.
Don't add them in both places.
Remember: In an Office 365 Group, a Member added to the associated Team,
Planner, or Outlook instance is a Member in the SharePoint site. The benefits of
tool integration only works if your access is the same across the suite
A Visitor really isn't a thing with a Group-spawned SharePoint Site - unless you
add them into the SharePoint-generated 'Visitor' group via the Site Permissions
link.
A Member in a Group-spawned Site SharePoint has considerable power. That
mission critical document library with beautifully crafted Views and Workflow?
Someone adding Planner Tasks can easily delete this library.
Terminology
Product names overlap a little, so here are some stories describing common scenarios:
My team needed to collaborate, so I signed into Teams and made a Team. That also
generated a Group SharePoint site, and a Planner Board! When I add a user to the Team,
they have access all over.
I had to add some read-only users to my legacy SharePoint Online Site. I went to Site
Permissions and added them to the existing Azure Active Directory Visitors Group. I didn't
see a link that said 'Members' on the screen.
Further Reading
Groups in Microsoft 365 and Azure, and Which is Right for You
SharePoint Maven on O365 Groups vs SP Site 'Groups'
SharePoint Maven on Connecting a SP Site to an O365 Group
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
This guide will help users understand the various options available to import files and
data into SharePoint. We cover several different approaches:
Document Libraries – Drag and drop files and folders End user
The “Show progress” button will notify you of any errors and when possible
provide an intervention.
Example error image shown below:
The “Show progress” button will notify you of any errors and when possible
provide an intervention.
Document Libraries – Copy to and Move to
(Power user)
SharePoint document libraries support the copying and moving of files / folders to new
locations. New locations can include a different folder, document library or site,
including OneDrive for Business.
The “Copy to” feature will copy the files / folders to the new location while leaving the
source files / folders unchanged. With the target site and document library open:
The “Show progress” button will notify you of any errors and when possible
provide an intervention.
The “Move to” feature will copy the files / folders to the new location and will move the
source files / folders to the site “Recycle bin”. With the target site and document library
open:
Click “From Excel”; provide a list name; upload a new spreadsheet or select an
existing one and click "Next"
Select the target "Table" from the spreadsheet; set the column types ("Single line
of text", "Multiple lines of text", "Choice", "Title" or "Do not import") and click
"Create"
Example imported list shown below:
Enter the destination site URL and document library. Click “Next”.
Click “Sync”.
Click “Open” to the “Getting ready to sync...” prompt.
Confirm you login account name and click “Sign in”.
Click “Next”.
Click through the “Welcome to OneDrive” screen and then click “Open my
OneDrive folder”.
Using Windows Explorer, open the source documents folder:
messages.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
This article describes some useful guidance in naming artifacts such as sites, lists,
columns and content types; this helps to avoid issues later with either technical limits,
adoption and best practice.
The article uses an example: an HR department requiring a SharePoint site with a set of
libraries and metadata; from this, a set of examples uses this scenario.
Basics
Use descriptions
For artifacts, there is the option to include a description; this can provide the users with
more information about the location they are storing data and the type of data you
require them to complete.
It might sound obvious, but this not often done, if the type of metadata isn't
immediately apparent what kinds of information that might be stored, then these
provide guidance to aid users to understand what this is for and what you expect them
to complete - if possible provide an example.
Column naming
Creating a column sets the following:
Display Names
Display names are the visual name that users see when working with list items or
documents via forms and views. When working with these columns, on top of the basic
recommendations list above, consider the following:
Be clear on what this column represents; you know what you want to capture as
metadata, the user of the item may not.
If you use abbreviations, expand the meaning in the description to ensure the user
understands the data
If the title refers to the data type of the information, ensure the column data type
reflects this, e.g. Number of Widgets, the data type is number not string.
Internal Names
In SharePoint columns, typically have multiple representations of their name, typically
the Display Name and the Internal Name are the most commonly used.
Internal names are set once at the point of creation; you cannot change them later.
Additionally, Internal names encode special characters in your display name including
spaces not in the same way as URLs, they use a combination of underscores and x0
numbers to represent the character, for example:
You can easily find out the internal name by editing an existing column and viewing the
last parameter for the URL, e.g. &Field=the_x0020_quick_x0020_brown_x0020_fox...
In classic interfaces, I often create the column without spaces and special characters to
avoid the encoding, then rename to a friendly format. On creating lookup fields, there
are some unavoidable encoding for the colon and spaces between the field
Modern interfaces remove spaces when users with edit permissions add columns to lists
or libraries.
If you change your language preference by using the user profile service, to specify your
preferred language and then rename the column, this sets this for that language. For
example, in English Payroll ID becomes "ID y gyflogres" in Welsh, or "ID de paie" in
French. Note: Bing Translator for illustration.
List and Library Naming
With naming lists or libraries in the modern interface, be aware of the titles you are
giving the libraries, for example, in the screenshot below, I have created a library called
"Finance, HR, combined strategic team collaboration area", there are a few factors to
consider:
*https://test.sharepoint.com/sites/Tean/Finance%20HR%20combined%20strategic%20team%
20collaboration%20a/Forms/AllItems.aspx*
When naming your libraries, points to consider:
Using short names or setting titles with characters and spaces in mind: finance-hr-
combined-strategic-team-collaboration-area
Remove any unnecessary or noise words such as area, team, combined; this keeps
the URL shorter: finance-hr-strategic-collaboration
Once created, you can rename the title to be in the originally descriptive manner
with a clean URL.
URL length is a premium, your tenant organization name, site URL, library URL all
lower the amount of URL space remaining for folders and document titles.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Share what?
Yes... We hear that often. So first, let's have a quick introduction. SharePoint is a
platform. A product. You collaborate and share information across the organization,
quickly and securely. You reduce email traffic, and always have the latest version of a
document or file. You can even have a beautiful Intranet!
There are of course, many features available in SharePoint, and that's probably what
makes it 'complex'. It's a complex product, no denying. But so are many other platforms,
products, software, when we don't spend a minimum amount of time learning them. 😉
In this article, we'll have a look at why having a good understanding of SharePoint is
essential for user adoption as well as for the company, how to get you started, and also
briefly touch on the different roles and responsibilities from a SharePoint perspective.
This article is highly focused on SharePoint Online, but most of it also applies to
SharePoint Server (on-premises version).
But as mentioned above, SharePoint will offer many other features. Amongst them we
have:
Versioning
Custom metadata
Audience targeting
Content types
Labels (security)
Sharing
Workflows
Alerts
........
That being said, we also don't want to scare users. The goal is to allow them to work
efficiently, taking into consideration that 'The Cloud' is likely a new way of working for
most of them, with a product that the higher management decided to go for.
Note: The role of a SharePoint Service Admin is not in scope of this article
Basic training
Start with basic training per group or per department, a few hours per session. It has to
be a compromise between learning fast enough, and practicing the new ways of working
to complete their daily tasks. Therefore, plan the topics for each training session to be
efficient.
Depending on a user's permissions, the following are considered basic operations within
SharePoint:
Advanced training
If your users already know how to perform the items from the basic training section,
then they could potentially act as Site Owners for their team or department's site.
This involves more responsibilities as Site Owners will need to also take care of the
security aspect by managing site permissions, adding and removing users from their site
for example. They may also act as a support contact for other site members.
Those items are a good starting point, but maybe you'll be asked to customize a
SharePoint form using Power Apps ? Who knows! 😉
Having someone explain 'how' to do things in SharePoint will only put users at ease,
carry on with their daily tasks, and subsequently make the price of the Microsoft 365
subscription worth it.
Related Articles
Identifying Your SharePoint Champions
Empowering Your SharePoint Champions
Related Resources
Microsoft 365 learning pathways
Building a new Intranet from scratch, doing a major uplift introducing a significant
adjustment, or want to fill out one of those awesome look book designs with your own
content - but struggling for ideas and possible sources of content to include? This
article will go through the possible sources of content, content patterns and ideas to get
you started.
News Content
News content provides a focus point for higher frequency content creation and updates
to keep the organization informed and engaged. This location presents a massive
opportunity to keep communication flowing, build community and culture, and keep
people informed about what is happening.
There far more examples of types of news content you can promote, once you start
creating news content and publishing it all, keep it flowing, and encourage for people to
suggest articles to help keep it fresh, informative, and exciting.
Events Content
Events can come in many forms, some of the examples include:
Town Halls - Company-wide events that are intended for the whole company to
either attend or participate. List these to promote their time.
Lunch and Learns - Small events designed to knowledge share in either a team or
company side around the lunch period. Bring that social aspect to learning
something together and asking questions.
External Events - List external events the organization is hosting will invite those
internally to contribute or attend in support.
Days That Are In Support of a Cause - Bring specific days of importance in
awareness, promote what the organization is doing to support them, and the
meaning of the event serving as a promotion of the event and bringing awareness
to the organization. E.g. World Soil Day, World Braille Day or National Spaghetti
Day.
Training Days - Days in which you are training people or running learning events.
This gives people the opportunity to subscribe and learn about a technology to
further their skills.
Informal Events - Events that people run that the company promotes e.g.
Christmas party, socials, clubs, conferences where the company is not present but
maybe of interest. Consider giving people some guidelines on what can be
promoted.
People Content
This type of content has a focus on people. There are many types of content that could
be classed as related to people so here are a few examples:
New Starters, Leavers, and Movers - Listing out the changes in the organization to
let people know who they can contact and collaborate with.
Health and Wellbeing - Providing information about the resources and support
that people can receive, organizational initiatives, programs, contact points, and
documentation of the support they can use.
Education, Learning and Growth - Building people by describing the resources
available to them, opportunities to learn, more detail around training services,
events, and ways they can participate with others in community learning.
Community Resources - describe ways to connect with other people, the
communities available, technology to connect others in hybrid working like Teams
and Yammer. Communities can extend externally, connecting with other groups of
like minded people around the world e.g. Patterns and Practices, Partner
Communities, and Champions Networks.
People Stories - Bring those stories of success, challenges overcome, or bring that
human life to your content with people stories. Let people get to know each other,
their story to share with everyone, learn how other people tackle issues, challenges,
and their wins.
Behavior Management - Provide guidance in what is acceptable and professional
behaviors setup those inclusive and cultural expectations. Share how to report
inappropriate behaviors, policies, and support frameworks to allow people to feel
like they have a voice.
Leadership Blog - Give leadership a space to provide their stories, plans, goals for
the organization, get to know those who run the organization, and highlight
company-wide success.
Performance - Describe how the company manages performance, goals, areas that
require improvement, measurements, and reports.
Inclusion and Equality - Area to promote, give guidance, support, and foster a
healthy environment including all staff.
The topic is very broad but look for that content that people value, ask in surveys and
get feedback, to include ideas from around the organization.
Examples include:
Policies - These are your corporate policies and outlined processes for core
principles, business operations, and functions e.g. privacy, expenses, holiday, IT,
data handling, social media, client engagement, escalation processes, exception
handling.
Public People Profiles - For those organizations that have people meeting
customers, a summary profile about that person.
Public People Pictures - Images of employees for brochures, literature,
newsletters, articles, highlighting that person.
Brochure and Marketing Content - Content you provide your customers when
people meet them, this would be accessible to all people in your organization to
have access to approved content to share with customers.
Service Descriptions and Offerings - Content related to what you offer as an
organization, to promote your services, easily accessible for employees to share
with customers. In some cases, these are on a website, so the content would best
as links in your intranet to share with employees highlighting that resource.
Technical Manuals or Procedures - Resources related to technical information or
procedural information, standard operating procedures, as an open resource for
employees to utilize and reference. This content may also list out areas of
subscriptions to third-party or external resources that your organization subscribes
to.
Reference Resources - Central library of references and resources that people can
refer to, useful in reducing duplicate costs for similar subscriptions as well as useful
resource of what is available to use.
Landing Pages
Consider the landing pages of your sites (e.g. homepages, section and sub-sections)
that may be represented as home pages in sites. These are your sign-posts for resources
in that topic, area, or department that are most prominent, important for staff to be
aware of. If, for example, you are looking for suggestions for a department, like
Information Technology, here is some content you could write about:
Describe the Department - What does that area of the business do, this is your
front door, what would you say.
Provide Links - The most important resources that people should be aware of, e.g.
FAQs, links to external resources, policies, documents or guidance.
Business Owner or Representative - Talk about how they lead that department, a
quote or a phrase to introduce themselves, and the goals of the department.
Get to Know the Team - Describe who the leaders are in this area, contacts,
engagement points for how to contact people.
Events - Listing out relevant events for the area of the business e.g. Cyber Security
Training, Ask Me Anything events, Genius Bar style drop-in events.
Surface Related Content - Let people know there is new content or pages to
perform specific tasks or functions.
Consider this as your shop window to your team. How can you help your readers?
External Sources
Finally, external sources of information, where this may be a variety of content on the
internet such as:
Conclusion
These resources are ideas and suggestions to use if you struggle with thinking about
what to write about. They are potential ideas to grow your content and keep it fresh for
staff.
Resources
Plan your SharePoint communication site
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Many organizations have a small team supporting all aspects of their environment from
break/fix through development of new solutions. There is not enough time in the day to
add crucial change management tasks to ensure adoption on top of this already heavy
workload, so it is commonly skipped. This risks engagement, adoption, clear insight into
departmental challenges, and maintaining open communication for collaborative
development.
There are hidden champions within your organization to help with these challenges if
you know the right places to look. They are not necessarily the same people as your site
owners though they can be. Here are some places to look for your champions:
In Training Sessions
There is a wide spectrum of technical capabilities in the room to learn the same business
processes and technology though everyone walks out with slightly different knowledge.
Focus on these edge cases of who is in the room as they will help push the boundaries
of your thinking.
Finding Microsoft 365 champions in these groups can be helpful in identifying the issues
more clearly. Maybe the solution isn't aligned with how they work and needs
refinement. The team might have grown since implementation and there is a gap in
continued training or supporting materials. Having insight within a group will more
quickly bring light to where the gaps are and, as a trusted partner, the conversation and
reporting of issues will flow more easily.
When an end user is breaking governance, it is because something is not meeting their
day-to-day business needs. Open the conversation to understand why. If you don't, you
are encouraging shadow IT as there is a long list of free options available to meet their
external collaboration needs that is now outside your monitoring. If you do, you are
building trust in the relationship and gaining crucial insight into their needs.
In Usage Reports
In the Admin Portal there are Usage Reports for SharePoint, OneDrive, Teams, Skype,
and email activity. The SharePoint usage reports show the files viewed or edited, files
synced, files shared internally or externally, and pages visited for each user. You can
identify different types of end users here using these metrics to pick out your top
content consumers and top document collaborators. These end users will have feedback
on the current environment configurations and likely a wish list of what they hope
Microsoft 365 can do. With how fast Microsoft releases new updates they may not be
aware of some solutions that are available right now! If your top users are heard and
supported, they will have some of the loudest voices on whether Microsoft 365 is
working for your organization.
Tip
This is commonly where people begin and quickly end their search for Microsoft
365 champions. To get the most valuable feedback you will need to look further
than just your top users. What about users with incredibly low usage in a
department that you know has fully adopted Microsoft 365 as a solution? Finding
out why it is not working for them can be more valuable than hearing the same
positives of why it is working for their team members.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
What is so different about a Microsoft 365 champions group from a site owner's group?
It depends on your organization. Some companies may expect their site owners to only
focus on content management to keep the intranet up to date with valuable information
supporting the governance plan. Microsoft 365 champions can also be site owners
though their support of the platform extends past content ownership. Champions are
dedicated to contributing to the roadmap of Office 365 at your organization. They are
interested in providing feedback, testing beta releases for new solutions, and sharing
their knowledge with the company to drive engagement in the platform.
Have you ever needed to talk through something out loud to identify the best path
forward? Your Microsoft 365 champions may not have colleagues in their department
who are as familiar with the technology. Creating a place to have these discussions will
give you the opportunity to learn more of the "why" for what they are trying to
accomplish and guide them in the right direction. The best solutions come from
collaborative development with the people using them.
Additionally, hosting these meetups will ensure you are part of the conversation which
gives you the opportunity to guide the Microsoft 365 champions within the
organization's roadmap and governance. I am sure your Microsoft 365 champions can
search for some great InfoPath stuff on the internet, but do you really want them
building that? It is much easier to course correct in the initial stages of a solution rather
than discovering it after it has been released to end users.
Tip
Solutioning, change management, and adoption can be really challenging. Give your
Microsoft 365 champions a place to share frustrations so they can receive support and
guidance. You are a team working together regardless of your reporting structure and
departmental business goals. It is a great feeling to be included, supported, and
recognized for your work.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Basic Idea
Over time, you'll want to keep the documents you offer the organization up to date.
One problem you'll run into is SharePoint thinking files with different names are totally
different, when in fact you want them to be considered versions of the same file.
Since the names contain the revision date, when the next iteration of the file is
uploaded, SharePoint will see it as an entirely new file. This means any connection to the
old file and its history (version history or metadata) is severed.
Better practice
Instead, name your documents based only on what they are. For example, rather than
Change in Terms Procedure Rev 12.15.2021.PDF, just use Change in Terms
Procedure.PDF.
Anyone who finds the document shouldn't have to worry about whether it is current or
not: only the most current version should be available on your Intranet. (There may be
exceptions to this, but it is generally the case.) As a Site Owner, this is one of your
resposibilities: keeping your content current and valid.
Each time you copy in a new version or upload one, it will become a new version of the
same file and get the same metadata. This also guarantees any links to the document
stay valid. You won't need to scour your own pages for links. Maybe someone in a
different department linked to your document, and you don't want that to break.
If revisions matter
If you need to keep older revisions, do that in your Team Site. If the revision date is
important, then it should be a metadata column on the library, not embedded in the
filename.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
With the advent of modern pages in SharePoint Online, the classic top-down site
topology, as we know it, has evolved to a flat structure that is designed to adapt to your
changing organizational structure and content.
We prefer the term topology over hierarchy or navigation because your hierarchy and
navigation can be significantly different from how you create your site structure.
Every new SharePoint site collection is created under the flat topology, with new site
collections being placed either https://tenantname.sharepoint.com/sites/sitename or
https://tenantname.sharepoint.com/teams/sitename, depending on the type of site (and
the tenant site creation settings).
Also, when a user creates a new Team in Microsoft Teams, Office 365 creates an
associated SharePoint site collection (also located under
https://tenantname.sharepoint.com/sites/sitename or
https://tenantname.sharepoint.com/teams/sitename); Microsoft Teams uses the
associated SharePoint site collection to store documents and other relevant information.
The same applies to Office 365 Groups from Outlook, Planner, or Yammer.
The flat topology helps support a self-service and cross-product architecture that would
be practically impossible to manage in a top-down topology.
Using a flat topology, site owners can easily manage user permissions for their sites;
because every site is a top-level site collection, there no inherited permissions to
complicate things.
When deciding how many sites you need to create, you should consider the following
criteria:
Authors: Design your physical site topology to cater to people who create and
maintain content. Content should be stored where it is best managed.
Security and Policies: Create a site topology that makes it easy to assign
permissions; avoid creating sites that require a complex security matrix to
determine who has permissions to which content, as it often results in difficulties
maintaining sites. If in doubt, create two sites with different permissions. Also, keep
in mind your organization's governance and compliance policies, such as retention,
external sharing, quotas, and so on.
Lifecycle: Design your physical site topology with your content lifecycle and
workflows in mind.
For example:
Should you create a single site for your Accounting department to store Accounts
Receivable documents, Accounts Payable, and Financial Statements, or should you
separate them into two (or more sites)? It ultimately depends on who should have
permissions to what content.
If you need to create an Annual Report every year, do you create a single site
called Annual Report and change permissions every year, or do you create a new
site every year? It depends on whether the people contributing to the annual
report change every year.
Although your company's organizational structure may help to identify your physical
site topology, do not limit yourself to replicating it.
For example, your Human Resources department may need a team site to store
confidential information about employees, which can be accessed only by HR staff, and
a communication site to store company-wide information about policies and benefits
which is accessible to everyone in the organization.
For example, your HR department may have different sites for Benefits, New Hires, and
Recognition and Awards; To make it for your employees to find content, you may wish
to logically group under an HR site. To do so, you could create a communication site
called HR, convert it to a Hub Site, and assign Benefits, New Hires, and Recognition and
Awards to the HR hub site. Although all 4 sites are physically at the same level, they
logically appear to be in a hierarchical structure.
However, a computer can do precisely that; using machine learning, Office 365 and
SharePoint can observe every user's activities, interests, and usage patterns to determine
which sites to display on a user's SharePoint landing page.
When a user arrives at their SharePoint Home, SharePoint helps users find relevant
content by showing relevant news and recent activities from sites that the user follows.
It also shows sites that the user frequently visits, and makes recommendations based on
the user's past activities and their peers' activities.
While you cannot control this behavior, you should be aware that your site topology can
positively influence SharePoint's ability to deliver the right information to users.
For example, if you created a large, monolithic site that contained all of your company's
content in a single place, SharePoint would be less able to highlight relevant content for
users. The same site would always appear on the SharePoint Home page for every user,
showing too many recent activities to help users make sense of what matters.
On the other hand, if you separate the content into smaller sites based on their purpose,
SharePoint would be able to identify which sites were recently changed and highlight
those changes to the relevant users.
After you consider your physical and logical site topology, take a look at the metadata
topology.
Naming conventions
As you develop your organization's site topology, you may wish to define a site
collection naming convention. A naming convention can help users identify the function
of a site collection, membership, geographic region, or who created the site collection.
As Office 365 allows users to create site collections, either directly in SharePoint, or via
any other group workloads (Outlook, Microsoft Teams, Planner, or Yammer), the only
100% reliable way to enforce a naming convention is by enabling group naming policies.
Since all Office 365 group workloads automatically create SharePoint site collections,
naming policies affect all group workloads -- not just SharePoint.
Prefix and/or Suffix: You can define prefixes and/or suffixes to automatically add
either a fixed string (e.g., GRP_) or a user attribute (e.g., [Department]) before or
after the group name. For example, if you define a group naming policy with GRP
[GroupName] [Department], and a user from the IT department wants to create a
group called My Group, the complete group name will be GRP My Group IT.
Custom blocked words: You can define a comma-separated list of words that you
do not wish to allow in the group name. The words are case insensitive, and only
whole word matches apply (i.e., no partial matching).
You can use custom blocked words to "reserve" keywords and prevent multiple users
from creating multiple departmental sites. For example, you could define HR as a
blocked word to prevent users from creating an HR site until you have created the
appropriate topology.
The Office 365 Global Administrator and a few other administrator roles are exempted
from these restrictions. You can potentially apply the policies to prevent users from
creating sites with blocked words without affecting your ability to create the site
topology your organization needs.
To find out more about Group naming policies, and to learn to define them, visit the
Office 365 Groups naming policies documentation.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Before we jump to the topic at hand, a little recap of the terminology involved:
Example: I have a document library where our company stores our vendor agreements
and would like to "tag" each agreement with the vendor name(s). That way it's easier for
us to find specific documents, filter by vendor, etc.
In this example I've created a term set called Document status with the terms
Draft, Waiting approval, or Published
I'm adding this term set as a column to the Vendor Agreement library above
I'm using this column to track the approval of the documents we have in the library
Pros of Managed Metadata columns
Managed Metadata is globally available - across all sites in the farm or tenant
Managed Metadata supports language translations
Changes to the term set values will be updated across all sites
Administrators can control who can contribute to each term set
Combined with search, you can create a global search center with refiners across
all sites using the term set
My experience
There is no single way of doing things in SharePoint. It all depends on the use
cases.
I normally use Managed Metadata when dealing with cross site publishing or
global search-related metadata. Because the metadata values are normally
managed by a few people and used widely across all sites in SharePoint, we get
more consistency and converge on a common understanding. This is especially
true when building Document Management solutions or Intranet News publishing.
I use Lookup columns, when I'm building solutions that are locally related to a site,
and the lookup data is from multiple lists already in the site. For example, when
building custom apps with Power Apps and I'm using SharePoint lists as data
sources.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Best practices and strategies for building and operating large SharePoint Lists and
Libraries well above the item limit threshold.
Summary
List or Library above 5000 items is indeed possible with planning and some
filtering/sorting compromises.
If you can make it modern, you should. The modern experience improves over
time; classic does not.
Apply remedies before you hit 5000 items, though in some cases, you can make it
to 20000. Procrastination will hurt you!
Your users don't care about this limitation one bit. Word doesn't limit you to 500
words. Excel doesn't limit you to 50 columns. As site owner, you need to be on top
of this.
If your List or Library is at 3500 items, fair chance it'll hit 5001 when you're on
vacation.
SharePoint Myths
There are couple of myths floating around in the world of SharePoint Lists and Libraries.
One is that you shouldn't treat a List like a database (untrue - it is just fine for a power
user to create a database). The other is that Lists and Libraries with more than 5000
items just won't work. Both of these are false. Here is guidance on how to own and
operate a list or library from 5001 - 30 million items.
A Cautionary Tale:
As site owner, your end-users and power-users will hit this wall
without careful planning and some monitoring. To them, the List/Library will appear
broken and will reflect badly on you and the tool. They'll be given almost no
warning that they're exceeding the threshold.
What is the List View Threshold?
When the number of items or documents is so high that SharePoint displays an error
instead of the content. For many years this was 5000.
Behind the scenes. SharePoint is querying data from a database. It, like all systems, can
do but so much at a time, and the Item Limit Threshold is that limit of items that are
displayed in a given view.
If you've operated sites with SharePoint Lists or Libraries for any amount of time, you or
one of your customers will trigger the Item Limit Threshold in a List or Library. Either
they've published a 300,000 row Excel spreadsheet as a new List, or they decided Friday
afternoon right-before-quitting-time is the perfect time to upload the entire network
drive's contents to a single Library. Views break. Sorting and filtering (especially on-
premises) fall apart. Users report broken sites and missing data.
It's easy to check the number of items or documents in a List or Library. Either look in
Site Contents, or look in the List/Library Settings. A blue bar will appear there if the
List/Library is getting close to the limit.
Monitoring tools
Your workplace may have some sort of fancy third-party
monitoring tools to report on item/document totals. If you're not so lucky, you as a
Site Owner can set weekly Email Alert Notifications on the List/Library to keep an
eye on things. It's not true reporting, but you'll be able to see trends in Lists.
* Someone with Central Admin access is needed to change this. And when you ask them
to, you'll be given reasons why it's a bad idea. That's their role - keep the databases
performing well and sites up and running. The smart play is to ask them to increase the
limit for a very short amount time so you can fix your List/Library, and then return to the
default threshold limit. Lists and Libraries can also have the limit disabled via PowerShell
by setting the EnableThrottling property to false. See the example below.
** Your admins can schedule a time when the threshold is lifted on a schedule- generally
after hours. Doing this during business hours will frustrate your users by created a mixed
experience.
PowerShell
$list.EnableThrottling = $false
$list.Update()
The most fundamental difference is that Modern will, over time, get new feature
improvements to improve the experience of over-threshold Lists/Libraries. Classic will
stay the same.
If it's a Document Library, consider using the SharePoint Content Organizer to route
your documents (based on a condition) to different libraries with the same metadata.
But is that what your customers want from a user experience perspective? Does it feel
similar to having to update multiple spreadsheets? What if they want to do reporting on
this data, and they have to deal with multiple Lists? This scenario shouldn't be your first
choice if you can avoid it.
Search-Only Example:
The article author currently manages a folderless SharePoint
Library with 450,000 PDF files in it. Those files are uploaded to the library through an
external process. Each file has a meaningful file name, and the customer uses Search
to find just the document they need instantly. They'll never sort or filter the library,
or edit the documents, so this scenario works just fine. No columns are indexed.
Can Grouped-By Filtered Views help me here?
This one gets complex real fast - especially with views for Document Libraries with
folders. Read Joanne Klein's excellent deep-dive into this for more information.
A View that's over the threshold will generally only display if it's filtered by an indexed
column first in the view, and that filter returns no more than 5000 unique values.
This is done by going to the List or Library settings, choosing the Indexed Columns link,
and indexing the columns one by one. You can add up to 20 indexes to a list or library.
Choose wisely - what columns would you or your users want to base a view on?
Automatic Indexing:
SharePoint lists/libraries in SharePoint Online now have the
capability to index columns automatically. But like all automated processes, it may
not index the right column for your users, and will not automatically create indexes
for lists/libraries with more than 20,000 items. Don't count on this to save you. Plan
ahead.
It's important to take this action early - SharePoint on-premises (2013) won't let you
create an Index past 5000 items. It is uncertain if there is a hard limit in SharePoint
Online, but once you cross those lines, it is difficult to correct. You have to delete lists
items to get back down below the limit, and then index the columns.
For the best user experience you should be proactively ensuring the appropriate
columns for your lists/libraries are indexed, based on the columns used most frequently
in views and/or filtered by your users. You can add indexes on up to 20 columns on a list
or library.
In fact, if the columns displayed in your List/Library View are all indexed columns, the
View will function almost like a regular list/library view.
In this scenario, we've created a SharePoint List or Library that will work right to 30
million items. Default view is bullet-proof in Classic or Modern.
Your users can create Personal Views that show just their Created By
entries.
Business analysts can create reports based on Likes Cats
preference.
The Biography column - best case - isn't displayed in any views. Only
viewed/edited when the user interacts with the item.
It may be worth also indexing Modified here for Power Automate Flow users
running the trigger for when SharePoint Items are Created or Modified.
The model will work great for years. Each folder acts as sort of a reset on the Item Limit
Threshold for the default view. New folderless flat-Views can easily be created using the
columns you've indexed.
Folders, Document Sets
Remember, folders count as items when calculating the
threshold.
Further Reading
Microsoft: Adding an index to a SharePoint column
Microsoft: Manage large lists and libraries in SharePoint
Blog: SharePoint Online List View Threshold
Blog: Deleting a Very Large SharePoint List
Blog: Predictive Indexing Comes to SharePoint
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
All Items
As a SharePoint Site Owner, you benefit directly by having users who find the product
useful with a good user experience. Some things you have control over - navigation
structure, page structure, content types, and List/Library Views. If you totally ignore what
you have influence over, your users might perceive SharePoint as something IT imposed
on us. If you lend a hand as Site Owner, you can change that perception. You can be the
one who makes Lists/Libraries a joy to work in, a useful thing to work in.
7 Note
Microsoft Lists is available both in SharePoint and on its own as the Lists app.
You should lend a hand to your users by making List/Library default Views meaningful
and useful from the start. Users can make their own Views, of course, but by showing
them what a good View is like, you can empower them to work efficiently.
7 Note
This article is left-to-right language focused - and should not be considered best
practice for right-to-left languages (like Arabic or Hebrew).
You should also learn concepts like item/document View metadata filtering and
grouping content.
By taking a beat and thinking about the tasks your users will perform, you'll get a head
start on making a useful View.
Check the guide to handling Views where there is a lot of content: Living Large with
Large Lists and Large Libraries
Ask the question, then shrink your monitor down, and put your browser's Developer
tools into 3G mode, or mobile simulator mode (Edge, Chrome, Firefox all do this) to
simulate the experience. Speed of the user interface is a critical component of good UX,
and something you can control in a View with careful planning.
Think about:
Effective Visual Hierarchy - A View is mostly rows and columns, so hierarchy might
not be the first thing that comes to mind. But it's there - left-to-right reading,
column order (more important columns on the left) and relationship to the filters
pane.
Use of color - With Column Formatting and View Formatting there are real
opportunities to apply a plethora of color, icon, and font treatments to your
default View. Use sparingly to deliver the most impact. If every column and row is
colored in, the user can feel overwhelmed instead of informed.
Coloring in rows of data delivers the most impact when its tied to a business goal and
provides actionable information to your List/Library user.
Column formatting
View formatting
The F-shaped pattern is another classic User Experience principal that directly
applies to List/Library Views. The most important, most actionable columns in your
default View should be on the left and sorted by what-needs-attention towards the
top. If you imagine a large letter F superimposed on the page, this will help you
visualize it. User Experience Researchers have used eye tracking to record this
phenomenon. Users are reading left-to-right and scanning quickly to find the
information they need. Does your View support this?
Here's how this eye-tracking might apply to a View. This graphic simulates the output of
eye-tracking heatmap results. Red areas are scanned more thoroughly by your user than
green.
As the Site Owner, you're doing your users a service by pinning choice and date columns
to the Filters Pane, and maybe those columns from the default View. You'll need to
instruct your users about the pane's existence, but if they've ever used SharePoint
Search refiners or any shopping website before, they'll totally get it.
Title column on the left side of the view (same with Name, if it's a Library). Maybe
the most left you can, but not in the middle or the right. Give users a target to click
on where they're looking.
In a browser, zero percent of users want to scroll horizontally even though it's
super easy to three-finger horizontal swipe on your brand-new state-of-the-art
developer-grade laptop trackpad. Use the Filters Pane instead. Or create a
secondary View that shows more columns.
Sort Modified date descending and display the Modified date column. This
provides the context of freshness for a given List/Library's View. In many cases, the
user's needs to act on the most recent item in the list, like approving a travel
expense or reviewing a document update.
Display 1 or 2 extra metadata columns for the default View but more than that
may be a higher cognitive load than what your users can handle. And more
columns could lead to horizontal scrolling.
You almost never need a Multiline column in a default View as it breaks up the
flow of rows in your list by adding different heights of text. This can slow down
your user's reading/scanning of content in the View.
Principal author:
Patrick M. Doran
How Do Site Columns Become Managed
Properties - Thus Available for Search
Article • 07/12/2022 • 6 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Before we jump to the topic at hand, a little recap of the terminology involved:
For more details about the SharePoint search schema visit Microsoft official
documentation to learn more.
Also head over here to read more about PnP Modern Search Solution , I will be using
this to show a quick usage of Site Columns in Search.
Where
A Site Column can be created generally in two places:
1. In the Content Type Hub - Using the Content Type Hub will make the column
available to all sites in your SharePoint tenant.
2. In the Site Collection (or modern site - which is a Site Collection) where you will be
using the column
7 Note
This article doesn't discuss in detail the Information Architecture decisions about
when and where to create Site Columns.
Using What
There are a lot of tools you can use to create a Site Column
1. Manually clicking in the SharePoint page, this is what we'll be using in this article
2. Using PnP PowerShell
3. Using Site Scripts & Site Designs
4. Using code
How
In SharePoint, navigate to your Site Settings and choose Site Columns. The Site Columns
page will contain all the metadata columns currently available in your site, except for
hidden system columns.
Choose Create
A Site Column can be created for many different information types, including: Single line
of text, Number, Date and Time, etc. In fact, all the same column types you might add
directly to a list or library are available to you.
When you are done with the settings for you new Site Column, scroll down to the
bottom of the page and choose OK. The new Site Column will be created and listed in
the Site Columns page in the Group you have chosen.
Tip
By putting your custom Site Columns into a group (or groups) preceded by "_" or
".", you'll see your own Site Columns at the top of the listing page.
Where to use Site Columns
Site Columns, are normally used in Document Libraries or lists.
Locate your list or library and navigate to List settings or Library settings.
In the column section, choose to add a column from an existing Site Column.
The Site Column is now ready to be used in the library, and you can now add values to
the column in the list or library.
Next, you need to wait for SharePoint Online to do its magic. This magic takes the form
of the search crawler indexing the column and its values. This generally takes only a few
minutes in SharePoint Online, though it can take longer.
) Important
You have created content using the Site Column. Just defining the Site
Column is not sufficient; there must be content to crawl.
If the site is a Communication Site, the Site Columns should then become
Crawled Properties.
If you are creating Site Columns in a modern Team Site (which has an
associated Microsoft 365 Group), you must be a Site Collection Administrator
explicitly for the crawled and managed properties to appear in the schema
admin UX. The properties do exist and work for search, but makes it hard to
do custom mapping. This means adding yourself as an individual to the Site
Collection Administrators. It is not sufficient to be an Owner of the Team Site
(and thus of the underlying Microsoft 365 Group).
In the meantime you can navigate to your tenant's Search Administration page:
SharePoint Admin Center / More features / Search / Manage search schema
(https://[TenantName]-
admin.sharepoint.com/_layouts/15/searchadmin/TA_SearchAdministration.aspx) page to
review the current settings. You will need the SharePoint Administrator role to be able
to access this page.
Navigate to Crawled properties and search for your custom column, if the search crawl
has done it's job, you should see your site column as a crawled property.
7 Note
Crawled Property names don't match the Site Column names exactly. Often, the
Crawled Property will look like ows_[SiteColumnInternalName] , for example,
ows_MyCustomColumnForSearch . Different column types will have different naming.
Searching for a significant fragment of the Site Column's name should help you
find it, such as "MyCustom" or "ForSearch" for the column above.
You may then find one or more crawled properties:
shouldn't be used.
In SharePoint Online, we're not allowed to create new Managed Properties in the search
schema that are "Refinable" or "Sortable". Microsoft has created a number of Managed
Properties that we can use in order to extend the search experience. These properties
take the form:
To make sure that the index maps your Site Column and its content in the next search
crawl, you can navigate back to your site, and in Site Settings, choose "Search and
offline availability".
Click Reindex site then OK, then wait… [Insert patience here]
When the index has been updated you will be able to search for content that has your
Site Column metadata as shown below.
To extend the search experience you can use the PnP Modern Search Web Parts.
solution to build custom search page(s) with its powerful Web Parts:
You can also embed a SharePoint search page in Teams as a personal app by following
this guide
Conclusion
This article has only scratched the surface of what is possible with Microsoft 365 Search.
By creating Managed Properties specific to your content and processes, you'll be laying
down an important foundation for more sophisticated search-driven solutions.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Overview [tl;dr]
Users use documents. Now, and forever.
If there's one document, there are probably related documents.
Users are too busy to apply your beautiful metadata scheme manually.
Users benefit from good metadata and organization.
Users blame you, the site owner, when they can't find a document.
SharePoint Libraries have had an amazing tool to help your users classify, organize,
and find documents - this whole time - called Document Sets.
All the familiarity of putting related documents into a folder, while maintaining
valuable SharePoint metadata capability
For the non-technical user, it reduces the cognitive load of assigning complex
metadata to documents
For the power user, it allows for assigning complex metadata to documents,
creating metadata driven views, and executing workflows on a bunch of files at
once.
Build a bridge:
You, the site owner, live your life in views, Flows, metadata, lookup
columns, and are always learning for new automation features. Your coworkers may
not be. They may be working in legacy back office processing functions, handing
paper or PDF documents. The Document Set is the bridge for them – it shows them
the possibilities and capabilities of SharePoint without a huge learning curve.
Multiple naming schemes have been tried but keeping the required 5-10 per-claim
documents together has been a challenge. Their SharePoint Library now has 10,000
documents. Metadata columns were added, but staff grumbled at having to pick the
same fields over and over for each document.
SharePoint Search is powerful but doesn't necessarily show related documents together
the way your users want.
To turn this around, the Site Owner performed some old-fashioned process analysis of
the work, identified a few helpful metadata columns (Date of Claim and High Risk
Customer) and began the process of upgrading their library to support SharePoint
Document Sets.
What's fundamentally different about the Document Set Content Type is that you can
put another file inside the Document Set. The user experience is very similar to a folder
(but it is certainly not a folder). Your user can easily make a new Document Set and drag
and drop documents into it. They'll get it on the first try, just like they with folders.
The key advantage over a standard folder is inherited metadata. When you create a new
Document Set, you add metadata to the Set that is automatically passed down to the
documents within. And you can control which metadata is at the Set level, and what's
shared with the individual document. This is the magic – it's free metadata, and free
document organization. No code, light configuration.
Additional Benefits
With a Document Set enabled SharePoint library, it is still at the end of the day a
SharePoint Library. Without any code, you still have Email notifications, Microsoft Power
Automate Flow, custom Views, drag-n-drop files, web parts, sharing links, Content
Types, bulk download, bulk property edits, filtering, versioning, and more.
You sacrifice nothing by enabling Document Sets and gain the advantage of a library
with users who can find their stuff and get, maybe, a little more excited about the
Microsoft 365 / SharePoint tool that IT has cast upon them.
Teams Tip
It may be better to use the Website tab in Teams for Document Set use.
That will keep the work contained in a single Teams tab.
2. Major Versioning enabled. Minor versioning disabled. Check In/Out disabled. New
Folders disabled.
4. In the site collection Site Settings, the Document Set feature was enabled.
5. The Document Set Content Type was added to the new Claims Auditing library,
under Library Settings
So far so good. At this point, we've got a SharePoint Library with Document
Sets, but we don't have the real value of it yet. Keep reading:
6. Add two new columns to the library, Date of Claim (a date column) and High-Risk
Customer (a Y/N choice column). Set the Date of Claim column to default to
today's date, and High-Risk Customer to default to No.
At this stage, these 2 new columns are available in both the Document Set and
the documents uploaded in the Sets.
7. Add another column called Assigned Reviewer (person column) to the library.
8. In the Library Settings, under Content Type, choose 'Document Set', and then
Document Set Settings. From here, under Shared Columns, check Date of Claim and
High-Risk Customer. But not Assigned Reviewer.
If you've followed these steps, you now have a document library where a user can create
a new Document Set for each claim. The Date of Claim value is pre-populated with
today's date and High-Risk Customer is defaulted to No. Every document that is
dragged-and-dropped into this Set will inherit those values! And, if you change the
value in the Document Set, the documents in it will automatically update with those new
values!
Since each document (within the Document Set) has a different person reviewing it,
each document can have its own Assigned Reviewer associated with it – because we
didn't make it a Shared in the Document Set settings.
Epilogue
End users of the library rejoice – they're given a library that appears organized by folders
(but of course, it's not a folder) and they can sort/filter by Date of Claim and High-Risk
Customer at the Set level. They can create Views based on a date range or status. The
default view went from 8000 individual documents to a thousand Document Sets.
Site Owners were took the silent satisfaction of watching the library thrive over the
years, with users rising to become power users.
Document Sets enable easy out-of-the-box file organization and automatic classification
using the tool you already own. SharePoint Document Sets are magic. 🗂
Further Reading
Microsoft: Intro to Document Sets
Microsoft: Create and Manage Document Sets
Blog: SharePoint Maven: Document sets – the hidden gem of SharePoint
Blog: Marc Anderson: A love for SharePoint Document Sets
Blog: Ben Prins Power Automate Flow and Document Sets
Microsoft PnP: Adding a Document Set with PnP
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
SharePoint gives us the _Document Content Type "out of the box". Every Document
Library you create in SharePoint (assuming you don't use some fancy template) has the
Document Content Type enabled for it. So many people just start dumping their files
into the Documents (aka Shared Documents) library with every file becoming a
Document and then wonder why no magic is happening.
Org Base Document - When you start setting up the information architecture in a
tenant, it makes sense to create a Content Type like this, usually putting the name
of the organization in place of "Org". You may never touch this Content Type again
after you create it, but it really comes in handy when someone says something like,
"let's add X to ALL our custom Content Types".
Contract - This is also a Content Type which we may not ever enable in a
Document Library, but it allows us to search for Content Types which inherit from
it.
Most of the time, you'll want to create Org Base Document and Contract at the tenant
level (in the Content Type Hub, via the Content Type Gallery in the SharePoint Admin
Center). We use that enterprise level capability for Content Types which may be used in
one or more sites. It gives us a central place to manage our information architecture -
where it makes sense to do so. Since we're going to inherit from Org Base Document
for all the custom Document-derived Content Types, we create it at the tenant level.
When we set up a custom Content Type and inherit from an existing Content Type,
there's a brilliant logic under the covers. The out of the box Document Content Type at
the tenant level has its ContentTypeId=0x0101 . 0x0101 represents a Document in every
tenant. (See: Base Content Type Hierarchy for the full list of base Content Types in
SharePoint.)
When we create the Org Base Document Content Type in the Content Type Gallery, it
gets a ContentTypeId which starts with 0x0101 and then has a unique GUID-like part.
Here is an example full hierarchy tree for the Content Types with their ContentTypeIds in
a tenant. (Your actual ContentTypeIds will vary.)
As you can see, the inheritance model makes a lot of sense. Each inheritance appends
something unique to the ContentTypeId . Once we've enabled the appropriate Content
Types in Document Libraries (in this case), we can take advantage of the hierarchy using
queries like:
Intent Query
Intent Query
Show me all the Contracts is the really powerful query here. By requesting all content
with a ContentTypeId which starts with the Contract Content Type's ContentTypeId
(That's what the asterisk does for us.), it doesn't matter if we create a new Content Type
inheriting from Contract. The query will automagically continue to do what we want
because the next Content Type inheriting from Contract will have a ContentTypeId of
0x0101002FBDBE6A1A315F438E41F10681463A610103 . In other words, the
Pair this good information architecture with the PnP Modern Search Web Parts, and
you can build search-driven experiences which are highly specific, easily maintained, and
extremely reliable. This is NOT "just Google". It's you building solutions to match the
user stories and content needs in YOUR organization. If you extrapolate from these
examples, you probably can imagine some potential hierarchies in your information
architecture which may help you create more powerful solutions for your end users.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Gone are the days when SharePoint Lists and Libraries made for a dull and boring
experience.
Today, we not only can choose from improved pre-configured formatting but also the
recently released Board View, we can also tweak these existing layouts or go even
further and apply custom formatting.
Historically there have been some formatting functionality that was released first to Lists
before it was available in Libraries; but today, both share similar formatting support. One
notable exception is the new Board View, which is only available in Lists.
Another note for those wondering about how Microsoft Lists may fit into this
conversation: as far as this conversation is concerned, it is not important whether your
list is stored in SharePoint or whether it exists as a stand-alone resource - they both
utilize the same underlying framework.
To introduce the concept of formatting, it is useful to begin first by defining the core
concepts of Document Libraries and Lists. We will then discuss some of the reasons you
may want to consider formatting. Finally, we'll review the high-level areas that support
formatting today - Column Formatting, View Formatting, and Form Formatting.
Carefully applying style can also help apply a visual hierarchy to our information,
drawing our user's attention to the most important information and de-prioritizing any
supporting information.
Other advantages of formatting include creating layouts that better suit the type of
information being presented. For instance, imagine laying out Images, Tasks, and
Documents in a single rigid fashion. Clearly there are ways to display Images (such as a
Tile or Gallery layout) that could be tailored differently than Tasks (such as a Kanban
layout).
By leveling up the formatting of our list and libraries we also incentivize new users with
a more modern and appealing user experience, and thereby simplify our change
management and adoption efforts.
Types of Formatting
There are a few different areas where we could apply custom formatting, and it is useful
to split these out and understand how each has a role to play. In some cases, you may
want to consider getting started in only one area before exploring remaining options
that introduce more complexity or have a broader impact.
Column Formatting
Columns represent the 'Fields' in our Lists and Libraries - the vertical segments of
information. A good equivalent concept is Column Headers in an Excel Spreadsheet, in
which each Column contains a different type of information. One column may contain a
list of Products, while another may contain the Prices for each product.
With Column Formatting, Lists and Libraries now have certain pre-configured
'suggested' formats that appear by default, depending on the type of column selected.
For instance, when creating a choice column, we now get defaulted to a simple color-
coded 'Choice Pills' format:
When column formatting is applied across several columns, it can transform the entire
visual experience and make a list feel more modern and dynamic. There are
opportunities to make information more meaningful across different types of columns,
such as showing a User with both their Profile Photo and their Name, a Due Date that is
formatted when it is overdue, and numerical columns that are transformed into image-
based indicators. When combined, these effects make the list content more scannable
and easier for users to consume. Compare the two versions below:
While this blog will not attempt to cover all the possible ways to format a column,
another very useful example of column formatting is to embed actions in line with the
list content itself. This can be tremendously useful for triggering things like Power
Automate Workflows as the user experience to do this can otherwise be harder to
locate. For instance, in the example below, we've created a Workflow that allows the
Project Manager to elect to Promote an Active Risk into an Active Issue, by moving the
content from one list to another and vice versa.
If you're looking for inspiration, a great place to look and even copy and paste code
from community examples is the PnP Column Samples in GitHub as well as the other
resources below.
Column Formatting - Suggestions
View Formatting
While the ability to create custom Views within our Lists and Libraries is far from new,
there are some interesting new options available for SharePoint content management.
In contrast to Column Formatting where your styling will apply to a single column or
field, View Formatting applies the stylistic change to the entire List or Library. When
creating a New View from a List, you get several pre-built options to get you started.
Libraries offer the same initial options, apart from the Board View, which you'll only find
on Lists.
The Card Designer available when using the pre-set Gallery view can be very useful as it
gives you an intuitive configuration experience to select what you want to show on your
cards. If you've ever wanted to display your documents or list items as cards, now you
can with no code!
In another example, the View below can be achieved simply by tweaking the
configuration to make a Library of Images much more interesting and informative.
As mentioned earlier, Microsoft has recently released a new Board view for Lists, which
gives us a Kanban-like layout for organizing our list items, and even facilitates moving
them between columns by dragging and dropping.
Much like Column Formatting, these formats can also be tweaked to your own needs,
and there are quite a few use cases to consider, from accordions used to expand and
collapse a list of FAQs, to tile-based buttons with iconography, to Gantt charts, to
complex hover effects displaying additional metadata, and even timeline-based views.
There's even a quite amazing sample by João Ferreira that closely replicates the user
experience of To Do in a SharePoint List.
Another interesting scenario is to have the formatting utilize conditional logic to only
show information based on values in other columns, or based on the current user
viewing the information. Using this technique, we can easily create a personalized
experience for end users.
Many teams find the 'Grouping' functionality useful in Views, which introduces the
ability to expand and collapse groups of information and avoids the use of Folders.
Formatting can be applied to adjust the look and feel of the groupings, adding colors,
iconography, and even removing the annoyingly repetitive column name label at the
beginning of every grouping!
A more recent addition is the ability to use View Formatting to configure the List or
Library Action Bar. This can be used to hide or show certain actions, move their order,
change their text, tooltip, or associated icon, and define in what part of the bar the
actions appear. One useful way to use this new function is to make it even simpler for
users to create certain document type, and removing additional actions that are not
frequently used.
Critically, this function does not yet seem to allow for adding buttons to create Content
Types.
A good place to experiment with View formatting is with the new Card Designer.
Consider creating views that are personalized using conditional logic.
As before, experiment with different ways to visualize your information that makes
it easier to consume for end users but try to use consistent patterns for similar lists
and libraries.
Use Command Bar formatting with caution as inconsistent action bars throughout
several lists and libraries will cause confusion for end users.
Form Formatting
The SharePoint New and Edit Form has been around from the early days of SharePoint
and provides a form-based experience to populate new Items and edit properties for
existing Items. While Grid View (previously Quick Edit and many years ago known as
'DataSheet View') provides a powerful means to edit your Document or List Item
properties, the SharePoint Edit Form remains the primary and traditional means by
which to view and edit metadata.
When un-customized, the form will display all the existing List or Library metadata. One
of the simplest things to do is to hide or show a subset of columns. This ability is not
new but useful to reduce the amount of 'noise' displayed to end users if not all fields
require attention. To do this in the modern experience, open the Form panel, and click
the 'modify' drop-down, followed by Edit Columns. From here, toggle the visibility of
fields to on or off. Note: If Content Types are in play, the display can be modified within
the Content Type configuration. In the example below, we've chosen to hide the Project
Manager Notes field from all users, as well as a Promote to Issue field which is used to
launch an attached workflow from the List View.
One interesting new option is the ability to apply conditional logic to determine whether
fields are displayed. This opens possibilities beyond a global on or off, but only shows
the field in certain situations, such as if the current user needs to see that field, or
whether it should only be shown dependent on values in other fields. In the example
below, we can now display the Project Manager Notes field, but only to the Project
Manager. We can also only show a Mitigation Plan field if the Impact or Probability
levels are three or greater.
Once the unquestioned territory of PowerApps alone, we can now perform some
configuration to modify the appearance of the form as well, including applying styling
to the form Header, Footer, and Body. This gives us the ability to apply a more
interesting Header to all items in the List or Library, as well as a potentially more tailored
footer. In the body, we can also group related metadata into 'sections', which can add
an enormous amount of context to the editing experience.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Seven Principles
Effective
Every communication should have a clear purpose and should achieve that purpose to
be effective. This includes what is said, how it is delivered, when it is sent/published and
why people should take notice. You need to communicate your message in the fewest
possible words, have the consistency of tone, voice, and content so that you can save
time. Short, punchy statements are often more effective than rambling prose. Diagrams
and images provide impact and clarity. Visual design should provide a good UX, support
the message and the brand and make it easy for people to engage and pick out the
important elements. Each message must have a logical conclusion and a call to action.
The need for active communication, where important or urgent notifications are
emphasized above general messaging 'noise' and so direct their attention, should be
considered alongside passive 'Publish and Track' or 'For Interest' ('Publish and Forget')
approaches. Active communications should be carefully managed to prevent overuse or
abuse.
Comprehensive
Clarity
The purpose of messages should be clear; worded in such a way that the receiver
understands the same thing which the sender wants to convey. Communications
shouldn’t leave your team confused. Be clear of the format you want to say it in. Be clear
about your goal or purpose. It is also essential that the receiver is conversant with the
language, inherent assumptions, and the mechanics of communication. Typically,
sentences should be short, in the active voice and key elements stated it in separate
bullet points.
Coherency
Communication often takes place across multiple tools/formats and over a period of
time. It’s important that communication remains logical, well-planned, and self-
reinforcing across these. There should be a good connection with the main topic and,
often linked to company values, principles, and mission. Equally, communication should
be consistent with the policies, plans, programs and objectives of the organization and
not in conflict with them.
Importance of Feedback
Feedback is very important to confirm that communication has been effective and to
resolve questions, allow challenge, clarify actions etc. Sometimes there is a compliance
requirement or monitoring function that needs to be addressed via feedback or a ‘read
receipt’.
This would look at identifying each audience group within their organisation and
assigning comms accordingly.
It is likely that external comms needs to be built into the strategy alongside and closely
tied to internal comms, to ensure the interaction with ‘customers’ and stakeholders is
equally robust.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Great search should be at the heart of all corporate information systems and digital
workspaces. The reason is simple, in this information age we all need far more
information than any individual can hope to know about. While the human mind is a
marvelous thing, it has its limitations and our memory capacity isn't so much limited as
adapted for certain types of knowledge retention.; Meanwhile our organizations,
industry, and society as a whole are creating new information at a rate far faster that it is
possible to absorb. Not only can we not know and recall everything that is important to
us, but we often don't know what we we don't know.
The paradox is that personal and organizational productivity is reliant on rapid access to
current, authoritative information we need in order to make decisions or work through
processes. We know we need it but we don't necessarily know what it is, where it is or
even if it exists. Good search fills in this deficiency by providing discovery tools for users;
great search does it by removing the burden on users to know how to search or where
to search. As others have observed,
Why search
People search for many reasons:
Search strategies
There are a wide variety of search strategies and technologies and these are evolving all
the time in response to increasing diversity and volume of content in order to manage
the complexity that come with these. Some strategies become ineffective or
disadvantageous as complexity grows. There is a constant 'arms race' between content
creation and search technology.
As SharePoint gained popularity so did the amount of content stored in the system. As
the amount of content grew, a more sophisticated search engine was needed. In 2008,
Microsoft acquired FAST, a true enterprise search product When they integrated the
technology into SharePoint 2013, organizations were provided with powerful enterprise
search, able to scale to large volumes of information. Further development of search
integrated it into Windows desktop, many desktop and server applications and
ultimately into online services, including The Bing web search engine and the search
capabilities embedded across the Microsoft Graph.
Principles of Search
In our thinking about the maturity model for Microsoft 365 we identified common
themes, which we have worked into guiding principles for making search magical.
Making search magical involves adhering to all these principles.
Ubiquitous
Great search should be available everywhere. People should be able to elect to search in
any and every application they use, on every device, regardless of their location and
circumstances. They shouldn't have to go to a different place or application to conduct
the search they need. Search should generally occur invisibly, wherever people are doing
their day to day tasks.
Comprehensive
Great search should have access to everything. Whatever people need to complete their
task, continue their line of thinking or make a decision should be at their fingertips
regardless of where the information is stored, what application is used to create that
information and regardless of who owns or manages that information, with governance
caveats. The search experience should enable searching across all content in the
enterprise regardless of the system that it resides in. This allows the silos of information
found in different systems to be broken down. Users can find what they want without
having to know which system to search.
Findability
Great search should not actually be about search at all; It should be about delivering
findability. People are deeply uninterested in the search process; they just want to find
the information they need.
Appropriate
Great search should understand what people mean. As far as possible, search should
infer what it is that people need when they start searching (or even before). To achieve
this requires an understanding of several things: the user's explicit query and also the
implied query derived from the user context. This can include many things such as their
location, their role, the current activities, time of day and many other profile elements.
Search should offer understanding, not just indexing. By doing this, the information
returned can be personalised and relevant.
Furthermore, the way the information is presented should also be personalised and
prioritised to the person's needs. The results of search should be consumable by the
searcher, readily understood, and presented in a way they can quickly scan, interpret
and move ahead with. Regardless of what the user is searching on, relevant results
should be returned.
Equally, great search should be current. For any given piece of information, search
should have an understanding of how likely the information is to have changed, its
periodicity or aging rate, and index that source of information at an appropriate
frequency so that people are confident at what they are offered is up to date. As content
changes it is important that returned results that are fresh and include the latest
changes. Search needs to awareness of the searcher, the information and its sources.
Search needs to understand.
Governed
Great search should be directed and supervised. There should be a strategy to ensure
that it has direction that will support the organisation. The needs of the organisation
and of the users should be considered and balanced. Processes should ensure that
content, indexing, scopes and reach are maintained. Content duplication should be
identified and minimised. Management of Content should occur to remove clutter,
update tagging and labelling, confirm security and access. Search usage should be
monitored as content and business needs change, updating keywords, search terms,
taxonomies, synonyms, recommended results and more. Usage patterns should be
reviewed and insights from this applied.
Refinable
Great search should offer precision. Scopes should limit results to the most likely based
on context, but provide a way to improve precision within the search activity, expanding
or constraining the search to provide the sought after domain of results. Filters, refiners,
results priority and suggested improvements, related searches, signposting and
recommendations should guide the user to find what they seek, but allow the user to
apply their insight and judgement to this.
Actionable
Great search should lead to success. There should be mechanisms to turn search results
into completed tasks with minimal user intervention. Actions, such as copying links to
content, sharing findings, previewing and interacting with content, updating tags or
metadata and initiating or completing business processes should be supported directly
from the search experience. Often this will occur in the context of a specific application
or business process, though generalised search results should offer commonly needed
actions. The transition between the search experience and concluding the task that
triggered the search should be seamless to the user.
Search should be productive.
Fast
Great search should be immediate. There should not be an unnecessary delay in
providing results, to ensure that the searcher is quickly able to complete their activity
without interruption, distraction or losing the thread of what they were doing. To
achieve this, results should be presented within a couple of seconds, or even before the
full question has been posed.
Consistent
Great search should be reliable and familiar. Modes of interaction should be uniform in
operation and expected output, given the context of the search experience. They should
repeatably serve up the expected outputs as well as any refinements, recommendations
and actions.
Search must maintain trust and confidence in what it delivers and how it delivers it.
Obvious or invisible
Great search should be helpful. Staff should not have to learn complex search options,
or spend time carefully considering the most effective search terms and options. In fact,
search should be easier than the alternatives, which might include browsing, guessing,
asking someone or using a web search engine. Everyone should be able to use search
and it shouldn't be a training problem. Search results should be no more complex than
necessary, easy to assimilate, free of irrelevant or useless information and functionality.
Search must focus on those things that helps users find or do what's needed.
Great search shouldn't feel like search at all; great User Experience (UX) often occurs
when there is no User Interface (UI); it is so natural and embedded in the process that it
isn't something users do, it just happens.
Principal authors:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Since the advent of email, the most common way most organizations have shared news
and updates to the entire organization at once has been through emails to a org-wide
distribution list. As Microsoft 365 continues to expand capabilities and offers us multiple
communication channels to use, it may be time to shift your communication strategy to
leverage alternate solutions like SharePoint news to increase employee engagement.
Email is not a great platform for collaboration as group conversations can quickly
grow out of hand with superfluous messages of acknowledgment clogging your
inbox from essential messages.
Key messages might get lost in disjointed threads.
Email notifications destroy our focus as they continually interrupt active work.
Email is only as secure as the users sending it and critical messages can be
forwarded outside the company.
There is decreased engagement in an email from leadership. It feels like one-way
communication, as we actively avoid the dreaded "reply all" which would spam our
colleagues' inboxes.
New hires miss any communication sent out before their start date.
It is incredibly challenging to find previous communication and sort in a logical
order.
You cannot fix errors, missed attachments, or add any additional value to an email
after it is sent… unless you send another.
SharePoint News to Enrich Your
Communication
SharePoint news, available in SharePoint Online and SharePoint Server 2019, enables
you to communicate company updates, announcements, personnel news, and more in
rich layouts with graphics, links, and embedded content. The canvas allows for much
richer communication than what you get out of the box with an email in Outlook. The
ability to embed content directly into the news post reduces any friction for your
audience to consume the content, removing the need for them to explore additional
links and attachments. News allows for comments on the bottom of the page
empowering colleagues to interact more without spamming the entire company with
their replies. Even better, since SharePoint news is essentially a SharePoint page with
some added capabilities, you can make corrections or add additional information as you
begin to receive feedback on your communication. After creating the news post, you
may also email the page itself to a company distribution list to deliver the same
messaging into inboxes with the added benefit of the news being stored ad easily
searchable on the intranet.
You can enable audience targeting on the news web part to target your messages to the
right people. Everyone in a global company may not need to hear about a benefits
update in Mexico, so you can target that news to just the employees in that country.
Expanding the places your communication appears while better targeting it to the right
audiences will naturally drive higher engagement as you lower the signal to noise ratio
for your employees.
News is a page in the Site Pages library of a SharePoint site so new employees will no
longer be limited in accessing company updates (sent only as email) based off their
account creation date. Once a new employee receives permission to view a SharePoint
site, they will have the ability to read all previous news. This enables new employees to
get a deeper understanding of what has been happening across the company before
their start date, speeding up the onboarding process.
Since news is a page within a library, this means it also falls within the Microsoft 365
search scope. Employees will have one place to search to find all current and historical
company content.
In organizations where news is heavily vetted before sharing across the company, you
may want to create communication guidelines and style guides to ensure the messaging
is consistent across departments. It is a shift for the teams managing news to coach-
and-enable instead of gather-and-curate.
Organizational News
While the expanded access for site owners to share their news is exciting, for some
organizations it is still important to delineate what your organization considers the
"official" or "authoritative" news. A site specified as organizational news will have a
signifier in the site title - it appears in a highlighted box - helping these news posts to
visually stand out as different.
SharePoint News Digest to Replace Newsletters
Microsoft 365 improvements continually offer us the opportunity to see how we are
doing business today and evaluate if that is still the best method. The traditional
emailed newsletter requires a lot of administrative work from one person or a small
team to gather updates, centralize, format, and share. These updates are becoming stale
every minute it takes to follow this process and it requires a lot of manual work. Shifting
to empowering your site owners to share news from their sites as the updates occur will
provide information to your organization at the speed we are now used to receiving it in
the outside world - near instantly.
As your organization shifts to sharing news as it happens, you may want to help the
organization spot the top stories from the past week, month, etc. Once there are four or
more stories in a news web part, you can send a news digest. A news digest is a
selection of specific news stories, which can be across site collections, that you may
order and add a personal message to. This news digest can be sent via email to a
distribution list, Microsoft 365 Group or multiple people. The news digest also creates a
SharePoint page which gives you a lasting artifact of that moment in time "edition."
Your newsletter process now supports sharing news as it happens and following up with
the most important updates via email to ensure key messages were not missed.
Delivering this news digest to email inboxes also captures some your colleagues who
may be transitioning to this new process for sharing company updates.
SharePoint News Will Shift Your
Communication for the Better
Embracing the capabilities in SharePoint news instead of traditional emails to share
company updates will enrich your news posts, drive more engagement with the updates,
allow for better targeting of your messaging across the company, and empower more
people in your organization to share their updates. It will inherently shift the way many
companies are communicating with the benefit of greater productivity.
Resources
Create and share your news on SharePoint sites
Create an organization news site
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Company culture
Company size
Audience
Persistence of the message
Intent of communication
Integration across Microsoft 365
The goal is to share the right information to the right people at the right time.
Company Culture
The information a company chooses to circulate, and the way this information is shared
greatly impacts the company culture. The core values and mission of your company
should be taken into consideration as you determine the best solution for sharing
different types of information.
Open Communication
In a company that values transparency, updates come from multiple levels of the
organization, and the focus is on enabling employees to share information
independently.
SharePoint News
Sharing company updates through SharePoint news offers the ability to have many
different contributors (based on Site Owner and Member permissions) across the
organization. Since SharePoint news is a SharePoint page under the covers, you get all
the benefits of a rich layout, ability to embed content from other Microsoft 365 apps,
and discoverability within Microsoft Search.
Each department can share updates through SharePoint news on their own site. The
intranet homepage can have a web part showing all news rolled up from all sites,
increasing the visibility of these essential departmental updates and removing
Corporate Communications or IT as the roadblock to post on the intranet homepage.
Site owners benefit from decentralized content ownership with immediate access to
share updates, and employees benefit from this centralization of updates by having one
trusted place to check on the intranet homepage - just like they had when it was an
email in their inbox. The news can also appear on each site’s homepage providing
different ways to consume the content.
By default, comments are turned on for SharePoint news posts, inviting all employees to
engage with the information which has been shared. Comments are connected to the
page itself, eliminating the challenges with reply-all threads and aligning all responses in
one location - much more straightforward than navigating multiple emails.
Yammer
Restricted Communication
In a company with formalized and restricted internal communications (often in heavily
regulated industries where certain open communications introduce risk), the solutions
for org-wide updates need much greater control over who can contribute.
Company Size
What works for sharing information at a company of 6 may not be scalable for a
company of 30,000.
Org-Wide Team
Within Microsoft Teams you can make an org-wide team that supports up to 10,000
members. The org-wide team members will be automatically added and removed as
individuals join or leave the company, like the dynamic distribution groups. While Teams
are meant for collaboration, smaller organizations may find it useful to collaborate and
communicate in the same place. Company updates may be shared in the associated
SharePoint site and added as a tab to the org-wide Team or added as a connector, so
the news posts appear in channels, notifying Teams members.
The persistent chat in channels supports threads allowing employees to dive deeper into
conversations around the company updates in one place. It is possible to link to these
threads, share a thread in Outlook, and save a thread for later (which you can access in
your Delve profile ). One of these company updates may prompt an action item. An
employee can quickly grab the link to the thread, navigate to a different team, and post
in that channel about the next steps. For companies small enough to sustain
communication and collaboration on work in one place, using an org-wide Team can
reduce the friction between receiving company updates to acting on them.
Notification settings in Teams are available for the app, but not each Team. Be aware
that these notifications are most useful when signifying to an employee there are action
items to be completed in another Team related to getting work done. An overload of
notifications in Teams will recreate the signal to noise ratio problem in email where
there is no differentiation of something to be consumed versus something to be done.
Large Company
At a larger company, you likely know your team and a small subset of the rest of the
organization. New names are appearing in emails and your intranet daily without the
context of who-does-what. Having all communications across the company in one
channel (email) is incredibly overwhelming and could consume hours. There is a great
benefit for larger organizations to divide their company updates between the intranet
(and potentially also sent via email), collaboration to Teams, and social to Yammer to
allow employees to focus on the tasks at hand. A typical morning may start with an
employee navigating to the intranet to see the company news, then shifting to email
and Teams to see action items to complete (which often appear within To Do or
Planner ). As timely work is completed, an employee may then navigate to Yammer to
engage socially with colleagues, share knowledge, or engage in a special interest group.
Audience
One of the most significant benefits of multiple communication channels is the ability to
have a variety of audiences. Sending an email to the entire global company about
region-specific Human Resources information adds noise to inboxes for employees
outside that region and wastes employees’ time as they try to determine how this
message applies to them. In the worst-case scenarios, the noise can become so loud
employees stop trying to stay up to date on information and assume the critical
messages will escalate enough to reach them.
Yammer, email, Teams, and SharePoint news (with audience targeting ) all support the
ability to create different sets of people to target your communications better. Yammer,
as an enterprise social network, is a natural place to connect with people outside your
day-to-day teammates. Email can be targeted to one person or a variety of email
distribution lists. Teams supports collaboration on work, which is a known set of
individuals. SharePoint news audiences can range from a smaller group when connected
to a team site or the whole company when connected to a communication site.
Managing Audience
Once you identify who your message needs to reach, it is essential also to consider who
can control the membership to this audience. Employees have access to create
communities within Yammer. Many organizations allow self-service creation of Teams or
SharePoint sites. Email distribution lists require IT (or other internal) support. If your
audience is informal or dynamic and driven by employees, the self-service options will
provide your communicators with the quickest path to sharing the right information to
the right group. If the audience is company-wide or more formal, having IT (or other
internal support) manage the membership puts controls in place and can help you
formalize the process of adding or removing members. Consider the urgency in adding
or removing members and what delays this may cause. For org-wide communication,
dynamic distribution groups strike a balance between IT control and immediate updates
as the organization’s members change over time.
Persistence of Message
Each communication channel has a different lifespan for messages. Yammer threads last
relatively long while Teams chat is meant for quick conversations to keep collaboration
moving forward. Emails are only accessible to current employees, while SharePoint news
supports new employees accessing previous updates. Companies may have limited
retention policies deleting emails after a specific amount of time has passed. SharePoint
news’ connection to the intranet gives it the longest lifespan of all the communication
channels, as it is centered where employees frequently search for information and
content to support their day-to-day work. SharePoint news also provides access for
future employees to see historical company updates, speeding up their onboarding as
they better understand the organization.
Intent of Communication
Org-wide communication can have a variety of intents from an update on the business
to a call-to-action for involvement in a project or a fun social engagement between
colleagues. Each communication channel supports a different context of working, which
should be used to support your message.
The ability for all employees to informally post makes Yammer an excellent place to
source knowledge, share ideas, and engage with leadership. Employees can participate
in these threads creating strong two-way communication. Most Yammer communities
are open to the whole organization improving the discoverability of content.
Your colleagues are actively working and solving problems within Teams. Sharing project
updates, action items, or discussing deliverables makes sense in this context of getting
work done. Employees can engage in threads to clarify, discuss further, and come to
decisions for the next steps.
SharePoint news supports more formal updates from a small number of authors to a
broader audience, which is typically informative with no action items. The level of
engagement is lower as people share reactions to the news shared in the comments and
are not expanding the conversation.
Org-wide emails for a company update support urgent and timely messaging as most
employees are in their inboxes all day. Emails are a good way to share one-way
information where reactions, comments, or further discussion does not need to be
captured. Email can also be a second way to share a SharePoint news post. This allows
for rapid content updates and amendments within the news post as you receive
feedback or additional questions.
Yammer has a SharePoint web part and can be added as a tab in Teams. Embedding
Yammer on your intranet homepage prioritizes social connection and removes friction
for employees navigating to another app. Similarly, adding Yammer to Teams supports
moving social conversations outside of channels meant for collaboration while keeping
it easy to engage in another communication channel. Yammer notification settings can
be customized to send employees emails for messages they missed.
Teams does not have a SharePoint web part, and channel conversations do not appear
anywhere else in SharePoint. If a small to mid-sized organization chooses to use an org-
wide Team to replace Yammer for social interaction, there is no out of the box way to
embed this in your intranet. This risks decreased engagement as employees adjust to
sharing in a new platform. SharePoint Team Sites add a helpful link in the left navigation
to Teams when a Team is first connected, which can help employees understand the
connection with the SharePoint site. The files tab you see in Teams is the SharePoint
document library, and there is a link here as well to navigate to the SharePoint site.
Teams notification settings can also be customized to send employees emails for
messages they missed.
Email appears in Outlook and the Outlook web application only. Individual emails can be
sent to the Microsoft 365 Group that is connected to a Team. There are also email
addresses for each channel within a Team. Individual emails may also be sent to Yammer
communities, which also have a Microsoft 365 Group email address. Emails can be saved
as a PDF to be added to SharePoint pages, or the content can be copied and pasted,
though it is most effective to start org-wide communication as a SharePoint news post
first and then email the news post to appropriate parts of the company.
Conclusion
To make your org-wide communications more effective, engaging, and actionable,
consider the best Microsoft 365 communication channel to support your needs.
Evaluating the impacts of your company culture, size, and audience, the persistence of
the message, the intent of the communication, and necessary integration across
Microsoft 365 will help you navigate what to use when. What works for a small,
transparent company will not work for a large, regulated global company. The variety of
options ensures you will find a communication channel within Microsoft 365 that is a
close fit for your needs.
Resources
The Evolution of Company-wide Email Communication to SharePoint News
Which is better for collaboration – Yammer or Microsoft Teams?
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Choosing between a team site and a communication site should start with your
intent and desired business outcomes. Though there are nuances to explore, at the most
basic, think about these two use cases:
Connect, Collaborate, Create: When you want to create a place where the
members of a work group or project team can collaborate on project deliverables,
plan an event, track status, or exchange ideas, you want a Team Site. In a Team
Site, all members are content authors where we jointly create and edit content.
Think of team sites as a place where work gets done. My project team needs a
place to collaboratively work on deliverables. Even though we have individual
assignments, we are collectively collaborating to create one or more assets. Our
project team needs a Team Site.
Showcase, Share, Story: When you want to "broadcast" a message, tell a story,
share content for viewing (but not editing) to a large audience or the entire
organization, or showcase services or people, you want a Communication Site. In a
Communication Site, there will most often be a small number of content authors
and a much larger number of content readers or consumers. Think about your
corporate intranet. Even if you have collaborative parts of the intranet, the primary
purpose of your intranet is to communicate a story such as corporate news or
showcase services and information such as your benefits and policies. Your intranet
sites are examples of Communication Sites.
If you are a long-time user of SharePoint, you might be thinking that "team site equals
sub-site." Resist the temptation to create team sites as sub-sites! Many governance
decisions (for example, the ability to share content outside the organization and who
has permission to invite new members to the team) are scoped to the site collection.
For the most flexibility both today and in the future, each team should get their own site
collection – which is exactly what happens when you create an Microsoft 365 Group
or a team site from the SharePoint start page, assuming that your organization has
enabled "self-service" site creation. When you provision a new Microsoft Teams or
team site in Microsoft 365, you will get a new site collection in your tenant.
If you are doing this right, you will have a lot of team sites. Why? Because you have a lot
of projects and work teams – and each one of your projects or work teams will likely
have different access and information management requirements. Even if the same work
team works on lots of projects, you should still provision a unique team site for each
unique project.
Collaborating with people outside the organization? Create a team site for each
customer or partner.
Keeping in mind that many governance and security boundaries are scoped to the site
collection, create a new team site for each of your different customers or partners if
you have an extranet environment. This will ensure that Customer or Partner A doesn't
accidentally "see" any content or information from Customer or Partner B. By default,
team sites are enabled with external sharing turned on. This can be changed by the
SharePoint administrator in the Admin Center.
While your team site will have one or more Owners, typically every Member of the team
has the same privileges in the site.
Don't panic about how your users will possibly keep track of all of these team sites –
because the SharePoint start page has got your back!
The SharePoint start page in Microsoft 365 brings together, for each individual
person, news from all of the team sites in which they are a member (and sites they are
following), sites they visit frequently, and other news suggested by the Microsoft Graph.
It also shows the most recent activity in the sites each person visits frequently.
Here's a way to think about the difference between a team site and a communication
site. A team site is where the sausage is made – it's behind the counter and typically
private. A communication site is where the sausage is sold – where it's visible to all our
"customers" and where they come to buy our sausage. Typically, our customers don't
want to know how we make the sausage (or how many times we had to edit that
document to get it "ready to share"). They just want to get the finished product.
Most often, a communication site has a small number of people with permission to
author content and many people who only have permission to read content. Team sites
use Microsoft 365 Groups for permissions. Communication sites use SharePoint groups.
Think about your team sites as where you collaborate and your communication sites as
where you communicate**.**
As an example, consider your Human Resources (HR) department. Typically, HR will have
at least one team site where the members of the HR team can work on defining a new
benefits program or crafting the announcement about an organizational restructuring.
During the process of creation, the HR team works privately on a team site open just to
the members of HR (or individual "friends of HR" who contribute to one or more specific
documents). Once all the back and forth about the message or document or program is
complete, the HR team is ready to share the information with the rest of the company.
When they are ready to share, the HR team moves the document to or writes the story
in a communication site that is open to the entire organization. They use a
communication site to share "team to organization" or "organization to employees"
information. While in some cases they may solicit feedback on the information shared in
their communication site (for example, with comments on the page), the content itself is
typically editable only by a small number of authorized users.
Feature Comparison
Feature Team Site Communication Site
Who All members are content authors who jointly create and Small number of
creates edit content. content authors and a
content? much larger number of
content readers or
consumers.
Default External Sharing Enabled (but can be disabled by the External Sharing
Setting for SharePoint Admin) Disabled (but can be
External enabled by the
Sharing SharePoint Admin)
When you Planner board, OneNote notebook, Email address for NOTHING but a
create, you the group, Shared Calendar, shared mailbox, SharePoint
ALSO get … opportunity to connect with a Microsoft Team (if the site communication site!
wasn't created as part of provisioning a Microsoft
Teams)
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
List columns
Site columns
One is created at the list/library level (list columns), and the other one at the site level
(site columns).
From a functionality perspective, they do the exact same thing. From a reusability
perspective, not so much.
List columns
If we take the example of SharePoint Online, we can now create a column in a list or
document library very easily. Hover between 2 columns, click on the "+" sign, and
create your column.
But by doing that, the column will only be created at the list/library level, and therefore,
be of type List column.
Site columns
As we've seen above, list columns are easy to create, but live in a "container" which is
the list/library you create(d) it within.
Site columns on the other hand, are created at the site level, and available to reuse from
the site they're created in (as the starting point).
If you create a site column at the subsite level, this column will only be available for the
subsite itself, and every other subsite(s) underneath. But not above.
If you're looking for reusability across list/library boundaries, then create a site column.
To be Search aware, another aspect to consider in your decision is, whether you are
going to use Search to find existing content in the created column or, additionally, use
the column in Search queries to find content.
Creating a site column will create a Search managed property (MP) automatically which
you can use to Search for content. While with a list column it won't create a MP, but you
will still be able to Search for column contents.
Say that site column is MySiteColumn of type single line of text. After you add content
to it, a new MP will be created with name MySiteColumnOWSTEXT (How site columns
become managed properties) which you can use to retrieve content in a Search query,
like for example:
MySiteColumnOWSTEXT:contoso
This would return only items which column MySiteColumn contains "contoso".
However, if you opt to create a list column you can accomplish the same later. The only
difference is that with site column it will be done automatically whereas with list column
you will have to go through extra steps which involves among others, creating a new
custom MP.
Principal author: Veronique Lengelle, MVP
Changing Microsoft Teams from Private
to Public, what to expect in SharePoint?
Article • 07/16/2021 • 2 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Privacy settings
As you may already know, when creating a Microsoft Teams , you can choose the
privacy settings to be:
Private
Public
Org-wide
Private means only the members added will be able to join the Teams, while Public
means that anyone with the link to the Teams can join the fun.
Org-wide is pretty self
explanatory :simple_smile:
This means that if you've chosen your Team to be Private, added a few members, then
the SharePoint site will only allow access to those members.
If you navigate to the site, click on the "number" of members on the top right corner of
the page, you should see the Group membership, which is whoever you've added when
creating the Team.
And Site Permissions should look like this:
The Group membership is still the same, BUT if you have a look at the Site permissions,
there's something new!
The "Everyone except external users" group just got added automatically.
If the user clicks on the "Conversations" tab in SharePoint, she/he is also part of the
Office 365 group fun.
As for Teams, when the user opens the desktop app or browser version, clicks on Join or
create a Team on the bottom left corner, the public team is showing up, and the user
can join.
Changing the privacy settings should be thoughtfully decided, because Public means
Public!
Note: Joining a public Team doesn't require any approval. Therefore, the user(s) will
automatically become Members in Teams and in SharePoint.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Modern navigation in SharePoint Online can be tricky. There are many different native
options provided by Microsoft. Let's take a look at what's available and discuss some
more robust alternatives.
Site Type
A modern site is either a team site or a communication site. Each has its own options for
navigation. If you're not sure what type of site to create, check out Teams Site vs.
Communication Site: Which one should I choose? for guidance.
Site Header
The header is one of the places where you'll see your navigation elements, so let's
briefly take a look at the options available to configure the header.
The modern header has two states: standard (default) and compact. The difference
between the two is minimal, but sometimes a little bit of space can have a significant
impact.
Header Options
Note - In a team site connected to an Office 365 group you will not see the "Top link
bar" option in the "Look and Feel" section of the Site Settings page. However, you can
still get to it using the URL above and it will still work.
Team Site with a Standard Header and the Top Link Bar
Team Site with a Compact Header and the Top Link Bar
Cascading
Mega Menu
Communication Site with a Standard Header and
Cascading Navigation
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
I think we all agree automating as much retention as possible is a good thing. The less
we have to rely on information workers to manually apply a retention label, the better.
The information architecture you've diligently defined in your tenant can now be
leveraged using auto-apply conditions to automatically set a Purview retention label.
Licensing... the capability to auto-apply labels described in this post requires a license
for each user who has permissions to edit content that's been automatically labeled in a
site. Users who simply have read-only access do not require a license:
This post describes the second option above to demonstrate the auto-apply behavior
across several column data types and content types in SharePoint. Due to the fact that
the retention label isn't applied immediately (controlled by a back-end process that may
take up to 7 days to apply the label), this is not a quick test to do. I've spent the time
testing this, so I'm sharing the results and learning with you! Please refer to the
'Important things to know' section at the end of this post for some key takeaways on
this functionality. I will update the takeaways as I learn more.
ContentType:'Contract document'
The result? Within a week, the Contract retention label was applied to all documents
with the content type of Contract document on all SharePoint sites the retention label
was published to.
RefinableString00:Hardware
The result? Within a week, the Hardware retention label applied to all documents with a
choice value of 'Hardware' on the ContractType metadata column on all SharePoint sites
the retention label was published to.
What about combining conditions? You can do this too! This test combined a content
type name of Contract document with a choice value of Software. A retention label called
Software has been created and auto-applied based on the condition below:
RefinableDate01<=TODAY
The result? Within a week, the Expired Contract retention label applied to all documents
when a date either equal to today or in the past has been entered into the DateExpired
metadata column on all SharePoint sites the retention label was published to. Note: if a
date isn't entered in the column OR a future date is entered in the column, a retention
label is not applied.
1. The back-end process to apply the retention label can currently take up to 7 days.
If it is your expectation that the label will be updated soon after the metadata or
content type is updated, this is incorrect.
2. If a retention label is already applied on a document, the auto-apply process will
NEVER override/replace the label even if an auto-apply condition is met. Example:
if you set the column Contract Type to Software and this auto-applied a label called
'Software', and then you subsequently change the Contract Type to Hardware, the
label will not change to 'Hardware' if you had an auto-apply condition set to that
condition. The original label, Software, would remain.
3. The columns filled in when the label is auto-applied are: Retention label, Retention
label applied, and Label setting. The Label applied by is filled in with System
Account.
4. You can manually remove an automatically-applied retention label by editing the
properties (except if the label is a record label, then only a site collection admin
can remove it. If the label is a regulatory record label, it cannot be removed). If you
remove the retention label, the next time the back-end process runs, it will re-
assess the document based on the auto-apply conditions and, if met, re-apply the
correct label.
5. A simple way to test your conditions before creating your label policies is to enter
the query directly into the Microsoft Search box thru the SharePoint UI. It will return
the same results.
6. Although I've seen other posts where an auto-apply condition was based on a
managed metadata term value, my testing only shows success when the managed
metadata term set is from the tenant-level term store defined in the SharePoint
Admin Center.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Metadata adoption is tough. With the introduction of Machine Learning into the
SharePoint ecosystem, Administrators and System Architects are asking if it can be
leveraged to reduce our dependency on Users to assign metadata. This article shares
the results of an exploration into the technical capabilities of Machine Learning as it
relates to SharePoint Managed Metadata.
Basic Idea
Managed metadata is used to apply structure to unstructured data. It adds information
about the properties of items and their relationships to each other and to the business.
This information is usually not immediately available or easy to parse from the ‘human’
version of the item. Managed metadata must be accurate and trustworthy, as it drives
find-ability, workflow, data governance and lifecycle activities.
Machine learning uses algorithms to build a mathematical model based on sample data,
known as "training data”. It uses that model to make predictions or decisions without
being explicitly programmed to perform the task.
Unsupervised Learning techniques and Active Learning algorithms (outlined in the detail
section of this article) may be applicable to informal folksonomy tagging. However, due
to the need for accurate selections, It is not a solution for assigning the more formal and
authoritative managed metadata.
Machine learning is an emerging service where much advancement and evolution are
expected over the next few years.
The Details
Metadata Schema
Your Schema is your metadata organization model, it is the language of your business. It
is the lists and terms needed, what you’ll call them, their hierarchy and what the options
are. The Schema allows you to identify relationships between an item and the
organization.
Our Managed Metadata Schema allows us to describe how these entities are connected,
and to define their properties. It is a map of the business that gets applied to
information, so people know the context of what they’re looking at.
Machine Learning / AI
A metadata schema is a foundation for Machine Learning/AI. Without a schema there is
no authoritative structure to your business. Without a schema, machine learning and
other emerging and future systems, processes and software don’t understand the
relationships of things or how they relate to the business.
Extra Detail
Classification algorithms identify which set of categories a new item belongs. They
are used when the outputs are restricted to a limited set of values.
Examples:
Task that filters emails
Input would be an incoming email
Output would be the name of the folder in which to file the email.
Task that identifies spam emails
Output would be the prediction of either "spam" or "not spam"
Active learning algorithms are a special interactive case of machine learning where
possible results are presented to a human user for selection.
Its most common uses:
Predict choice selections from long lists and present a narrowed-down list to
the user.
Unlabeled data is abundant but manual labeling is expensive—such as
during technical migrations.
May be a useful way to narrow-down long managed metadata selection lists.
Specialized algorithms are mostly experimental today and have not found
standard interpretation.
One such algorithm is Meta learning, where the main goal is to use metadata to
improve the performance of existing algorithms or to invent the learning
algorithm itself.
Summary
People need managed metadata to find, work with, synthesize and make decisions
about or with an item. Systems need it too, as does workflow. This information must be
accurate and is critical to, among other things, effectively manage and administer data.
For example, you have to understand what the item is in order to decide if it should be
retired/archived.
Your Schema is your metadata organization model, it is the language of your business.
The Schema allows you to identify relationships between an item and the organization.
A metadata schema is a foundation for Machine Learning/AI. Without a schema there is
no authoritative structure to your business data.
While this article has focused on technical capabilities, the information outlined does
align with statements Microsoft has published about their strategic position for AI. The
following is from their AI product page. (emphasis is mine)
"We believe that, when
designed with people at the center, AI can extend your capabilities, free you up for more
creative and strategic endeavors, and help you or your organization achieve more."
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
This article refers to design considerations of scaling your solutions, for example, in this
scenario - you have built your solution and tested on a site or library, you have demoed
to your boss, they are very happy and then he goes "Hey now, great solution, can you
get this out to 1,000 sites please?"
The requirement has changed - to note, it is best to ask this question early. So you can
plan for this and determine what kinds of points do you think about, when building your
solution on this scale.
To note, SharePoint Online supports 2,000,000 site collections (Nov 19) to give you
context to how large implementations can in theory support.
You now have your solution, so lets go through the kind of aspects of the solution you
should consider, to see if you need to make amendments, or think about its design.
Initial deployment, where do my assets live? How many times do I need to repeat
the steps for deployment? The approach depends variances for each department
or instance for example, can you get away with a settings file instead?
Maintainability, as changes occur, you may need to repeat deployment?
Security, is there a solid reason to keep the solution separate?
Technical limits of the product, will SharePoint allow you to centralise?
Centralisation
Centralisation refers to a single point in which assets and solution is referred to.
For example, if you have a JavaScript based solution, consider locating the files into one
place, not near the instance but somewhere within you farm or tenant that is readable
to all. Changes to the central point reflect on all areas of usage.
A scenario where this may apply e.g. if you have 1 Intranet each with 1000+ pages
within. You deploy once rather than all 1000 times.
Partial Centralisation
Partial centralisation is an option too, not all solutions can be centralised so look at the
components of your design and see what can be centralised.
A scenario where this may apply e.g. if you have 10 departments each with 100 sites
within. You deploy 10 times rather than all 1000. Ideally, getting this number down will
make your life easier - the less "copies" of your solution the better.
Decentralisation
Decentralised solutions can only be deployed one to one with their instance. In this
scenario, you deploy 1000 times.
The goals change to reduce the implementation steps and how can I make this easier to
deploy. Should I consider a scripted deployment?when considering you approach, is the
effort of learning how to script deployment vs the actual deployment time.
Information Architecture
When designing for scale you will need to consider how this affects information
architecture approach.
Naming convention
Clear naming of SharePoint artefacts provide context to the user that is visiting the site,
library and metadata they are expected to complete.
There is a great article about the types of column: List column or Site Column - Which
one to choose
Sites
How you structure your sites, does your solution require lots of subsites? Typically,
Microsoft is driving a flat architectural model and you should consider using multiple
site collections grouped locally by hub sites.
There is more detail on site typology in this article: Information architecture - site
topology
Security
Security should always be an important consideration in any solution, no matter how
complex or how quick solutions is built.
Understand who can access your data - ask yourself does this data contain any personal
information? Is the data business critical or sensitive?
In SharePoint, there are three main models of security, one for users, SharePoint security
groups and active directory groups.
Multiple Environments
Multiple environments such as separate site collection, web application (on-premises) or
tenant add a layer of protection for solution builders to ensure their solution works as
expected. The number of environments is up to you, consider these factors in
determining if A, you need a separate environment or B, if you do - how many.
Does your solution need to involve training users? Ideally having a separate
environment to contain the "test" data that will be introduced during these. Filling
up production with test data, may reduce search effectiveness if the test content
contains enough keywords in be prominent in the results.
Development isolation from live data. In development, certain aspects maybe
required elevated permissions to setup or create the solution. You may outsource
the development to a 3rd party in which you want to limit the access to the data in
the tenant. I always recommend a developer tenant where possible, they can be
obtained easily from Microsoft 365 Developer Program if a developer inadvertently
causes problems in the tenant, it is contained away from production.
The number of environments is up to you, there are additional overheads with having
multiple tenants but if you weigh up the cost for your organisation against an incident
on production it will be worth the effort.
Maintainability
Maintainability refers to the ease of making changes to your app, updates or cleanup
aspects of your solution - how easy this is to achieve.
Consider your solution - you have deployed to 1000 sites and you boss goes, "Great
app, but can you add a column to each list, I really need this." You now need to figure
out updates to each of the 1000 sites.
Manual vs Deployment
Deployment strategy is worth planning ahead of rollout of your new features, there are
a number of factors to consider, in larger scale implementations:
Are you going to click 1000 times with a 10 step process or weigh up the effort to
learn PowerShell script to automate this. Personally, I consider the PowerShell route
if a process goes beyond a few steps or if I get a sense the deployment will be
repeated multiple times.
Not all requirements are correctly articulated by the business or interpreted by the
implementer which introduces change to the scope or what features are deployed,
especially after the first deployment.
Introduce test environments and UAT to validate the requirements have been met.
Measure the time it takes to deploy your solution in a single location, then
estimate the total time for the number of times you would repeat the same steps.
Outage, will the solution be disruptive to staff or users, is out of hours deployment
required?
Manual
If you prefer manual, there are some ways to reduce time to manually deploy your
solution. Such as:
Script
For scripting, I highly recommend looking into PnP PowerShell library, there a lot of
cmdlets design to work online and on-premises, there is plenty of blogs, examples or
community members that can help you to get you started.
Please refer to this article for more detail Benefits of using PowerShell with SharePoint
Site Designs
Now there is Site Designs feature in SharePoint Online, which opens up a new way to
deploy features. These can create libraries, set permissions, branding and headings in
Modern interfaces and call Flows containing more advanced scenarios.
Further Reading
Many related articles are in the works to go into each section in more detail. Watch here
for updates.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
To use a product efficiently, it's important to understand a minimum about it. What it
does, what can you do with it, what are the limitations, etc.
Microsoft Teams is the hub for teamwork. It allows for collaboration, chat, calls,
meetings, and so much more!
SharePoint Online is primarily a document
management and intranet platform where you store, collaborate, and share information
seamlessly across the organization, and is also part of Microsoft 365.
Note the key word here being collaboration. So it's no surprise that they would interact
with each other in some way.
As you can see above, a site is created to store your documents. Meaning that each time
you share files in a Team, they are stored in the associated site in SharePoint! Not in
Microsoft Teams.
Note: Files shared in private chats will be stored in the sender's OneDrive for Business.
This applies to 'Standard' channels. Private channels have a different architecture which
consists in having a separate site with different permissions from the Team. More
information is available on the official Microsoft documentation: Private Channels in
Microsoft Teams.
Terminology is also important. A channel name in Microsoft Teams will have the same
folder name in the associated SharePoint site under the 'Documents' library.
Another way from Microsoft Teams would be to open the associated site directly.
If you
are in the Posts tab of a channel, click on the ellipses (...) on the top right corner under
your profile picture, and select Open in SharePoint. You'll then be redirected to the
folder containing your files/documents.
In case you only want to open a specific file, this is also possible.
This time, navigate to
the Files tab of the channel, click on the ellipses (...) next to the file itself, and select
Open in SharePoint. Although you'd think it would filter the view for only that
document, but unfortunately it doesn't.
name>
The site should also appear in your SharePoint home page, along with all the other sites
you have access to.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The Power Platform is Microsoft’s answer to the growing need in business for a way to
build and customize professional-grade business solutions quickly, with the ability to
connect to over 200 data sources including, SharePoint Online, Azure SQL, Twitter and
more.
There are multiple types of environments. The type indicates the purpose of the
environment and determines its characteristics.
The default environment is created in the region closest to the default region of the
Azure AD tenant.
There is specific guidance for the Default environment to call out
because of its unique nature:
It’s automatically created with the first user in the region closest to the Azure AD
tenant
New users that sign up for Power Apps are automatically added to the Maker role
Users are not automatically added to the Environment Admin role
The default environment can’t be deleted, but you can rename it – e.g., Personal
Productivity (do it now, if you haven't!)
If you want to follow application lifecycle management (ALM) principles, you'll need
separate environments for app development and production. Although you can perform
basic ALM with only separate development and production environments, it's
recommended that you also maintain at least one test environment that's separate from
your development and production environments.
Environment scenarios
Scenario 1 - The ‘Out of the Box’, default environment.
Scenario 2 - Scenario 1 + Dedicated departmental environments
Scenario 3 - Scenario 2 + Dedicated application environments
Scenario 4 - Multi-Tenant ALM environment separation.
Uses include: Personal Productivity Apps and Flows, Custom SharePoint Lists and Library
forms.
Scenario 2 – Departmental
Uses include: Personal Productivity Apps and Flows, Custom SharePoint Lists and Library
forms and dedicated department environments.
Assign your admins the Power Platform service admin or Dynamics 365 service
admin role.
Restrict the creation of net-new trial and production environments to admins
Rename the default environment to ‘Personal Productivity’
Provision a new Production environment for non-personal apps/flows
Define and implement your DLP policies for your environments
When establishing a DLP strategy, you may need multiple environments for the
same department
When establishing your Power Platform environment strategy, based upon your
licensing, you may find that you need to provision environments without a
Dataverse (previously called Common Data Service) database and also use DLP
policies to restrict the user of premium connectors.
Establish a process for requesting access or creation of environments
Dev/Test/Production environments for specific business groups or application
Individual-use environments for Proof of Concepts and training workshops
Use a service account to deploy production solutions
Reduce the number of shared development environments
Share resources with Azure AD Security Groups.
Further Reading
Microsoft documentation
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Power Automate provides a user-friendly and focused experience within Office 365 that
can easily get end-users going once assigned an appropriate license.
Azure Logic Apps provide a user-friendly designer surface similar to Power Automate
with the option to build complex integration solutions, utilise advanced development
tools, DevOps and monitoring, if required.
Both options aim to significantly reduce the effort and quickly build and automate
processes between services, allowing you to focus on higher-value tasks.
Focus End Users and Makers in Office 365 IT Pros, Developers, Admins using Office
365 and Azure Services
Description Power Automate Logic Apps
Flow Web-Based Designer, Web and Visual Studio, JSON Definition and Web-
Creation Mobile UI Based Designer
*Check out the license plan details for each of the services, this article only serves as
a guide not pricing information.
For a detailed comparison, check out: Compare Power Automate and Azure Logic Apps
Both tools have a rich web-based design tool to author the Flows, connect to services
and monitor their usage. For example, the experience offers:
Design Canvas for adding triggers (what starts your Flow), connectors (the services
you integrate with)
Expression editor for advanced manipulation of input/output values
Flow Checker - these are presented differently but inform you that the Flow you
have created contains an error that needs to be rectified before saving.
History and Connector status - after a Flow run provides useful information to see
what information passed through a Flow
Since both tools have this, learning Power Automate can be easily transferrable to Logic
Apps if your requirements are better suited in the other product.
Power Automate - web based designer
Power Automate flows created before September 2020 can be exported to Logic Apps. If
you are working with the Azure Portal it will require some knowledge of JSON, or for a
friendlier experience using Visual Studio, check out the docs to consider your approach:
Export flows from Power Automate and deploy to Azure Logic Apps
Mobile App
Applies to: Power Automate
For iOS and Android, there is a Power Automate app that can allow you to build Flows,
quickly and control existing Flow settings. The app includes:
a designer surface that will enable you to add and edit actions
create from templates
manage existing flows - if you want to quickly create a Flow on the move
there isn't an expression builder or the ability to add parallel branches.
Visual Studio
Applies to: Logic Apps
For further information on editing Logic apps with Visual Studio, please refer to Manage
logic apps with Visual Studio.
Visual Studio Code is a free and open-source code editor with wide-range support for
programming languages with IntelliSense, extensions to select the tools you work with
extending the functionality of the tool as best fits the project you are working on.
You can install the extension (Azure Logic Apps for Visual Studio Code) from the
Marketplace - Visual Studio Marketplace
Visio
Applies to: Power Automate
Visio Plan 2 offers the feature to create a Business Process Model and Notation (BPMN)
diagrams and export for Power Automate.
For more details of this feature, visit the Power Automate announcement for more
information Export Visio diagrams to Microsoft Flow is now generally available
Getting started and points to consider
For users and staff, there is a set of courses on Microsoft Learn training if you want to
know more about building flows to gain more in-depth knowledge about the usage of
the services.
For ICT or SME users looking to improve their knowledge, there is a set of courses on
Microsoft Learn training if you want to know more about Logic Apps to gain a deeper
understanding about the usage of the services and how they can integrate with a range
of connectors.
This is quite important to work out ahead of time as difference connectors bear a
"Premium" or "Enterprise" (in the case of Logic Apps) which affect the overall cost of
running the workflow in your decision-making process.
You may find that within your Office licenses you already have what you need to start
building Flows with Power Automate - however for Premium connectors, additional
licenses may be required.
For Logic Apps, you can use the Azure Calculator to estimate the cost of your
application. Bear in mind since Logic Apps act as a glue between services, ensure you
include the cost of the services that the Logic Apps connect to, e.g. Azure Resources,
Office 365, third-party APIs.
Security
Security is an essential factor with considering the usage of these services, as these can
connect to a range of 3rd Party sources internally and externally, you may want to
consider implementing a Data Loss Prevention policy or Azure Policy to restrict the
usage of connectors.
I invite authors with their knowledge on this topic to contribute to this article, sharing
their experience.
So many options
Article • 01/17/2023 • 6 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
There are a crazy number of ways to manage tasks in Microsoft 365, some of which
overlap, while others don’t. Where are all the places we can create tasks?
The reality is there is no single “best way” to manage tasks, and we are still seeing more
options being added (e.g., Loop), without a real coherent strategy to tie these options
together.
Microsoft Planner
Pros - Planner
The Kanban “task board” is a tried and tested approach that many recognize and
Planner has implemented it well
Planner Tasks integrate well with our views in To Do, Teams, and Outlook
Support for buckets, progress, labels, assignees, dates, priority, sub-tasks,
attachments, comments
Multiple ways to view information (by plan, by bucket, by progress)
Tasks can be assigned to multiple people
Useful filtering to find what you need
Tasks can be copied or moved to other plans
Respects underlying group membership
Support for checklist within a task
Cons - Planner
Has seen some minor updates but nothing significant in quite some time
No consolidation across planner plans
Little to no extensibility or customization beyond out of the box configuration
The API is very poor
Ability to create automation of tasks through Power Automate
Microsoft Lists
Pros - Lists
Can be customized with endless additional metadata that your task list may
require, and it is extremely flexible in terms of layout
The Kanban “task board” is a tried and tested approach that many recognize
Support for attachments, and comments (with @mentions)
Can create multiple ways to view information (by plan, by bucket, by progress, or
any other metadata you create)
Tasks can be assigned to multiple people
Useful filtering to find what you need
Extremely flexible in terms of layout
Respects underlying site/group membership
Ability to centralize tasks across lists with minor customization (using things like
Modern PnP Search web part or Highlighted Content web part)
Ability to create automation of tasks through Power Automate
Cons - Lists
No built-in integration with other applications (e.g., Planner) therefore the
assignment of tasks can easily get lost and end users have no way to see a
holistic view of all their tasks across individual Lists (without additional
configuration)
Sub-tasks are not built-in and could be challenging to implement
Microsoft To Do
Pros - To Do
Provides a consolidated view of Personal Tasks from To Do and Outlook, as well as
Team Tasks from Planner Plans
Allows for the creation of Shared Task Lists outside Planner Plans
Support for lists, categories (web only), hashtags, assignees, dates, importance,
sub-tasks, attachments
Useful searching to find what you need
Built-in notifications
Tasks can be moved to other lists
Cons - To Do
The app’s benefits skew towards Personal Tasks rather than Planner Plans
Little to no extensibility or customization beyond out of the box configuration
Can view Planner Plan tasks and “complete” them, but cannot interact with Planner
Plans in more meaningful ways (e.g., add new tasks, view tasks by Plan, etc.)
Personal tasks remain somewhat limited compared to other modern offerings due
in large part to the unchanged underling infrastructure
View of information remains quite rigid
Microsoft Outlook
Pros - Microsoft Outlook
If you like the web’s To Do interface, it’s another place to access it
Allows for the creation of Shared Task Lists outside Planner Plans
Support for lists (classic = folders), categories, assignees, dates, importance, sub-
tasks, attachments
Support for categories (web only), assignees, dates, importance, sub-tasks,
attachments
Useful searching to find what you need
Tasks can be moved to other lists (folders)
Built-in notifications
OneNote
Notes - OneNote
Can be used to assign tasks to yourself or others using the classic task interface
Tasks show up in Outlook and To Do
Only visible in desktop OneNote client
Not very intuitive
Microsoft Project
Notes - Microsoft Project
Intended for more thorough project management including resources, schedule,
budgets and timelines
Provides a more modern visual experience, including Kanban view
Supports enterprise portfolio management
Integration with other task platforms is not great
Requires additional licensing
Viva Goals
7 Note
The longer I work in technology, the more I realize that few things are absolute. In fact, I
often say “All absolute statements are wrong.” When people think about building
solutions in the Microsoft 365 ecosystem, they tend to think about the ways they’ve
solved problems in the past. If you’re a SharePoint person, you’re likely to think about
using a bunch of SharePoint lists. If you’re a Dynamics person you’re going to think
about using Dataverse. If you’re an old school database developer, you might think
about using SQL. The point isn’t that any one of those is wrong, it’s that it’s important to
consider the various options you have available to you within the Microsoft ecosystem.
The requirements for the thing you are trying to build should drive your decision-
making, not just what you already know.
But beyond the technical choices, there are many different criteria that are important to
consider when you plan to build a solution. Reading through these criteria, it may sound
a bit like the classic “it depends” that comes from many consultants, but the reason
many consultants use that phrase is because it’s true. In the list below I attempt to
provide a list of some of the important factors a technical architect should consider
when planning a solution.
But it’s not just important to the technical architect. If you work somewhere in the rest
of the organization and are having conversations with the technical folks about a
solution you need, understanding these criteria will help those conversations go better.
Decision Criteria
Some of these decision criteria are discrete; others are continuous. It’s possible to come
up with a scorecard-like approach to measure each of your solutions against but
understand that some of the criteria may be more subjective. However, using these
criteria can also be part of the way to manage your portfolio of solutions: to see how
your full range of solutions compare to each other.
Knowing where your organization sits in the technology adoption life cycle is one way to
think about things, but there’s much more to it if you go a layer deeper.
Technical Fit
Usually technologists think of technical fit as the main and perhaps only reason to make
a choice about how to build a solution. However, there are often multiple options which
each provide a decent technical fit but may not be perfect for the solution. Perfection is
a luxury; we may realize that there is a perfect technology to build a particular solution,
but that solution will never be built in time, or that that solution will never be used by
enough people to justify using the perfect technology. A good technical architect will
understand how to sand the corners in these decisions, considering some of the other
factors listed below.
Maturity of Technology
Some technologies may look perfect on paper or sound perfect if you listen to the
marketing messages. But oftentimes the technology is not mature enough to do all the
things that people claim it can do. We sometimes joke that version 3 of a product is
when it gets good enough to consider. It’s not always that extreme, but in today’s world
of Minimum Viable Products (MVPs), Previews, and even the now old-fashioned betas,
understanding where a technology sits in its lifecycle is important. The fact that a
technology is early in its lifecycle doesn’t have to be a bad thing, but if you don’t know
that’s the case, it can be a very bad thing, leading to project delays and even rework.
The importance of the solution and the skills of the organization may mean that
choosing a technology that is not mature is much riskier. It may be that your
organization is very technically savvy and is often a leader in using new technologies; it
may be part of your strategy. The maturity of any product is important as it can have a
huge impact on solution success.
Skills Required
Sometimes you look at the way you would like to build a solution and realize that you
don’t have the skills in-house to build it well. At this point you have an option: you can
either train your people or hire an outside consultant. Sometimes the mix of skills that
you do have in-house may cause you to choose a solution path that is less orthodox or
less optimal. That may or may not be a bad thing. If you want to build a solution that
your staff can support, sometimes you must cut corners. There is purity in building
things the supposed right way, but there’s reality in building them in a way that you can
both get it done and support the result. If you decide to bring in skills from the outside,
be very clear about what sort of knowledge transfer you expect from them. You should
also build that knowledge transfer cost into the project budget.
Time to Market
Some solutions must be there, and they must be there fast. This may mean that there
simply isn’t time to build something robust, scalable, and with exactly the right
technologies. If there is a long runway, we may have the luxury of being able to stand
back look at all the options, all the skills, all the variables, and choose the best approach
because we are not time constrained. In many cases, we can’t take all that time.
It’s important to have a true sense of the solutions time to market requirements. In
many cases the answer is yesterday when in fact it may not be the case at all. Non-
technology people – especially if they have had bad experiences with technical teams in
the past – may decide they need to use every single inch of runway because they expect
many things will go wrong. In other cases, the must-have date is arbitrary and not tied
to any specific business driver. Open and honest conversations about time to market is
extremely important so no one is surprised.
Solution Scope
Some solutions have a very broad scope or they’re critical to your business path. For
example, a bank would probably not build its ATM network software on an unproven
technology. That set of solutions is simply too critical to the organization’s success to
take any chances. Other times a solution may have a very narrow audience yet still be an
important solution for the organization. We often think of these as departmental
solutions or solutions which are simply used by a smaller number of people across
disciplines inside the organization.
Solutions with narrow scope can often be built by citizen developers or power users –
and in many cases should be. Those people have intimate knowledge of the
requirements, the people involved, and can even have better technical skills that the
technologists in your organization (but may have chosen a different career path). The
fact that the people building the solution may not have formal development training
does not mean that the solution can’t provide tremendous value to the organization.
Solution Longevity
Some solutions don’t need to last very long. For instance, you may have a need to
manage the company party logistics. The solution that you may decide on here may or
may not be even be used again for next year’s party. Understanding how long the
solution will last may drive some of your decision-making as well. In cases where the
longevity is short there’s nothing wrong with deciding to use note cards or Excel
spreadsheets. If the solution needs to last for months or years or potentially be reusable,
you’ll want to be sure that you provide something that’s more bulletproof and can scale.
Strategic Fit
A shared understanding of how important the solution is to the overall strategy of the
organization is surprisingly rare. Often strategies are distilled into a mission statement
or represented by a balanced scorecard. If there is a set of strategic goals of mission
statement points you can compare the solution to, it can greatly change how you
communicate about the solution as you build it. Saying you absolutely must have a
meeting of 30 people to refine the solution for planning the cafeteria menu is likely not
to stack up against a solution which can drive innovation or efficiency.
Budget
While budget is implied in many of the aspects above, sometimes you just simply must
deal with a fixed budget number. When budget is your primary concern, be very
concerned. Driving your technical decisions purely based on budget often leads to
project failure.
In an ideal situation, the design of the solution determines the budget, not the other
way around. When you are thinking through this set of criteria, the most important
thing you need to know is what constraints you have on the spend. While budgets are
rarely unlimited, some projects get a bright green light due to their importance. Others
may only grudgingly receive funding.
Volume of Data
Some solutions require very little data; some require vast amounts of data. A high
number of transactions – especially if they must occur in a short period of time – is very
different than an occasional transaction with very little data storage. Sometimes this may
be lumped into the technical fit thinking, but it’s important to be clear on how much
data you expect and over what period.
Saying you expect to generate gigabytes of data over the next five years is different
than generating gigabytes of data in the next week. If the solution will never generate
more than a small amount of data, you need to acknowledge that fancy data storage
mechanisms might just not be needed.
Security
How important is the content you will be generating? This is usually the driver for
security needs. Many organizations try to use a one-size-fits-all approach to security –
everything is equally important and requires the same high-water mark of security – but
this simply isn’t realistic. Understanding the actual security needs for the specific
solution is extremely important.
Usually the most important factors are statutory or regulatory requirements, then
organizational policies, then common sense – in that order. Be sure you don’t allow the
security folks to apply the one-size-fits all rule. There is also a vast volume of material
about the certifications and security features for Microsoft 365 available in the Trust
Center. Don’t try to reinvent the wheel by trying to prove that the platform is secure.
Mine that vast trove of content for the specific proof you need and reference it with
your security folks. Almost more importantly, if the solution you’re proposing simply
doesn’t need to be secure – sports league sign ups? – then acknowledge that right up
front.
Requirements
Yes, requirements are at the bottom of this list. That may seem backward, but the
requirements for the specific solution ought to be framed using the considerations
above. A good and experienced architect can sometimes just know how everything
above fits the requirements, but it never hurts to be more explicit in your thinking and
discussions. This can be especially helpful if you need to explain your decision-making
process upward or to outside parties.
As consultants, we are often told how to build a solution with very little backup
information about how that set of decisions was made. Sometimes that’s because the
decisions weren’t well thought through, and other times it’s simply a matter of
communication. Requirements also can’t just be a thick document in this modern era. It
must be more a common understanding of the needs and goals for the solution.
Now what?
But wait, you might say. At this point we haven’t even picked the technology! We don’t
know what we are going to build! That may be true, but you’ll have a much better
picture of what the solution is, how important it is to the organization, how much time
to have to devote to it and to build it, who might do the works, etc.
In the next part of the series, I’ll write about some of the data storage mechanisms you
have available to you on the Microsoft 365 platform. Using the thinking you have put
into understanding the solution against the above criteria, you’re likely to make far
better decisions than if you just decide to pick the technology first.
7 Note
Once you’ve thought through the decision criteria for your specific solution (as covered
in part 1) – which ought to fit into the broader decision criteria for your portfolio of
solutions – you can turn to the technical specifics. The next few parts of the series are
probably where people argue the most about purity and “best fit”. Sometimes the best
fit isn’t just a technical fit: you need to take those other criteria into account. The best
technical solution isn’t always the same one for everyone. If you frame the technical
decisions based on the decision criteria, you’ll be likely to make technical choices which
have a higher potential for success. You may even find yourself arriving at different
choices than you might otherwise expect.
Reference Content
Reference content is the content which makes the transactions work. If we are recording
outcomes of meetings, we want to know who was in the meeting; that content is
provided from the set of users in our farm or tenant. If we want to track customer
interactions, we need a consistent data set of customer information; that may be stored
in a list or in Managed Metadata. If we want to process invoice documents, we’ll want to
tag them with the appropriate metadata about which office or region is responsible for
them; that may be stored in Managed Metadata or lists.
You can see the pattern. Before we can think about performing transactions, we must lay
down the sets of reference data to support them. In many cases, this reference data
needs to be consistent across a wide range of transactional content, so we turn to
centralized storage services like the Managed Metadata Service. We get a service to
manage Users and Groups for “free” from Active Directory (AD) or Azure Active
Directory (AAD).
In other cases, the reference data is purely local, like perhaps the responsible party for a
certain process step within a department. In those cases, we can build our own lists or
libraries to contain the data.
Guess what: Each of the reference content sources may also need to support
transactions. If you get a new customer, you need to add them to the customer list. If a
new person joins your organization, they need an Office 365 license. And so on.
Transactional Content
Usually transactional content is what gets the most attention when we are building
solutions. When we create a list or library in SharePoint, each row represents at least one
transaction: adding that item or document to the list or library. You perform hundreds or
thousands of transactions daily, both at work and in your personal life.
Transactional content is that content which represents activity which occurs frequently,
like creating a service ticket, checking out a resource, or filing a status report.
Transactional content becomes meaningful because of its use of reference content as
well as simpler fields like text fields.
Regardless of where you store reference data, you need to account for it before you
perform your first real transaction. The relationships between transactional content and
reference content is one reason why technical people focus on what’s called a data
model. Data models show how all the different types of content fit together.
Data Model
You may have seen a diagram that looked something like this sometime in your career.
This is an example of a data model for a relatively simple system. (I found it in a
StackOverflow post, and it seemed like a good example, so I’ve adapted it for this
article.)
This data model shows a way you might store information about company devices in a
simple device management solution. Don’t worry too much about the details – this data
model is too simple to be of much practical use. The point is, we often have multiple,
related tables (think SharePoint lists) in a data model.
The top row of tables can be considered reference lists. The bottom table can be
considered the transactional table. In order to create items in the
company_device_history table, we need the reference information in the other three
tables: company, company_device, and device. As I mentioned above, you will also have
transactions in the reference tables: you may need to add companies or devices in order
to start tracking them. But the primary transactions will be managed in the
company_device_history table.
Each of the boxes in the data model can be considered a data entity. A data entity is the
mix of fields and their behaviors which make up the representation of a business object.
In SharePoint, the structures of lists and libraries are dictated by the data entities we
apply to them. Those data entities may be created directly in the list or library by adding
columns or by enabling the use of Content Types on the list or library. Other data
storage mechanisms provide different approaches and levels of rigor to managing the
data entities they can contain.
The data we add to each table inherits the data entity’s structure and behavior. Each
table is basically a rectangle of data, where the rows are items and the columns are
fields. This rectangular construct is very familiar if you use Excel, or create shopping lists,
or collect data to make it useful in many other ways.
Many times, we think of the different apps or screens we build from a table-centric view.
For example, if we are adding a company_device_history item, it will probably be a
different screen than if we are adding a new company. I’ll discuss these differences more
in Part 3.
This usually means you explicitly create lists or some other data storage mechanisms to
contain the detailed logging information. In many cases with SharePoint Designer
workflows, the Workflow History list contained a log of the activity generated by the
workflow. Over time, old items in those lists would be deleted. This is the case with the
Office 365 Audit Log as well: the history is maintained for a rolling 90 days. If you need
more tightly integrated logging or longer time horizons, you may decide to build your
own mechanisms. More sophisticated data storage options may provide full-fledged
logging and auditing as part of their transaction engines.
When we add these types of enhancements, we are giving the list various powers to
provide us increased utility. While a list itself is useful, when we change the UI or add
new behaviors to it, the list becomes more and like a bespoke solution. When we extend
the list in these ways, we often need help from someone who has different skills and
knowledge of the platform, but it’s not that unusual for savvy end users to get a list to
this point.
From a database design perspective, combining multiple SharePoint lists into a solution
can seem crude, as we don’t have a lot of control over referential integrity, cascading
deletes, and many of the other capabilities we’re used to in full-fledged database
storage mechanisms. However, people have been building quite sophisticated solutions
with SharePoint lists as the storage mechanism for many years, with some sort of front
end which treats those lists almost like a database.
Each of the lists within our solution can have enhancements added to them, whether
that list contains transaction content or reference content. Adding, editing, or deleting
content in any of the lists may require different permissions, form structures based on
the user’s role, business logic represented by a Power Automate flow, etc. By combining
multiple lists – each of which can serve its own set of purposes – into a larger solution,
we can build rather sophisticated applications.
It’s worth reiterating, however, that SharePoint lists are not database tables and
SharePoint is not a database. The content in SharePoint lists ends up in a SQL database
somewhere, but that doesn’t mean that the lists themselves are database tables. This is a
common misconception about SharePoint, especially when technical people start
working with it for the first time. Just because there’s an instance of SQL running
somewhere, it doesn’t mean that you’re working with a database. We are separated
from the underlying SQL databases by a layer of Application Programming Interfaces
(APIs), and with Office 365 we cannot touch the SQL database directly.
Microsoft Dataverse
The Dataverse is a part of the Power Platform. It also has a different licensing model
then SharePoint does within Microsoft 365.
What Dataverse gives us is the ability to manage entities in a more sophisticated way. In
the multiple SharePoint list section above, that’s essentially what we we’re doing, but we
don’t have as many sophisticated capabilities we can bring to bear. For example,
Dataverse allows us to create real references between entities, business rules, forms,
views within and across entities, and more. Dataverse is in fact a layer of abstraction on
top of SQL databases, so you get some of that sophistication without having understand
how to design and maintain a database directly.
When we build entities in Dataverse and add relationships between them, we need to be
more careful up front. Generally, the more sophisticated the data storage mechanism,
the more up-front planning is required, as large-scale changes are difficult after the fact.
Not impossible – just more difficult.
Azure Tables
Azure Tables are like Dataverse in that they give us the ability to manage a set of
entities, but the underlying technology is NoSQL. Choosing Azure Tables over Dataverse
may well be driven by your available skills or determined by comparing licensing costs.
In many organizations, the fact that we even mention the word Azure means we need to
interact with a different set of technical people in order to obtain access. This means
that Azure Tables – while they may seem to hold more appeal from a technical
perspective – may be out of reach in a larger organization, often due to security
concerns.
SQL Databases
SQL databases or what many technology people would call “real” databases. Looking at
all the options above a database person would see them as highly inferior. SQL
databases make sense when you’re building something that needs to have industrial
strength, scale to any size, be fault tolerant, and even more importantly support highly
complex data structures.
Now what?
Once you’ve decided on your data storage mechanism – and it’s possible you may have
arrived at a combination of these options for a more sophisticated solution – you can
build out your data model. Depending on where in the spectrum you have landed, you’ll
need to apply different level of rigor to the data model up front, as I’ve mentioned. With
SharePoint lists, the 80/20 rule is in full force: you can easily make adjustments
iteratively. If you’ve landed at the SQL database end of things, you’ll need to nail down
the data model much more completely.
Next, you’ll start building out the user interface (UI) for your solution. I’ll tackle some of
your options for the UI in the next article in the series: Building the Front End.
This article was originally published as a part of the "Microsoft 365 - Making Good
Technology Decisions" series, written by Microsoft MVP Marc D. Anderson for
CollabMagazine .
Making Good Technology Decisions:
Front End
Article • 05/02/2022 • 7 minutes to read
7 Note
In the prior two articles in this series, I’ve gone over how to evaluate your organizational
readiness and what criteria to use to make decisions [Decision Criteria] as well as where
to store the underlying data for your solution [Data Storage]. In this installment, I will go
through some of the front-end options available to you, providing some of the plusses
and minuses for each.
A shortcoming of these forms in modern SharePoint is that you cannot build conditional
logic between any two or more columns as things currently stand. We used to add
JavaScript and CSS to the out of the box forms in classic SharePoint (huzzah,
SPServices?), but this is not possible in modern SharePoint. If you are still in classic and
you are customizing forms with JavaScript and CSS, read on…
Embedding a canvas app in the context of a single list does not limit us to interacting
with only that single list. For example, if we have a parent/child relationship between
two lists, the canvas app embedded in the parent list can also interact with the child list.
At this point, your canvas app can start to feel more like a small application.
Power Apps are billed as end user tools, but still require the right mindset to build
something with any complexity and be successful. Much like InfoPath before them,
canvas apps provide supposedly “low code” capabilities, but that only holds true if the
form is relatively straightforward.
With a standalone canvas app, you might have two or more underlying SharePoint lists
for data storage, or even Dataverse or some other storage mechanisms. By moving to
this level of abstraction, your end users really do not know where the data lives, nor do
they need to. The data is somewhere, and the app you build provides the ways to
interact with it and perhaps the entirety of the ways to review and report on it.
Using canvas apps this way, you can use the Microsoft Power Apps (Preview) Web Part
to embed the app right in any SharePoint page (where there is ample page real estate
for it realistically to live). Alternatively, you can send your users via a link (perhaps a
Quick Link) to the Power Apps environment where your app is hosted. Again, they do
not need to know where the app lives, just how to get to it.
Model driven apps provide a very different way to think about app building. With model
driven apps, the data structures – entities in Dataverse, primarily – determine most of
the possibilities for the front end. This is not a bad thing, but it can feel stranger than
canvas driven apps, where it feels more comfortable taking an iterative app building
approach. Note that my prior article was about data storage: I’ve found over the years
that getting your data model right up front (the 80/20 rule applies) makes building
solutions on top of it much easier, anyway. Model driven apps take that a step further,
requiring the data model first. Iteration is possible, but the further down the path you
go, the harder it is to change your data model.
SPFx solutions allow us to add functionality to SharePoint and Microsoft Teams (so far).
In SharePoint, we can create Web Parts or Extensions. Extensions include (with simplified
explanations):
Everything Else!
Of course, there will always be enterprises which decide some other front-end building
tool is the cat’s meow and thus should take the place of all the above. Microsoft 365 is
generally a modern Web environment and many services offer up well-documented APIs
which this crowd can use. To me, this is often folly as trying to get two different
technologies to work together can become a war of vendors, but it is certainly possible,
and lots of people find great success here. As for me, I prefer to stick with the Microsoft
365 ecosystem.
Summary
We have a plethora of options for our front ends. But do not think you need to pursue
only one of these options. Different types of solutions lend themselves to different
front-end building tools. A departmental solution might be perfectly built with canvas
apps where an enterprise-wide solution may make more sense with model driven apps –
or vice versa. If you have thought through your decision criteria and data storage for the
solution, in many cases the front-end tool set will logically be obvious.
To some degree, this series of articles has given you a laundry list of options you might
choose as you are making your architectural decisions. Understanding each option more
fully is important for you to make good decisions. Unfortunately, there are different
worlds across the ecosystem that do not often intersect, whether it is the people or the
technologies. By trying to think about the various options on the spectrum, we can
better serve our constituents by making better informed architecture decisions for our
solutions.
This article was originally published as a part of the "Microsoft 365 - Making Good
Technology Decisions" series, written by Microsoft MVP Marc D. Anderson for
CollabMagazine .
Library scenarios
Article • 09/08/2022 • 2 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
This guide will provide scenario-based guidance for the planning of SharePoint
document libraries.
Using the example of a Benefits and Pay and Compensation groups within a Human
Resources team, we would plan for the following document libraries:
"Documents" used to store files common to all members of the Human Resources
team.
"Benefits" used to store files for the Benefits functional group.
"Pay and Compensation" used to store files for the Pay and Compensation
functional group.
Using the example of project plans and governance documents, we would plan for the
following document libraries:
Using the example of employee reports, we would plan for a "Confidential" security
group and a "Confidential" documentary library with unique permissions that exclude
the members and visitor security groups.
Custom security groups and document libraries with unique permissions add
complexity to ongoing site management. Before implementing consider moving
sensitive content to its own site collection.
Multimedia scenario
Organizations often group image, audio, and video files in document libraries for
reference use or archival purposes. For example, branding and marketing materials.
Providing dedicated document library or Asset Library for multimedia purposes allows
for consistent use and storage of an organizations image, audio, and video files.
If you don't see Asset Library as an option in your built-in apps, contact your
SharePoint admin to see if they are available for your site.
Using the example of branding and marketing materials, we would plan for:
"Assets" document library or Asset Library for image, audio, and video files.
"Marketing Materials" document library for style guidelines and related content.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
One possible use for Site Templates (which used to be called Site Designs) is to manage
the life cycle of a unit of work. Site Templates allow us to do such things as create lists
and libraries, apply a theme, install an add-in or solution, set permissions, etc. (See: Site
template JSON schema)
We can also trigger a Flow, so that opens up a whole additional world of possibilities. If
we can’t accomplish what we need to do in the Flow, we can also call a custom Web
Service from the Flow. In the Web Service, we can do anything CSOM opens up to us. In
other words, Site Templates are the entry point we can use to do pretty much anything
we need in our sites.
So what does this have to do with project life cycle? Well think about it like this:
A project may start as just a proposal. In order to work on that proposal, we may
need a library to store the information we are using to put the proposal together.
(For some reason, many organizations I work with don’t see the value of
connecting the proposal artifacts with the project itself. I do!)
Once the proposal is accepted, we need some libraries to store our working
documents.
When the project starts to wrap up, we’ll want to collect our important learnings
and high value artifacts for later reuse.
Finally, when the project is truly done we may want to “archive” it.
This scenario may not fully match yours, but you probably could see something similar
applying in your world. Because Site Templates are generally additive and always should
be idempotent, each application of a new Site Template should have no detrimental
effect on the existing containers of content.
Depending on what information you track in the site itself or in another site – perhaps in
a Project Inventory list – you could even apply these Site Templates quasi-automatically.
For example, apply the Knowledge Capture Site Template when the Project End Date is
within two weeks. It may make sense to add an approval step so if something about the
project is out of band, the project manager can decide not to progress yet.
There are opportunities to automate much of this as well. We could run a Flow on the
Project Inventory list and when a project changes status or a key date is approaching,
we could automatically apply the Site Templates. We could also use the search API to
find sites with a specific piece or set of content and apply a Site Template with a Flow
based upon that discovery.
In other words, if you have a business process you want to support, Site Templates could
be an important piece of the puzzle. Moving a project through its life cycle is just one
powerful example.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
This example shows how you can cascade SharePoint lists and only show a subset of the
data.
Cascading is useful when you have several lists that are related to each other and you
only want to see the relevant options based on a previous selection.
We will illustrate this with a scenario. Our ambition is to create an awesome list of great
innovations from various countries and to be able to cascade the innovations based on
the choice of region, filtering the countries for the specific region.
1. SharePoint Lists
This example uses 3 different SharePoint lists:
Country: Contains a single line of text columns for the Title and Region. The list is
populated with 231 countries with an associated region. The View used is grouping by
Region. The taxonomy of world regions can be found here .
Region: Using the default Title field for the region title. The additional text field
Countries is used as a placeholder for column formatting only.
Innovations: The main list in this example, this list is where all the great innovations can
be added, using Lookup fields for both Region and Country (and Country:Region) and a
single line of text column for Title.
First, we will have to create a navigation link to the grouped view in the Country list.
First, click on a heading so the list only shows the heading. Then copy the URL and move
the "FilterValue1=" to the end of the URL.
Navigate to the Region list and select or create a new single text column named
"Countries". Click on the Countries column header and select "Column settings" and
"Format this Column" in order to show the Column formatting screen.
Finally, paste the URL into the JSON formatting (see code below). Remove the last value,
("Africa") so the $Title field is used instead of the static value. Paste in your custom
edited JSON and press Save.
JSON
"$schema":
"https://columnformatting.sharepointpnp.com/columnFormattingSchema.json",
"elmType": "div",
"style": {
"display": "inline-block",
"min-height": "auto"
},
"children": [
"elmType": "span",
"style": {
"display": "inline-block",
},
"attributes": {
"iconName": "Forward"
},
"elmType": "a",
"attributes": {
"target": "_top",
"href": {
"operator": "+",
"operands": [
"INSERT_URL_HERE",
"[$Title]",
"&FilterType1=Lookup"
]
In Power Apps, select the Country card and under the Advanced tab select "Unlock to
change properties" to open up for edits. Depending on your specific instance the given
names for components may be different, so adjust accordingly.
Select the DataCardValue3 (Combo Box) in the Country_DataCard1 (Card), and select the
Items function value.
Because the Choices function only allows for two values (Id, Value) for the lookup to the
Countries list, we have to make some additional changes.
Make sure that the "Region" column is checked in the lookup field to the Country list.
Basically this shows up in Power Apps as an additional table.
Using the Filter function and the in operator we now can reference the values based in
the Id from the Country to show the proper Title value based on the selection of the
Region.
powerapps
Filter(Choices([@Innovations].Country), Id in
Filter(Choices([@Innovations].'Country:Region'), Value =
DataCardValue2.Selected.Value).Id)
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Not all documents are created equal. Based on the relative weight and importance of a
document, we may decide on quite different ways to manage a document through its
lifecycle. In this article, I present several different scenarios for managing a document
lifecycle.
No one of these scenarios will be appropriate for all of your documents. Instead, you
should consider this a set of potential options as you think through your own document
life cycles. One or more of these scenarios may be adaptable to your specific needs.
The effort of assembly in this case takes the ad hoc components and glues them
together into a coherent document for further editing and polish. Common file formats
in this case are Word or PowerPoint.
Tip
Ideally if we are working with documents on our desktops, they are also synching
to OneDrive with OneDrive PC Folder Backup (née Known Folder Move).
When we feel our document is "ready" or has reached a point where we would like
some feedback - usually from "trusted" co-workers - we share the document where it
sits by creating a sharing link and sending it to them.
Once we've collaborated on the document with the small circle, we may decide it is
ready for our larger work team to review and give us feedback. At this point, we may
move the document from our OneDrive into the Team Site (SharePoint) or Files tab
(Microsoft Teams) where out team has access and we share a link again. This is the
beginning of the shift from the inner loop to the outer loop.
If our ideas in the document are truly useful or brilliant, we may end up publishing the
content on our Intranet as part of our department's Communication Site (SharePoint) or
on Yammer.
We may get such rave reviews for this document that we end up publishing it externally,
perhaps on our Intranet site or in presentations at conferences or symposia. Usually
before this happens, the document (or connected content in another form) goes
through another round of editing in its new form, and that can happen by resetting
back to the personal thoughts entry point above. Content we share externally generally
requires a different tone and filter than that which we share internally.
The goal with documents like this - perhaps a company policy or regulatory filing - is to
ensure accuracy and adherence to all organizational constraints.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Scenario
We have a library with a number of folders, and each of the folders contains multiple
files. These files need to be sent out as attachments, when needed. There are many use
cases for this capability, but the example in this article is related to contract
management. As you might have guessed, these documents need to be sent as
attachments outside of the company.
7 Note
If you are new to Power Automate head over to the official documentation to learn
more.
The Steps
1. The flow is started by the user
2. The user inputs the recipient's details
3. Flow will locate the correct folder
4. Flow will collect all the files
5. Flow will add the files to an attachment array
6. Flow will send the email with the attachments
In our SharePoint team site we have a Contracts folder and inside this folder we have
our partners and customers as sub-folders.
The contract files are located inside the customer/partner folder as below
Using the library menu | click Automate | Power Automate | Create a flow
The flow we are building is an Instant Flow, so in the dialog click "See your flows" to
navigate to the Flow editor page.
Choose to create a new flow | Instant-from blank.
Name your flow, choose to "For a selected file" as trigger, and then click Create.
Whenever the flow runs we need some data from the end user. In this case "Recipient
Name" and "Recipient Email". We will create two variables:
Recipient Name
Recipient Email
FolderName | this is the folder we will grab the files from
AttachmentsArray | this is the array where we will put all files to be sent
The next step is to grab the data for the item that started the flow. That way we can
verify if the "item" that started the workflow is a file or a folder.
If folder is "true", we will then append the folder name to our variable "FolderName",
and use this in the next action to grab all the files properties in the current folder.
We will then use "Apply to each" to append the files' content to our Attachment array
variable. The trick here is to append the right content. Thanks to this guide at the Flow
forums by Sunay Vaishnav, I finally managed to get this working.
As of this writing, the best way to append SharePoint files to an attachment array is:
JavaScript
"Name": @{items('Apply_to_each')?['{FilenameWithExtension}']},
"ContentBytes": @{body('Get_file_content')?['body']}
The final action is the "Send email (V2)" action. You will need to populate the action with
the following inputs:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Introduction
Learning Pathways is a customizable, on-demand learning solution in Microsoft 365.
Learning Pathways offers a fully customizable SharePoint Online communication site
(that may be used as a training portal), easy provisioning from the SharePoint Look
Book , the ability to make your own training playlists with custom assets, a custom web
part to surface training content across your SharePoint site collections, and up-to-date
Microsoft documentation for Microsoft 365 solutions.
Use Cases
If an organization creates their own custom training or has training for other
technologies outside Microsoft 365, adding custom training to Learning Pathways
creates a one-stop-shop for all training content across the organization.
While many companies still need or actively use a Learning Management System (LMS)
to support requirements like role-based training assignments and reporting, many of
these systems do not house the documents. Saving training documents and videos to
Microsoft 365 can help support the enterprise LMS by integrating content into Learning
Pathways and providing the ability to surface the training content in context on relevant
sites through the custom web part.
For example, there is training content on the LMS for how to click through a
procurement system to purchase goods. There is also a page on the procurement site
talking about the business process. You can reduce the friction of getting all necessary
content to the end users to complete a purchase by using the Learning Pathways web
part to embed that specific playlist for purchasing goods on the same page where the
rest of the business process is referenced. Learning Pathways helps shorten the steps
across the intranet by having information to complete top tasks right where people
need it.
Each playlist offers dropdown menus for “Level” and “Audience,” helping end users
determine where to begin. The order of the playlist can match which pieces are most
important to the organization or follow a logical progression increasing in difficulty.
Breaking training content into bite-sized chunks may also support your end users as
they try to fit learning into already busy days.
For example, Contoso has decided to begin self-service SharePoint site creation. There
are different types of governance for collaboration and communication sites. This
governance exists in the intranet on the Information Technology site collection. The
governance can now be added to a playlist for “Team Site Owners” and “Communication
Site Owners” to ensure they are not only learning how to use the technology, but also
following the better practices that supports a consistent user experience across
Contoso’s environment as well as keeping content secure.
Conclusion
Learning Pathways is immediately helpful to an organization as it comes with a
SharePoint site collection with Microsoft documentation pre-loaded into playlists. The
content is updated and released by Microsoft removing the burden from the
organization to document training and keep it up to date. Organizations can now focus
on extending learning pathways by customizing playlists, adding their own assets, and
focusing on structuring their content to best support their end users.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
It's an out of the box web part - style options are Grid, List, Carousel, and Filmstrip.
This article assumes you're a site owner and not looking to custom code your own
solutions.
The type of content - and where you query it from – change your HCWP
configuration and filtering choices.
HCWP filtering capabilities are more complex than most other modern web parts.
You can use KQL, CAML, and/or Managed Properties to filter and display specific
results. We'll cover examples of that here.
As a site owner making pages for SharePoint or Teams, you understand the value of
automatically rolling up content from multiple lists, libraries, and sites to display them
on a page. Using built-in list or library web parts work fine... but your end users never
put things in just one place. They're empowered to self-organize their content across
multiple sites! The Highlighted Content Web Part can help here, automatically showing
users the right content on a page, regardless of its physical location.
Site Owners may remember classic web part pages and their content rollup web
parts. The Highlighted Content Web Part is the successor to the Content Query and
Content Search web parts. The mental model is very similar, but HCWPs only work in
modern pages.
What should I learn?
To dig into the real power of the HCWP you'll need to increase your knowledge in key
SharePoint areas and technologies. Here's the learning path you should traverse:
1. HCWP fundamentals
2. Site Columns
3. Managed Properties and SharePoint Search
4. KQL
5. Maybe CAML (But, maybe you don't have to?)
1. Fundamentals
If you're new to the Highlighted Content Web Part you can start by reading Microsoft's
documentation. In fact, even if you have used the HCWP before, this existing
documentation is a must read.
This Community Docs article won't rehash what's already covered there.
Start your Site Column learning with these Microsoft Community Docs articles:
Tip
It is fast and easy to make a new list or library column – but if there's a chance you
think you'll need to filter by it with a HCWP, create that List Column into a Site
Column instead. Taking an existing List Column and converting it to a Site Column
can be a lot of manual work.
3. Managed Properties
Beyond the basic filter options of the HCWP (like "Title includes" or "content includes"
or dates), the HCWP allows more advanced filtering and sorting by a Managed Property.
Managed Properties are available to filter and sort in HCWPs either through the regular
filter interface or via the more customizable KQL and CAML interfaces. More on that
later.
Start your Managed Property learning with this Microsoft Community Docs article:
Tip
KQL runs a search over a specific area of content and returns results in your HCWP.
author:"Patrick Doran"
7 Note
Spacing counts – A space between a colon and a " might return a very different
result.
A Path to success – The Path property is built -in and can quickly narrow down
scope if you know the list(s) and library(s) you want to get content from.
Path:"https://mytenantname.sharepoint.com/sites/HumanResources/Enrollment"
Path:"https://mytenantname.sharepoint.com/sites/HumanResources/Enrollment" AND
Filetype:"XLSX"
Filetype:docx)
There are many more built in Managed Properties you can use; these are just some of
the most commonly useful ones.
Tip
A Find a managed property search in the HCWP filter configuration panel will show
you some of what's built in versus what's custom:
4. Using CAML to query and filter
If your HCWP is displaying content from a specific document or pages library, you can
use CAML. If you've ever seen an XML file or RSS feed, CAML looks a lot like that.
XML
<Query>
<Where>
<Geq>
<FieldRef Name="Expires"/>
<Value Type="DateTime">
<Today/>
</Value>
</Geq>
</Where>
<OrderBy>
<FieldRef Name="Modified"/>
</OrderBy>
</Query>
This is looking for a column called Expires, where the value is equal to today or after and
its sort order is by Modified date.
7 Note
With two Custom Filter options for a Highlighted Content Web Part, picking one
comes down to the type of data you're filtering. A HCWP scoped to a single list or
Document/Pages library only lets you filter with CAML, while all other scopes let
you filter with KQL.
In many scenarios, KQL might be able to do everything you need, and may be easier
to write versus long, complex nested CAML queries.
If you want to use KQL in a
document library, just set the query to the site (rather than a particular library) and
scope it with the Path managed property.
Real-world examples
The rest of this article will provide scenarios and tested examples to show you some
possibilities.
Tip
Since this article is part of the Microsoft Community Docs, you're encouraged to
contribute your own scenarios!
Get started contributing here: Microsoft
Community Docs
This looks like a job for the Highlighted Content Web Part!
https://mytenant.sharepoint.com/sites/Legal/Shared Documents/
https://mytenant.sharepoint.com/sites/Quality/Shared Documents/
https://mytenant.sharepoint.com/sites/Purchasing/Shared Documents/
You'll use a HCWP to retrieve documents from 3 different sites in the same tenant.
Each document will have a shared Site Column with a value applied. The HCWP's
job is to return any documents with a matching value for this Site Column.
You'll query based off a Site Column called "Contracts" and will be looking for a
value of Legal, Purchasing, or Qualifications
You'll make sure the same Site Column is available in all three sites, in the three
libraries.
7 Note
Adding the Site Column is probably easiest if you can do it the SharePoint Admin
Center. Don't forget to publish it!
2. Under Filter, you could pick Title includes the words and add one filter each for
Legal, Quality, and Purchasing as long as those are the file titles. This option is a
little riskier because someone could upload another file with those words in the
title and they'd also appear in the web part.
The safer call here is to use SharePoint metadata. Since you've already added the
Contracts column as a Site Column, and flagged each file as wither Purchasing,
Legal, or Qualification, let's use that instead.
3. In Site Settings, check to see if this column is already a Managed Property with a
Crawled Property associated with it. Once that's done, head back to your page, edit
your HCWP, and set the Filter values based on your Managed Property. You'll find
it using the word 'Contract' and the Managed Property Name will display soon. In
these screen captures, we've added the three filters (of the same type, so they are
OR not AND)
And that should be all you need to do. If you've uploaded and tagged your documents,
added the right values to the Site Columns, and configured the Managed Properties
correctly, you'll see three docs displaying in the web part.
In your HCWP, choose 'Custom Query' instead of 'Filter' and set the Source to be 'All
Sites'. Now enter this in the Query text (KQL) field, and click Apply:
isDocument=true AND (ContractsOWSCHCS: Legal OR ContractsOWSCHCS: Purchasing OR
ContractsOWSCHCS: Qualification)
There is a short period of time where the current year and future year documents need
to both be accessible as well.
Using SharePoint metadata columns in libraries to indicate benefit type and year - paired
with a HCWP - make for easy transitions as the HCWP filtering query just needs to be
updated.
1. Create a library
2. Create Content Type
3. Create site columns for Year and Benefit Type columns and add those to your
Content Type.
4. Enable the new Content Type in the library. (This will also add your Site Columns.)
5. In Site Collection Search, map the Crawled Properties to Managed Properties for
both Site Columns. Pay special attention to the Year column, which needs to be a
date/time Managed Property.
6. Add documents to the library, and make sure you populate the Benefit Type and
Year values.
7. Go get a coffee or tea and wait for SharePoint Search to crawl your library and site
columns.
Add your HCWP to the page, pick Filter instead of Custom query, and set your source to
be the document library with your Content Type and Site Columns.
Under Filter, search for the Enrollment Content type you made. Then add additional
Managed Property filters for Year which is a Site Column you added. And because it's a
date/time column, the HCWP will ask you to specify a range of time to filter. Before,
After, or Between.
In this case – set Year between 01/01/22 and 12/31/22. The HCWP will show only
documents from that library for 2022.
Add your HCWP and set the scope to be this one document library. When you pick
Custom Query, the interface will look a lot like the KQL syntax query, but it will
specifically request you input CAML.
Tip
Valid CAML Query isn't trivial to write. There are a variety of 3rd party tools and
plugins designed to connect with your SharePoint site and help you build out the
query that'll work in your environment.
For our scenario, we have a large list (10k items) of grant applications that was imported
from a spreadsheet. Customer wants to see cards on a page with just items they've
created and just ones from their home territory of Idaho.
This is probably the easiest approach. We'll use three filters to meet this customer's
needs.
Set source to All Sites. First filter with be using the built-in Managed Property of Path .
Setting this up with CAML
CAML won't work here – it only works for documents and pages.
(Path:https://mytenant.sharepoint.com/sites/DemoSite/Lists/Demo%20Grant%20List AND
"Idaho" AND Author:{User.Name})
Modern SharePoint Web Parts: Highlighted Content Web Part from Lightning
Tools
How Do Site Columns Become Managed Properties - Thus Available for Search
from Microsoft Community Docs
How to Display a list of sites on a Modern Web Part page from TechNet
Principal author: Patrick M. Doran . Thanks to Emily Mancini for contributing scenario
examples.
Using Shared Channels (Teams Connect)
for External Collaboration
Article • 01/03/2023 • 4 minutes to read
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
One of the most exciting announcements from Ignite 2021 was that of Shared
Channels (Microsoft Teams Connect) which seemingly promised to finally resolve the
considerable friction involved with cross-tenant collaboration (collaborating with other
organizations using Microsoft 365). The idea of Shared Channels was simple, yet
powerful. Instead of moving between Tenants to access information, allow for that same
information to be available within your home tenant! Now that we've been able to see it
in action in the Public Preview, what do we think? Has it realized the hype from last
year?
1. Reused in multiple Teams across tenants (this article) so that users from multiple
organizations can work together in the same 'space' without needing to switch
tenants.
2. Reused in multiple Teams in the same tenant (see this article for details) so that
users from multiple Teams can work together in the same space without needing
access to the same Teams
The key portion here is that B2B Direct Connect requires a mutual trust relationship
between two Azure AD organizations to allow access to each other's resources. Both
the resource organization and the external organization need to mutually enable B2B
Direct Connect in their cross-tenant access settings. While this may not seem like the
end of the world, it does seem counter to the well-known concept in Cyber Security of
Zero Trust, especially its well-known adage 'never trust, always verify.'
A more 'trusting' security stance may be possible for organizations with subsidiaries, or
companies that all operate under shared ownership, we feel this is going to be a
massive challenge for most organizations, especially those with strict security policies.
This is hugely disappointing and we've heard this sentiment echoed by many clients and
partners with whom we've discussed the topic.
How To Set It Up
1. Access Azure AD > Identity Governance > Cross-tenant Access Settings
2. Add an organization to enable B2B Direct Connect
3. Find an organization by domain or Azure ID
4. Setup Default Inbound/Outbound Settings (Host Tenant)
5. Have other tenant admin perform these steps for their organization (Recipient
Tenant)
6. Setup Shared Channel (Host Tenant)
7. Send Channel Share Request (Host Tenant)
8. Accept Shared Channel (Recipient Tenant) and select Team for it to reside in
9. Approve Shared Channel Placement (Host Tenant)
The result:
Note: This sample opened up bi-directional sharing for all users in both organizations.
Microsoft allows further granular controls on B2B direct connect and many additional
security settings.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
One of the most exciting announcements from Ignite 2021 was that of Shared
Channels (Microsoft Teams Connect) which seemingly promised to finally resolve the
considerable friction involved with cross-tenant collaboration (collaborating with other
organizations using Microsoft365). The idea of Shared Channels was simple, yet
powerful. Instead of moving between Tenants to access information, allow for that same
information to be available within your home tenant! Now that we've been able to see it
in action in the Public Preview, what do we think? Has it realized the hype from last
year?
1. Reused in multiple Teams across tenants (see this article for details) so that users
from multiple organizations can work together in the same 'space' without
needing to switch tenants.
2. Reused in multiple Teams in the same tenant (this article) so that users from
multiple Teams can work together in the same space without needing access to the
same Teams
It is important to note that some organizations are already using Yammer for some of
these use cases, and we do not intend to imply this is a bad approach. Yammer has
fantastic community-based functionality with its great Q+A features and much more.
That being said, for organizations not ready or willing to introduce another tool into the
mix, there is now an option available within Teams that can simplify information
management, and streamline communication without adding considerable new layers of
complexity.
Potential Challenges
One issue we see with Shared Channels is just how confusing the whole experience
seems to be for end-users. Firstly now users have a choice of 3 types of channels that
they can create:
This can be confusing as users rarely know the different channel type (Public vs Private)
but now there is another one in the mix. This will require significant knowledge on
behalf of users to understand the subtle difference.
Also when sharing a Shared Channel the options are even more strange and confusing:
The options are confusing to many users. While the choice of 'People' is straightforward,
selecting a 'Team' actually prompts the user to find a Team Owner, not a Team. This
Team Owner will decide where the Channel will be placed. Again this leads to all sort of
confusion to what exactly a Shared Channel is, who is a member and who can access it.
How to Set It Up
1. Ensure Shared Channel creation is enabled in Teams Admin > Teams Policies
2. Locate the Team that will serve as the permanent host
3. Click Add Channel, give the channel a Name, then select Shared Channel for
Privacy
4. Once the channel is created, click Manage Channel for the new Shared Channel
5. Using the button at the top right, click Share with a Team (for a team owned by
someone else), or Share with a Team You Own (for a team you own
If Sharing with a Team You Own, find the Team from the list and click Done.
If Sharing with a Team (i.e., Sharing with a Team you do not own) locate the
Team Owner and click Send Invite. This will send the invite to the Team
Owner to approve and they will select where to use this Channel. Once they
have Accepted, a notification will arrive prompting you to to Approve where
they have placed it. If you cannot locate the notification, return to Manage
the Channel and view Sent Invites.
The result:
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
7 Note
The below sample codes is updated to work with the PnP.PowerShell version 1.11.0
If you need to work with SharePoint Online, whether it's doing some minor
modifications or building a custom SharePoint provisioning solution, PnP PowerShell is
one of the greatest tools there is. It will certainly help you achieve your goals. PnP is a
lot more than just PowerShell, but since I'm an IT-Pro at heart, PowerShell is the number
one tool I have in my toolkit.
First things first, if you are unfamiliar or new to PnP, head over to the PnP PowerShell
overview to get introductions and guidance on how to setup this.
Client-side pages is a big topic. In this article I will cover some real world use cases
where I've been using PnP PowerShell.
Some basics
Tip
Client-side page is a term we use to tell others that the page we are working
with is a SharePoint modern ".aspx" page.
Currently Site Designs and Site Scripts don't have support for Client-side
pages
You should be the owner of the site you are working with as it will make a lot
of things easier
Connecting to SharePoint with PnP
This is the first command we need to know in PnP:
PowerShell
7 Note
The switch "Interactive" will make sure you can authenticate if your account is
configured with MFA, and provides more features.
But this requires the tenant
admin approval of the "PnP Management Shell" app in Azure AD, and it's not easy
to get this approval sometimes.
After connecting you can start working with the pages you have in the site.
The code below will create a new page named "Welcome" and add some web parts on
the page.
PowerShell
$pagename = "Welcome"
#Add the list webpart to the page, but stating that it's a document
library then add the library GUID
PowerShell
Based on the output above, running the below code will give us the properties of the
"Document library" webpart on the page, and you can see that it's linked by default to
the default document library.
PowerShell
$webpart.PropertiesJson
We create a new view in the Document Library and set this as standard for the webpart,
then run the above code one more time. Note the "viewid" value in the URL.
The new output will have a lot more details about the new webpart configurations:
"selectedListUrl":"/sites/DEMO505_72/Shared Documents"
"selectedListId":"6a041fef-b2a2-45b4-b827-c1b268bc63d3"
"selectedViewId":"4f8130a7-fa49-4c65-bafe-d3b738811187"
In order to work with the webpart properties through PowerShell, I had to convert the
properties from JSON, make changes, convert back to JSON, then update the web part.
For example, if we want to set the default web part view without manually editing the
page, first we need to find the view ID. You will find this in the library when you change
the view, or by using "Get-PnPView".
AllItems | 43539779-8800-4745-a680-01aca0c43139
Modified by Jimmy | 4f8130a7-fa49-4c65-bafe-d3b738811187
PowerShell
$webpartJson = $webpart.PropertiesJson
$webpartobj.selectedViewId = "43539779-8800-4745-a680-01aca0c43139"
$webpart.PropertiesJson = $webpartJson
$page.Save()
$page.Publish()
Above is the technique I use when I want to work with specific pages. When I want to
provision SharePoint sites with a certain configuration and pages, normally I combine
the above with PnP Provisioning template commands.
PowerShell
Get-PnPSiteTemplate -Out "C:\Development\template.xml" -Force -
IncludeAllClientSidePages #includeallclientsidepages will copy all other
pages in the site
7 Note
When running the above command you might see the following error: "Get-
PnPSiteTemplate : GetAccessTokenAsync() called without an ACS token generator.
Specify in AuthenticationManager constructor the authentication parameters",
proposed solutions to this can bee seen in below posts:
I will then clean the template.xml, by removing all other components that I don't need,
and in the "ClientSidePages" node you will find the web parts' instanceIDs that you can
reuse later.
To apply the template to a new site, in your script connect to the new site then run
Invoke-PnPSiteTemplate with the template:
PowerShell
Afterward, depending on your needs, add extra code to update the web parts.
Finally, I would like to thank everyone that has contributed and still contribute to PnP,
it's super #awesome and it's making my day easier everyday.
Useful resources
PnP PowerShell overview
Creating new client-side page
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
This article shall shed a light on two aspects of Modern Workplace: Microsoft Teams
Provisioning using a low-code solution while ensuring that Teams Owners are digitally
literate enough to be responsible owners.
Uncle Ben was right: With great power comes great responsibility. If we give users great
tools with great power, we also need to make sure to properly skill them up. We also
need a lean process to deal with common asks.
Just blocking Microsoft 365 Groups / Teams creation and having an established approval
process owned by IT won't meet business needs. Your users will work around that and
find shadow IT solutions. Yet allowing everyone to create Groups and Teams will lead to
over adoption: too many Teams which should be channels, too many channels which
should be chats.
Solution Overview
A user asks a chatbot for a new Team in natural language. A Power Automate flow picks
up this information and checks if the user is already in an Azure AD security group called
Educated Users. If the owner to be is already a member in this Educated Users security
group, a second Power Automate flow gets the manager's approval and provisions the
team. If the user is not a member of this group, the user will be invited for training and
testing.
If the user passes the tests, he/she will be added to the group of Educated Users (which
means that for the next Team request, he/she doesn't need to pass a test again) and the
second flow gets the manager's approval and provisions the Team.
If the user doesn't pass the test OR if the manager doesn't approve, notifications will be
sent and the process ends.
Title
Given answer 1
Correct answer 1
Given answer 2
Correct answer 2
is answer 1 correct
is answer 2 correct
Total score
Result
For the calculated columns enter the following information in the Formula box.
Choose Number as the data type for the first three, and Single line of text as the data
type for Result.
Outline the conversation in the Authoring Canvas. Ask all the questions we need to have
answered to provision a Team like: team name, description, owner, and visibility. You can
also ask for the first members or channel names. Save all inputs as Variables and give
them easily recognizable names like VarOwner or VarTeamName.
The PVA template will open up in a new browser tab. Save this template with a new
name.
Initialize your variables for all the information the user gives us so we can provision the
team: team name, description, privacy, owner, members and first channel.
After we took care of all variables we need to check the group membership of our
owner.
The CHECK GROUP MEMBERSHIP action returns the string of the Group ID if a user is a
member of the group and will return NULL if the user isn't member of that group.
Expression: empty(null)
If he/she is in the educated group, we can just log the request in the SharePoint list we
already prepared.
If the user is still in the Uneducated Group, we need to invite him/her to a training and
test him/her (and wait a bit so he/she can complete this).
To invite the user to the training and link him/her to the test, we can use Adaptive Cards.
If you never used Adaptive Cards before, just go to Adaptive Cards , select
MICROSOFT TEAMS as host applications and replace the text of one of the samples with
your text in the visual editor. Below, the Designer auto generates some JSON for you —
copy-paste this into a POST YOUR OWN ADAPTIVE CARD AS A FLOW BOT TO A USER
action.
If the user passes the test, he/she will be added to the Educated Group and we log the
request in SharePoint. If the user doesn't pass, we will just send notifications and end
the process.
Create a 2nd flow to provision a Team based on the
information we got out of the first flow
Microsoft Graph
Power Automate doesn't provide an action "Create a Team". Therefore,
we will call Microsoft Graph to create teams, add members, create channels, and a lot
more, but we first need to authenticate to make this magic happen.
To make it work, we also need an App Secret. Please, save this. In this minimal viable
product, I just saved it in a variable, better to use Key Vault for that. Regardless where
we store the App Secret: You only have ONE chance to save it, as soon as you leave this
blade, you can't see it anymore.
Manager's Approval
We will again create an Adaptive Card for this:
Depending on the outcome we let Microsoft Graph create first a group and then update
it to a team or we will end the process if the manager doesn't approve. Here is what
happens if the Outcome is not Approved:
We update our SharePoint list (status is now rejected) and we post another Adaptive
Card to our user to inform him/her and terminate the process.
If the Outcome of the Approval is Approved, we need to update our List as well and add
an HTTP Call to first create a Group:
As we do not only want a Microsoft 365 Group but also a Team based on that group, we
need the Group ID. To get this ID (remember, we initialized an empty var for that
already!), we need the parse JSON action and set our Group ID var to that value:
Now it's time to use another two HTTP calls for creating the Team and adding the
channel:
Please keep in mind to expand the SHOW ADVANCED OPTIONS and enter all
authentication information as shown in the Create a group step. Now update your
SharePoint list (status is no created) and inform your user with another Adaptive Card in
Teams:
The goal is to enable users and to give them great powers! We now have an easily
maintainable solution for IT and a very lean process for the business side of a company
to request common asks. We are more efficient as we only need to involve human
working time if needed. We don't need to spend lots of time to make users adopt this
system as the interface is easy to understand even for users who are not that tech-savvy,
plus we have a good chance to narrow the historical gap between business and IT. It's a
#BetterTogether story.
If you don't like the chatbot approach, you can also work with a request form in
Microsoft Forms or with Power Apps if you prefer another UI.
What is PowerShell?
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
The version that ships on Windows devices is called Windows PowerShell, and the
cross-platform version is called PowerShell Core and is also available on Windows.
Let's have a look at all the different modules currently available for SharePoint.
There's a lot of possibilities to manage your environment with the SharePoint on-
premises cmdlets, as the module contains approx. 840 cmdlets.
That's a big drop from the on-premises version, isn't it? But when you think about it, it
makes sense. With SharePoint Online, as you may know, there's a lot Microsoft is taking
care of, therefore there's no need for us to manage databases, Service Applications, or
even Web Applications as a few examples.
Currently (late 2019), and depending on the SharePoint version, there are approx. 400
cmdlets, and 4 modules available for:
SharePoint Online
SharePoint 2019
SharePoint 2016
SharePoint 2013
If you need to create only one site collection, using PowerShell wouldn't really be
beneficial.
If you use PowerShell, it's likely to take less than 5 mins, and off you go!
Anything else?
Sure, you have other purposes for using PowerShell in SharePoint of course.
Other than
creating things, you can change/remove them all at once on multiple sites, extract
information like Users/Groups/Permissions, and even integrate with other platforms like
Azure to automate your most complex tasks!
Why is it so important?
Managing SharePoint on-premises or online effectively and efficiently is crucial. This also
applies to other platforms like Active Directory, Microsoft Exchange, or Systems
Administration.
You don't need to be called a 'developer' to run a few cmdlets or create scripts.
If you live within the Microsoft ecosystem on a daily basis, you will likely use PowerShell
at some point.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Security has always been an important topic, and even more nowadays.
We want our
users to securely access the environment, share files, and our IT team to sleep at night
don't we?
In this article, we'll look at the most important settings in Microsoft 365 to help you
secure your SharePoint Online environment, and see how it involves more than
SharePoint administrators!
Note: Details on how to configure each settings is out of scope of this article, but links
to the official Microsoft documentation will be provided whenever possible.
Tenant settings
This should be the first place to go before even getting the users into SharePoint. But
unfortunately, most of the time the default settings remain untouched, and users start
using the platform.
There are a few tenant settings to pay attention to however. Sharing settings are
extremely important. If left to default, they can have dramatic consequences and lead to
data breaches. So let's start with this setting.
Sharing settings
To access the Sharing settings (tenant level), navigate to the SharePoint Admin Center,
under Policies, select Sharing.
The first thing that should make your heart beat faster at this stage is the slider for
SharePoint and OneDrive being at the same level as the word "Anyone". Isn't it a scary
thing to read that users can share files and folders using links that don't require sign-in
from the recipient? ANY recipient for that matter.
So unless you're absolutely sure that you want to keep it that way, slide down one level
immediately!
Note: You don't even need to know the exact company policy for OneDrive for
Business at this point. The slider will also follow the SharePoint setting down one level.
That's because you can't have a more permissive sharing policy for OneDrive for
Business than you have for SharePoint.
When you know what the company policy is, you can choose the appropriate sharing
settings between the following:
Limit external sharing by domain: If selected, you can Allow or Block specific domains. A
common scenario would be collaborating with specific customers or partners. This
setting is available at the tenant level, as well as at the site level.
Note: From the moment you choose to "Allow" one or more domains, the other ones
will be blocked. If you decide to "Block" one or more domains, the other ones will be
allowed.
Allow only users in specific Security Groups to share externally: If selected, members
of the security group(s) will be the only ones capable of sharing externally.
Note: This option is only available if your sharing settings (tenant) are set to "New and
Existing Guests" or "Anyone". For more information, please refer to the official
Microsoft documentation: Manage Security Groups.
Guests must sign in using the same account to which sharing invitations are sent: This
adds an extra layer of security to make sure that the user accessing the file(s) is the one
you expect to. Selecting this option is highly recommended when possible.
People who use a verification code must reauthenticate after this many days [number
of days]: New method where guests will authenticate using a one-time passcode for the
number of days you configured.
For more information about this feature, please refer to the official Microsoft
documentation: Secure external sharing recipient experience.
Site settings
SharePoint permissions... A vast topic, which most of the time, ends up in hair pulling
and sleepless nights. And things are not getting better when sites are group-connected!
See the permissions as crescendo. We start at the top (site level), and going down in a
granular fashion, we can assign them to items (documents).
SharePoint Groups
Regardless of the type of site (group-connected or not), when you create a site (although
it depends on the template), by default 3x SharePoint groups are created:
Owners
Members
Visitors
Each (built-in) group has a permission level assigned to it. Use those ones first, but if
they don't fit your needs, create a new SharePoint group, and assign your own custom
permission level to it.
You can copy a permission level, and select or deselect options for your requirements.
Best Practice: If necessary, create your own SharePoint group and permission level,
and avoid modifying or deleting the built-in groups. For more information, please
refer to the official Microsoft documentation about the Default SharePoint Groups.
However, it's entirely possible to create Microsoft 365 security groups directly in the
admin center, and add those to your SharePoint site as well!
Active Directory groups are different from SharePoint groups. When you create a
SharePoint group, it will only be available within the site where it's been created.
Best Practice: Add security groups to your SharePoint groups for easy management.
Although it's possible to add users individually to sites, it will be harder to manage
down the line.
When you create a site and then start creating libraries, lists, and upload documents, all
users accessing the site also have access to those libraries and documents. Remember
the crescendo thing? 😉
When breaking permission inheritance after creating the library or list, the default
SharePoint groups (i.e.: Owners, Members, Visitors) will still appear under the site
permissions settings.
Add your account (to keep access), then remove the default
SharePoint groups, and add whoever needs access to this library, which has now unique
permissions.
Site Sharing
Site sharing will differ if your site is connected to a Microsoft 365 Group or not. The
modern interface allows for a more comprehensive way to control permissions, and
offers more granularity when sharing.
When connected to a group, you still have the possibility to share the Site Only.
Meaning that you don't have to share other resources associated with a Microsoft 365
group (i.e.: shared mailbox, Planner, etc...).
If however, you wish to share the site as well as including the user(s) within all the
resources provisioned with the Microsoft 365 group, then you need to select Invite
people >> Add members to group. The choice is yours! 😉
Change how members can share
Something else that might also mitigate how sharing occurs, is the possibility to select
between the following 3 options:
Site owners and members can share files, folders, and the site. People with Edit
permissions can share files and folders.
Site owners and members, and people with Edit permissions can share files and
folders, but only site owners can share the site.
Only site owners can share files, folders, and the site.
With regards to first 2 bullet points, the difference is that in option 2, only the site owner
will be able to share the site. Members will not. I have to admit, it confused me at first,
and I had to read it a few times!
While the 3rd bullet point is self explanatory, we can imagine that it might prevent users
from performing their tasks? What if you need to share something with a colleague or a
customer? And this will also add more work for the site owner...
This option could be used if your users are new to SharePoint, pending training for them
to be more confident in sharing, or simply because you really want to prevent them
from sharing.
Access Requests
If you observed the screenshot above, we also had Access Requests turned on by default.
What is this?
This feature has been around for a while, and is better that the dreaded "Access denied"
message with no possible interaction whatsoever! Although there is more configuration
to be done in SharePoint on-premises, everything is ready to go in SharePoint Online!
We don't have to worry about anything else than choosing who should receive those
requests, add a custom message for the requestor, and review the pending requests.
Site Owners
Specific email
To know more about how to configure Access Requests, have a look at the official
Microsoft documentation: Set up and manage access requests .
So we'll hear about Sensitivity labels, Retention labels and policies, Data Loss
Prevention (DLP), Sensitive info types... But where are those? Well, they are managed in
the Security and Compliance Center.
Should I manage and create those as a SharePoint Administrator? Probably not. This will
require someone with permissions to the Security and Compliance center, as well as the
knowledge to create labels and policies.
Conclusion
As we've seen throughout this article, SharePoint security is not only a matter of having
SharePoint admin permissions. It definitely is a team effort where so many other roles
are involved!
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Security within Microsoft 365 is not just about enabling features and controls; it also
involves the human side of teaching and guiding users to understand the restrictions
and what they should be doing to help. Organization Security is a combination of
Security Controls and Protection, combined with end-user training and guidance.
Security Licensing
With all of the Microsoft 365 services, many-core security components come with the
standard licensing. Features, such as the Security Defaults, are included in core licenses;
however, most advanced Security capabilities are not. These features are either available
as separate add-on licenses or bundled into the either the Enterprise Mobility +
Security E3/A3/G3, Enterprise Mobility + Security E5/A5/G5, Microsoft 365 E3/A3/G3,
Microsoft 365 E5/A5/G5, Microsoft 365 E5/A5/G5 Security, and Microsoft 365
Business Premium.
These defaults enable five of the most common security features and controls.
A caveat to using these controls is that if you have custom created Conditional Access
Policies, you cannot utilize them.
You can also choose to disable these features and create your own set of security rules
and controls, by either not enabling the Security Defaults or if they are enabled setting
the Enable Security Defaults toggle to No. Learn more about the Security Defaults
provided out of the box.
This design allows more granular control and protections that can cater to your
organizational specific configuration. The advantage to this over the Security Defaults is
that they are unique to what you need, and the level of risk you wish to accept.
It then becomes a decision on assuming the risk. If you understand the risk, then the
control for this becomes negated. Designing a Security plan for any organization will
require this level of thinking and may not provide the security level that an organization
needs.
There are ten core security controls and features, which will provide a solid foundation
for other protections that can be applied as needed by the organization if enabled
within all Tenants.
The following list of Security controls and features outlines the Business and Security
Risk, the Protection Features or Components, and links for How to Enable the required
protections.
Multi-Factor Authentication
Risk: In nearly every Data and Security breach involving a compromised account, simply
enabling Multi-Factor Authentication would have blocked the attack. Forcing every
authentication request to validate a second factor, such as using an SMS or Token, will
limit any malicious actors' ability to use the account.
Protection: Best practice dictates not to use SMS/Text messages where possible, as this
has been under attack for a long time and is not as secure as it once was. Require end-
users to install an Authentication app on their mobile devices that push the request to
the device where they can approve as needed. These applications also provide in-time
tokens that last a specific time and are available in situations where push notifications
are not appropriate or cannot work.
NOTE: Be aware that adding a single Azure Active Directory Premium (Plan 1 or Plan 2)
for an Administrator will enable the features, but not license it for every user.
Protection: The Idle session sign-out lets organizations specify when end-users receive a
warning and automatically sign out of Microsoft 365. After the specified period of
inactivity within SharePoint Online and OneDrive for Business, automatic sign-out
occurs. This sign-out activity works using end-user requests sent to SharePoint Online or
OneDrive for Business, not by moving the mouse in the browser when accessing either
service.
Users will be signed out from all Microsoft 365 services with a time specified, not just
SharePoint Online and OneDrive for Business unless they have selected to stay signed-
in. The end-user experience is different if they are inactive in other browser tabs but not
in a SharePoint Online or OneDrive for Business one; then, all tabs will stay signed in.
How: Learn how to implement Idle Session Sign-out.
Authenticated
SMTP
Autodiscover (used by Outlook)
Exchange ActiveSync
Exchange Online PowerShell
Exchange Web Services
IMAP4
MAPI over HTTP (used by Outlook 2010 and later)
Offline Address Book
Outlook Anywhere (RPC over HTTP)
Outlook Service POP3
Reporting Web Services
To help identify legacy authentication used within your organization, you can filter the
Azure Active Directory Sign-ins and validate that legacy is either required or can be
disabled.
Filtering will only show you the attempted sign-ins that used legacy authentication
protocols. To view the actual protocol used, you can click onto an entry, and it is
displayed.
How: Learn how to implement password expiration policies using the links below.
Protection: Azure Active Directory includes a global banned password list, that protects
all Microsoft 365 services. Azure Active Directory also provides organizations the ability
to add a list of banned passwords. As users change their passwords in the cloud, if the
new password matches any of the prohibited passwords, the end-user will be notified,
and they will need to change the password they typed. The custom banned password
feature is limited to 1000 words. It is not for blocking large lists of passwords.
External Sharing
Risk: External sharing of content is always a risk for any organization. Due to how
SharePoint assigns permissions and control access, data such as Personally Identifiable
Information (PII) data might get shared externally with no protections, especially if any
external email is allowed. SharePoint External Sharing is a top-level configuration setting
which controls sharing content from SharePoint to anyone, including non-corporate
accounts. This setting is available at the Tenant organization level, which is utilized at
lower levels within Office 365 unless set explicitly at the application level.
Protection: Microsoft 365 provides external sharing settings at the tenant and
application levels. The decision to modify these settings should be business-related.
Setting this to Only people in your organization, limits external sharing capabilities.
Content can then only be shared using accounts that already exist within the existing
Azure Active Directory, whether internal users or external guest accounts. Adding
external accounts then becomes a controlled process.
Protection: Azure Active Directory Smart lockout uses cloud intelligence to lock out
malicious actors trying to guess end-users passwords. The intelligence platform
recognizes sign-ins from valid users and treats those differently from those that
attackers and other unknown sources. The smart lockout can lock out the attackers yet
still allow users to continue to access their accounts. Smart lockout is on by default
within all Azure Active Directory instances; however, organizations can customize them
as needed. The default setting is ten failed sign-ins, with the recommendation to set
lower as required and in conjunction with the organization.
Protection: Microsoft 365 provides rules that ensure an organization's data remains safe
or contained in a managed app. These policies can include rules that block the user's
attempt to access or move corporate data or are a set of prohibited or monitored
actions users can perform when in the app. Mobile application management policies are
independent of a Mobile Device Management (MDM) solution and do not require
enrollment of devices.
Using Mobile application management (MAM) policies will require end-users to have a
license for Microsoft Intune assigned to their Azure Active Directory account.
Protection: Exchange Online provides the ability to enable client forwarding rules and
disable them. There are three core options:
Protection: Azure Active Directory provides two core protections to mitigate the risk.
When modifying how end-user consent applications, organizations can choose from
three options:
How: Learn how to manage end-user and administrator app consent, use the links
below.
Security Considerations
With any security configuration, they are only as good as the attacks that are known.
New attack types are surfacing almost daily, which could make these controls ineffective.
To help mitigate Microsoft 365 provides multiple logging capabilities and reports. Some
are straight reports or log entries; others provide feedback or even instruction on how
to mitigate.
It is essential to continually monitor and review these reports and logs, not only to
ensure they are working but also to implement further controls and capabilities as they
are needed.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
"Guest", such a beautiful word. In my humble opinion Guest Users is one of the most
valuable assets we have, and learning how to best collaborate with Guest users is an
essential skill set.
Lucky for us Microsoft with the continuous innovations in Office 365 makes the process
more seamless everyday.
1. Verify that Sharing is enabled for the tenant in the tenant Admin Center.
2. Verify the Office 365 Group allows users to invite guests by checking the boxes to
let group members outside your organization access group content and let group
owners add people outside your organization to groups.
3. Verify in the SharePoint Admin Center that guest sharing is on and set the way
your governance dictates
1. Owner | Full control of the Group, and Site Collection Administrator of the backend
SharePoint Site
2. Member | Edit permission to the Group, and member with "Edit" rights to the
backend SharePoint Site
1. Site Collection Administrator | Full control of the SharePoint site plus access to Site
Collection settings
2. Site Owner | Owner permission to the site but cannot control some features in the
Site Collection
3. Site Members | Edit permissions to the site, this allows the users to also modify lists
4. Site Visitors | Read only permissions to the site
Differences when in use
It is easy to see who is a guest in Teams: all guests will have (Guest) appended to
their user name
In SharePoint you have to check the email address to verify a user is external (a
guest)
In SharePoint (Groups) you can't add an external guest as a member of the O365
Group, this has to be done through the Outlook Web App (OWA), but you can
share the SharePoint site only
Currently there is a number of things you can't do in Teams that force users to "navigate
to SharePoint"
Use case #1
Imagine you have a "Private Project Team", that is restricted to members:
You need owners and members, this can easily be managed by Teams
If you have Guests that are members of the project, you can easily invite them to
your Team
Use case #2
Imagine you have a "Private Project Team", that is restricted to members but have some
content that need to be reviewed by someone who is not a member of the project, and
cannot be added as a member to the team for any reason.
You use Teams to add/remove members as needed to your project, including guest
users
You then use SharePoint to share any content to any other users who are not a
member, both internal and guest
Use case #3
Imagine you have a "Private Project Team", that is restricted to members, and you need
to add guests to the project to collaborate on all files but don't want them to have
access to the Teams Conversations or other Teams connected apps.
You use Teams to add/remove members as needed to your project, including guest
users
You then invite the "others" external guest to the SharePoint site only as members
You can, of course, share the SharePoint site with visitors to allow read-only access
to all content
Follow the guide below to achieve this, as pr. my knowledge you will need Global
administrator right to achieve this.
Useful resources
Manage guest access in Office 365 Groups
Adding guests to Office 365 Groups
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Teams "shared channel" is one of the greatest, if not THE Greatest new feature released
to Teams in 2022.
After you have enabled shared channels and created your first shared channel, there are
a couple of things which are good to know.
7 Note
Beware that as this feature is in "Preview" the information below might change.
When you add the same user to a shared channel, that external user will be labeled with
"External", meaning there won't be a "conflict" related to the user for this channel.
After the External user is added, in their Teams client they will receive a notification and
the External team will show up. This works almost instantly for the user.
This is also super sweet, as the users don't need to switch tenants.
Collaborating in chats will show an "alert" with a message about the "shared channel".
But for shared channels, the "External" user only exists as an external user to that shared
channel. Currently, there are three places where we can see those external users:
But it doesn't mean that the permission page is not there. Navigating to your shared
channel site with the extra url /_layouts/15/user.aspx will take you to the classic
permission page you're used to.
Here, you can see your External users with their "ObjectId" and "HomeTenantId".
Tips and tricks before enabling shared channels
for production
1. Review your user training, and make sure everyone knows the difference between
"Guest" and "External" users.
2. Beware that currently the External user can't be managed outside the Teams
shared channel settings, as far as I know.
3. I presume/hope MS will give us a GUI for external users before GA. If not we can
create a PowerShell script to get this information from SharePoint Online, from a
governance perspective.
4. If you plan to use Shared Channels, make sure you update your governance
policies.
Resources
Andrés Gorzelany - Enabling Teams Shared Channels 101
Shared channels in Microsoft Teams (Preview)
B2B direct connect overview (Preview)
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Security teams are typically focused on Microsoft 365 Security and Compliance:
Retention Polices, DLP, Azure Information Protection (AIP), Labelling, etc. – and this is all
good stuff – but what about people moving data (internally and externally) using Power
Apps and Power Automate?
In Defining a Power Platform Environment Strategy I wrote about the concept of using
Power Platform environments for Application Lifecycle Management (ALM) purposes
and provided some examples of when it might be appropriate to build out from the
single Default Environment that is created for each and every tenant. I purposely kept
this simple and excluded other factors that may influence or complicate matters further,
however DLP Policies may influence your strategy.
To follow on from that post, and assuming the concept of ‘Environments’ is better
understood, the next step is to ensure your Power Platform is secure.
Note: Power Platform DLP (Data Loss Prevention) policies are not the same as Microsoft
365 Data Loss Prevention (DLP) policies!
These services include the Microsoft “Standard” connectors (some 25+) such as
SharePoint and Outlook and “Premium” connectors which connect to other line of
business applications such as Google G-Suite, Box.com and DocuSign, which require you
to have either existing credentials or a subscription to authenticate to them.
Note: To create a DLP policy, you need to be a tenant admin or have the Environment
Admin role.
Specify how you want this policy to be deployed. In the scenario of allowing a single
business application to use a non-Microsoft connector, you would use the ‘Add multiple
environments’ option to allow you to select the specific environment(s).
Select the environment(s) you wish your policy to apply to.
Note: DLP policies enforce rules for which connectors can be used together by
classifying connectors as either Business or Non-Business. If you put a connector in the
Business group, it can only be used with other connectors from that group in any given
app or flow.
Recommendation
It can get relatively complicated when defining your DLP policies, and certainly a
consideration that plays a part of defining your Power Platform Environment Strategy,
but my recommendation for a day 1 policy is to block everything you can (Note: you
can’t block the Microsoft connectors!) and only allow access where there is a justifiable
business reason.
If you want to get clever, then creating DLP policies that are deployed to specific Power
Platform Environments and allow access to a single connector such as DocuSign solely
for the purpose of a Power Automate solution that runs on your Contracts Management
document management site, would be an option.
Further Reading
Microsoft: Data loss prevention policies
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
For most organizations using Microsoft 365, guest management is simply not a
"manageable" task with the tools they have. Most administrators feel ill-equipped to get
a full understanding of the extent of guest access within their tenant, let alone make
decisions on whether current guests and their access are still legitimate, or not. As
collaboration scenarios grow in complexity, organizations mature in their usage patterns
of the Microsoft 365 platform, and digital security becomes an increasingly scrutinized
part of the enterprise – the challenge of managing guests is reaching a tipping point
where it can no longer be ignored.
Guests are easily "forgotten" and retain lingering access to Teams, sites, apps, and
content long after they need it. This presents a significant potential security risk,
especially as new users join the sites or Teams and begin to add content to sites or
Teams they assumed were private.
We often know little to nothing about guest accounts, meaning it is easy for users
to share the wrong content with the wrong person. This again presents a
significant possible security risk.
Many organizations do not archive or decommission sites or Teams that are no
longer active. For internal users, this amounts to noise, but for guest users who
retain their access, this can have more serious consequences.
Many guests never even redeem their invitation to collaborate with your tenant,
but by virtue of being invited, they exist in your Azure Active Directory and can be
selected again as a guest via search.
Lack of controls and governance policies at the tenant or Microsoft 365 Group
levels may have led guests to be inadvertently granted access to more than the
sender realized.
In the vast majority of cases, there is a lack of a "reporting structure" for guests,
meaning no one within an organization is assigned the role of
managing/sponsoring/overseeing a particular guest. This general lack of
responsibility and accountability often means disorder.
Even once guest policies are put in effect (e.g., Guest Group Setting in PowerShell,
or Sensitivity Labels), existing guest users are left behind in these sites or Teams.
4. Under the Review Type tab, select the Type of Review being created (Teams +
Groups, or Applications).
5. Configure the Review Scope and if desired, choose whether to include only
Inactive Users and specify an inactivity day threshold (e.g., 30 days).
6. Under the Reviews tab, select the way the Reviews shall be carried out. The options
below show a review beginning immediately, on all sites or Teams with Guests, and
subsequently, repeat the process on a Quarterly basis. We've opted for a multi-
stage review (Note: Multi-Stage access reviews are currently in Preview) where our
first stage will ask Guests to perform a Self-Review, followed by a second stage
performed by Team Owners. We also specify a Fallback Reviewer (Adele Vance) if a
Team Owner cannot be found. You should create the review based on your
governance rules.
7. At the bottom of the tab, select the scenarios that can progress from Stage 1 to
Stage 2. In this case, any guest who has decided during the self-review that their
access can be removed need not continue to the second stage – only guests who
believe they still need access or did not provide an authoritative answer should
proceed to the second stage.
8. Under Settings, determine whether you wish to use 'Decision Helpers' and what
should occur if reviewers do not respond to the process.
Resources
What are access reviews | Microsoft Learn
MAU billing model for Azure AD External Identities | Microsoft Learn.
7 Note
This is an open-source article with the community providing support for it. For
official Microsoft content, see Microsoft 365 documentation.
Outlook Spaces is now officially in preview and like many others, I wondered which
place in Microsoft 365 it has and how users can benefit from it.
You can access Outlook Spaces in Outlook on the web. Right now it's likely that you will
need to log in with your personal account to try it out as only a limited number of work
accounts are enabled for that. Remember, it's still in preview but still worth a try. Find
Spaces/Project Moca in the module switcher on the lower left hand corner of Outlook
on the web. If you can’t see it, click on the '...' ellipsis.
Additional information for admins: This feature is shipped off by default. You can enable
it via PowerShell. For reference check Set-OwaMailboxPolicy.
Which use cases will Outlook Spaces serve
Following its purpose of making organizing all the different workloads a bit easier,
Outlook Spaces is a nice feature of Outlook on the web that allows users to have one
big overview to see the whole picture of their work in one place. Many users ask for that
single pane of glass - we know this pretty well from years of discussion about the 'when
to use what' question in Microsoft 365. Having a personal space to track and organize
what matters to you without relying on different structures that others defined for you
(e.g. in different Microsoft Teams teams) will take into account the unique needs of
users. Project Moca enables people to group information, tasks, files, and more in a
context that makes sense to them as an individual. This ensures that they build their
own visual synopsis in a digital tool.
Exchange Online
To Do tasks
Outlook Spaces integrates with Exchange Online, which is why you can add and manage
Microsoft To Do tasks in your canvas.
Notes
Notes in Spaces will be stored as notes in Exchange Online as well and can be accessed
via:
People
You can add people cards to Outlook to have the contact information of relevant people
in place.
OneDrive
You can add files from your OneDrive as well as from BOX, DROPBOX or GOOGLE DRIVE
to your space which means that you don't have to make hard copies of files, but instead
add a link to a document. This allows you to benefit from having a living document,
regardless the platform. Please note that you can't add files that are shared with you but
are stored in another users OneDrive. What you can do is add those files as a web link.
shall I use email, a Teams message, a Teams channel message, or a Yammer post to
start a conversation
shall I use To Do or Planner for managing tasks
shall I use OneNote or Microsoft Whiteboard to take notes and ideate
shall I use PowerPoint or Sway to present and tell stories
The response will always include an 'it depends' and then a more or less long
explanation that different scenarios and goals will lead to different requirements and
therefore a different set of tools that a user will use to accomplish his/her goals more
easily than with others. Users often ask for that 'one tool to rule them all' and until now,
the answer regarding task management was always Microsoft To Do, as it is an
aggregator of:
my own tasks
my group tasks (that natively live in Planner boards)
external tasks (that sit in emails)
The ability with Power Automate to add To Do tasks also for selected messages or for
messages in which a user is @-mentioned extends and supports To Do's approach to
not only be an easy to use personal task management tool, but also serve as an
aggregated view on all tasks across Microsoft 365 a user has to deal with - regardless
where the tasks live.
As Outlook Spaces lives in Outlook on the web which natively connects with To Do,
users can now seamlessly create their canvas to get their personal overview.
Outlook and email have been misunderstood for quite some time. It's not that email per
se is something bad or old-fashioned. We just need to identify good use cases for email.
Email is the least common denominator when it comes to exchanging information. It's
meant to be the service that we use if we don't know which platform for collaboration
our counterpart is using or if we don't share a platform to collaborate. Mostly, this
applies to external people like customers, vendors, etc. If work items still exist in Outlook
as events to work toward and emails to follow up with and (To Do) tasks to accomplish,
it can be hard to get a transparent overview on your own workspace as there is no
personal dashboard - until now.
Teams channels are designed for teamwork, to securely collaborate and have all
information, tasks and resources in a specific work context.
Outlook Spaces are a visual dashboard over a single person's work to help a specific
user to see the big picture.
For IT Professionals
Additional resources
Learn more about other Microsoft 365 features and resources.
Get the free partner kit Join the partner webinar series
Practical guidance and go to market resources for Learn how to drive upsell and grow your business
partners for securing hybrid work. with Microsoft 365 Business Premium, Microsoft
Defender for Business, and Microsoft 365
Lighthouse.
c Set up multi-factor authentication on devices c Protect against phishing, malware, and other
threats
c Install Microsoft 365 apps on all devices
c Know what to watch for in email content
c Protect unmanaged Windows PCs and Macs
c Encrypt or label sensitive email
e Set up and secure managed devices
c Use Microsoft Teams for collaboration
e Share files and videos in Microsoft Teams or
SharePoint
TRAINING QUICKSTART
Build your skills with Microsoft Get your small business started
Learn training with Microsoft 365
See more
T
Education IT Developers