Whether you\u2019re adopting a new cloud platform or moving away from an on-premises solution, Microsoft 365 represents a powerful and versatile platform comprising some of the most robust productivity tools on the market.<\/p>\n
But before taking the plunge, a successful migration takes careful planning and consideration. We will provide you with the knowledge you need to smoothly navigate the transition, starting with the questions you need to ask before a Microsoft 365 migration in this guide.<\/strong><\/p>\n All you must do is create a Microsoft 365 tenant, synchronize Active Directory, migrate mail and sites, and you\u2019re all set, right? Not exactly. People often don\u2019t have the right or enough information about all the decisions required to implement this cloud solution.<\/p>\n Migrating to the cloud using Microsoft 365 is not a single decision. It actually requires a lot of decisions, most of which impact not only your IT staff but also your end users and budgets.<\/p>\n Below are the questions we most frequently ask clients to ensure there\u2019s a complete understanding of the diverse topics and scale of required implementation efforts:<\/p>\n Before moving to the cloud, it\u2019s important to know what Microsoft 365 features you need or want. Some of the available features include:<\/p>\n Does your network have the capacity to migrate existing mailboxes and identities to the cloud while continuing day-to-day business without performance issues? Will that still be the case when users begin to synchronize their OneDrives, too?<\/p>\n Before you start migrating users, be certain you prepare your network by using Microsoft\u2019s tools for planning and performance<\/a>.<\/strong><\/p>\n In most cases, we\u2019ve found that companies synchronize their on-premises Active Directory to the cloud. But is that enough?<\/p>\n To federate with Microsoft 365, you might need to use a third-party identity provider solution or upgrade to a more comprehensive version.<\/p>\n We have also found that most of our clients cannot meet their company\u2019s security requirements regarding mobile device management using the default settings in Microsoft 365. For enhanced mobile security features, look to Microsoft Defender for Endpoint<\/a>.<\/p>\n The most underestimated and under-planned category of decisions concerns who will support which parts of the Microsoft 365 platform.<\/p>\n Read the administration roles<\/a> available at the platform level alone to better understand this undertaking. Along with Help Desk, business analyst, developer, and other subject matter experts, the support organization will require retraining or repurposing existing staff and possibly even new hires, which may prove difficult to find.<\/p>\n Most companies discover the questions they forgot to answer when their users locate and begin to use features that no one planned to use. To avoid shadow training and hacks that users will find on their own \u2013 as well as the security of the company\u2019s data \u2013 plan for training, not once, but continuously.<\/strong><\/p>\n The Microsoft 365 platform<\/a> is more fluid than static, and the support team can pass on changes they realize to the training team for circulation to users.<\/p>\n Because Microsoft 365 is constantly changing, you can expect quarterly platform updates and regular updates on additional features. That means it will be critical to rely on a governing body to manage the Microsoft 365 roadmap<\/a> and administration console message center.<\/p>\n The purpose of a governance or steering committee is to review current policies and determine the need for new policies. Your committee should meet regularly and include stakeholders from IT and business departments. This is vital to the overall management of the platform and user satisfaction.<\/strong><\/p>\n These questions are only a start. They are examples of the range of questions and topics you need to consider before you leap into the cloud.<\/p>\n Once you know the answers to these questions, you can start planning your Microsoft 365 migration, which can\u2019t happen without security.<\/p>\n Many organizations take great care in securing their networks by not allowing outsiders in, but they do nothing to secure the data leaving the network through instant messaging, email, and mobile devices.<\/p>\n With a couple of clicks, you can quickly toggle on and off the ability to share Microsoft 365 services with an outside organization. Microsoft 365 does a decent job inherently of limiting access to services and information to those users who should have access.<\/p>\n Microsoft 365\u2019s built-in multifactor authentication is an easily implemented security solution that takes the basic measures a little further. All of this requires little in the way of initial planning. But there\u2019s more to consider when thinking about security.<\/strong><\/p>\n A significant concern in any organization, regardless of size, is ensuring that data is not intercepted or accessed in error by unauthorized individuals. This kind of protection requires much more planning and forethought because it involves all users, policies, and the complete lifecycle of a document or artifact at a company.<\/p>\n Here are a few security options to keep in mind during your Microsoft 365 migration:<\/p>\n This doesn\u2019t even require planning! Microsoft has policies and processes that limit physical data center access, so only authorized staff are allowed inside. You can encrypt storage devices so that even if they are stolen, no one can access the data.<\/strong><\/p>\n Finally, the data is encrypted, both in transit and at rest. The platform itself is inherently secure, and the best part is that you will no longer need to have on-site infrastructure and support, which could equate to millions of dollars in savings year on year.<\/p>\n As mentioned above, these settings in the Microsoft 365 admin center allow you to share resources with external users. An external user is someone who does not have a user account in an organization\u2019s Microsoft 365 directory.<\/p>\n Some items you can share with external users or organizations are:<\/strong><\/p>\n You can switch some Microsoft 365 collaboration sharing features on or off for the entire organization, and when switched on, you can also set them for individual users or groups.<\/p>\n Careful planning in this area prevents users from sharing what they aren\u2019t supposed to. Information governance will help secure the data further.<\/p>\n This requires preparation, not only to define sensitive data but also to explain how people can use it. This also includes Litigation holds<\/a>, eDiscovery, and the preservation of data after a user leaves an organization.<\/p>\n There is a limited and varied amount of time companies can recover data if a user becomes unlicensed from Microsoft 365, or they delete the login account. Organizations must prepare for this eventuality.<\/strong><\/p>\n Microsoft 365 logs every action a user or administrator takes. Audit logs are available in the Microsoft 365 Defender XDR and Purview admin centers for several categories<\/a>. Here are a few of those categories:<\/p>\n Ensure you have a plan in place to monitor and govern these activities.<\/p>\n Microsoft 365 compliance and trust tools and services focus on threat management, data governance<\/a>, search and investigation, and reporting for all of these. Here are a few of the security and compliance tools you can add to your Microsoft 365 subscription:<\/p>\n This is the heart of information governance planning and policy enforcement. These two topics will need to include representatives from IT, executive management, legal, security, and most likely, the businesses as well.<\/p>\n Microsoft has done, or is doing, more every month to ensure the security of a company\u2019s data. However, you need to do more, and companies using Microsoft 365 must assume responsibility for their part in planning to protect their data. One area you cannot forget about during their Microsoft 365 migration is mobile device management.<\/p>\n When migrating or deploying to Microsoft 365, it\u2019s important to consider mobility options. If you don\u2019t implement mobile use policies, then all devices will have access to all of Microsoft 365 through mobile apps and browsers.<\/p>\n That means that with their credentials, any user can access their company\u2019s Microsoft 365 data with the use of any device and from anywhere that has a connection to the internet.<\/strong> That also means users can move that data \u2013 files, email, or other types of data \u2013 to other locations. Everything is even easier thanks to mobile apps.<\/p>\n But, with no protection, organizations face security risks. How can organizations effectively manage this?<\/p>\n Microsoft 365 uses Intune for mobile device management (MDM) and governs any device that attempts to connect to the corporate tenant, forcing the devices to enroll in MDM so your security team can monitor them. Note users cannot enroll Apple devices until configuring an Apple token and certificate for the Microsoft 365 tenant.<\/p>\n Let\u2019s take a deeper look at Microsoft 365\u2019s mobile device management and security policies.<\/p>\n Mobile device management allows an admin to perform the following:<\/p>\n It\u2019s important to put security policies in place so you can control the flow of information.<\/strong> Security policies<\/a> can include blocking unsupported devices from connecting to Exchange and exempting individual groups from all policies.<\/p>\n Some device security policies include:<\/p>\n Intune answers the question: \u201cCan users connect from their mobile devices, and if so, what are the basic requirements for those connections?\u201d<\/p>\n The idea, of course, isn\u2019t to disallow mobility as a whole but rather to govern and enforce policies in concert with data loss prevention (DLP) policies.<\/p>\n There are also many third-party identity and device management options. If your organization is federated using Microsoft Entra ID, then it\u2019s possible to define access policies that will limit \u2013 among other restrictions \u2013 access by users using http(s) or users not on the network. This eliminates browser-based access by a device to Microsoft 365 \u2013 another porthole through which the company\u2019s vital and most confidential data could escape.<\/strong><\/p>\n Finally, Microsoft offers full protection and resolute device and policy management using Microsoft Security for Enterprise. There are several suites and a la carte options you can customize to your organization\u2019s particular needs. These require careful planning, however, like everything in Microsoft 365, to balance security and adoption.<\/p>\n Security is vital, of course, but successfully managing Microsoft 365 takes more than preventing a data breach. After your migration, how will you ensure that your service is continuously available and safe beyond security?<\/strong><\/p>\n If Microsoft\u2019s data centers and Microsoft 365 are ever completely offline, we\u2019ll be more concerned about our survival skills than the cloud. Aside from Armageddon, though, Microsoft 365 has enough built-in redundancy that unexpected outages are rare.<\/p>\n There are, however, key service health features that can help you ensure your organization is covered on basic insight, usage, security, and updates:<\/p>\n Of course, if you don\u2019t want to invest in developing reports for health and usage, you can use System Center, a Microsoft 365 management pack you can plug into Microsoft\u2019s enterprise configuration and monitoring system, which has been proven to work well over the years. If you already own System Center, check into it first.<\/p>\n Now that you\u2019ve established the security and health of your Microsoft 365 migration, there\u2019s one big topic left to tackle: adoption.<\/p>\n Users are creatures of habit. They\u2019ll use what they\u2019re used to. They don\u2019t like change, especially if they can adequately do their work with the tools they already have. Or if they cannot see the value in learning a new tool.<\/p>\n Think of an accountant. They have enough to learn on a regular basis, and their focus is on the end results. So, a new piece of software or a new process is not as important to them.<\/p>\n They might even prefer to stick to the familiar way to accomplish tasks. Especially if there\u2019s a learning curve to using it or it might put their data at risk. So now you need to sell your team.<\/p>\n You\u2019ve gotten this far in the cloud migration process because you\u2019ve already sold the c-suite on the benefits, cost savings, increased security, and personnel repurposing that result from moving to a cloud solution.<\/strong><\/p>\n But what happens if users don\u2019t buy into your idea and businesses invest in alternative solutions? If you don\u2019t want to end up becoming repurposed personnel, here\u2019s what you can do to get your users on board with the change:<\/p>\n You know your users best. But, typically, if you can get your users to believe the new software makes their work lives easier \u2013 and they have the tools and training they need \u2013 then you have succeeded in planning your cloud rollout.<\/p>\n By asking yourself important questions upfront, considering your security and MDM needs, monitoring your cloud\u2019s health, and helping your team embrace the migration to Microsoft 365, you can empower your team members and propel your organization toward a more productive and secure future.<\/p>\n \n How to Get Started With Microsoft 365<\/h2>\n
Which Office 365 Features Will You Use?<\/h3>\n
\n
Is Your Network Prepared?<\/h3>\n
How Will You Manage Identities?<\/h3>\n
How Will You Manage Mobile and Application Access?<\/h3>\n
Who Will Support Microsoft 365?<\/h3>\n
How Will Users Learn?<\/h3>\n
How Will You Manage Change?<\/h3>\n
Security Basics in Microsoft 365<\/h2>\n
Microsoft\u2019s Stronger Security Solutions<\/h2>\n
Platform Security<\/h3>\n
Secure Access and Sharing<\/h3>\n
\n
\n
Information Governance<\/h3>\n
Awareness and Insights<\/h3>\n
\n
Compliance and Trust<\/h3>\n
\n
Mobile Device Management for Microsoft 365<\/h2>\n
Device Management<\/h3>\n
\n
Device Security Policies<\/h3>\n
\n
Governing Microsoft 365 Mobility Options<\/h3>\n
Staying Healthy After Your Microsoft 365 Migration<\/h2>\n
\n
Microsoft 365 Adoption<\/h2>\n
\n