Provisioning of group SharePoint sites I am looking for best practices regarding the provisioning of group SharePoint sites in O365. To foster collaboration, we currently allow anyone to create a group in O365, which automatically creates a SharePoint site for the group. These are proliferating quickly and there is very little, if any, governance of the information stored in them. How are others handling this issue?
University of Lethbridge
I recommend to clients 1 of 2 options:
. Purchase an addon that allows you to manage this much more adroitly, or
. Restrict the ability to create O365 Groups to your help/service desk and sysadmins and have a request/approval process. You can even use the other capabilities in O365 such as PowerApps and Flow for this
Of course you can also always embrace chaos and have a couple extra glasses of wine to make it more pleasant!
I strongly agree with Lorne. You have to have some form of control over sites in order to maintain governance. I saw this both in SharePoint (prior to group / team sites) and in Yammer – People created whatever they want, or created meeting sites, which resulted in data being stored in improper locations, and no governance around it. We ended up with thousands of abandoned sites that contained data. I would recommend setting up some type of request process – it doesn’t have to be lengthy, but something requires listing at least two names as owners (so that if one leaves, you still have one), the business unit, the purpose, etc…. That way, you can track what you have, and know who to go to.
Shipman & Goodwin LLP
Agree with Lorne,
couple extra glasses of wine, curl up in ball under your CFO’s desk and cry…they may give you money for a better system then. 😉
It’s not about storing stuff, its about efficiency for your workers and a better business process…they don’t need to store stuff – they need to FIND IT LATER — stop the free-group creation now or the above will be your only choice.
(a bit of) sarcasm implied.
IQ Business Group, Inc.
Thank you for your feedback. We are going to move forward with implementing a request process for O365 Groups and SharePoint sites. So far, we are planning to ask for two owners, the requested name (we are probably going to add a prefix or suffix to groups), the purpose, and the length of time that the group will be needed. For those of you that have this type of process already, what does it entail? What information do you ask for from users before you will provision the site?
Also, we learned from our O365 administrator today that groups can be set to auto-expire (and have all of their content deleted) unless the owner actively chooses to renew the group. We are thinking of setting a 1-year expiry date for groups (not team sites that also have groups). Has anyone does this?
Unless there is a specific retention reason to keep “unattached” (to SharePoint) 365 groups for a year, why not really increase the urgency factor for the group owners and set it to 90 days?
Our Freedom of Information and Protection of Privacy legislation requires that we retain any information used to make a decision about someone for 1 year. So, although these are not supposed to be used for official decision-making purposes, I suggested 1 year so that we aren’t violating FOIP if someone does spin up a group and store documentation regarding decision-making (e.g. hiring committee, scholarship selection, etc.). We would definitely get a lot of resistance if 90 days, so 6 months is the realistic alternative, though the time is from the date of creation (not last activity) so even that would be likely to be less time than a lot of reasonable uses. I’m interested in your thoughts.
University of Lethbridge