Jim Barrett is one of Citihub Consulting’s Office 365 Subject Matter Experts, bringing over 25 years of Infrastructure knowledge and experience, including broad and deep knowledge of the Microsoft product set. He has in-depth knowledge of designing, building and operating Office 365 solutions in heavily regulated, global enterprise environments. He also manages Citihub Consulting’s own global Office 365 environment.
Banks have been slower than others to adopt public cloud offerings, including Office 365. Is that changing?
Yes, we are certainly seeing this change. Banks are beginning to see the benefits of Office 365 (O365), especially given most of them have a great deal of legacy challenges and technical debt. O365 offers them the potential of a future-proof deployment with its Evergreen approach, even though not all of this potential is being unlocked yet. We’ve recently seen public announcements from many global banks, endorsing and promoting the decision to accelerate public cloud adoption; many of our existing clients are embarking on the O365 journey. One aspect which offers both an opportunity, but also additional risk, is the transition from a large, project driven upgrade that is deployed once every five years. Instead we will see a new model where functionality is reviewed, approved and drip-fed in a much more continuous fashion. This can reduce the “change the bank” costs but will inevitably transfer some additional cost into the “run the bank” teams who will need to deal with this on an ongoing basis. Many support teams are especially worried about compatibility of plug-ins from 3rd party apps in this scenario.
What are the additional challenges and pitfalls for banks when adopting Office 365?
From experience there are common threads across our clients, certainly within the financial services sector. For example: from a network perspective, most people do not take into consideration the network capacity cloud services require per user. I have often seen organisations run into issues where users are unable to connect, not necessarily due to total bandwidth but due to incorrect configuration such as port exhaustion. The Microsoft solution for network design isn’t always compatible with large enterprises, who will typically have a much more heterogeneous environment than the Microsoft textbooks would accommodate. There are many third-party products and specialist network vendors that require consideration when designing and deploying an O365 network architecture. A quick tip would be to run your current monitoring software & tools for Firewalls, Switches and Routers to establish what your network nodes are running at currently and how to tweak configurations during pilot phases and or during migrations, to provide a high performing WAN and LAN. Microsoft also has a detailed document series on Network planning and performance tuning for Office 365 – but again, these should not be adopted in isolation in a large, complex enterprise configuration.
Stay current on your favourite topics
Probably the most commonly overlooked challenge is the ability to deal with regulatory and compliance requirements. Often, it’s only when the bank is ready to start migrations that the stakeholders from CISO, legal and compliance ask why this hasn’t been taken care of, leading to the programme being stalled and delayed. This inevitably leads to a great deal of re-work, which really should have been taken care of months before. Not being able to adhere to your internal & external regulatory requirements simply means you are not able to do the one thing you are governed to do.
Are license costs and strategy an important consideration?
Absolutely, Microsoft has created a multi-license option for the simple reason you choose what’s best for your users. Clarifying what license types are available and what types are suitable, not forgetting the licensing add-ons for e.g. advanced compliance licensing, rapidly becomes confusing. Microsoft seems to have a habit of changing licensing just when you think you’ve got them remembered. Having a user enablement strategy with user personas to follow will allow your users to consume the applications they require and save money. Going out there and enabling the top license for everyone will certainly be the most expensive way of enabling applications that users may not consume in full. However, not giving your users enough to execute their daily duties is counter-productive. Running a user and application audit, then using this as your enablement strategy will help clarify license requirements.
It’s also important to understand the real capabilities of the products as relates to your firm’s requirements. Unfortunately, simply adopting all stated functionality from the Microsoft website isn’t a guarantee of success. Many products are evolving and changing rapidly, and in their current guise are not always fit for purpose. This is especially true of the large enterprise clients Citihub works with. For example, we know that eDiscovery is a key focus area for Microsoft and has seen recent investment and updates. However, it’s not a product we could wholeheartedly recommend for large corporate clients just yet due to the current restrictions and limitations around accuracy when searching data, which we know will not satisfy business compliance requirements. For example, O365 files only catalogue and index the first 4MB of any XML file – Excel spreadsheets would be a typical example where files exceed this limit. The implication of this is that any search performed on the O365 catalogue will only be looking at the first 4MB of each file, which could easily overlook data vital to the search. This limit can be increased by working with Microsoft, but the default limitations need to be understood and reviewed with product and account teams when planning an O365 deployment.
What about data management and data protection, especially now in a post-EUGDPR world?
This is an interesting subject at present and a lot of time has been spent discussing this with our clients. Businesses are not only worried about how safe their data is, but are also worried about classifying data types with labelling capabilities provided with O365. They then want to understand how, what and if to migrate the data to the cloud once it’s been classified. I’ve often seen data owners and records managers go into analysis paralysis, spending months of effort assessing how to migrate data and forgetting that O365 is a brand-new blank space for their data. From Citihub’s viewpoint, it’s actually a great opportunity check what data is needed in the cloud, placing the emphasis on business owners to bring data into the new environment. This is especially true for unstructured data, where even the best AI/machine learning tools are not yet able to accurately classify and identify data types. Taking OneDrive as an example, why spend lots of time and money assessing the data in people’s home drive to distinguish what’s personal or corporate and then migrating GB’s of data that are not relevant to the business? The same can be said for SharePoint Online – why migrate everything when you can realign your provisioning of sites and SharePoint data in the cloud, leaving behind what the business does not need?
What do you see as focus areas on the Office 365 product road map for the next 2-3 years?
One area of focus for many clients is the adoption of Microsoft’s endpoint management solution InTune, as a potential replacement for third party tools from vendors such as AirWatch, Blackberry and Good for Enterprise. Enterprise Mobility Suite (EMS) now comes with new features, making it a more attractive and reliable toolset. Importantly, Microsoft’s integrated suite of tools gives companies a consolidated, consistent entry point into the management of endpoint devices. Consequently, with EMS being part of an O365 Azure Subscription, this can lead to significant cost saves vs. having to license and deploy multiple products from numerous vendors in this space.
I do see Microsoft devoting a lot of time to the compliance features of O365. Previously, the product set lacked depth of function and the necessary enterprise toolsets (for example, security concerns with Azure Blob Storage, data immutability challenges around SEC Rule 17-a compliance, Search and Export Limitations etc.). However, with renewed commitment to extending and adding new functionality to this area (for example, the recent split of the Security & Compliance portal into two dedicated portals), I expect this to be central to the success of Office 365 adoption in banking and other financial services firms over the coming years.