Office 365 / SharePoint – Living in a Hybrid World: Compliance and Governance meet Cloud

Live from SharePoint Conference 2012.

This is a partner session by AvePoint.


20% CIO’s will lose their jobs for failing to implement discipline of information governance (Gartner Research 2016 Prediction).


Requirements for IT Governance:

  • people have to be involved; an Executive sponsorship is mandatory to make governance project successful
    • IT: Architect, IT operation & administration
    • Business Owners: workload owners, departmental & functional owners
    • Back Office: Finance, Legal, HR and Communication teams
  • define a set of policies
    • Infrastructure
    • Operations
    • Information Architecture
    • Information Management
    • Project Management
  • define process to apply policy
    • Manual: encouragement, resource intensive, human error
    • Semi automated: PowerShell scripts, 3rd party tool
    • Automated: custom application, 3rd party tool
  • use some technology to assist processes and policies implementation



Compliance, Risk and Privacy

  • Risk is the potential that a chosen action or activity will lead to a loss. The notion implies that a choice having an influence on the outcomes exists.
  • Compliance means conforming with stated requirements.

Challenges of compliance obligations and risks to information:

  • intellectual property and trade secrets
  • sensitive customers
  • collaboration on strategy
  • personal information
  • legal and compliance obligation


Some specific risks to consider:

  • confidentiality leaks
  • loss of data integrity
  • no access to or availability of data

Questions to ask:

  • how do we protect the data
  • how do we reduce the risk of exposure
  • how do we quickly find information
  • how to we prepare for litigation and eDiscovery
  • how do we ensure policy consistency
  • how do we scale the compliance solution to the enterprise
  • how do we control cost
  • what is our cloud strategy

Don’t just focus on what you can see.

Creating and maintaining a compliant SharePoint environment is a continuous process:

  1. analyze the current environment
  2. identify non compliance
  3. prioritize the business needs
  4. diagram new security boundaries
  5. architect
  6. undertake migration
  7. maintain control


How do we control


Cloud readiness assessment:

  • assess existing sites and content
  • report on and classify content
  • design compliant information architecture
  • determine cloud migration approach

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.