Recently our team at Concurrency had a meeting with one of the Program Managers at Microsoft for Office 365 Groups and this spurred a conversation internally about how the team is helping customers use Office 365 Groups. After spending hours in my own lab developing training material around the Enterprise Mobility Suite as well as using Office 365 Groups, a new twist to an age-old problem of collaboration and management appeared that has seemingly haunted teams and departments. Using Microsoft’s approach of self service and some new (well, not SO new, maybe 12-18 months old) technology solves this dilemma with the modern tool of Office 365 groups.
So let’s dive into. We have a test customer that currently has Office 365 E3 CALs for their users. They just implemented Office 365, and in an effort to improve productivity they have an Accounting department which their own Office 365 group. Remember for now Office 365 Group are purely “In Cloud” – there will be a conversion process eventually to convert distribution groups to Office 365 groups (see the Roadmap – https://fasttrack.microsoft.com/roadmap).
Office 365 Groups is a tool for addressing collaboration in our modern age – messages via Outlook and Exchange Online, real-time team chat via Skype for Business Online, and document collaboration via SharePoint Online. The best experience right now out there is via OWA in my opinion.
You can’t receive messages directly from the outside world to Groups however there are a number of Connectors Microsoft has already baked in (one of which is Twitter)
Now we bring the Microsoft My Apps portal (http://myapps.microsoft.com) into the picture, which is a big win for Administrators, in that Office 365 Groups are self-service. But how is it a “win”?
This frees them from the normal user life cycle and puts more oneness on the managers themselves – since they are normally the first ones to know when someone is hired or when someone leaves. In our customer scenario, our new user actually requested access to our Accounting group and received an email stating their membership request was approved…… here’s where the My Apps story improves upon Office 365!
The My Apps portal is essentially the Software as a Service (SaaS) front end that is powered by Azure Active Directory. Everyone in the Microsoft Business Cloud, aka Office 365, has an identity that is powered by Azure Active Directory on the backend. There are limitations (https://www.microsoft.com/en-us/cloud-platform/azure-active-directory-features) with Office 365 and their integration of the 10 free SaaS apps, so this is where the Enterprise Mobility Suite (EMS) continues the story because it includes Azure Active Directory Premium, unlimited SaaS applications, and the whole plethora of authentication stacks at their disposal. Not to mention, my favorite, the Cloud App discovery story (https://azure.microsoft.com/en-us/documentation/articles/active-directory-cloudappdiscovery-whatis/) for finding SaaS applications in an environment.
For our customer scenario we’ve setup the Accounting group to have access to Paypal. Control who has access to the company’s PayPal account. But the best part? They use their Active Directory credentials and never have the account’s password. That makes it easy for you to add and remove who has access, and it’s all “same sign on”.
Fundamentally all users can access the My Apps panel and look at the Office 365 groups that are setup in the organization (by visiting https://myapps.microsoft.com). As Administrator can create a group (or if we’re brave, allow anyone in our organization to create an Office 365 group – most don’t however) and assign users as Owners to the Accounting group. Then the ownness is on a manager, etc them to control who has access to the group, without involving Administrators.
With Office 365 Groups we have the option for content to be Public to anyone, but in most situations we see in the field, they’re only allowing members to see content. And we’re turning off “email forwarding” to member’s mailboxes in order to keep data consolidated to one place. Once we “jump that wall” then we end back up in the dilemma of managing data for a team or department.
While an Administrator may not allow users to create Office 365 groups, ALL users have the ability to join a group from the list of groups currently in the organization.
Traditional groups do not have that capability. Remember that self service (and group write back for the Azure Active Directory Premium users in the house) is only a feature of Office 365 groups.
So In closing, by using a modern tool in Office 365 Group and in conjunction with the My Apps portal for easy group enrollment and management, organizations can empower their teams and departments the flexibility to manage data and communications within very simple means.