Tuesday, May 29, 2018

Microsoft tech support fails the open source community

Scenario
  • Open an O365 support ticket with Microsoft to notify them of a bug in their product.
  • Detail everything Microsoft needs to know to fix the problem in an email
    • In a recent case it was simply due to the Microsoft release engineer failing to deploy 2 files (CSS and PNG) from the Office 365 release to the CDN.
      • This effected tenants utilizing the CKEditor open source JavaScript class library, breaking the functionality for released web parts.  (Part of the SPfx 40)
Issues
  • Tier 1 support calls you and wastes an hour (or more) of your time making you go over the same steps provided in the email.
    • In the recent case it was literally as easy as clicking a link and getting a 404 error.
      • Here is the link to the Open Source product that Microsoft broke and the users who took the time to report it: https://github.com/OlivierCC/spfx-40-fantastics/issues/29
  • Tier 1 support says they can't support this because it is a programming issue and wants you to open a paid ticket to fix their own product issue.
Proposed Resolution
  • Microsoft needs a better way to escalate tickets from members of the community who are trying to help out and know what they are doing without having to go through tier 1 engineers or paid support.

Monday, May 21, 2018

OneNote Compliance, Records Management, and Governance - O365

Scenario
  • OneNote (part of the Office 365 suite of tools) is used to store information that may be considered records (official information)
  • Your compliance or governance teams may want retention, legal holds, or other policies configured on these records
Issues
  1. Mixed Content: OneNote notebooks contain mixed content with differing record policies.
    • Ex: Meeting minutes in one section, project info in another, and issues in a third section.
    • You cannot apply policies at the page level.
    • Note: This issue is the same as any other document containing mixed content (Word, Excel, etc.), however it is easier to use OneNote in this manner.
  2. Time Span: OneNote notebooks contain content spanning multiple days, months, or years
    1. This means disposition policies may not apply correctly, delaying or accelerating policy dates
  3. Legal Holds: Legal holds may inadvertently block an entire notebook from being editable
  4. Incompliant Locations: If  OneNote usage is discouraged or blocked, records are more likely to end up in  incompliant locations and users may experience broken integration features
    1. Incompliant alternatives: Notepad saved locally, Evernote, cell phone pictures and voice memos (Office Lens), emails, other online services, a personal OneDrive OneNote account, or a locally stored OneNote
    2. To avoid OneNote, users would also need to ignore the extensive OneNote integration features provided in Outlook, Windows, and the other Office products.
    3. There is not a good alternative note-taking tool that would better meet compliance policies.
Solutions

1. Mixed Content

OneNote notebooks with records should live in SharePoint, not in OneDrive or on a file share.
  • SharePoint allows for version tracking at the library level
    • Note: This is in addition to the limited OneNote versioning.
  • SharePoint also allows content policies to be applied at the section or Notebook level
OneNote notebooks with differing compliance policies should be split into separate notebooks
  • The policies should then be applied at the notebook level

2. Time Span

Notebook policies should be applied based on the parent SharePoint site policy whenever possible and should be defined based on the overall work being done. 
  • Example: A notebook for a project would last as long as the policy for the entire project.
  • Example: A team site notebook would expire when the team was disbanded.
  • Example: A department level knowledge-base notebook should not auto expire unless the department goes away.  A separate policy for archiving historical content can still be put into place.
Users can also be trained to export and archive specific content using any time frame required by your policies.  Users may automatically be assigned tasks to remind them to do this.
  • Example Policy: Meeting minutes should be exported quarterly to PDF format and minutes deleted from the notebook for the prior quarter.
  • Example: Project notebook should be exported yearly to XPS or PDF formats.

3. Legal Holds

For legal holds that block edits, records living in OneNote should be exported to an appropriate format (PDF, Word, etc.) and the hold should be applied to the exported document which would then be the official record and not block additional modifications to the entire notebook.  An alternative approach is to export the entire notebook and place a hold on the exported copy.  This issue applies to all document types that are actively used, but may be more impactful for OneNote if mixed content is contained in the notebook. 

4. Incompliant Locations

The best solution is to provide the user with compliant locations that are easy to use.  This can be done by provisioning SharePoint sites and OneNote notebooks for common records management use cases.  In this way, notebooks will already be split by appropriate policy groupings and correctly configured for versioning and compliance policies.

Restricting usage and adherence to best practices is the hardest to control and must be enforced through user training.  Some incompliant locations may be blocked by IT through firewall rules, but users can always get around these by using their own mobile devices.