How DLA Piper Automated Collaboration Safeguards in Microsoft 365
After the COVID-19 pandemic forced a sudden closure of in-person workplaces, DLA Piper worked quickly to get thousands of employees set up to work remotely. “Firm leadership wanted to get Microsoft Teams released quickly, but we didn’t want a Teams release turning into the ‘wild, wild west,’” Omar Ibrahim, senior manager for applications and engineering at DLA Piper, said about the collaboration platform. “So, we asked: ‘OK, what guardrails can we get in place?’”
This strategy went beyond the need for better user experience and basic security.
Legal documents are highly sensitive and subject to privacy and backup regulations, so it was critical for the firm to ensure only approved eyes can access, edit, and share certain data - whether in Microsoft 365 Groups, Teams, SharePoint Online or Yammer - and protect against data loss.
Additionally, the organization needed a way to set up Microsoft 365 workspaces with custom permissions and recertification parameters based on the nature and content of a project. These had been issues long before COVID-19.
DLA Piper had no solution to gain quick insight into information management lifecycles or to target inactive workspaces. Provisioning and closing duties required time and energy, making the process more cumbersome for IT teams and fostering a culture of sprawl.
“When I came in, it was all manual, and there was no recertification,” said Ibrahim. “I was looking for a governance tool that can manage identity plus all the things we call ‘collaboration’ and to really have a lockstep hold on it.”
The AvePoint Solution
A deployment of AvePoint Cloud Governance in June 2020 helped DLA Piper quickly gain effective control over its M365 environment to support safe, simple collaboration between 2,735 U.S.-based co-workers.
Cloud Governance empowers users with self-service IT resources for provisioning, moving, or restructuring M365 content, as well as lifecycle and permissions management. Using the SaaS platform, administrators may apply policies to govern how collaborative workspaces are requested, created, and approved - and to ensure ongoing compliance with established policies.
Now, when a DLA Piper team member wants to create a workspace, the task no longer takes hours. Nor is it manual: Cloud Governance allows the automated self-service process to begin immediately.
“Cloud Governance has brought us agility,” said Ibrahim, adding that DLA Piper teams can create specialised workflows to trigger the proper level of protection.
AvePoint’s MyHub tool — an all-in-one platform for IT administrators to manage and create M365 workspaces — provides a birds-eye view of the action, as well as an added layer of customizable control.
For example, “when a user requests a team via MyHub, they are prompted to designate it a client-facing or an administrative site,” Ibrahim said, noting that distinct security, governance, and approval policies created by DLA Piper’s information security and information governance departments are integrated into the framework.
“AvePoint gives us the capability to customize for different site types, which is a powerful tool.”
That’s a big plus compared to M365 tools used out-of-the-box.
“There’s all this great stuff they say you can do, but somebody has to program it all,” Ibrahim said. With AvePoint solutions, “we configured the backend, we enable it in Teams, and it’s just there for our employees to use.
“You want to make sure the people in those workspaces are supposed to be in those workspaces,” Ibrahim said. “Microsoft governance tools are great, but they only go to 90%. We need the extra 10%. That’s what AvePoint provides us.”
MyHub also has helped DLA Piper reduce sprawl and shutter old workspaces by sending automated renewal confirmations to project owners every 90 days to confirm whether a site is still needed.
After all, “at the end of the day, we’re not going to get an unprompted report back from an owner, ‘Hey, this project is over with and you can delete the workspace,’” Ibrahim said, noting that inaction can have greater consequences. “If data is not purged or certain information is not archived within an inappropriate time, that opens up a risk bucket.”
The new process has paid off and brought order and efficiency to data management. “I can tell you right away that we’re roughly at 400 sites now,” Ibrahim said. “We used to be at 2,000 or 3,000 sites.”
The Bottom Line
AvePoint Cloud Governance has allowed DLA Piper to continue operations remotely, to deploy strong data protection safeguards, and to save time and money.
“There was a lot of manual stuff that occurred before, and a lot of overhead,” Ibrahim said. “The biggest success we’ve had is that we have removed it from the business. I don’t mean that as a negative; it’s actually a positive. IT now can go do other things for the organisation without worrying about governance controls.”
Ibrahim also spoke highly of the planning and deployment process with AvePoint.
“From the beginning to the end, AvePoint has been 100% in our court,” he said. “You guys jumped in headfirst with us as a partner versus a dollar sign. You bring the listening ears, you understand the challenges, and then you come with ideas. Your professional sales team and implementers that helped us along the way have been invaluable.”
Going forward, the capacities and safeguards gained through AvePoint will help DLA Piper offer external sharing in M365 to support secure, effective collaboration with clients.
“I’m a big proponent of getting the structure first and the building blocks that allow us to say, ‘Hey, we can turn this on now’ with confidence,” Ibrahim said.
DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa, and Asia Pacific. The firm, which has 31 offices in the United States, handles legal needs for more than half of the Fortune 250. It also represents nearly half of the FTSE 350 or their subsidiaries. DLA Piper also advises governments and public sector bodies.
Originally Published HERE