Microsoft 365 is consists of many products and tools. It combines productivity tools as well as security tools. Therefore, while evaluating it we must conduct an integrated Microsoft 365 Pilot.
Here are the guidelines:
Microsoft 365 Pilot guidelines
These are not step-by-step instruction. It is a set of items you must consider while planning and executing your pilot. You can customize the exact evaluation as per your organizational needs.
- Evaluate the entire Microsoft 365 E5 product offering
- Whether you are going to purchase the full product set or not, evaluation must be done with the entire platform
- This is because all components in the M365 E5 stack are designed to work in an integrated manner.
- If you do the evaluation on a subset of tools, you will learn about the benefits in a fragmented manner.
- This type of Microsoft 365 Pilot evaluation is flawed, inadequate and misleading.
- This way, we get leadership visibility from day 1
- From a security point of view, the leadership team is the weakest point. Including them in the pilot increases their awareness about security issues.
- It also ensures that all features are evaluated without compromising the convenience and productivity. In the absence of leadership involvement, the evaluation tends to be IT centric – which leads to expectation mismatches during actual deployment and adoption.
- Including a decision maker also helps in future adoption of the platform.
- Entire Microsoft 365 E5 stack
- Desktop with entire Office 365 Pro Plus apps
- Mobile devices with all Office 365 mobile apps installed
- Document creation on desktop, mobile and browser
- Identity protection with MFA on desktop, browser and mobile
- Threat protection on desktop as well as mobile
- Devices which are outside the corporate network
- Document classification for Office as well as OneDrive and Teams
- Email on mobile, desktop, web access and external parties
- Collaboration for internal as well as external users
- Compliance for all types of data – Office, Teams, OneDrive, Emails, Chat, Conversations, Notes and external apps
- Include unsanctioned apps to check the discovery features of CASB
- Security and Productivity must work together
- The only way to ensure this is to make a regular user test every evaluation from a simplicity and efficiency point of view
- If you do not include users in the Microsoft 365 E5 pilot, you will only get a one-sided, IT point of view.
- In order to get M365 E5 benefits, it is not necessary to move completely to the cloud.
- Lot of benefits are accrued by working in a hybrid mode
- However, if you are purely on-premise, there is no benefit at all
- Once you see the amazing improvement in your manageability, security and productivity by using the cloud integrated platform, you will be able to migrate in a confident and informed manner.
Evaluation should be comprehensive.
Procurement can be selective.
- Do not use simple username / passwords. Use MFA
- For Windows 10 devices configure face sign-in if your hardware has Windows Hello compatible cameras
- If not, use Windows 10 pin for logging in
- Make sure you enable Windows Hello for business in Azure AD
- Use different type of devices, IP address ranges, locations and login types
- Configure automated policies for testing unsafe logins and vulnerable devices
- Evaluate Office 365 application level conditional access as well – especially for OneDrive, Teams and SharePoint
- External sharing using Links is SAFER than sending attachments
- It also prevents users from indulging in shadow IT
- Use appropriate controls to ensure guest access is managed in a compliant manner
- Try Guest user Expiry and Activity Audit and Guest review features
- Use Cloud Access Security to get live visibility into user activities for cloud applications
- Microsoft 365 E5 pilot should also be conducted on real user machines to discover Shadow IT.
- This cannot be done on the test setup.
- Give the proxy server log as input for Microsoft CASB and let it discover shadow IT within your internal environment.
- Throughout the Microsoft 365 Pilot, look at the scores and perform recommended actions
- Monitor the improvement in score and appreciate the automatic actionable information which the platform provides out-of-the-box
- Microsoft 365 pilot has a dual purpose: One is to evaluate the Microsoft platform, but equally important is to compare and contrast it with solutions from other vendors which you are currently using.
- The significant reduction in the manual work involved in purchasing, managing, maintaining and operating multiple products itself is an important benefit of using the Microsoft platform.
- This is because in Microsoft, productivity and security tools work together
- If you compare them with competing products in isolation, you are getting a lopsided and skewed view of the feature set.
- Integration is the key feature of Microsoft – which no other platform offers. This topic is missed in a typical feature by feature comparison. Avoid this pitfall.
Give me your feedback about this Microsoft 365 Pilot methodology
The process outlined above is based upon my experience of working with many customers. Of course, you may have your own opinion and methodology. Feel free to post your comments. I will update the content based upon reusable and globally applicable inputs based upon your comments and suggestions.