HELP! > Under the hood: Office365

Since a limited version of Office365 is available (almost) free via TT-Exchange) to UK charities, some are opting to switch their email and data systems to Office / Sharepoint 365. There are some important limitations to note for those who wish to make this switch.

Big Change

Sharepoint does not work in the same way as SMB (standard windows file sharing) which is probably what your users are used to. Like any software change it can take some time for users to adapt to using it efficiently. For Windows machines the change can be simplified using One drive for business app which is used to sync the online Sharepoint libraries with a local machine. This is useful in that it allows users to work fast and locally using an installed MS office package, and also in the case of a bad internet connection because changes will automatically be synced with the online Sharepoint libraries once connection is restored. Unfortunately this feature is not available on Macintosh devices, Mac users will need to use Office Online.

Privacy

Data may be stored outside of UK jurisdictions. Some organisations are legally obliged to ensure their data is not stored outside the UK so you need to check your policies. Unlike data stored in the UK, Office 365 data would be automatically subject to a Subpoena from a US Court, about which the owner of the data will be informed. However if the agency concerned uses FISA or an NSL to force data disclosure under 18 U.S.C. section 2709(c)(1) Microsoft (or any US based provider) would be prohibited from even informing the data owner that any disclosure has occurred.

Data retention

Office 365 data retention policies may not comply with your organisation’s policies and legal obligations under EU data protection legislation. Of specific relevance to E1 version of Office 365 (offered to UK charities FOC) are the following points:

Office 365 will only keep deleted emails or mailboxes up to maximum of 30 days. Some organisations are required by law to keep copies of deleted data for longer periods.

If an entire mailbox is deleted the maximum retrieval time is 30 days. Deleted files/folders can only be retrieved from the Second Stage Recycle Bin (administrator accessible) a maximum of 90 days after they were first deleted.

You can supplement the service in order to remain compliant – there are additional MS products available for data retention compliance such as Litigation Hold, but for E1 users it attracts significant additional per-user/per-month costs.

Migrating to Office / Sharepoint 365

E1 software Licensing does not include Desktop Software The E1 product does not include machine licenses, so unless users will either need to purchase the software separately or use the web-based versions. Some of our users however have reported that Office Online (the version that run in a web browser) is lacking in performance and unproductive for them to work with on a daily basis. Although Application performance will be influenced by their available bandwidth usability will also be subject to variations in the load on hosting Microsoft Servers. This load can be high at times.

Last but not least, Windows Desktops are the target OS for Sharepoint users, so users of Mac or Linux will find there are some extra steps involved to using Sharepoint.

Need help?

COMM-TECH offer migration and support packages and budget solutions to many of these limitations including the lack of backup and retention.

HELP! > Decisions: Is Cloud Hosting for me?

“We’re moving to the cloud!”

The marketing gurus who invented the term “Cloud” have done a really good job. Because it sounds like water vapour it must be cheaper. And of course – everybody’s doing it.

Typically this option is considered when a company finds that their reliable but ageing office server needs upgrade or replacement. Since this upgrade can represent a surprisingly costly investment, you may be considering migration to cloud as an option.

Roughly the term translates simply as relocating the contents of the company server to a similar device in a Data Centre. Once the system is in a DC you can do some clever things with it such as federate / outsource various services to specialist providers to upgrade processing power, speed of access, storage space, even back up data to another country to ensure a copy of the data will survive local disaster.

Myth #1: “It’s cheaper!”

No way. Market forces regulate the cost of renting Data Centre Servers and space, consequently for most companies those costs are similar to keeping a local server. You’ll find that the cheap or free products have limitations and those you find you need are the extra’s you have to pay for, regularly and relentlessly. You will find that instead of making capital investment in server equipment and having the flexibility to extend the life of that server according to your financial needs, you are stuck with a fixed cost that will equal the investment route.

Registered charities can be an exception in the form of currently low-cost access to services such as Google Apps or Office 365. There are limitations to this service which may mean unexpected costs though.

Myth #2: “We won’t need IT support anymore.”

No. While certainly the major providers have great documentation about how to fix issues with accessing their servers, good luck actually speaking to someone. The management portals are by their nature complex and mistakes can result in data loss. And what is a machine wont turn on today? Keep your IT support. They may be willing to put you on a slightly lower rate because they will have been relieved of some of the server management roles, so negotiate that.

Myth #3: “I can just move everything to the cloud…”

No way. Not all locally hosted services can be moved to Cloud for instance: Many types of work-flow collaboration suites such as ACT!, Raisers Edge, Access Databases, Sage Accounting, Access Dimensions. Some of these providers do have SAAS (software as a service) options available – albeit costly. Also, some limitations extend to federated services meaning an organisation will need to adapt it’s culture and working methods to suit the provider – for example Google Apps will not allow sharing of mailboxes, or Office365 sharepoint file server cannot operate fully with files that are not in a Microsoft format.

Keeping It Local

Advantages

SSO (Single Sign On) allowing users company credentials and service permissions to be managed from one place. Domain based SSO managed by local server.

Management and control of domain workstations from server.

Uniform and automatic user-login to drives such as drive S: N: etc. Allocation of permissions to use devices such as printers.

Automated deployment of shared services and permissions via GPO (Windows) or Login scripts (Linux).

Workstation Antivirus deployed and managed from Server.

Remote Web Workplace (using office machine remotely) so that software does not need to reside on remote workers machine.

A local server is not exposed directly top the internet and because of it’s location less likely to be targeted with this kind of attack.

Assured connectivity to Company Data in the Office – even if the broadband goes down.

Office server hardware can be accessed by local engineer hands, issues such as refusal to boot and blue screens can usually be dealt with without recovering from a backup.

Disadvantages

A major investment is required when hardware capacity is outpaced by Operating System requirements (this is especially true for windows servers). For domain based services this also costs a significant amount of time on-site for engineers.

Premises dependency, vulnerability to disaster. Premises relocation or temporary exclusion as a result of crime, fire or other disaster may result in significant downtime and inability for users to work. Recovering from offsite backup is labour-expensive.

A server running 24/7 probably costs in the region of £20 per month in electricity.

Going Cloud

Advantages

Very high availability – 99.6% server uptime, multiple users have equal access to resources from any location with Internet access.

Data Centre servers operate in highly controlled environments and are typically high-end industrial specification and highly scalable meaning that platform changes whilst not trivial are far less disruptive. Server resources can be outsourced to maintain capacity according to need. For instance email or backup services may be easily sourced to 3rd parties to keep up with organisational capacity requirements.

Independent of premises – ideal for remote working. Provides users with the ability to work remotely which can help avoid productivity problems related to loss of access to premises such as disaster, relocation, transport issues or space/desk availability.

The remote server is silent and the electricity costs are included in the hosting plan.

Disadvantages
Multiple credentials required, for workstations, server and possibly additional credentials outsourced services such as email. With SSO not available, workstations will need to be individually configured per user.
Workstation anti-virus and software update compliance, can not be controlled.
Limited access to files only – no services such as remote web workplace.
If the Office loses Internet access there is NO ACCESS to company resources from the office. You will need to have 4G internet uplink fail-over connectivity to cater for this type of event. Since ISP connectivity problems are usually limited to minutes, switching connection may take that long at least, users are absolutely prevented from working every time there is a disconnect, this can be disruptive.
Vulnerability to Zero-day hacker attacks. 0Day refers to security vulnerabilities attacks not yet revealed to the public or patched by the OS maintainer (such as Microsoft, Ubuntu, CentOS, ClearOS) See: https://en.wikipedia.org/wiki/Zero-day_(computing). Servers on high bandwidth connections in Data Centres are more likely to be attacked by Zero Day since they can be incorporated into botnets and used in spamming and Deniel Of Service attacks. A higher level of system maintenance, audit work and security patching are required to mitigate this risk as far as possible.
No physical access. If the machine cannot be reached via software, remote-hands work by Data Centre Engineers is necessary and this can be more costly than recovering from a backup.