Surviving Migration to Office 365

Introduction

Since its inception, adoption of one or many components of Office 365 has grown. In fact, according to data shared by Microsoft, as reported by Windows Central in March 2016:

  • 60 million monthly active commercial customers run Office 365
  • 50,000 small business customers are added to Office 365 each month
  • 4 trillion+ emails have been sent with Office 365 to date

What was launched as an affordable and easy-to-use Windows platform for small to mid-sized businesses has expanded to a robust platform for companies of all sizes. Popular features include:

  • Desktop applications
  • Mobile apps
  • Email
  • File storage and sharing
  • Video collaboration tools

Billed as an "office or on the go" with familiar productivity tools and Microsoft Office applications, Office 365 enables business users to create, edit and share data from PC/Mac, iOS, Android™ or Windows devices.

Many organizations have migrated from a traditional on-premise Microsoft Office deployment to one that leverages the Microsoft Azure Cloud, which gives users access to their data and business applications anywhere, at any time.

The determination of whether or not to migrate is typically made by an IT decision maker: CTO, CIO or senior executive in the IT department. These executives are "paying the bills" and likely held accountable for IT spend, so shifting one of the organization's largest expenditures from a capital expense to an operation expense is appealing.

The actual execution of the migration, however, begins and ends with the IT team, which is usually comprised of a manager and IT administrators. Depending on company size, some companies also rely on consultants, integrators or VAR partners as part of their teams. Migration from a traditional Microsoft operating system to Office 365 is far more complex than senior leaders may realize.

The following survival guide will outline processes to prepare for and execute migration. It also aligns key considerations to make sure your company can make the most out of its cloud deployment.

Microsoft Office 365 Benefits at A Glance

  • Familiar Microsoft applications including Exchange, SharePoint and Skype for Business online, deployed to any desktop
  • Anywhere access to applications and storage through mobile devices
  • 1TB storage and sharing and business-class email with unlimited mailboxes for Enterprise SKUs
  • Easy integration with Azure Active Directory for user management
  • Gain access to business enablement tools near immediately, without upfront investment
  • Shift capital expense to predictable, monthly operating expense
  • Scale as the business grows with ability to quickly add additional licenses and increase storage capability
  • Instant updates from Microsoft ease ongoing maintenance and eliminate massive version upgrades
  • Microsoft Office software updates, patches and other upgrades happen in the background without IT administrator support
  • Guaranteed 99.9% uptime, financially backed SLAs from Microsoft + 24/7 phone support for critical issues

Do Not Proceed Without an Assessment

There are various points in time when companies may consider an Office 365 deployment. For larger companies with financial considerations at the forefront, a switch is often prompted by annual licensing discussions with Microsoft or a pending major infrastructure upgrade or OS upgrade. Upon moving forward, it's important for IT decision makers and team to discuss the scope of the deployment, accountability for staying on track, success measurements and a communication strategy. The discussion could take several weeks, but candidly asking executives about expectations and setting a realistic timeline for project completion will ease roadblocks through the process.

With a directive to migrate to Office 365 and alignment with stakeholders on goals, count yourself among those who are thinking, "Now what?" Before putting pen to paper on a migration strategy, insist that the deployment team starts with an assessment of your organization's current Microsoft environment. A pre-migration assessment is the single-most important step of a migration. Migration efforts can unravel when there is a limited visibility into the IT demands of end users and if stakeholders don't fully understand the complexity of its current environment.

What does a pre-migration assessment look like?

A pre-migration assessment helps you mitigate potential migration challenges and business disruption if email and calendars are not immediately available, for instance. As assessment provides a deep dive into your organization to understand what data is critical and when it should be migrated while also enabling IT teams to simplify the Active Directory environment.

The assessment includes an inventory of:

  • User accounts (login names, email addresses)
  • Size of mailboxes
  • Data in files in third-party archives or local, offline PST files
  • Client versions and configurations
  • Network settings (DNS hosts, proxy and/or firewall configuration, internet connectivity)
  • File storage locations (file shares, intranet file storage)
  • Online meeting and Instant Messaging systems that you plan to migrate
  • Additional third-party applications that are integrated with existing systems and have integrated workflows, particularly common in a Lotus Notes environment

How Long Will an Assessment Take?

Organizations with 500 employees and a "typical" Microsoft environment should plan on a 1-2 months. While months might worry senior executives who expect a more rapid deployment, issues uncovered during migration can add even more time to the process or halt the entire deployment in its tracks. Of course, if the assessment reveals that major AD work needs to be executed prior to deployment, the timeline is instantly lengthened. An overhaul to consolidate AD, for instance, could take a significant amount of time.

A Comprehensive Pre-Assessment

With an inventory complete, review messaging, PSTs and policies for storage and archiving to round out the pre-migration assessment.

Messaging assessments look first at the number of users and mailboxes and then at the type of and volume of data within a messaging platform to be migrated. During this phase of the pre-migration assessment, consider compliance requirements, retention policies and the business processes that rely on the messaging platform.

Leveraging PST files (if previously an Exchange user) or offline local files (if previously using Notes or GroupWise), its likely users have skirted existing mailbox quotas by moving data offline. Don't forget about this forgotten data as files saved on an archive or desktop won't automatically be migrated. Examine desktop data and work with end users to determine if the data should be moved into Exchange or a storage archive on Office 365. This extra step could prevent critical data from being lost.

Finally, review current storage and archiving policies to determine if changes should be made. Some compliance standards – for specific users or in specific industries - mandate data storage. Because there may be access to more storage than been available in a traditional Microsoft deployment, identify which users – legal and finance teams, for instance – need additional storage archiving. Remember, if you plan to migrate messaging archives to Office 365, the mailbox sizes could be very large. The data transfer from source to target could take longer than expected and impact bandwidth.

IT Pro Tip

While data gathering as part of the inventory is critical, remember that few users or applications run in a vacuum. Delegation relationships between users, for instance, could dictate when users are migrated to ensure both users are migrated to the target platform at the same time.

Optimizing Active Directory for a Hybrid Deployment

A thorough assessment will provide important information to guide a successful migration. That assessment includes analysis of on-premise AD, which remains the authoritative source for authentication and authorization requests to Office 365. AD remains an on-premise user account database that syncs with Azure Active Directory for Office 365 in most deployment scenarios (especially when migrating from a traditional Microsoft deployment to Office 365). IT pros will create a copy of AD (in essence, a second user identify) for the cloud, which enables single-sign on for cloud resources. To facilitate a smooth synchronization, IT pros should:

  • Normalize AD to reduce the number of forests, domains and security boundaries as is practical
  • Create a clean delegation structure to ensure they can audit changes (what was changed and who made the change) in both on premise and cloud-based AD and correct errors
  • Consolidate and clean up organizational units, ideally to the point where all of your objects are under a single OU or a nested OU structure
  • Implement a strategy for provisioning and deprovisioning users

To enable synchronization, Microsoft developed Azure AD Connect, a management tool to sync passwords, identities, users, groups and corresponding attributes from on-premise AD to Azure AD. Azure AD replaces other Active Directory management tools including DirSync and Azure AD Sync.

Other hybrid deployments possible using Office 365?

Synching between on premise and cloud-based Azure AD is the most common hybrid deployment. In some cases, it might also make sense to have a hybrid Exchange environment with some users on Office 365 and others in a traditional deployment. Most remaining Office 365 applications, however, are intended to be deployed in the cloud.

IT Pro Tip

Have users outside of the United States? Many countries, especially in the European Union have strict regulations to ensure data is stored in a cloud that is physically located in the same country the data originated. A simple fix is to configure location objects in AD for users affected by the regulation.

Get Ready and Move

While Office 365 and on-premise Microsoft deployment provide the same end user functionality and experience, migrations are still disruptive and fraught with risk. Considering many IT pros will say an inordinate amount of their day is spent troubleshooting end user issues, it's important that a migration runs smoothly and end users are informed. Following an assessment and optimization of your current environment with a careful AD consolidation, it's time to begin migration with end users' impact in mind.

What does a migration look like?

  • Determine a timeline for migration of specific users: As soon as is possible, identify who will be migrated and when, and communicate that plan to end users. While the rationale behind a user migration strategy may vary (users with the most or least complex requirement first, location of users, groups of users such as teams, etc.), it's important that the strategy is established in the first place. These are common and extremely practical steps that are often forgotten.
  • Establish co-existence: The on premise directory (source) and Office 365 directory (target) need to communicate to enable communication and collaboration between source and target users. While this step takes a long time, it is critical because all users typically won't move at the same time.
  • Migrate: Following the timeline for user migration, synch user accounts from the on premise Active Directory to the Azure AD. Email (configured to include past emails and data) and calendars move next to the targets. With the proper assessments and configuration work, the actual migration will run more smoothly, ideally eliminating any mid-migration surprises.
  • Enable Access to Application: Having pre-determined which additional applications each user may need (Skype for Business, for instance), simply configure application settings to enable access.

IT Pro Tip

Don't forget about the ever important Murphy's Law – Anything that can go wrong, will go wrong. Expect at least a few glitches in data or account transfer. Configuring co-existence and setting retention policies for backup and recovery enables IT pros to simply roll back to a source directory while determining why the migration may not have happened.

A Few Words on Security & Compliance

With any new IT deployment comes questions of security and compliance. As general security remains one of the biggest barriers to widespread cloud deployment, Office 365 is in the executive teams' spotlight. Similar to any Microsoft deployment, in most enterprises security of the Microsoft infrastructure (on premise or in the cloud) remains the responsibility of desktop and server IT professionals rather than a dedicated security team. Many general IT pros, as a result, find themselves in the uncomfortable position of learning security best practices on the go.

A few basic security considerations to keep in mind through Office 365 migration:

Pre-Migration:

During the assessment phase and work to consolidate the Active Directory environment, take the opportunity to identify and correct and security loopholes (improperly delegated access to AD permissions, relying on default settings that aren't always the most secure, weak passwords on Services Accounts, etc.). A more secure on premise Active Directory deployment results in a more secure cloud-based Active Directory deployment.

During-Migration:

The most important security consideration during actual migration is to ensure the integrity of data in transit. Most migrations happen via Microsoft web services – a HTTPS encrypted connection. Because Microsoft has invested significantly in the security of its platform, web services and the Azure Cloud, companies can generally trust the physical data transfer. But it's the IT teams' responsibility to determine who within the organization has access to the data during migration.

Post Migration:

Immediately post migration, it's important to determine if all data made it from source to target without corruption, change or a loss. Running a data audit can set your mind at ease. Beyond data transfer, ongoing security and compliance in a post migration environment looks a lot like security and compliance for an on premise Microsoft deployment. It's critical for IT teams to understand who has access to which resources, policies are in line with end user requirements and Active Directory can be audited. You don't want anyone to take advantage of getting resources that they shouldn't have or making configuration changes.

IT Pro Tip

While Microsoft has very thorough SLAs related to security in place for Office 365, the platform has experienced some downtime in the past. It's likely an outage, regardless of how brief, will happen again. There are processes in place to enable customers to restore data, but it could take some time. Consider a solution or configure Active Directory for rapid object restore.

You're Up on Office365 – What's Changed?

For most end users, specifically those that are migration from a traditional Microsoft Office environment, the transition to Office 365 is seamless. The user experience for Office on premise and in the cloud is virtually the same. From an IT management perspective; however, there is a common misconception among IT pros that a cloud deployment might means less ongoing management since infrastructure now resides in the cloud. In fact, daily end user management remains the same.

Expect tasks associated with Active Directory auditing, enabling and disabling accounts and ongoing disaster recovery and restore of AD objects. Ongoing license management is also important as your company don't want to pay for more Office 365 licenses (or specific application use) than they need.

That said, its not surprising that very few Office 365 migration projects at mid- to large enterprises are recommended by the IT department. General IT management and volume of end user troubleshooting likely won't change. However, consider the ways Office 365 can make your job easier:

  • Eliminating server maintenance or new cumbersome infrastructure installs when the business grows
  • Avoid the process of platforms upgrades since Office 365 provides instance access to upgrades and patches as soon as they are available
  • Gaining access to robust backup and data loss prevention from Microsoft, especially critical if your security and compliance policies aren't air tight

Paired with a host of end user collaboration tools that make the business of getting business done easier and the cost savings IT can deliver to the company's bottom line, IT pros that survive an Office 365 migration are largely pleased with the outcome.

How Can Quest Software Help?

One of the best ways to ensure a successful migration to Office 365 is to find the right partner and select the most appropriate tools to help facilitate the transition. Quest has a world-class network of experts and partners who have delivered an extensive number of migration and consolidation projects, as well an end-to-end portfolio of solutions that will simplify your Active Directory consolidation and Office 365 migration. Quest solutions help you efficiently secure and manage your new environment into the future.

With nearly two decades of Microsoft platform migration experience, Quest has developed a proven methodology to ensure successful migrations. It is built on four key pillars:

  • Prepare — Mitigate migration risks with detailed pre-migration assessments that analyze the current state of your environment. You'll have the details you need about what should be moved and what shouldn't, ensuring a successful, worry-free migration with no surprises. You can also consolidate or restructure your Active Directory environment before the migration to properly prepare for Office 365.
  • Migrate — Mitigate the risk of data loss and minimize the impact on both users and IT with a Zero IMPACT migration.
  • Coexist —Maintain business productivity with seamless coexistence between end users on legacy on premise environments and Office 365 or hybrid environments.
  • Manage — Stay in control of your new messaging and collaboration environment with security, compliance auditing, reporting, backup and recovery of your Office 365 or hybrid environment.