Showing posts with label Governance. Show all posts
Showing posts with label Governance. Show all posts

Wednesday 6 March 2024

Low code CoE thoughts

Key areas to address for a Low Code CoE:

  1. Portfolio of Products
  2. People/Skills/Experts
  3. Process/ALM
  4. Platform/Governance/Cleanup/Architecture/NFR's (scalability, SLAs)
  5. Promotion/delivery/training

Consider putting project thru a Business case validation particularly over a larger projects.  Business case is how your business visualises and communicates a proposed project, should continuously be refined.  Points to cover:

  1. Business Case (Idea)
  2. Customer Segment >
  3. Value Proposition (what do they get) > 
  4. Channels (API, website,.. ) Customer Achievement (get and retain) >
  5. Revenue (how to make money)
  6. Key Resources (patches, maintenance) covers technology & data.  What tech, people needed to build and continue delivering.  Data where does it come from, quality, restrictions, relevancy.
  7. Partners (dependency e.g. AWS, Azure, Mendix, Outsytems, UiPath, Microsoft, and backup options)
  8. Cost breakdown
CoE needs to clearly understand is boundaries and responsibilities.  WIP

Tuesday 3 December 2019

Microsoft Teams Governance

Update 2020/07/07:  I recently watch a presentation by Rupert Squires on MS Teams Governance that provides a good introduction into Team Governance and thoughts for your MS Teams projects: https://www.slideshare.net/RupertSquires/positive-governance-in-5-steps-for-microsoft-teams

Storage: MS Teams stores data in SharePoint, exchange and OneDrive for Business (OF4F).  Each team has it's own dedicate site per team.  Chats are stored in the senders OD4B, images stored in exchange.  The Teams will provision in the location where the tenant was setup.  In the O365 Admin centre, you can see where your instance of Microsoft Teams is located, mine is in the EU zone.


If location is important to you for compliance reasons, it's important you select the correct location.  I favour the EU zone as Europe is pretty strict on data, pretty central globally to my user bases.  But it does come down to your clients needs.

All data is encrypted at rest and encryption in transit and Teams data is stored in the Microsoft Data centre for your region

MS Teams Configuration: Team admin allows for a great degree of control in allowing different users different rights.  You can turn-off feature to groups of people easily to align with your companies governance.  There are a few dials to help you get granular control.

O365 Group Naming Policies is good for controlling access.  This allows for a common easy understanding of Groups, what the group has access to .

Sensitivity Labels/Azure Information Protection - very useful

Team Creation Thoughts - Should anyone be allowed to create your teams results in complex scenario that has be to governed and brought back under control.  Too much restriction results in people not using teams and potentially using shadow IT to achieve their goals.  Privacy must be appropriate, public vs private, don't allow people just to go for public because it sounds more open.  Each team should have a purpose, likely to have an end date (not always).  Don't just follow org structure.

Teams is not a replacement to all tools but it works best if you work out the right tool and often Teams can replace a variety of tools in large enterprises.

Teams should be using Teams instead of Email.  This is generally how one can tell if teams are being well implemented.  For me, I want to use teams for all communications and project related file store.  Email should be last resort.  Remove Skype if you have Teams.  Consider removing Zoom, WebEx, GoTo... you have teams, use this as the chat, calls or team meeting tool by default.  Schedule meetings from Teams if possible so it's in the correct team.  The meeting is therefore context based.
Don't allow people to add any app, think about it.  The exception is possibly small companies.

MS Teams ALM: Ensure that Teams are deleted when no longer needed.  ShareGate's Apricot tool is great for getting Teams under control.  Archive before deleting a MS team if you require the data or you have to be available.  Owners can delete a Team, the Team goes into the recycle bin for the default set period (30 days maybe).  It will be gone after this including the underlying storage data.

Note: When you delete a team all the underlying corresponding data is also deleted from SharePoint, Exchange and OneDrive.

MS Teams Series:
https://www.pbeck.co.uk/2019/12/microsoft-teams-governance.html
https://www.pbeck.co.uk/2020/05/microsoft-teams-overview.html
https://www.pbeck.co.uk/2020/06/multi-geo-for-ms-teams.html

Sunday 17 December 2017

Office 365 Technical Governance Thoughts


Hierarchy of Governance of IT
  • Business Governance
  • IT Governance
  • SharePoint Governance
The items to look at for a security breach apply at all 3 governance levels and planing to deal with a Security Breach must cover:

  • Legal Compliance
  • Litigation & Insurance
  • Security
  • Business continuity and Disaster recovery
  • PR
There are a lot of technical pieces involved in Governance of SharePoint such as authentication, security, O365 labels, Microsoft Information Protection (O365 labels) and Azure Information Protection (AIP/AIP Labels), CAS, IRM, .....  there are third party products like skysync, Semantec,.... and a lot of SharePoint Governance is part of other products that also cover SharePoint.