Introducing Compliance Policies for Better Microsoft 365 Governance

by | Oct 14, 2021 | Blog, Compliance, Home Page

ProvisionPoint Workspaces has had several significant feature milestones over the years, including the first iteration of Teams provisioning and the launch of the API.  

But the introduction of compliance policies might well be our most significant feature to date. 

How do we know this? Because it is something our customers have been asking for and we are always led by our customers. We also know, that despite the excellent flexibility offered by Actions for management of Sites and Teams, more was needed to enhance our compliance features.

Addressing Governance Challenges with Compliance Policies

Before I explain more about the functionality, lets understand the governance challenges we are seeking to address with Compliance Policies. These can be summarised into a single word – “change” – and more specifically, taking action on certain changes to Groups, Sites and Teams.  

Change can come in several forms to a workspace during its lifecycle, whether that be initiated by the Owner or by an external factor. Where management of change fits into governance is that, as a result of a change, the workspace no longer conforms to the governance rules defined by the organisation. Put more simply, information in a workspace has been put at more risk because of a change.

When designing Compliance Policies, we started by looking at what types of changes were most important to organisations. This is where our customers once again came in. By a significant margin, the most important change for them was one associated with workspaces, when one or more of the defined Owners had left the organisation. In this scenario, most organisations will block the sign-in, commonly referred to as “disabling the account.” The associated governance challenge is that without clear Ownership, a Site or Team will not be managed effectively managed nor archived when required.

It might be fairly easy for an organisation to manage a single Team where one of the Owners has left the organisation. However, keeping on top of hundreds of Teams and thousands of users is a completely different situation. Teams can be forgotten about, or “orphaned,” where data is not appropriately archived and users are left in confusion about what information is current. This is where Compliance Policies come in, where rules can be defined to check for disabled Owners in Teams and various actions can be defined for when they are found. These actions can either be automated to replace the disabled Owners or reporting to key users to take action.

Configurable Compliance Policies

Like all features in ProvisionPoint 365, Compliance Policies are configurable to meet individual customer needs, with capability for notifications and extensive API. We will also continue to grow the capabilities of Compliance Policies over the next few weeks with new rules to check for changes to Teams, including security, naming and ownership. 

We are really excited about our new Compliance Policies – if you would like to see a demo then please get in touch.

Learn More About ProvisionPoint 365