Design a Business-Aligned Security Program

Focus on business value first.

EXECUTIVE BRIEF

Analyst Perspective

Business alignment is no accident.

Security leaders often tout their choice of technical security framework as the first and most important program decision they make. While the right framework can help you take a snapshot of the maturity of your program and produce a quick strategy and roadmap, it won’t help you align, modernize, or transform your program to meet emerging business requirements. Common technical security frameworks focus on operational controls rather than business services and value creation. They are difficult to convey to business stakeholders and provide little program management or implementation guidance. Focus on business value first, and the security services that enable it. Your organization has its own distinct character and profile. Understand what makes your organization unique, then design and refine the design of your security program to ensure it supports the right capabilities. Next, collaborate with stakeholders to ensure the right accountabilities, roles, and responsibilities are in place to support the implementation of the security program.

Michel Hébert Research Director, Security & Privacy Info-Tech Research Group

Executive Summary

Info-Tech Insight

You are a business leader who supports business goals and mitigates risk. Focus first on business value and the security services that enable it, not security controls.

Your challenge

The need for a solid and responsive security program has never been greater.

• You need to build a security program that enables business services and secures the technology that makes them possible.
• Building an effective, business-aligned security program requires that you coordinate many components, including technologies, processes, organizational structures, information flows, and behaviors.
• The program must prioritize the right capabilities, and support its implementation with clear accountabilities, roles, and responsibilities.
• You must communicate effectively with stakeholders to describe the risks the organization faces, their likely impact on organizational goals, and how the security program will mitigate those risks and support the creation of business value.

• Ransomware is a persistent threat to organizations worldwide across all industries.

Cybercriminals deploying ransomware are evolving into a growing and sophisticated criminal ecosystem that will continue to adapt to maximize its profits.

• Critical infrastructure is increasingly at risk.

Malicious agents continue to target critical infrastructure to harm industrial processes and the customers they serve State-sponsored actors are expected to continue to target critical infrastructure to collect information through espionage, pre-position in case of future hostilities, and project state power.

• Disruptive technologies bring new threats.

Malicious actors increasingly deceive or exploit cryptocurrencies, machine learning, and artificial intelligence technologies to support their activities.

Sources: CCCS (2023), CISA (2023), ENISA (2023)

Your challenge

Most security programs are not aligned with the overall business strategy.

50% Only half of leaders are framing the impact of security threats as a business risk.

49% Less than half of leaders align security program cost and risk reduction targets with the business.

57% Most leaders still don’t regularly review security program performance of the business.

Source: Tenable, 2021

Common obstacles

Misalignment is hurting your security program and making you less influential.

Organizations with misaligned security programs have 48% more security incidents...

…and the cost of their data breaches are 40% higher than those with aligned programs.

37% of stakeholders still lack confidence in their security program.

54% of senior leaders still doubt security gets the goals of the organization.

Source: Frost & Sullivan, 2019

Source: Ponemon, 2023

Common obstacles

Common security frameworks won’t help you align your program.

• Common security frameworks focus on operational controls rather than business value creation, are difficult to convey to stakeholders, and provide little implementation guidance.
• A security strategy based on the right framework can provide a snapshot of your program, but it won’t help you modernize, transform, or align your program to meet emerging business requirements.
• The lack of guidance leads to a lack of structure in the way security services are designed and managed, which reduces service quality, increases security friction, and reduces business satisfaction.

There is no unique, one-size-fits-all security program.

• Each organization has a distinct character and profile and differs from others in several critical respects. The security program for a cloud-first, DevOps environment must emphasize different capabilities and accountabilities than one for an on-premise environment and a traditional implementation model.

Info-Tech’s approach

You are a business leader who supports business goals and mitigates risk.

• Understand what makes your organization unique, then design and refine a security program with capabilities that create business value.
• Next, collaborate with stakeholders to ensure the right accountabilities, roles, and responsibilities are in place, and build an implementation roadmap to ensure its components work together over time.

Security needs to evolve as a business strategy.

• Laying the right foundations for your security program will inform future security program decisions and give your leadership team the information they need to support your success. You can do it in two steps:
  • Evaluate the design factors that make your organization unique and prioritize the security capabilities to suit. Info-Tech’s approach is based on the design process embedded in the latest COBIT framework.
  • Review the key components of your security program, including security governance, security strategy, security architecture, service design, and service metrics.

If you build it, they will come

“There's so much focus on better risk management that every leadership team in every organization wants to be part of the solution.

If you can give them good data about what things they really need to do, they will work to understand it and help you solve the problem.”

Dan Bowden, CISO, Sentara Healthcare (Tenable)

Design a Business-Aligned Security Program

Choose your own adventure

This blueprint is ideal for new CISOs and for program modernization initiatives.

1. New CISO

“I need to understand the business, prioritize core security capabilities, and identify program accountabilities quickly.”

2. Program Renewal

“The business is changing, and the threat landscape is shifting. I am concerned the program is getting stale.”

Use this blueprint to understand what makes your organization unique:

1. Prioritize security capabilities.
2. Identify program accountabilities.
3. Plan program implementation.

If you need a deep dive into governance, move on to a security governance and management initiative.

3. Program Update

“I am happy with the fundamentals of my security program. I need to assess and improve our security posture.”

Move on to our guidance on how to Build an Information Security Strategy instead.

Info-Tech’s methodology for security program design

Insight Map

You are a business leader first and a security leader second

Technical security frameworks are static and focused on operational controls and standards. They belong in your program’s solar system but not at its center. Design your security program with business value and the security services that enable it in mind, not security controls.

There is no one-size-fits-all security program
Tailor your security program to your organization’s distinct profile to ensure the program generates value.

Lay the right foundations to increase engagement
Map out accountabilities, roles, and responsibilities to ensure the components of your security program work together over time to secure and enable business services.

If you build it, they will come
Your executive team wants to be part of the solution. If you give them reliable data for the things they really need to do, they will work to understand and help you solve the problem.

Blueprint deliverables

Info-Tech supports project and workshop activities with deliverables to help you accomplish your goals and accelerate your success.

Security Program Design Tool

Tailor the security program to what makes your organization unique to ensure alignment.

Security Program Implementation Tool

Assess the current state of different security program components and plan next steps.

SecurityProgram Design and Implementation Plan

Communicate capabilities, accountabilities, and implementation initiatives.

Key deliverable

Security Program Design and Implementation Plan

The design and implementation plan captures the key insights your work will generate, including:

• A prioritized set of security capabilities aligned to business requirements.
• Security program accountabilities.
• Security program implementation initiatives.

Blueprint benefits

Measure the value of using Info-Tech’s approach

Assess the effectiveness of your security program with a risk-based approach.

Measure the impact of your project

Use Info-Tech diagnostics before and after the engagement to measure your progress.

• Info-Tech diagnostics are standardized surveys that produce historical and industry trends against which to benchmark your organization.
• Run the Security Business Satisfaction and Alignment diagnostic now, and again in twelve months to assess business satisfaction with the security program and measure the impact of your program improvements.
• Reach out to your account manager or follow the link to deploy the diagnostic and measure your success. Diagnostics are included in your membership.

Inform this step with Info-Tech diagnostic results

• Info-Tech diagnostics are standardized surveys that accelerate the process of gathering and analyzing pain point data.
• Diagnostics also produce historical and industry trends against which to benchmark your organization.
• Reach out to your account manager or follow the links to deploy some or all these diagnostics to validate your assumptions. Diagnostics are included in your membership.

Governance & Management Maturity Scorecard
Understand the maturity of your security program across eight domains.
Audience: Security Manager

Security Business Satisfaction and Alignment Report
Assess the organization’s satisfaction with the security program.
Audience: Business Leaders

CIO Business Vision
Assess the organization’s satisfaction with IT services and identify relevant challenges.
Audience: Business Leaders

Executive Brief Case Study

INDUSTRY: Higher Education

SOURCE: Interview

Building a business-aligned security program

Portland Community College (PCC) is the largest post-secondary institution in Oregon and serves more than 50,000 students each year. The college has a well-established information technology program, which supports its education mission in four main campuses and several smaller centers.

PCC launched a security program modernization effort to deal with the evolving threat landscape in higher education. The CISO studied the enterprise strategy and goals and reviewed the college’s risk profile and compliance requirements. The exercise helped the organization prioritize security capabilities for the renewal effort and informed the careful assessment of technical controls in the current security program.

Results

Laying the right foundations for the security program helped the security function understand how to provide the organization with a clear report of its security posture. The CISO now reports directly to the board of directors and works with stakeholders to align cost, performance, and risk reduction objectives with the needs of the college.

The security program modernization effort prioritized several critical design factors

• Enterprise Strategy
• Enterprise Goals
• IT Risk Profile
• IT-Related Issues
• IT Threat Landscape
• Compliance Requirements

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 4 to 6 calls over the course of 6 months.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Customize your journey

The security design blueprint pairs well with security governance and security strategy.

• The prioritized set of security capabilities you develop during the program design project will inform efforts to develop other parts of your security program, like the security governance and management program and the security strategy.
• Work with your member services director, executive advisor, or technical counselor to scope the journey you need. They will work with you to align the subject matter experts to support your roadmap and workshops.

Build a Data Integration Strategy

Integrate your data or disintegrate your business.

ANALYST PERSPECTIVE

Integrate your data or disintegrate your business.

"Point-to-point integration is an evil that builds up overtime due to ongoing business changes and a lack of integration strategy. At the same time most businesses are demanding consistent, timely, and high-quality data to fuel business processes and decision making.

A good recipe for successful data integration is to discover the common data elements to share across the business by establishing an integration platform and a canonical data model.

Place yourself in one of our use cases and see how you fit into a common framework to simplify your problem and build a data-centric integration environment to eliminate your data silos."

Rajesh Parab, Director, Research & Advisory Services

Info-Tech Research Group

Our understanding of the problem

This Research Is Designed For:

• Data engineers feeling the pains of poor integration from inaccuracies and inefficiencies during the data integration lifecycle.
• Business analysts communicating the need for improved integration of data.
• Data architects looking to design and facilitate improvements in the holistic data environment.
• Data architects putting high-level architectural design changes into action.

This Research Will Also Assist:

• CIOs concerned with the costs, benefits, and the overall structure of their organization’s data flow.
• Enterprise architects trying to understand how improved integration will affect overall organizational architecture.

This Research Will Help You:

• Understand what integration is, and how it fits into your organization.
• Identify opportunities for leveraging improved integration for data-driven insights.
• Design a loosely coupled integration architecture that is flexible to changing needs.
• Determine the needs of the business for integration and design solutions for the gaps that fit the requirements.

This Research Will Help Them:

• Get a handle on the current data situation and how data interacts within the organization.
• Understand how data architecture affects operations within the enterprise.

Executive summary

Situation

• As organizations process more information at faster rates, there is increased pressure for faster and more efficient data integration.
• Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.

Complication

• Investments in integration can be a tough sell for the business, and it is difficult to get support for integration as a standalone project.
• Evolving business models and uses of data are growing rapidly at rates that often exceed the investment in data management and integration tools. As a result, there is often a gap between data availability and the business’ latency demands.

Resolution

• Create a data-centric integration solution that supports the flow of data through the organization and meets the organization’s requirements for data accuracy, relevance, availability, and timeliness.
• Build your data-centric integration practice with a firm foundation in governance and reference architecture; use best-fit reference architecture patterns and the related technology and resources to ensure that your process is scalable and sustainable.
• The business’ uses of data are constantly changing and evolving, and as a result the integration processes that ensure data availability must be frequently reviewed and repositioned to continue to grow with the business.

Info-Tech Insight

1. Every IT project requires data integration.Any change in the application and database ecosystem requires you to solve a data integration problem.
2. Integration problem solving needs to start with business activity. After understanding the business activity, move to application and system integration to drive optimal data integration activities.
3. Integration initiatives need to be backed by requirements that depend on use cases. Info-Tech’s use cases will help identify organizational requirements and the ideal data-centric integration solution.

Your data is the foundation of your organization’s knowledge and ability to make decisions

Integrate the Data, Not the Applications

Data is one of the most important assets in a modern organization. Contained within an organization’s data are the customers, the products, and the operational details that make an organization function. Every organization has data, and this data might serve the needs of the business today.

However, the only constant in the world is change. Changes in addresses, amounts, product details, partners, and more occur at a rapid rate. If your data is isolated, it will quickly become stale. Getting up-to-date data to the right place at the right time is where data-centric integration comes in.

"Data is the new oil." – Clive Humby, Chief Data Scientist Source: Medium, 2016

Organizations are having trouble keeping up with the rapid increases in data growth and complexity

To keep up with increasing business demands and profitability targets and decreasing cost targets, organizations are processing and exchanging more data than ever before.

To get more value from their information, organizations are relying on more and more complex data sources. These diverse data sources have to be properly integrated to unlock the full potential of your data:

The most difficult integration problems are caused by semantic heterogeneity (Database Research Technology Group, n.d.).

80% of business decisions are made using unstructured data (Concept Searching, 2015).

85% of businesses are struggling to implement the correct integration solution to accurately interpret their data (KPMG, 2014).

Break Down Your Silos

Integrating large volumes of data from the many varied sources in an organization has incredible potential to yield insights, but many organizations struggle with creating the right structure for that blending to take place, and data silos form.

Data-centric integration capabilities can break down organizational silos. Once data silos are removed and all the information that is relevant to a given problem is available, problems with operational and transactional efficiencies can be solved, and value from business intelligence (BI) and analytics can be fully realized.

Data-centric integration is the solution you need to bring data together to break down data silos

On one hand…

Data has massive potential to bring insight to an organization when combined and analyzed in creative ways.

On the other hand…

It is difficult to bring data together from different sources to generate insights and prevent stale data.

How can these two ideas be reconciled?

Answer: Info-Tech’s Data Integration Onion Framework summarizes an organization’s data environment at a conceptual level, and is used to design a common data-centric integration environment.

Info-Tech’s Data Integration Onion Framework

Poor integration will lead to problems felt by the business and IT

The following are pains reported by the business due to poor integration:

59% Of managers said they experience missing data every day due to poor distribution results in data sets that are valuable to their central work functions. (Experian, 2016)

42% Reported accidentally using the wrong information, at least once a week. (Computerworld, 2017)

37% Of the 85% of companies trying to be more data driven, only 37% achieved their goal. (Information Age, 2019)

"I never guess. It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts." – Sir Arthur Conan Doyle, Sherlock Holmes

Poor integration can make IT less efficient as well:

90% Of all company generated data is “dark.” Getting value out of dark data is not difficult or costly. (Deloitte Insights, 2017)

5% As data sits in a database, up to 5% of customer data changes per month. (Data.com, 2016)

"Most traditional machine learning techniques are not inherently efficient or scalable enough to handle the data. Machine learning needs to reinvent itself for big data processing primarily in pre-processing of data." – J. Qiu et al., ‎2016

Understand the common challenges of integration to avoid the pains

There are three types of challenges that organizations face when integrating data:

1. Disconnect from the business

Poor understanding of the integration problem and requirements lead to integrations being built that are not effective for quality data.

50% of project rework is attributable to problems with requirements. (Info-Tech Research Group)

45% of IT professionals admit to being “fuzzy” about the details of a project’s business objectives. (Blueprint Software Systems Inc., 2012)

2. Lack of strategy

90% Of organizations will lack an integration strategy through to 2018. (Virtual Logistics, 2017)

Integrating data without a long-term plan is a recipe for point-to-point integration spaghettification:

3. Data complexity

Data architects and other data professionals are increasingly expected to be able to connect data using whatever interface is provided, at any volume, and in any format – all without affecting the quality of the data.

36% Of developers report problems integrating data due to different standards interpretations. (DZone, 2015)

These challenges lead to organizations building a data architecture and integration environment that is tightly coupled.

A loose coupling integration strategy helps mitigate the challenges and realize the benefits of well-connected data

Loose Coupling

Most organizations don’t have the foresight to design their architecture correctly the first time. In a perfect world, organizations would design their application and data architecture to be scalable, modular, and format-neutral – like building blocks.

Benefits of a loosely coupled architecture:

• Increased ability to support business needs by adapting easily to changes.
• Added ability to incorporate new vendors and new technology due to increased flexibility.
• Potential for automated, real-time integration.
• Elimination of re-keying/manual entry of data.
• Federation of data.

Vs. Tight Coupling

However, this is rarely the case. Most architectures are more like a brick wall – permanent, hard to add to and subtract from, and susceptible to weathering.

Problems with a tightly coupled architecture:

• Delays in combining data for analysis.
• Manual/Suboptimal DI in the face of changing business needs.
• Lack of federation.
• Lack of flexibility.
• Fragility of integrated platforms.
• Limited ability to explore new functionalities.

Microsoft Teams Cookbook

Recipes for best practices and use cases for Microsoft Teams.

Table of contents

Executive Brief

Section 1: Teams for IT

Section 2: Teams for End Users

Executive Summary

Situation

Remote work calls for leveraging your Office 365 license to utilize Teams – but IT is unsure about best practices for governance and permissions.

Without a framework or plan for governing the rollout of Teams, IT risks overlooking secure use of Teams, the phenomenon of “teams sprawl,” and not realizing how Teams integrates with Office 365 more broadly.

Complication

Teams needs to be rolled out quickly, but IT has few resources to help train end users with Teams best practices.

With teams, channels, chats, meetings, and live events to choose from, end users may get frustrated with lack of guidance on how to use Teams’ many capabilities.

Resolution

Use Info-Tech’s Microsoft Teams Cookbook to successfully implement and utilize Teams. This cookbook includes recipes for:

• IT best practices concerning governance of the creation process and Teams rollout.
• End-user best practices for Teams functionality and common use cases.

Key Insights

Teams is not a standalone app

Successful utilization of Teams occurs when conceived in the broader context of how it integrates with Office 365. Understanding how information flows between Teams, SharePoint Online, and OneDrive for Business, for instance, will aid governance with permissions, information storage, and file sharing.

IT should paint the first picture for team creation

No initial governance for team creation can lead to “teams sprawl.” While Teams was built to allow end users’ creativity to flow in creating teams and channels, this can create problems with a cluttered interface and keeping track of information. To prevent end-user dissatisfaction here, IT’s initial Teams rollout should offer a basic structure for end users to work with first, limiting early teams sprawl.

The Teams admin center can only take you so far with permissions

Knowing how Teams integrates with other Office 365 apps will help with rolling out sensitivity labels to protect important information being accidentally shared in Teams. Of course, technology only does so much – proper processes to train and hold people accountable for their actions with data sharing must be implemented, too.

Related Info-Tech Research

Establish a Communication and Collaboration System Strategy

Don’t waste your time deploying yet another collaboration tool that won’t get used.

Modernize Communication and Collaboration Infrastructure

Your legacy telephony infrastructure is dragging you down – modern communications and collaboration technology will dramatically improve productivity.

Migrate to Office 365 Now

One small step to cloud, one big leap to Office 365. The key is to look before you leap.

Section 1: Teams for IT

Governance best practices and use cases for IT

From determining prerequisites to engaging end users.

IT fundamentals

• Creation process
• Teams rollout

Use cases

• Retain and search for legal/regulatory compliance
• Add an external user to a team
• Delete/archive a team

Overview: Creation process

IT needs to be prepared to manage other dependent services when rolling out Teams. See the figure below for how Teams integrates with these other Office 365 applications.

Which Microsoft 365 license do I need to access Teams?

• Microsoft 365 Business Essentials
• Microsoft 365 Business Premium
• Office 365 Enterprise, E1, E3, or E5
• Office 365 Enterprise E4 (if purchased prior to its retirement)

Please note: To appeal to the majority of Info-Tech’s members, this blueprint refers to Teams in the context of Office 365 Enterprise licenses.

Assign admin roles

You will already have at least one global administrator from setting up Office 365.

Global administrators have almost unlimited access to settings and most of the data within the software, so Microsoft recommends having only two to four IT and business owners responsible for data and security.

Info-Tech Best Practice

Configure multifactor authentication for your dedicated Office 365 global administrator accounts and set up two-step verification.

Once you have organized your global administrators, you can designate your other administrators with “just-enough” access for managing Teams. There are four administrator roles:

Prepare the network

There are three prerequisites before Teams can be rolled out:

• UDP ports 3478 through 3481 are opened.
• You have a verified domain for Office 365.
• Office 365 has been rolled out, including Exchange Online and SharePoint Online.

Microsoft then recommends the following checklist to optimize your Teams utilization:

• Optimize calls and performance using the Call Quality Dashboard.
• Assess network requirements in the Network Planner in the Teams admin center.
• Ensure all computers running Teams client can resolve external DNS queries.
• Check adequate public IP addresses are assigned to the NAT pools to prevent port exhaustion.
• Route to local or regional Microsoft data centers.
• Whitelist all Office 365 URLs to move through security layers, especially IDS/IPS.
• Split tunnel Teams traffic so it bypasses your organization’s VPN.

Info-Tech Best Practice

For online support and walkthroughs, utilize Advisor for Teams. This assistant can be found in the Teams admin center.

Team Creation

You can create and manage Teams through the Teams PowerShell module and the Teams admin center. Only the global administrator and Teams service administrator have full administrative capabilities in this center.

Governance over team creation intends to prevent “teams sprawl” – the phenomenon whereby end users create team upon team without guidance. This creates a disorganized interface, with issues over finding the correct team and sharing the right information.

Prevent teams sprawl by painting the first picture for end users:

1. Decide what kind of team grouping would best fit your organization: by department or by project.
2. Start with a small number of teams before letting end users’ creativity take over. This will prevent initial death by notifications and support adoption.
3. Add people or groups to these teams. Assign multiple owners for each team in case people move around at the start of rollout or someone leaves the organization.
4. Each team has a general channel that cannot be removed. Use it for sharing an overview of the team’s goals, onboarding, and announcements.

Info-Tech Best Practice

For smaller organizations that are project-driven, organize teams by projects. For larger organizations with established, siloed departments, organize by department; projects within departments can become channels.

Integrations with SharePoint Online

Teams does not integrate with SharePoint Server.

Governance of Teams is important because of how tightly it integrates with other Office 365 apps, including SharePoint Online.

A poor rollout of Teams will have ramifications in SharePoint. A good rollout will optimize these apps for the organization.

Teams and SharePoint integrate in the following ways:

• Each team created in Teams automatically generates a SharePoint team site behind it. All documents and chat shared through a team are stored in that team’s SharePoint document library.
• As such, all files shared through Teams are subject to SharePoint permissions.
• Existing SharePoint folders can be tied to a team without needing to create a new one.
• If governance over resource sharing in Teams is poor, information can get lost, duplicated, or cluttered throughout both Teams and SharePoint.

Info-Tech Best Practice

End users should be encouraged to integrate their teams and channels with existing SharePoint folders and, where no folder exists, to create one in SharePoint first before then attaching a team to it.

Permissions

Within the Teams admin center, the global or Teams service administrator can manage Teams policies.

Typical Teams policies requiring governance include:

• The extent end users can discover or create private teams or channels
• Messaging policies
• Third-party app use

Chosen policies can be either applied globally or assigned to specific users.

Info-Tech Best Practice

If organizations need to share sensitive information within the bounds of a certain group, private channels help protect this data. However, inviting users into that channel will enable them to see all shared history.

External and guest access

Within the security and compliance center, the global or Teams service administrator can set external and guest access.

External access (federation) – turned on by default.

• Lets you find, call, and chat with users in other domains. External users will have no access to the organization’s teams or team resources.

Guest access – turned off by default.

• Lets you add individual users with their own email address. You do this when you want external users to access teams and team resources. Approved guests will be added to the organization’s active directory.

If guest access is enabled, it is subject to Azure AD and Office 365 licensing and service limits. Guests will have no access to the following, which cannot be changed:

• OneDrive for Business
• An organization’s calendar/meetings
• PSTN
• Organization’s hierarchical chart
• The ability to create, revise, or browse a team
• Upload files to one-on-one chat

Info-Tech Best Practice

Within the security and compliance center, you can allow users to add sensitivity labels to their teams that can prevent external and guest access.

Expiration and archiving

To reduce the number of unused teams and channels, or delete information permanently, the global or Teams service administrator can implement an Office 365 group expiration and archiving policy through the Teams admin center.

If a team has an expiration policy applied to it, the team owner will receive a notification for team renewal 30 days, 15 days, and 1 day before the expiry date. They can renew their team at any point within this time.

• To prevent accidental deletion, auto-renewal is enabled for a team. If the team owner is unable to manually respond, any team that has one channel visit from a team member before expiry is automatically renewed.
• A deleted Office 365 group is retained for 30 days and can be restored at any point within this time.

Alternatively, teams and their channels (including private) can be archived. This will mean that all activity for the team ceases. However, you can still add, remove, and update roles of the members.

Retention and data loss prevention

Retention policies can be created and managed in the Microsoft 365 Compliance Center or the security and compliance center PowerShell cmdlets. This can be applied globally or to specific users.

By default, information shared through Teams is retained forever.

However, setting up retention policies ensures data is retained for a specified time regardless of what happens to that data within Teams (e.g. user deletes).

Info-Tech Best Practice

To prevent external or guest users accessing and deleting sensitive data, Teams is able to block this content when shared by internal users. Ensure this is configured appropriately in your organization:

• For guest access in teams and channels
• For external access in meetings and chat

Please note the following limitations of Teams’ retention and data loss prevention:

• Organization-wide retention policies will need to be manually inputted into Teams. This is because Teams requires a retention policy that is independent of other workloads.
• As of May 2020, retention policies apply to all information in Teams except private channel messages. Files shared in private channels, though, are subject to retention policies.
• Teams does not support advanced retention settings, such as a policy that pertains to specific keywords or sensitive information.
• It will take three to seven days to permanently delete expired messages.

Teams telephony

Teams has built-in functionality to call any team member within the organization through VoIP.

However, Teams does not automatically connect to the PSTN, meaning that calling or receiving calls from external users is not immediately possible.

Bridging VoIP calls with the PSTN through Teams is available as an add-on that can be attached to an E3 license or as part of an E5 license.

There are two options to enable this capability:

• Enable Phone System. This allows for call control and PBX capabilities in Office 365.
• Use direct routing. You can use an existing PSTN connection via a Session Border Controller that links with Teams (Amaxra).

Steps to implement Teams telephony:

1. Ensure Phone System and required (non-Microsoft-related) services are available in your country or region.
2. Purchase and assign Phone System and Calling Plan licenses. If Calling Plans are not available in your country or region, Microsoft recommends using Direct Routing.
3. Get phone numbers and/or service numbers. There are three ways to do this:
   • Get new numbers through the Teams admin center.
   • If you cannot get new numbers through the Teams admin center, you can request new numbers from Microsoft directly.
   • Port or transfer existing numbers. To do this, you need to send Microsoft a letter of authorization, giving them permission to request and transfer existing numbers on your behalf.
4. To enable service numbers, including toll-free numbers, Microsoft recommends setting up Communications Credits for your Calling Plans and Audio Conferencing.

Overview: Teams rollout

1. From Skype (and Slack) to Teams
2. Gain stakeholder purchase
3. Employ a phased deployment
4. Engage end users

Skype for Business is being retired; Microsoft offers a range of transitions to Teams.

Combine the best transition mode with Info-Tech’s adoption best practices to successfully onboard and socialize Teams.

From Skype to Teams

Skype for Business Online will be retired on July 31, 2021. Choose from the options below to see which transition mode is right for your organization.

Skype for Business On-Premises will be retired in 2024. To upgrade to Teams, first configure hybrid connectivity to Skype for Business Online.

Islands mode (default)

• Skype for Business and Teams coexist while Teams is rolled out.
• Recommended for phased rollouts or when Teams is ready to use for chat, calling, and meetings.
• Interoperability is limited. Teams and Skype for Business only transfer information if an internal Teams user sends communications to an external Skype for Business user.

Teams only mode (final)

• All capabilities are enabled in Teams and Skype for Business is disabled.
• Recommended when end users are ready to switch fully to Teams.
• End users may retain Skype for Business to join meetings with non-upgraded or external parties. However, this communication is only initiated from the Skype for Business external user.

Collaboration first mode

• Skype for Business and Teams coexist, but only Teams’ collaboration capabilities are enabled. Teams communications capabilities are turned off.
• Recommended to leverage Skype for Business communications yet utilize Teams for collaboration.

Meetings first mode

• Skype for Business and Teams coexist, but only Teams’ meetings capabilities are enabled.
• Recommended for organizations that want to leverage their Skype for Business On-Premises’ Enterprise Voice capability but want to benefit from Teams’ meetings through VoIP.

From Slack to Teams

The more that’s left behind in Slack, the easier the transition. As a prerequisite, pull together the following information:

• Usage statistics of Slack workspaces and channels
• What apps end users utilize in Slack
• What message history you want to export
• A list of users whose Slack accounts can map on to required Microsoft accounts

Test content migration

Your Slack service plan will determine what you can and can’t migrate. By default, public channels content can be exported. However, private channels may not be exportable, and a third-party app is needed to migrate Direct Messages.

Files migration

Once you have set up your teams and channels in Teams, you can programmatically copy files from Slack into the target Teams channel.

Apps migration

Once you have a list of apps and their configurations used in Slack’s workspaces, you can search in Teams’ app store to see if they’re available for Teams.

User identity migration

Slack user identities may not map onto a Microsoft account. This will cause migration issues, such as problems with exporting text content posted by that user.

Info-Tech Best Practice

Avoid data-handling violations. Determine what privacy and compliance regulations (if any) apply to the handling, storage, and processing of data during this migration.

Gain stakeholder purchase

Change management is a challenging aspect of implementing a new collaboration tool. Creating a communication and adoption plan is crucial to achieving universal buy-in for Teams.

To start, define SMART objectives and create a goals cascade.

Sample list of stakeholder-specific benefits from improving collaboration

Use these activities to define what pain points stakeholders face and how Teams can directly mitigate those pain points.

Employ a phased deployment

Info-Tech Best Practice

Deploy Teams over a series of phases. As such, if you are already using Skype for Business, choose one of the coexistence phases to start.

1. Identify and pilot Teams with early adopters that will become your champions. These champions should be formally trained, be encouraged to help and train their colleagues, and be positively reinforced for their efforts.
2. Iron out bugs identified with the pilot group and train middle management. Enterprise collaboration tool adoption is strongly correlated with leadership adoption.
   1. Top-level management
      Control and direct overall organization.
   2. Middle management
      Execute top-level management’s plans in accordance with organization’s norms.
   3. First-level management
      Execute day-to-day activities.
3. Use Info-Tech’s one-pager marketing template to advertise the new tool to stakeholders. Highlight how the new tool addresses specific pain points. Address questions stemming from fear and uncertainty to avoid employees’ embarrassment or their rejection of the tool.

1. Extend the pilot to other departments and continue this process for the whole organization.

(Source: Rationalize Your Collaboration Tools (coming soon), Tools:GANTT Chart and Marketing Materials, Activities: 3.2A – 3.2B)

Info-Tech Insight

Be in control of setting and maintaining expectations. Aligning expectations with reality and the needs of employees will lower onboarding resistance.

Engage end users

Short-term best practices

Launch day:

• Hold a “lunch and learn” targeted training session to walk end users through common use cases.
• Open a booth or virtual session (through Teams!) and have tool representatives available to answer questions.
• Create a game to get users exploring the new tool – from scavenger hunts to bingo.

Launch week:

• Offer incentives for using the tool and helping others, including small gift cards.
• Publicize achievements if departments hit adoption milestones.

Long-term best practices

• Make available additional training past launch week. End users should keep learning new features to improve familiarity.
• Distribute frequent training clips, slowly exposing end users to more complex ways of utilizing Teams.
• Continue to positively reinforce and recognize those who use Teams well. This could be celebrating those that help others use the tool, how active certain users are, and attendance at learning events.

Info-Tech Best Practice

Microsoft has a range of training support that can be utilized. From instructor-led training to “Coffee in the Cloud” sessions, leverage all the support you can.

Use case #1: Retain and search data for legal/regulatory compliance

Scenario:

Your organization requires you to retain data and documents for a certain period of time; however, after this period, your organization wishes to delete or archive the data instead of maintaining it indefinitely. Within the timeframe of the retention policy, the admin may be asked to retrieve information that has been requested through a legal channel.

Purpose:

• Maintain compliance with the legal and regulatory standards to which the organization is subject.

Jobs:

• Ensure the data is retained for the approved time period.
• Ensure the policy applies to all relevant data and users.

Solution: Retention Policies

• Ensure that your organization has an Office 365 E3 or higher license.
• Set the desired retention policy through the Security & Compliance Center or PowerShell by deciding which teams, channels, chats, and users the policies will apply to and what will happen once the retention period ends.
• Ensure that matching retention policies are applied to SharePoint and OneDrive, since this is where files shared in Teams are stored.
• Be aware that Teams retention policies cannot be applied to messages in private channels.

Solution: e-Discovery

• If legally necessary, place users or Teams on legal hold in order to retain data that would be otherwise deleted by your organization’s retention policies.
• Perform e-discovery on Teams messages, files, and summaries of meetings and calls through the Security & Compliance Center.
• See Microsoft’s chart on the next slide for what is e-discoverable.

Content subject to e-discovery

E-discovery does not capture audio messages and read receipts in MS Teams.

Since files shared in private channels are stored separately from the rest of a team, follow Microsoft’s directions for how to include private channels in e-discovery. (Source: “Conduct an eDiscovery investigation of content in Microsoft Teams,” Microsoft, 2020.)

Use case #2: Add external person to a team

Scenario:

A team in your organization needs to work in an ongoing way with someone external to the company. This user needs access to the relevant team’s work environment, but they should not be privy to the goings-on in the other parts of the organization.

Jobs:

This external person needs to be able to:

• Attend meetings
• Join calls
• Chat with individual team members
• View and collaborate on the team’s files

Solution:

• If necessary, set a data loss prevention policy to prevent your users from sharing certain types of information or files with external users present in your organization’s Teams chats and public channels.
• Ensure that your Microsoft license includes DLP protection. However:
  • DLP cannot be applied to private channel messages.
  • DLP cannot block messages from external Skype for Business users nor external users who are not in “Teams only” mode.
• Ensure that you have a team set up for the project that you wish the external user to join. The external user will be able to see all the channels in this team, unless you create a private channel they are restricted from.
• Complete Microsoft’s “Guest Access Checklist” to enable guest access in Teams, if it isn’t already enabled.
• As admin, give the external user guest access through the Teams admin center or Azure AD B2B collaboration. (If given permission, team owners can also add guests through the Teams client).
• Decide whether to set a policy to monitor and audit external user activity.

Use case #3: Delete/archive a team

Scenario:

In order to avoid teams sprawl, organizations may want IT to periodically delete or archive unused teams within the Teams client in order to improve the user interface.

Alternately, if you are using a project-based approach to organizing Teams, you may wish to formalize a process to archive a team once the project is complete.

Delete:

• Determine if the team owner anticipates the team will need to be restored one day.
• Ensure that deletion does not contradict the organization’s retention policy.
• If not, proceed with deletion. Find the team in the Teams admin center and delete.
• Restore a deleted team within 30 days of its initial deletion through PowerShell.

Archive:

• Determine if the team owner anticipates the team will need to be restored one day.
• Find the relevant team in the Teams admin center and change its status to “Archived.”
• Restore the archived team if the workspace becomes relevant once again.

Info-Tech Best Practice

Remind end users that they can hide teams or channels they do not wish to see in their Teams interface. Knowing a team can be hidden may impact a team owner’s decision to delete it.

Section 2: Teams for End Users

Best practices for utilizing teams, channels, chat, meetings, and live events

From Teams how-tos to common use cases for end users.

End user basics

• Teams, channels, and chat
• Meetings and live events

Common use cases: Workspaces

• WS#1: Departments
• WS#2: A cross-functional committee
• WS#3: An innovation day event
• WS#4: A non-work-related social event
• WS#5: A project team with a defined end time

Common use cases: Meetings

• M#1: Job interview with an external candidate
• M#2: Quarterly board meeting
• M#3: Weekly recurring team meeting
• M#4: Morning stand-up/scrum
• M#5: Phone call between two people

Overview: Teams, channels, and chat

Teams

• Team: A workspace for a group of collaborative individuals.
  • Public channel: A focused area where all members of a team can meet, communicate, and share ideas and content.
  • Private channel: Like a public channel but restricted to a subset of team members, defined by channel owner.

Chat

• Chat: Two or more users collected into a common conversation thread.

For any Microsoft Teams newcomer, the differences between teams, channels, and chat can be confusing.

Use Microsoft’s figure (left) to see how these three mediums differ in their role and function.

Best practices: Workspaces 1/2

When does a Group Chat become a Channel?

• When it’s appropriate for the conversation to have a gallery – an audience of members who may not be actively participating in the discussion.
• When control over who joins the conversation needs to be centrally governed and not left up to anyone in the discussion.
• When the discussion will persist over a longer time period.
• When the number of participants approaches 100.

When does a Channel become a Team?

• When a team approaches 30 private channels, many of those private channels are likely candidates to become their own team.
• When the channel membership needs to extend beyond the boundary of the team membership.

Best practices: Workspaces 2/2

When does a Team become a Channel?

• When a team’s purpose for existing can logically be subsumed by another team that has a larger scope.

When does a Channel become a Group Chat?

• When a conversation within a channel between select users does not pertain to that channel’s scope (or any other existing channel), they should move the conversation to a group chat.
• However, this is until that group chat desires to form a channel of its own.

Create a new team

Team owner: The person who creates the team. It is possible for the team owner to then invite other members of the team to become co-owners to distribute administrative responsibilities.

Team members: People who have accepted their invitation to be a part of the team.

NB: Your organization can control who has permission to set up a team. If you can’t set a up a team, contact your IT department.

Create a new team

Decide from these two options:

• Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
• Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

• That group has 5,000 members or more.
• That group is in Yammer.

Decide if you want you new team from scratch to be private or public. If you set up a private team, any internal or external user you invite into the team will have access to all team history and files shared.

'.">

Create a new team

Decide from these two options:

• Building a team from scratch, which will create a new group with no prior history imported (steps 4.1–4.3).
• Creating a team from an existing group in Office 365, including an already existing team (steps 4.4–4.6).

NB: You cannot create a team from an existing group if:

• That group has 5,000 members or more.
• That group is in Yammer.

Configure your new team settings, including privacy, apps, tabs, and members.

'.">

Create a new channel

	On the right-hand side of the team name, click “More options.” Then, from the drop-down menu, click “Add channel.”	Name your channel, give a description, and set your channel’s privacy.
	To manage subsequent permissions, on the right-hand side of the channel name, click “More options.” Then, from the drop-down menu, click “Manage channel.”	Adding and removing members from channels: Only members in a team can see that team’s channels. Setting channel privacy as “standard” means that the channel can be accessed by anyone in a team. Unless privacy settings for a channel are set as “private” (from which the channel creator can choose who can be in that channel), there is no current way to remove members from channels. It will be up to the end user to decide which channels they want to hide.

Link team/channel to SharePoint folder

Need to find the SharePoint URL? ', 'Click to access the folder's SharePoint URL.'">

Create a chat

Overview: Meetings and live events

Teams Meetings: Real-time communication and collaboration between a group, limited to 250 people.

Teams Live Events: designed for presentations and webinars to a large audience of up to 10,000 people, in which attendees watch rather than interact.

Depending on the use case, end users will have to determine whether they need to hold a meeting or a live event.

Use Microsoft’s table (left) to see what license your organization needs to perform meetings and live events.

Best practices: Meetings

When should an Ad Hoc Call become a Scheduled Meeting?

• When the participants need time to prepare content for the call.
• When an answer is not required immediately.
• When bringing a group of people together requires logistical organizing.

When should a Scheduled Meeting become an Ad Hoc Call?

• When the participants can meet on short notice.
• When a topic under discussion requires creating alignment quickly.

When should a Live Event be created?

• When the expected attendance exceeds 250 people.
• If the event does not require collaboration and is mostly a presenter conveying information.

Create a scheduled meeting

Create an ad hoc meeting

Tip: Use existing channels to host the chatrooms for your online meetings

When you host a meeting online with Microsoft Teams, there will always be a chatroom associated with the meeting. While this is a great place for meeting participants to interact, there is one particular downside.

Problem: The never-ending chat. Often the activity in these chatrooms can persist long after the meeting. The chatroom itself becomes, unofficially, a channel. When end users can’t keep up with the deluge of communication, the tools have failed them.

Solution: Adding an existing channel to the meeting. This ensures that discussion activity is already hosted in the appropriate venue for the group, during and after the meeting. Furthermore, it provides non-attendees with a means to catch up on the discussion they have missed.

In section two of this cookbook, we will often refer to this tactic.

Don’t have a channel for the chat session of your online meeting? Perhaps you should!

If your meeting is with a group of individuals that will be collaborating frequently, they may need a workspace that persists beyond the meeting.

Guests can still attend the meeting, but they can’t chat!

If there are attendees in your meeting that do not have access to the channel you select to host the chat, they will not see the chat discussion nor have any ability to use this function.

This may be appropriate in some cases – for example, a vendor providing a briefing as part of a regular team meeting.

However, if there are attendees outside the channel membership that need to see the meeting chat, consider another channel or simply default to not assigning one.

Meeting settings explained

Show device settings. For settings concerning audio, video, and whether viewing is private.

Show meeting notes. Use to take notes throughout the meeting. The notes will stay attached to this event.

Show meeting details. Find meeting information for: a dial-in number, conference ID, and link to join.

Enter full screen.

Show background effects. Choose from a range of video backgrounds to hide/blur your location.

Turn on the captions (preview). Turn on live speech-to-text captions.

Keypad. For dialing a number within the meeting (when enabled as an add-on with E3 or as part of E5).

Start recording. Recorded and saved using Microsoft Stream.

End meeting.

Turn off incoming video. To save network bandwidth, you can decline receiving attendee’s video.

Click “More options” to access the meetings settings.

Screen share. In the tool tray, select “Share” to share your screen. Select particular applications if you only want to share certain information; otherwise, you can share your whole desktop.

System audio share. To share your device’s audio while screen sharing, checkbox the “Include system audio” option upon clicking “Share.”

If you didn’t click that option at the start but now want to share audio during screen share, click the “Include systems audio” option in the tool tray along the top of the screen.

Give/take control of screen share. To give control, click “Give control” in the tool tray along the top of the screen when sharing content. Choose from the drop-down who you would like to give control to. In the same spot, click “Take back control” when required.

To request control, click “Request control” in the same space when viewing someone sharing their content. Click “Release control” once finished.

Start whiteboarding

1. You’ll first need to enable Microsoft Whiteboard in the Microsoft 365 admin center. Ask your relevant admin to do so if Whiteboard is not already enabled.
2. Once enabled, click “Share” in a meeting. This feature only appears if you have 3+ participants in the meeting.
3. Under the “Whiteboard” section in the bottom right, click “Microsoft Whiteboard.”
4. Click the pen icons to the right of the screen to begin sketching.

NB: Anonymous, federated, or guest users are currently not supported to start, view, or ink a whiteboard in a Teams meeting.

Will the whiteboard session be recorded if the meeting is being recorded?

No. However, the final whiteboard will be available to all meeting attendees after the meeting, under “Board Gallery” in the Microsoft Whiteboard app. Attendees can then continue to work on the whiteboard after the meeting has ended.

Create a live event

As the organizer, you can invite other people to the event who will be the “producers” or “presenters.” Producers: Control the live event stream, including being able to start and stop the event, share their own and others’ video, share desktop or window, and select layout. Presenters: Present audio, video, or a screen.

Live event settings explained

When you join the live event as a producer/presenter, nothing will be immediately broadcast. You’ll be in a pre-live state. Decide what content to share and in what order. Along the bottom of the screen, you can share your video and audio, share your screen, and mute incoming attendees. Once your content is ready to share along the bottom of the screen, add it to the screen on the left, in order of viewing. This is your queue – your “Pre-live” state. Then, click “Send now.” This content will now move to the right-hand screen, ready for broadcasting. Once you’re ready to broadcast, click “Start.” Your state will change from “Pre-live” to “Live.” Along the top right of the app will be a tools bar.

Workspace #1: Departments

Scenario: Most of your organization’s communication and collaboration occurs within its pre-existing departmental divisions.

Conventional communication channels:

• Oral communication: Employees work in proximity to each other and communicate in person, by phone, in department meetings
• Email: Department-wide announcements
• Memos: Typically posted/circulated in mailboxes

Solution: Determine the best way to organize your organization’s departments in Teams based on its size and your requirements to keep information private between departments.

Option A:

• Create a team for the organization/division.
• Create channels for each department. Remember that all members of a team can view all public channels created in that team and the default General channel.
• Create private channels if you wish to have a channel that only select members of that team can see. Remember that private channels have some limitations in functionality.

Option B:

• Create a new team for each department.
• Create channels within this team for projects or topics that are recurring workflows for the department members. Only department members can view the content of these channels.

Option C:

• Post departmental memos and announcements in the General channel.
• Use “Meet now” in channels for ad hoc meetings. For regular department meetings, create a recurring Teams calendar event for the specific department channel (Option A) or the General channel (Option B). Remember that all members of a team can join a public channel meeting.

Workspace #2: A cross-functional committee

Scenario: Your organization has struck a committee composed of members from different departments. The rest of the organization should not have access to the work done in the committee.

Purpose: To analyze a particular organizational challenge and produce a plan or report; to confidentially develop or carry out a series of processes that affect the whole organization.

Jobs: Committee members must be able to:

• Attend private meetings.
• Share files confidentially.

Solution:

Ingredients:

• Private team

Construction:

• Create a new private team for the cross-functional committee.
• Add only committee members to the team.
• Create channels based on the topics likely to be the focal point of the committee work.
• Decide how you will use the mandatory General channel. If the committee is small and the work limited in scope, this channel may be the main communication space. If the committee is larger or the work more complex, use the General channel for announcements and move discussions to new topic-related channels.
• Schedule recurring committee meetings in the Teams calendar. Add the relevant channel to the meeting invite to keep the meeting chat attached to this team and channel (as meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite).
• Remember that all members of this team will have access to these meetings and be able to view that they are occurring.

Workspace #3: An innovation day event

Scenario: The organization holds a yearly innovation day event in which employees form small groups and work on a defined, short-term problem or project.

Purpose: To develop innovative solutions and ideas.

Jobs:

• Convene small groups.
• Work toward time-sensitive goals.
• Communicate synchronously.
• Share files.

Solution:

Ingredients:

• Public team
• Channel tabs
• Whiteboard
• Planner

Construction:

• Create a team for the innovation day event.
• Add channels for each project working group.
• Communicate to participants the schedule for the day and their assigned channel.
• Use the General channel for announcements and instructions throughout the day. Ensure someone moderates the General channel for participants’ questions.
• Pre-populate the channel tabs with files the participants need to work with. To add a scrum board, refer to M#4 (Morning stand-up/Scrum) in this slide deck.
• For breakouts, instruct participants to use the “meet now” feature in their channel and how to use the Whiteboard during these meetings.
• Arrange to have your IT admin archive the team after a certain point so the material is still viewable but not editable.

Workspace #4: A non-work-related social event

Scenario: Employees within the organization wish to organize social events around shared interests: board game clubs, book clubs, TV show discussion groups, trivia nights, etc.

Purpose: To encourage cohesion among coworkers and boost morale.

Jobs:

• Schedule the event.
• Invite participants.
• Prepare the activity.
• Host and moderate the discussion.

Solution:

Ingredients:

• Public team
• Private channels
• Screen-sharing

Construction:

• Create a public team for the social event so that interested people can find and join it.
• Example: Trivia Night
  • Schedule the event in the Teams calendar.
  • Publish the link to the Trivia Night team where other employees will see it.
  • Create private channels for each trivia team so they cannot see the other competitors’ discussions. Add yourself to each private channel so you can see their answers.
  • As the host, begin a meeting in the General channel. Pose the trivia questions live or present the questions on PowerPoint via screen-sharing.
  • Ask each team to post its answers to its private channel.
• To avoid teams sprawl, ask your IT admin to set a deletion policy for the team, as long as this request does not contradict your organization’s policies on data retention. If the team becomes moribund, it can be set to auto-delete after a certain period of time.

Workspace #5: A project team with a defined end time

Scenario: Within a department/workplace team, employees are assigned to projects with defined end times, after which they will be assigned to a new project.

Purpose: To complete project-based work that fulfills business needs.

Jobs:

• Oral communication with team members.
• Synchronous and asynchronous work on project files.
• The ability to attend scheduled meetings and ad hoc meetings.
• The ability to access shared resources related to the project.

Solution:

If your working group already has its own team within Teams:

• Create a new public or private channel for the project. Remember that some functionality is not available in private channels (such as Microsoft Planner).
• Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now).
• Add a tab that links to the team’s project folder in SharePoint.

If your workplace team does not already have its own team in Teams:

• Determine if there is a natural fit for this project as a new channel in an existing team. Remember that all team members will be able to see the channel if it is public and that all relevant project members need to belong to the Team to participate in the channel.
• If necessary, create a new team for the project. Add the project members.
• Create channels based on the type of work that comprises the project.
• Use the channel for the project team’s meetings (scheduled in Teams calendar or through Meet Now)
• Add a tab to link to the team’s project folder in SharePoint.

Info-tech Best Practice

Hide the channel after the project concludes to de-clutter your Teams user interface.

Meeting #1: Job interview with external candidate

Scenario: The organization must interview a slate of candidates to fill an open position.

Purpose:

• Select the most qualified candidate for the job.

Jobs:

• Create a meeting, ensuring the candidate and other attendees know when and where the meeting will happen.
• Ensure the meeting is secure to protect confidential information.
• Ensure the meeting is accessible, allowing the candidate to present themselves through audio and/or visual means.
• Create a professional environment for the meeting to take place.
• Engender a space for the candidate to share their CV, research, or other relevant file.
• The interview must be transcribed and recorded.

Solution:

Ingredients:

• Private Teams meeting
• Screen-sharing
• Microsoft Stream

Construction:

• Create a Teams meeting, inviting the candidate with their email, alongside other internal attendees. The Teams meeting invite will auto-generate a link to the meeting itself.
• The host can control who joins the meeting through settings for the “lobby.”
• Through the Teams meeting, the attendees will be able to use the voice and video chat functionality.
• All attendees can opt to blur their backgrounds to maintain a professional online presence.
• The candidate can share their screen, either specific applications or their whole desktop, during the Teams meeting.
• A Teams meeting can be recorded and transcribed through Stream. After the meeting, the transcript can be searched, edited, and shared

NB: The external candidate does not need the Teams application. Through the meeting invite, the external candidate will join via a web browser.

Meeting #2: Quarterly board meeting

Scenario: Every quarter, the organization holds its regular board meeting.

Purpose: To discuss agenda items and determine the company’s future direction.

Jobs:

• Attendance and minutes must be taken.
• Votes must be recorded.
• In-camera sessions must occur.
• External experts must be included.

• Follow-up items must be assigned.
• Reports must be submitted.

Solution:

Ingredients:

• Teams calendar invite
• Planner; Forms
• Private channel
• Microsoft Stream

Construction:

• Guest Invite: Invites can be sent to any non-domain-joined email address to join a private, invitation-only channel within the team controlled by the board chair.
• SharePoint & Flow: Documents are emailed to the Team addresses, which kicks off an MS Flow routine to collect review notes.
• Planner: Any board member can assign tasks to any employee.
• Forms/Add-On: Chair puts down the form of the question and individual votes are tracked.
• Teams cloud meeting recording: Recording available through Stream. Manual edits can be made to VTT caption file. Greater than acceptable transcription error rate.
• Meeting Log: Real-time attendance is viewable but a point-in-time record needs admin access.

NB: The external guests do not need the Teams application. Through the meeting invite, the guests will join via a web browser.

Meeting #3: Weekly team meeting

Scenario: A team meets for a weekly recurring meeting. The meeting is facilitated by the team lead (or manager) who addresses through agenda items and invites participation from the attendees.

Purpose: The purpose of the meeting is to:

• Share information verbally
• Present content visually
• Achieve consensus
• Build team morale

Jobs: The facilitator must:

• Determine participants
• Book room
• Book meeting in calendar

Solution:

Ingredients:

• Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
• Calendar Recurrence: A meeting is booked through Teams and appears in all participants’ Outlook calendar.
• Collaboration Space: Participants join the meeting through video or audio and can share screens and contribute text, images, and links to the meeting chat.

Construction:

• Ensure your team already has a channel created for it. If not, create one in the appropriate team.
• Create the meeting using the calendar view within Microsoft Teams:
  • Set the meeting’s name, attendees, time, and recurrence.
  • Add the team channel that serves as the most appropriate workplace for the meeting. (Any discussion in the meeting chat will be posted to this channel.)

NB: Create the meeting in the Teams calendar, not Outlook, or you will not be able to add the Teams channel. As meeting organizer, put your name in the meeting invite notes, as the channel will show as the organizer in the Outlook invite.

Meeting #4: Morning stand-up/scrum

Scenario: Each morning, at 9am, members of the team meet online.

Purpose: After some pleasantries, the team discusses what tasks they each plan to complete in the day.

Jobs: The team leader (or scrum master) must:

• Place all tasks on a scrum board, each represented by a sticky note denoting the task name and owner.
• Move the sticky notes through the columns, adjusting assignments as needed.
• Sort tasks into the following columns: “Not Started,” “In Progress,” and “Done.”

Solution:

Ingredients:

• Meeting Place: A channel in Microsoft Teams (must be public) where all members of the meeting make up the entirety of the audience.
• Scrum Board: A tab within that channel where a persistent scrum board has been created and is visible to all team members.

Meeting Place Construction:

• Create the meeting using the calendar view in Teams.
• Set the meeting’s name, attendees, time, and work-week daily recurrence (see left).
• Add the channel that is the most appropriate workplace for the meeting. Any meeting chat will be posted to this channel rather than a separate chat.

Scrum Board Construction:

• Add a tab to the channel using Microsoft Planner as the app. (You can use other task management apps such as Trello, but the identity integration of first-party Office 365 tools may be less hassle.)
• Create a new (or import an existing) Plan to the channel. This will be used as the focal point.

Meeting #5: Weekly team meeting

Scenario: An audio-only conversation that could be a regularly scheduled event but is more often conducted on an ad-hoc basis.

Purpose: To quickly share information, achieve consensus, or clarify misunderstandings.

Jobs:

• Dial recipient
• See missed calls
• Leave/check voicemail
• Create speed-dial list
• Conference call

Solution:

Ingredients:

• Audio call begun through Teams chat.

Construction:

• Voice over IP calls between users in the same MS Teams tenant can begin in multiple ways:
  • A call can be initiated through any appearance of a user’s profile picture: hover over user’s profile photo in the Chat list and select the phone icon.
  • Enter your last chat with a user and click phone icon in upper-right corner.
  • Go to the Calls section and type the name in the “Make a call” text entry form.
• Voicemail: Voicemail, missed calls, and call history are available in the Calls section.
• Speed dial: Speed dial lists can be created in the Calls section.
• Conference call: Other users can be added to an ongoing call.

NB: Microsoft Teams can be configured to provide an organization’s telephony for external calls, but this requires an E5 license. Additional audio-conferencing licenses are required to call in to a Teams meeting over a phone.

Bibliography 1/4

Section 1: Teams for IT › Creation Process

Overview: Creation process

• “How do I get access to Microsoft Teams?” Microsoft, n.d., support.office.com/en-us/article/how-do-i-get-access-to-microsoft-teams-fc7f1634-abd3-4f26-a597-9df16e4ca65b. Accessed 11 May 2020.
• “Logical architecture for Microsoft Teams and related services.” Microsoft, 6 Mar. 2020, docs.microsoft.com/en-us/microsoftteams/teams-architecture-solutions-posters. Accessed 9 May 2020.
• “Plan for governance in Teams.” Microsoft, 10 Aug. 2018, docs.microsoft.com/en-us/MicrosoftTeams/plan-teams-governance. Accessed 30 Apr. 2020.

Assign admin roles

• “Use Microsoft Teams administrator roles to manage Teams.” Microsoft, 19 Sep. 2018, docs.microsoft.com/en-us/microsoftteams/using-admin-roles. Accessed 9 May 2020.

Prepare the network

• “Prepare your organization's network for Microsoft Teams.” Microsoft, 28 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/prepare-network. Accessed 9 May 2020.

Team creation

• “Best practices for organizing teams in Microsoft Teams.” Microsoft, 13 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/best-practices-organizing. Accessed 9 May 2020.
• “Create your first teams and channels in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/get-started-with-teams-create-your-first-teams-and-channels. Accessed 9 May 2020.

Integrations with SharePoint Online

• “Configure Teams with three tiers of protection.” Microsoft, 7 May 2020, docs.microsoft.com/en-us/microsoft-365/solutions/configure-teams-three-tiers-protection?view=o365-worldwide. Accessed 9 May 2020.
• “File collaboration in SharePoint with Microsoft 365.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/sharepoint/deploy-file-collaboration. Accessed 9 May 2020.

Permissions

• “Manage app permission policies in Microsoft Teams.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-app-permission-policies. Accessed 9 May 2020.
• “Manage messaging policies in Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/messaging-policies-in-teams. Accessed 30 Apr. 2020.
• “Sensitivity labels for Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/sensitivity-labels. Accessed 9 May 2020.

Bibliography 2/4

Section 1: Teams for IT › Creation Process (cont'd.)

External and guest access

• “Add a guest to Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/add-guests. Accessed 30 Apr. 2020.
• “Communicate with users from other organizations in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/communicate-with-users-from-other-organizations. Accessed 30 Apr. 2020.
• “Guest access in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/guest-access. Accessed 9 May 2020.
• “Manage external access in Microsoft Teams.” Microsoft, 22 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/manage-external-access. Accessed 9 May 2020.
• “Microsoft Teams guest access checklist.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/guest-access-checklist. Accessed 30 Apr. 2020.
• “Turn on or turn off guest access to Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/set-up-guests. Accessed 9 May 2020.
• “What the guest experience is like.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/guest-experience. Accessed 4 May 2020.

Expiration and archiving

• “Archive or delete a team in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/archive-or-delete-a-team?view=o365-worldwide. Accessed 29 Apr. 2020.
• “Microsoft 365 group expiration policy.” Microsoft, 6 May 2020, docs.microsoft.com/en-us/microsoft-365/admin/create-groups/office-365-groups-expiration-policy?view=o365-worldwide. Accessed 9 May 2020.
• “Team expiration and renewal in Microsoft Teams.” Microsoft, 6 Feb. 2020, docs.microsoft.com/en-us/microsoftteams/team-expiration-renewal. Accessed 9 May 2020.

Retention and data loss prevention

• “Data loss prevention and Microsoft Teams.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoft-365/compliance/dlp-microsoft-teams?view=o365-worldwide. Accessed 9 May 2020.
• “Retention policies in Microsoft Teams.” Microsoft, 5 May 2020, docs.microsoft.com/en-us/microsoftteams/retention-policies. Accessed 9 May 2020.

Teams telephony

• “Here's what you get with Phone System in Office 365.” Microsoft, 26 Feb. 2020, docs.microsoft.com/en-us/microsoftteams/here-s-what-you-get-with-phone-system. Accessed 9 May 2020.
• O’Donnell, J.P. “The killer feature in Microsoft Teams your business should be using.” Amaxra, n.d., www.amaxra.com/blog/the-killer-feature-in-microsoft-teams-your-business-should-be-using. Accessed 4 May 2020.
• “Set up Phone System in your organization.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/deploy-audio-conferencing-teams-landing-page. Accessed 4 May. 2020.
• “What is Phone System in Office 365?” Microsoft, 29 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/what-is-phone-system-in-office-365. Accessed 9 May 2020.

Bibliography 3/4

Section 1: Teams for IT › Teams Rollout

From Skype to Teams

• “FAQ — Upgrading from Skype for Business to Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/faq-journey. Accessed 9 May 2020.
• “Teams and Skype interoperability.” Microsoft, 21 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-skype-interop. Accessed 9 May 2020.
• “Understand Microsoft Teams and Skype for Business coexistence and interoperability.” Microsoft, 3 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/teams-and-skypeforbusiness-coexistence-and-interoperability. Accessed 9 May 2020.

From Slack to Teams

• “Migrate from Slack to Microsoft Teams.” Microsoft, 14 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/migrate-slack-to-teams. Accessed 9 May 2020.

Teams adoption

• “365 adoption guide” Microsoft, 22 Jan. 2020, query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWqTOD. Accessed 9 May 2020.

Section 1: Teams for IT › Use Cases

• Acharya, Ansuman. “Microsoft Teams launches eDiscovery for calling and meetings.” Microsoft Tech Community, 2 Jul. 2018, techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-teams-launches-ediscovery-for-calling-and-meetings/ba-p/210947. Accessed 30 Apr. 2020.
• “Conduct an eDiscovery investigation of content in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/ediscovery-investigation?view=o365-worldwide#overview, Accessed 29 Apr. 2020.
• “Teams cloud meeting recording: Compliance and eDiscovery for meeting recordings.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/cloud-recording#compliance-and-ediscovery-for-meeting-recordings. Accessed 29 Apr. 2020.

Bibliography 4/4

Section 2: Teams for End Users › Teams, Channels, Chat

• “Limits and specifications for Microsoft Teams.” Microsoft, 29 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/limits-specifications-teams. Accessed 4 May 2020.
• “Location of data in Microsoft Teams.” Microsoft, 27 Apr. 2020, docs.microsoft.com/en-us/MicrosoftTeams/location-of-data-in-teams. Accessed 4 May 2020.
• “Manage the Whiteboard in Microsoft Teams.” Microsoft, 1 Oct. 2019, docs.microsoft.com/en-us/microsoftteams/manage-whiteboard. Accessed 9 May 2020.
• [Microsoft Teams admin documentation.] Microsoft, n.d., docs.microsoft.com/en-us/MicrosoftTeams/teams-overview. Accessed 29 Apr. 2020.
• “Overview of teams and channels in Microsoft Teams.” Microsoft, 9 Mar. 2020, docs.microsoft.com/en-us/MicrosoftTeams/teams-channels-overview. Accessed 4 May 2020.
• “Private channels in Microsoft Teams.” Microsoft, 24 Feb. 2020, docs.microsoft.com/en-us/MicrosoftTeams/private-channels. Accessed 30 Apr. 2020.

Section 2: Teams for End Users › Meetings and Live Events

• “Admin quick start – Meetings and live events in Microsoft Teams.” Microsoft, 7 Apr. 2020, docs.microsoft.com/en-us/microsoftteams/quick-start-meetings-live-events. Accessed 21 Apr. 2020.
• “Get started with Microsoft Teams live events.” Microsoft, n.d., support.office.com/en-us/article/get-started-with-microsoft-teams-live-events-d077fec2-a058-483e-9ab5-1494afda578a#bkmk_roles. Accessed 29 Apr. 2020.
• “Schedule a Teams live event.” Microsoft, n.d., support.microsoft.com/en-us/office/schedule-a-teams-live-event-7a9ce97c-e1cd-470f-acaf-e6dfc179a0e2. Accessed 29 Apr. 2020.
• “Search the audit log for events in Microsoft Teams.” Microsoft, 12 Mar. 2018, docs.microsoft.com/en-us/microsoftteams/audit-log-events?view=o365-worldwide. Accessed 30 Apr. 2020.

Section 2: Teams for End Users › Use Cases

• “Understand calling in Microsoft Teams.” Microsoft, n.d., docs.microsoft.com/en-us/microsoftteams/tutorial-calling-in-teams. Accessed 9 May 2020.

Enable Product Delivery – Executive Leadership Workshop

Strengthen product management in your organization through effective executive leadership by focusing on product teams, core capabilities, and proper alignment.

Objective of this workshop

To develop a common understanding and foundation for product management so we, as leaders, better understand how to lead product owners, product managers, and their teams.

Enable Product Delivery - Executive Leadership Workshop

Learn how enterprise agility can provide lasting value to the organization

Clarify your role in supporting your teams to deliver lasting value to stakeholders and customers

1. Understanding Your Top Challenges
   • Define your challenges, goals, and opportunities Agile and product management will impact.
2. Transitioning from Projects to Product-centric Delivery
   • Understand the shift from fixed delivery to continuous improvement and delivery of value.
3. Enterprise Agility and the Value of Change
   • Organizations need to embrace change and leverage smaller delivery cycles.
4. Defining Your "Products" and Product Management
   • Define products in your culture and how to empower product delivery teams.
5. Connecting Product Management to Agile Practices
   • Use product ownership to drive increased ROI into your product delivery teams and lifecycles.
6. Commit to Empowering Agile Product Teams
   • Define the actions and changes you must make for this transformation to be successful.

Your Product Transformation Journey

1. Make the Case for Product Delivery
   • Align your organization with the practices to deliver what matters most
2. Enable Product Delivery – Executive Workshop
   • One-day executive workshop – align and prepare your leadership
   • Audience: Senior executives and IT leadership.
     Size: 8-16 people
     Time: 6 hours
3. Deliver on Your Digital Product Vision
   • Enhance product backlogs, roadmapping, and strategic alignment
   • Audience: Product Owners/Mangers
     Size: 10-20 people
     Time: 3-4 days
4. Deliver Your Digital Products at Scale
   • Scale Product Families to Align Enterprise Goals
   • Audience: Product Owners/Mangers
     Size: 10-20 people
     Time: 3-4 days
5. Mature and Scale Product Ownership
   • Align and mature your product owners
   • Audience: Product Owners/Mangers
     Size: 8-16 people
     Time: 2-4 days

Repeat workshops with different companies, operating units, departments, or teams as needed.

What is a workshop?

We WILL ENGAGE in discussions and activities:

• Flexible, to accommodate the needs of the group.
• Open forum for discussion and questions.
• Share your knowledge, expertise, and experiences (roadblocks and success stories).
• Everyone is part of the process.
• Builds upon itself.

This workshop will NOT be:

• A lecture or class.
• A monologue that never ends.
• Technical training.
• A presentation.
• Us making all the decisions.

Roles within the workshop

We each have a role to play to make our workshop successful!

Facilitators

• Introduce the best practice framework used by Info-Tech.
• Ask questions about processes, procedures, and assumptions.
• Guide for the methodology.
• Liaison for any other relevant Info-Tech research or services.

Participants

• Contribute and speak out as much as needed.
• Provide expertise on the current processes and technology.
• Ask questions.
• Provide feedback.
• Collaborate and work together to produce solutions.

Understanding Your Top Challenges

• Understanding Your Top Challenges
• Transitioning From Projects to Product-Centric Delivery
• Enterprise Agility and the Value of Change
• Defining Your Products and Product Management
• Connecting Product Management to Agile Practices
• Commit to Empowering Agile Product Teams
• Wrap-Up and Retrospective

Executive Summary

Your Challenge

• Products are the lifeblood of an organization. They deliver the capabilities needed to deliver value to customers, internal users, and stakeholders.
• The shift to becoming a product organization is intended to continually increase the value you provide to the broader organization as you grow and evolve.
• You need to clearly convey the direction and strategy of your product portfolio to gain alignment, support, and funding from your organization.

Common Obstacles

• IT organizations are traditionally organized to deliver initiatives in specific periods of time. This conflicts with product delivery, which continuously delivers value over the lifetime of a product.
• Delivering multiple products together creates additional challenges because each product has its own pedigree, history, and goals.
• Product owners struggle to prioritize changes to deliver product value. This creates a gap and conflict between product and enterprise goals.

Info-Tech's Approach

Info-Tech's approach will guide you through:

• Understanding the top challenges driving your product initiative.
• Improving your transitioning from projects to product-centric delivery.
• Enhancing enterprise agility and the value of change.
• Defining products and product management in your context.
• Connecting product management to Agile practices.
• Committing to empowering Agile Product teams.

What is driving your organization to become product focused?

30 minutes

• Team introductions:
  • Share your name and role
  • What are the key challenges you are looking to solve around product management?
  • What blockers or challenges will we need to overcome?

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Input

• Organizational knowledge
• Goals and challenges

Output

• List of key challenges
• List of workshop expectations
• Parking lot items

Transitioning From Projects to Product-Centric Delivery

• Understanding Your Top Challenges
• Transitioning From Projects to Product-Centric Delivery
• Enterprise Agility and the Value of Change
• Defining Your Products and Product Management
• Connecting Product Management to Agile Practices
• Commit to Empowering Agile Product Teams
• Wrap-Up and Retrospective

Define the differences between projects and product delivery

30 minutes

• Consider project delivery and product delivery.
• Discussion:
  • What are some differences between the two?

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Input

• Organizational knowledge
• Internal terms and definitions

Output

• List of differences between projects and product delivery

Define the differences between projects and product delivery

15 minutes

Input

• Organizational knowledge
• Internal terms and definitions

Output

• List of differences between projects and product delivery

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Identify the differences between a project-centric and a product-centric organization

Info-Tech Insight

Product delivery requires significant shifts in the way you complete development work and deliver value to your users. Make the changes that support improving end user value and enterprise alignment.

Projects can be a mechanism for funding product changes and improvements

Projects within products

Regardless of whether you recognize yourself as a "product-based" or "project-based" shop, the same basic principles should apply.

You go through a period or periods of project-like development to build a version of an application or product.

You also have parallel services along with your project development, which encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

While Agile and product are intertwined, they are not the same!

Delivering products does not necessarily require an Agile mindset. However, Agile methods help facilitate the journey because product thinking is baked into them.

Product roadmaps guide delivery and communicate your strategy

In Deliver on Your Digital Product Vision, we demonstrate how the product roadmap is core to value realization. The product roadmap is your communicated path, and as a product owner, you use it to align teams and changes to your defined goals while aligning your product to enterprise goals and strategy.

Adapted from: Pichler, "What Is Product Management?"

Info-Tech Insight

The quality of your product backlog – and your ability to realize business value from your delivery pipeline – is directly related to the input, content, and prioritization of items in your product roadmap.

Considerations to Optimize Container Management

Design a custom reference architecture that meets your requirements.

Analyst Perspective

Containers have become popular as enterprises use DevOps to develop and deploy applications faster. Containers require managed services because the sheer number of containers can become too complex for IT teams to handle. Orchestration platforms like Kubernetes can be complex, requiring management to automatically deploy container-based applications to operating systems and public clouds. IT operations staff need container management skills and training.

Installing and setting up container orchestration tools can be laborious and error-prone. IT organizations must first implement the right infrastructure setup for containers by having a solid understanding of the scope and scale of containerization projects and developer requirements. IT administrators also need to know how parts of the existing infrastructure connect and communicate to maintain these relationships in a containerized environment. Containers can run on bare metal servers, virtual machines in the cloud, or hybrid configurations, depending on your IT needs

Nitin Mukesh
Senior Research Analyst, Infrastructure and Operations
Info-Tech Research Group

Executive Summary

Your challenge

Choosing the right container technology: IT is a rapidly changing and evolving market, with startups and seasoned technology vendors maintaining momentum in everything from container platforms to repositories to orchestration tools. The rapid evolution of container platform components such as orchestration, storage, networking, and system services such as load balancing has made the entire stack a moving target.

However, waiting for the industry to be standardized can be a recipe for paralysis, and waiting too long to decide on solutions and approaches can put a company's IT operations in catch-up mode.

Keeping containers secure: Security breaches in containers are almost identical to operating system level breaches in virtual machines in terms of potential application and system vulnerabilities. It is important for any DevOps team working on container and orchestration architecture and management to fully understand the potential vulnerabilities of the platforms they are using.

Optimize your infrastructure strategy for containers: One of the challenges enterprise IT operations management teams face when it comes to containers is the need to rethink the underlying infrastructure to accommodate the technology. While you may not want to embrace the public cloud for your critical applications just yet, IT operations managers will need an on-premises infrastructure so that applications can scale up and down the same way as they are containerized.

Common ways organizations use containers

A Separation of responsibilities
Containerization provides a clear separation of responsibilities as developers can focus on application logic and dependencies, while IT operations teams can focus on deployment and management instead of application details such as specific software versions and configurations.

B Workload portability
Containers can run almost anywhere: physical servers or on-premise data centers on virtual machines or developer machines, as well as public clouds on Linux, Windows, or Mac operating systems, greatly easing development and deployment.

“Lift and shift” existing applications into a modern cloud architecture. Some organizations even use containers to migrate existing applications to more modern environments. While this approach provides some of the basic benefits of operating system virtualization, it does not provide all the benefits of a modular, container-based application architecture.

C Application isolation
Containers virtualize CPU, memory, storage, and network resources at the operating system level, providing developers with a logically isolated view of the operating system from other applications.

Source: TechTarget, 2021

What are containers and why should I containerize?

A container is a partially isolated environment in which an application or parts of an application can run. You can use a single container to run anything from small microservices or software processes to larger applications. Inside the container are all the necessary executable, library, and configuration files. Containers do not contain operating system images. This makes them lighter and more portable with much less overhead. Large application deployments can deploy multiple containers into one or more container clusters (CapitalOne, 2020).

Containers have the following advantages:

• Reduce overhead costs: Because containers do not contain operating system images, they require fewer system resources than traditional or hardware virtual machine environments.
• Enhanced portability: Applications running in containers can be easily deployed on a variety of operating systems and hardware platforms.
• More consistent operations: DevOps teams know that applications in containers run the same no matter where they are deployed.
• Efficiency improvement: Containers allow you to deploy, patch, or scale applications faster.
• Develop better applications: Containers support Agile and DevOps efforts to accelerate development and production cycles.

Source: CapitalOne, 2020

Container on the cloud or on-premise?

Info-Tech Insight
Start-ups and small businesses that don't typically need to be closely connected to hardware can easily move (or start) to the cloud. Large (e.g. enterprise-class) companies and companies that need to manage and control local hardware resources are more likely to prefer an on-premises infrastructure. For enterprises, on-premises container deployments can serve as a bridge to full public cloud deployments or hybrid private/public deployments. The answer to the question of public cloud versus on premises depends on the specific needs of your business.

Container management

From container labeling that identifies workloads and ownership to effective reporting that meets the needs of different stakeholders across the organization, it is important that organizations establish an effective framework for container management.

Four key considerations for your container management strategy:

01 Container Image Supply Chain
How containers are built

02 Container Infrastructure and Orchestration
Where and how containers run together

03 Container Runtime Security and Policy Enforcement
How to make sure your containers only do what you want them to do

04 Container Observability
Runtime metrics and debugging

To effectively understand container management solutions, it is useful to define the various components that make up a container management strategy.

1: Container image supply chain

To run a workload as a container, it must first be packaged into a container image. The image supply chain includes all libraries or components that make up a containerized application. This includes CI/CD tools to test and package code into container images, application security testing tools to check for vulnerabilities and logic errors, registries and mirroring tools for hosting container images, and attribution mechanisms such as image signatures for validating images in registries.

Important functions of the supply chain include the ability to:

• Scan container images in registries for security issues and policy compliance.
• Verify in-use image hashes have been scanned and authorized.
• Mirror images from public registries to isolate yourself from outages in these services.
• Attributing images to the team that created them.

Source: Rancher, 2022

Info-Tech Insight
It is important to consider disaster recovery for your image registry. As mentioned above, it is wise to isolate yourself from registry disruptions. However, external registry mirroring is only one part of the equation. You also want to make sure you have a high availability plan for your internal registry as well as proper backup and recovery processes. A highly available, fault-tolerant container management platform is not just a runtime environment.

2: Container infrastructure and orchestration

Orchestration tools

Once you have a container image to run, you need a location to run it. That means both the computer the container runs on and the software that schedules it to run. If you're working with a few containers, you can make manual decisions about where to run container images, what to run with container images, and how best to manage storage and network connectivity. However, at scale, these kinds of decisions should be left to orchestration tools like Kubernetes, Swarm, or Mesos. These platforms can receive workload execution requests, determine where to run based on resource requirements and constraints, and then actually launch that workload on its target. And if a workload fails or resources are low, it can be restarted or moved as needed.

Source: DevOpsCube, 2022

Storage

Storage is another important consideration. This includes both the storage used by the operating system and the storage used by the container itself. First, you need to consider the type of storage you actually need. Can I outsource my storage concerns to a cloud provider using something like Amazon Relational Database Service instead? If not, do you really need block storage (e.g. disk) or can an external object store like AWS S3 meet your needs? If your external object storage service can meet your performance and durability requirements as well as your governance and compliance needs, you're in luck. You may not have to worry about managing the container's persistent storage. Many external storage services can be provisioned on demand, support discrete snapshots, and some even allow dynamic scaling on demand.

Networking

Network connectivity inside and outside the containerized environment is also very important. For example, Kubernetes supports a variety of container networking interfaces (CNIs), each providing different functionality. Questions to consider here are whether you can set traffic control policies (and the OSI layer), how to handle encryption between workloads and between workloads and external entities, and how to manage traffic import for containerized workloads. The impact of these decisions also plays a role on performance.

Backups

Backups are still an important task in containerized environments, but the backup target is changing slightly. An immutable, read-only container file system can be recreated very easily from the original container image and does not need to be backed up. Backups or snapshots on permanent storage should still be considered. If you are using a cloud provider, you should also consider fault domain and geo-recovery scenarios depending on the provider's capabilities. For example, if you're using AWS, you can use S3 replication to ensure that EBS snapshots can be restored in another region in case of a full region outage.

3: Container runtime security and policy enforcement

Ensuring that containers run in a place that meets the resource requirements and constraints set for them is necessary, but not sufficient. It is equally important that your container management solution performs continuous validation and ensures that your workloads comply with all security and other policy requirements of your organization. Runtime security and policy enforcement tools include a function for detecting vulnerabilities in running containers, handling detected vulnerabilities, ensuring that workloads are not running with unnecessary or unintended privileges, and ensuring that only other workloads that need to be allowed can connect.

One of the great benefits of (well implemented) containerized software is reducing the attackable surface of the application. But it doesn't completely remove it. This means you need to think about how to observe running applications to minimize security risks. Scanning as part of the build pipeline is not enough. This is because an image without vulnerabilities at build time can become a vulnerable container because new flaws are discovered in its code or support libraries. Instead, some modern tools focus on detecting unusual behavior at the system call level. As these types of tools mature, they can make a real difference to your workload’s security because they rely on actual observed behavior rather than up-to-date signature files.

4: Container observability

What’s going on in there?

Finally, if your container images are being run somewhere by orchestration tools and well managed by security and policy enforcement tools, you need to know what your containers are doing and how well they are doing it. Orchestration tools will likely have their own logs and metrics, as will networking layers, and security and compliance checking tools; there is a lot to understand in a containerized environment. Container observability covers logging and metrics collection for both your workloads and the tools that run them.

One very important element of observability is the importance of externalizing logs and metrics in a containerized environment. Containers come and go, and in many cases the nodes running on them also come and go, so relying on local storage is not recommended.

The importance of a container management strategy

A container management platform typically consists of a variety of tools from multiple sources. Some container management software vendors or container management services attempt to address all four key components of effective container management. However, many organizations already have tools that provide at least some of the features they need and don't want to waste existing licenses or make significant changes to their entire infrastructure just to run containers.

When choosing tools from multiple sources, it's important to understand what needs each tool meets and what it doesn't. This holistic approach is necessary to avoid gaps and duplication of effort.

For example, scanning an image as part of the build pipeline and then rescanning the image while the container is running is a waste of CPU cycles in the runtime environment. Similarly, using orchestration tools and separate host-based agents to aggregate logs or metrics can waste CPU cycles as well as storage and network resources.

Planning a container management strategy

Source: Kubernetes, 2022; Rancher, 2022

Infrastructure considerations

It's important to describe your organization’s current and future infrastructure strategy and how it fits into your container management strategy. It’s all basic for now, but if you plan to move to a virtual machine or cloud provider next year, your container management solution should be able to adapt to your environment now and in the future. Similarly, if you’ve already chosen a public cloud, you may want to make sure that the tool you choose supports some of the cloud options, but full compatibility may not be an important feature.

Infrastructure considerations extend beyond computing. Choosing a container management platform should be compatible with the existing network infrastructure and storage capacity available to your organization. If you have existing policy enforcement, monitoring, and alerting tools, the ideal solution should be able to take advantage of them. Moving to containers can be a game changer for developers and operations teams, so continuing to use existing tools to reduce complexity where possible can save time and money.

Leverage the reference architecture to guide your container management strategy

Using the examples as a guide, complete the tool to strategize your container management

Download the Reference Architecture

Bibliography

Mell, Emily. “What is container management and why is it important?” TechTarget, April 2021.
https://www.techtarget.com/searchitoperations/definition/container-management-software#:~:text=A%20container%20management%20ecosystem%20automates,operator%20to%20keep%20up%20with

Conrad, John. “What is Container Orchestration?” CapitalOne, 24 August 2020.
https://www.capitalone.com/tech/cloud/what-is-container-orchestration/?v=1673357442624

Kubernetes. “Cluster Networking.” Kubernetes, 2022.
https://kubernetes.io/docs/concepts/cluster-administration/networking/

Rancher. “Comparing Kubernetes CNI Providers: Flannel, Calico, Canal, and Weave.” Rancher, 2022.
https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/

Wilson, Bob. “16 Best Container Orchestration Tools and Services.” DevopsCube, 5 January 2022.
https://devopscube.com/docker-container-clustering-tools/

Create a Holistic IT Dashboard

Mature your IT department by measuring what matters.

Executive Brief

Analyst Perspective

Measurement alone provides only minimal improvements

It’s difficult for CIOs and other top-level leaders of IT to know if everything within their mandate is being managed effectively. Gaining visibility into what’s happening on the front lines without micromanaging is a challenge most top leaders face.

Understanding Info-Tech’s Management and Governance Framework of processes that need to be managed and being able to measure what’s important to their organization's success can give leaders the ability to focus on their key responsibilities of ensuring service effectiveness, enabling increased productivity, and creating the ability for their teams to innovate.

Even if you know what to measure, the measurement alone will lead to minimal improvements. Having the right methods in place to systematically collect, review, and act on those measurements is the differentiator to driving up the maturity of your IT organization.

The tools in this blueprint can help you identify what to measure, how to review it, and how to create effective plans to improve performance.

Tony Denford

Research Director, Info-Tech Research Group

Executive Summary

Your Challenge

• IT leaders do not have a single holistic view of how their IT processes are operating.
• Expecting any single individual to understand the details of all IT processes is unrealistic.
• Problems in performance only become evident when the process has already failed.

Common Obstacles

• Business changes quickly, and what should be measured changes as a result.
• Most measures are trailing indicators showing past performance.
• Measuring alone does not result in improved performance.
• There are thousands of operational metrics that could be measured, but what are the right ones for an overall dashboard?

Info-Tech's Approach

• Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the process areas and select those that apply to your organization.
• Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
• Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

Info-Tech Insight

Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

Your challenge

This research is designed to help organizations quickly choose holistic measures, review the results, and devise action plans.

• The sheer number of possible metrics can be overwhelming. Choose metrics from our IT Metrics Library or choose your own, but always ensure they are in alignment with your organizational goals.
• Ensure your dashboard is balanced across all 45 process areas that a modern CIO is responsible for.
• Finding leading indicators to allow your team to be proactive can be difficult if your team is focused on the day-to-day operational tasks.
• It can be time consuming to figure out what to do if an indicator is underperforming.

Build your dashboard quickly using the toolset in this research and move to improvement actions as soon as possible.

Productivity increased by 30%

Fire/smoke incidents decreased by 25% (high priority)

Average work request response time reduced by 64%

Savings of $1.6 million in the first year

(CFI, 2013)

Common obstacles

These barriers make this challenge difficult to address for many organizations:

• What should be measured can change over time as your organization matures and the business environment changes. Understanding what creates business value for your organization is critical.
• Organizations almost always focus on past result metrics. While this is important, it will not indicate when you need to adjust something until it has already failed.
• It’s not just about measuring. You also need to review the measures often and act on the biggest risks to your organization to drive performance.

Don’t get overwhelmed by the number of things you can measure. It can take some trial and error to find the measures that best indicate the health of the process.

The importance of frequent review

35% - Only 35% of governing bodies review data at each meeting. (Committee of University Chairs, 2008)

Common obstacles

Analysis paralysis

Poor data can lead to incorrect conclusions, limit analysis, and undermine confidence in the value of your dashboard.

Achieving perfect data is extremely time consuming and may not add much value. It can also be an excuse to avoid getting started with metrics and analytics.

Data quality is a struggle for many organizations. Consider how much uncertainty you can tolerate in your analysis and what would be required to improve your data quality to an acceptable level. Consider cost, technological resources, people resources, and time required.

Info-Tech Insight

Analytics are only as good as the data that informs it. Aim for just enough data quality to make informed decisions without getting into analysis paralysis.

Common obstacles

The problem of surrogation

Tying KPIs and metrics to performance often leads to undesired behavior. An example of this is the now infamous Wells Fargo cross-selling scandal, in which 3.5 million credit card and savings accounts were opened without customers’ consent when the company incented sales staff to meet cross-selling targets.

Although this is an extreme example, it’s an all-too-common phenomenon.

A focus on the speed of closure of tickets often leads to shortcuts and lower-quality solutions.

Tying customer value to the measures can align the team on understanding the objective rather than focusing on the measure itself, and the team will no longer be able to ignore the impact of their actions.

Surrogation is a phenomenon in which a measure of a behavior replaces the intent of the measure itself. People focus on achieving the measure instead of the behavior the measure was intended to drive.

Info-Tech’s thought model

Low-Maturity Metrics Program

Trailing indicators measure the outcomes of the activities of your organization. Hopefully, the initiatives and activities are aligned with the organizational goals.

High-Maturity Metrics Program

The core CIO objectives align with the organizational goals, and teams define leading indicators that show progress toward those goals. KPIs are reviewed often and adjustments are made to improve performance based on the leading indicators. The results are improved outcomes, greater transparency, and increased predictability.

Info-Tech’s approach

Adopt an iterative approach to develop the right KPIs for your dashboard

Periodically: As appropriate, review the effectiveness of the KPIs and adjust as needed.

Frequently: At least once per month, but the more frequent, the more agility your organization will have.

The Info-Tech difference:

1. Quickly identify the KPIs that matter to your organization using the IT Metrics Library.
2. Build a presentable dashboard using the IT Management Dashboard available on the Info-Tech website.
3. When indicators show underperformance, quickly get them back on track using the suggested research in the IT Metrics Library.
4. If your organization’s needs are different, define your own custom metrics using the same format as the IT Metrics Library.
5. Use the action plan tool to keep track of progress

Info-Tech’s methodology for creating a holistic IT dashboard

Insight summary

Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

Don’t just measure things because you can. Change what you measure as your organization becomes more mature.

Select what matters to your organization

Measure things that will resolve pain points or drive you toward your goals.

Look for indicators that show the health of the practice, not just the results.

Review KPIs often

Ease of use will determine the success of your metrics program, so keep it simple to create and review the indicators.

Take action to improve performance

If indicators are showing suboptimal performance, develop an action plan to drive the indicator in the right direction.

Act early and often.

Measure what your customers value

Ensure you understand what’s valued and measure whether the value is being produced. Let front-line managers focus on tactical measures and understand how they are linked to value.

Look for predictive measures

Determine what action will lead to the desired result and measure if the action is being performed. It’s better to predict outcomes than react to them.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

IT Metrics Library

Customize the KPIs for your organization using the IT Metrics Library

IT Metrics Library Action Plan

Keep track of the actions that are generated from your KPI review

Key deliverable:

IT Management Dashboard and Scorecard

The IT Overall Scorecard gives a holistic view of the performance of each IT function

Blueprint benefits

IT Benefits

• An IT dashboard can help IT departments understand how well they are performing against key indicators.
• It can allow IT teams to demonstrate to their business partners the areas they are focusing on.
• Regular review and action planning based on the results will lead to improved performance, efficiency, and effectiveness.
• Create alignment of IT teams by focusing on common areas of performance.

Business Benefits

• Ensure alignment and transparency between the business and IT.
• Understand the value that IT brings to the operation and strategic initiatives of your organization.
• Understand the contribution of the IT team to achieving business outcomes.
• Focus IT on the areas that are important to you by requesting new measures as business needs change.

Measure the value of this blueprint

Utilize the existing IT Metrics Library and IT Dashboard tools to quickly kick off your KPI program

• Developing the metrics your organization should track can be very time consuming. Save approximately 120 hours of effort by choosing from the IT Metrics Library.
• The need for a simple method to display your KPIs means either developing your own tool or buying one off the shelf. Use the IT Management Dashboard to quickly get your KPI program up and running. Using these tools will save approximately 480 hours.
• The true value of this initiative comes from using the KPIs to drive performance.

Keeping track of the number of actions identified and completed is a low overhead measure. Tracking time or money saved is higher overhead but also higher value.

Executive Brief Case Study

Using data-driven decision making to drive stability and increase value

Industry: Government Services

Source: Info-Tech analyst experience

Challenge

A newly formed application support team with service desk responsibilities was becoming burned out due to the sheer volume of work landing on their desks. The team was very reactive and was providing poor service due to multiple conflicting priorities.

To make matters worse, there was a plan to add a major new application to the team’s portfolio.

Solution

The team began to measure the types of work they were busy doing and then assessed the value of each type of work.

The team then problem solved how they could reduce or eliminate their low-value workload.

This led to tracking how many problems were being resolved and improved capabilities to problem solve effectively.

Results

Upon initial data collection, the team was performing 100% reactive workload. Eighteen months later slightly more than 80% of workload was proactive high-value activities.

The team not only was able to absorb the additional workload of the new application but also identified efficiencies in their interactions with other teams that led to a 100% success rate in the change process and a 92% decrease in resource needs for major incidents.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostic and consistent frameworks are used throughout all four options.

Guided Implementation

What does a typical GI on this topic look like?

Phase 1 - Choose the KPIs

Call #1: Scope dashboard and reporting needs.

Call #2: Learn how to use the IT Metrics Library to select your metrics.

Phase 2 – Build the Dashboard

Call #3: Set up the dashboard.

Call #4: Capture data and produce the report.

Phase 3 – Create the Action Plan

Call #5: Review the data and use the metrics library to determine actions.

Call #6: Improve the KPIs you measure.

A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Phase 1

Choose the KPIs

Phase 1

1.1 Review Available KPIs

1.2 Select KPIs for Your Org.

1.3 Identify Data Sources and Owners

Phase 2

2.1 Understand the IT Management Dashboard

2.2 Build and Review the KPIs

Phase 3

3.1 Prioritize Low-Performing Indicators

3.2 Review Suggested Actions

3.3 Develop the Action Plan

This phase will walk you through the following activities:

Reviewing and selecting the KPIs suggested in the IT Metrics Library.

Identifying the data source for the selected KPI and the owner responsible for data collection.

This phase involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Step 1.1

Review Available KPIs

Activities

1.1.1 Download the IT Metrics Library and review the KPIs for each practice area.

Choose the KPIs

Step 1.1 – Review Available KPIs

Step 1.2 – Select KPIs for Your Org.

Step 1.3 – Identify Data Sources and owners

This step will walk you through the following activities:

Downloading the IT Metrics Library

Understanding the content of the tool

Reviewing the intended goals for each practice area

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

Downloaded tool ready to select the KPIs for your organization

Using the IT Metrics Library

Match the suggested KPIs to the Management and Governance Framework

The “Practice” and “Process” columns relate to each of the boxes on the Info-Tech Management and Governance Framework. This ensures you are measuring each area that needs to be managed by a typical IT department.

Using the IT Metrics Library

Content for each entry

KPI - The key performance indicator to review

CSF - What needs to happen to achieve success for each goal

Goal - The goal your organization is trying to achieve

Owner - Who will be accountable to collect and report the data

Data Source (typical) - Where you plan to get the data that will be used to calculate the KPI

Baseline/Target - The baseline and target for the KPI

Rank - Criticality of this goal to the organization's success

Action - Suggested action if KPI is underperforming

Blueprint - Available research to address typical underperformance of the KPI

Practice/Process - Which practice and process the KPI represents

1.1.1 Download the IT Metrics Library

Input

• IT Metrics Library

Output

• Ideas for which KPIs would be useful to track for each of the practice areas

Materials

• Whiteboard/flip charts

Participants

• IT senior leadership
• Process area owners
• Metrics program owners and administrators

4 hours

1. Click the link below to download the IT Metrics Library spreadsheet.
2. Open the file and select the “Data Entry” tab.
3. The sheet has suggested KPIs for each of the 9 practice areas and 45 processes listed in the Info-Tech Management and Governance Framework. You can identify this grouping in the “Practice” and “Process” columns.
4. For each practice area, review the suggested KPIs and their associated goals and discuss as a team which of the KPIs would be useful to track in your organization.

Download the IT Metrics Library

Step 1.2

Select KPIs for Your Organization

Activities

1.2.1 Select the KPIs that will drive your organization forward

1.2.2 Remove unwanted KPIs from the IT Metrics Library

Choose the KPIs

Step 1.1 – Review Available KPIs

Step 1.2 – Select KPIs for Your Org.

Step 1.3 – Identify Data Sources and Owners

This step will walk you through the following activities:

• Selecting the KPIs for your organization and removing unwanted KPIs from IT Metrics Library

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

A shortlist of selected KPIs

1.2.1 Select the KPIs that will drive your organization forward

Input

• IT Metrics Library

Output

• KPIs would be useful to track for each of the practice areas

Materials

• IT Metrics Library

Participants

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

4 hours

1. Review the suggested KPIs for each practice area and review the goal.
2. Some suggested KPIs are similar, so make sure the goal is appropriate for your organization.
3. Pick up to three KPIs per practice.

1.2.2 Remove unwanted KPIs

Input

• IT Metrics Library

Output

• KPIs would be useful to track for each of the practice areas

Materials

• IT Metrics Library

Participants

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

0.5 hours

1. To remove unwanted KPIs from the IT Metric Library Tool, select the unwanted row, right-click on the row, and delete it.
2. The result should be up to three KPIs per practice area left on the spreadsheet.

Step 1.3

Identify data sources and owners

Activities

1.3.1 Document the data source

1.3.2 Document the owner

1.3.3 Document baseline and target

Choose the KPIs

Step 1.1 – Review Available KPIs

Step 1.2 – Select KPIs for Your Org.

Step 1.3 – Identify Data Sources and Owners

This step will walk you through the following activities:

Documenting for each KPI where you plan to get the data, who is accountable to collect and report the data, what the current baseline is (if available), and what the target is

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

A list of KPIs for your organization with appropriate attributes documented

1.3 Identify data sources, owners, baseline, and target

Input

• IT Metrics Library

Output

• Completed IT Metrics Library

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators

2 hours

1. For each selected KPI, complete the owner, data source, baseline, and target if the information is available.
2. If the information is not available, document the owner and assign them to complete the other columns.

Phase 2

Build the Dashboard

Phase 1

1.1 Review Available KPIs

1.2 Select KPIs for Your Org.

1.3 Identify Data Sources and Owners

Phase 2

2.1 Understand the IT Management Dashboard

2.2 Build and Review the KPIs

Phase 3

3.1 Prioritize Low-Performing Indicators

3.2 Review Suggested Actions

3.3 Develop the Action Plan

This phase will walk you through the following activities:

Understanding the IT Management Dashboard

Configuring the IT Management Dashboard and entering initial measures

Produce thing IT Scorecard from the IT Management Dashboard

Interpreting the results

This phase involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Step 2.1

Understand the IT Management Dashboard

Activities

2.1.1 Logging into the IT Management Dashboard

2.1.2 Understanding the “Overall Scorecard” tab

2.1.3 Understanding the “My Metrics” tab

Build the Dashboard

Step 2.1 – Understand the IT Management Dashboard

Step 2.2 – Build and review the KPIs

This step will walk you through the following activities:

Accessing the IT Management Dashboard

Basic functionality of the tool

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

Understanding of how to administer the IT Management Dashboard

2.1.1 Logging into the IT Management Dashboard

Input

• Info-Tech membership

Output

• Access to the IT Management Dashboard

Materials

• Web browser

Participants

• Metrics program owners and administrators

0.5 hours

1. Using your web browser, access your membership at infotech.com.
2. Log into your Info-Tech membership account.
3. Select the “My IT Dashboard” option from the menu (circled in red).
4. If you cannot gain access to the tool, contact your membership rep.

2.1.2 Understanding the “Overall Scorecard” tab

0.5 hours

1. Once you select “My IT Dashboard,” you will be in the “Overall Scorecard” tab view.
2. Scrolling down reveals the data entry form for each of the nine practice areas in the Info-Tech Management and Governance Framework, with each section color-coded for easy identification.
3. Each of the section headers, KPI names, data sources, and data values can be updated to fit the needs of your organization.
4. This view is designed to show a holistic view of all areas in IT that are being managed.

2.1.3 Understanding the “My Metrics” tab

0.5 hours

1. On the “My Metrics” tab you can access individual scorecards for each of the nine practice areas.
2. Below the “My Metrics” tab is each of the nine practice areas for you to select from. Each shows a different subset of KPIs specific to the practice.
3. The functionality of this view is the same as the overall scorecard. Each title, KPI, description, and actuals are editable to fit your organization’s needs.
4. This blueprint does not go into detail on this tab, but it is available to be used by practice area leaders in the same way as the overall scorecard.

Step 2.2

Build and review the KPIs

Activities

2.2.1 Entering the KPI descriptions

2.2.2 Entering the KPI actuals

2.2.3 Producing the IT Overall Scorecard

Build the Dashboard

Step 2.1 – Understand the IT Management Dashboard

Step 2.2 – Build and review the KPIs

This step will walk you through the following activities:

Entering the KPI descriptions

Entering the actuals for each KPI

Producing the IT Overall Scorecard

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

An overall scorecard indicating the selected KPI performance

2.2.1 Entering the KPI descriptions

Input

• Access to the IT Management Dashboard
• IT Metrics Library with your organization’s KPIs selected

Output

• KPI descriptions entered into tool

Materials

• Web browser

Participants

• Metrics program owners and administrators

1 hour

1. Navigate to the IT Management Dashboard as described in section 2.1.1 and scroll down to the practice area you wish to complete.
2. If needed, modify the section name to match your organization’s needs.
3. Select “Add another score.”

2.2.1 Entering the KPI descriptions

1 hour

1. Select if your metric is a custom metric or a standard metric available from one of the Info-Tech diagnostic tools.
2. Enter the metric name you selected from the IT Metrics Library.
3. Select the value type.
4. Select the “Add Metric” button.
5. The descriptions only need to be entered when they change.

Example of a custom metric

Example of a standard metric

2.2.2 Entering the KPI actuals

Input

• Actual data from each data source identified

Output

• Actuals recorded in tool

Materials

• Web browser

Participants

• Metrics program owners and administrators

1 hour

1. Select the period you wish to create a scorecard for by selecting “Add New Period” or choosing one from the drop-down list.
2. For each KPI on your dashboard, collect the data from the data source and enter the actuals.
3. Select the check mark (circled) to save the data for the period.

2.2.3 Producing the IT Overall Scorecard

Input

• Completed IT Overall Scorecard data collection

Output

• IT Overall Scorecard

Materials

• Web browser

Participants

• Metrics program owners and administrators

0.5 hours

1. Select the period you wish to create a scorecard for by selecting from the drop-down list.
2. Click the “Download as PDF” button to produce the scorecard.
3. Once the PDF is produced it is ready for review or distribution.

Phase 3

Create the Action Plan

Phase 1

1.1 Review Available KPIs

1.2 Select KPIs for Your Org.

1.3 Identify Data Sources and Owners

Phase 2

2.1 Understand the IT Management Dashboard

2.2 Build and Review the KPIs

Phase 3

3.1 Prioritize Low-Performing Indicators

3.2 Review Suggested Actions

3.3 Develop the Action Plan

This phase will walk you through the following activities:

Prioritizing low-performing indicators

Using the IT Metrics Library to review suggested actions

Developing your team’s action plan to improve performance

This phase involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Step 3.1

Prioritize low-performing indicators

Activities

3.1.1 Determine criteria for prioritization

3.1.2 Identify low-performing indicators

3.1.3 Prioritize low-performing indicators

Create the action plan

Step 3.1 – Prioritize low-performing indicators

Step 3.2 – Review suggested actions

Step 3.3 – Develop the action plan

This step will walk you through the following activities:

Determining the criteria for prioritization of low-performing indicators

Identifying low-performing indicators

Prioritizing the low-performing indicators

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

A prioritized list of low-performing indicators that need remediation

3.1.1 Determine criteria for prioritization

Often when metrics programs are established, there are multiple KPIs that are not performing at the desired level. It’s easy to expect the team to fix all the low-performing indicators, but often teams are stretched and have conflicting priorities.

Therefore it’s important to spend some time to prioritize which of your indicators are most critical to the success of your business.

Also consider, if one area is performing well and others have multiple poor indicators, how do you give the right support to optimize the results?

Lastly, is it better to score slightly lower on multiple measures or perfect on most but failing badly on one or two?

3.1.1 Determine criteria for prioritization

Input

• Business goals and objectives
• IT goals and objectives
• IT organizational structure

Output

• Documented scorecard remediation prioritization criteria

Materials

• Whiteboard or flip charts

Participants

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

1 hour

1. Identify any KPIs that are critical and cannot fail without high impact to your organization.
2. Identify any KPIs that cannot fail for an extended period and document the time period.
3. Rank the KPIs from most critical to least critical in the IT Metrics Library.
4. Look at the owner accountable for the performance of each KPI. If there are any large groups, reassess the ownership or rank.
5. Periodically review the criteria to see if they’re aligned with meeting current business goals.

3.1.2 Identify low-performing indicators

Input

• Overall scorecard
• Overall scorecard (previous period)
• IT Metrics Library

Output

• List of low-performing indicators that need remediation
• Planned actions to improve performance

Materials

• Whiteboard or flip charts

Participants

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

1 hour

1. Review the overall scorecard for the current period. List any KPIs that are not meeting the target for the current month in the “Action Plan” tab of the IT Metrics Library.
2. Compare current month to previous month. List any KPIs that are moving away from the long-term target documented in the tool IT Metrics Library.
3. Revise the target in the IT Metrics Library as business needs change.

3.1.3 Prioritize low-performing indicators

Input

• IT Metrics Library

Output

• Prioritized list of planned actions for low-performing indicators

Materials

• IT Metrics Library

Participants

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators
• Task owners

1 hour

1. Look through the list of new and outstanding planned actions in the “Action Plan” tab of the IT Metrics Library, review progress, and prioritize outstanding items.
2. Compare the list that needs remediation with the rank in the data entry tab.
3. Adjust the priority of the outstanding and new actions to reflect the business needs.

Step 3.2

Review suggested actions

Activities

3.2.1 Review suggested actions in the IT Metrics Library

Create the Action Plan

Step 3.1 – Prioritize low-performing indicators

Step 3.2 – Review suggested actions

Step 3.3 – Develop the action plan

This step will walk you through the following activities:

Reviewing the suggested actions in the IT Metrics Library

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

An idea of possible suggested actions

Take Action

Knowing where you are underperforming is only half the battle. You need to act!

• So far you have identified which indicators will tell you whether or not your team is performing and which indicators are most critical to your business success.
• Knowing is the first step, but things will not improve without some kind of action.
• Sometimes the action needed to course-correct is small and simple, but sometimes it is complicated and may take a long time.
• Utilize the diverse ideas of your team to find solutions to underperforming indicators.
• If you don’t have a viable simple solution, leverage the IT Metrics Library, which suggests high-level action needed to improve each indicator. If you need additional information, use your Info-Tech membership to review the recommended research.

3.2.1 Review suggested actions in the IT Metrics Library

Input

• IT Metrics Library

Output

• Suggested actions

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators
• Task owners

0.5 hours

1. For each of your low-performing indicators, review the suggested action and related research in the IT Metrics Library.

Step 3.3

Develop the action plan

Activities

3.3.1 Document planned actions

3.3.2 Assign ownership of actions

3.3.3 Determine timeline of actions

3.3.4 Review past action status

Create the action plan

Step 3.1 – Prioritize low- performing indicators

Step 3.2 – Review suggested actions

Step 3.3 – Develop the action plan

This step will walk you through the following activities:

Using the action plan tool to document the expected actions for low-performing indicators

Assigning an owner and expected due date for the action

Reviewing past action status for accountability

This step involves the following participants:

• Senior IT leadership
• Process area owners
• Metrics program owners and administrators

Outcomes of this step

An action plan to invoke improved performance

3.3.1 Document planned actions

Input

• IT Metrics Library

Output

• Planned actions

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators
• Task owners

1 hour

1. Decide on the action you plan to take to bring the indicator in line with expected performance and document the planned action in the “Action Plan” tab of the IT Metrics Library.

Info-Tech Insight

For larger initiatives try to break the task down to what is likely manageable before the next review. Seeing progress can motivate continued action.

3.3.2 Assign ownership of actions

Input

• IT Metrics Library

Output

• Identified owners for each action

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators
• Task owners

0.5 hours

1. For each unassigned task, assign clear ownership for completion of the task.
2. The task owner should be the person accountable for the task.

Info-Tech Insight

Assigning clear ownership can promote accountability for progress.

3.3.3 Determine timeline of actions

Input

• IT Metrics Library

Output

• Expected timeline for each action

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators
• Task owners

0.5 hours

1. For each task, agree on an estimated target date for completion.

Info-Tech Insight

If the target completion date is too far in the future, break the task into manageable chunks.

3.3.4 Review past action status

Input

• IT Metrics Library

Output

• Complete action plan for increased performance

Materials

• IT Metrics Library

Participants

• Process area owners
• Metrics program owners and administrators
• Task owners

0.5 hours

1. For each task, review the progress since last review.
2. If desired progress is not being made, adjust your plan based on your organizational constraints.

Info-Tech Insight

Seek to understand the reasons that tasks are not being completed and problem solve for creative solutions to improve performance.

Measure the value of your KPI program

KPIs only produce value if they lead to action

• Tracking the performance of key indicators is the first step, but value only comes from taking action based on this information.
• Keep track of the number of action items that come out of your KPI review and how many are completed.
• If possible, keep track of the time or money saved through completing the action items.

Keeping track of the number of actions identified and completed is a low overhead measure.

Tracking time or money saved is higher overhead but also higher value.

Establish Baseline Metrics

Baseline metrics will be improved through:

1. Identifying actions needed to remediate poor-performing KPIs
2. Associating time and/or money savings as a result of actions taken

Summary of Accomplishment

Problem Solved

Through this project we have identified typical key performance indicators that are important to your organization’s effective management of IT.

You’ve populated the IT Management Dashboard as a simple method to display the results of your selected KPIs.

You’ve also established a regular review process for your KPIs and have a method to track the actions that are needed to improve performance as a result of the KPI review. This should allow you to hold individuals accountable for improvement efforts.

You can also measure the effectiveness of your KPI program by tracking how many actions are identified as a result of the review. Ideally you can also track the money and time savings.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com

1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech Workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

Select the KPIs for your organization

Examine the benefits of the KPIs suggested in the IT Metrics Library and help selecting those that will drive performance for your maturity level.

Build an action plan

Discuss options for identifying and executing actions that result from your KPI review. Determine how to set up the discipline needed to make the most of your KPI review program.

Research Contributors and Experts

Valence Howden

Principal Research Director, CIO – Service Management Info-Tech Research Group

• Valence has extensive experience in helping organizations be successful through optimizing how they govern themselves, how they design and execute strategies, and how they drive service excellence in all work.

Tracy-Lynn Reid

Practice Lead, CIO – People & Leadership Info-Tech Research Group

• Tracy-Lynn covers key topics related to People & Leadership within an information technology context.

Fred Chagnon

Practice Lead, Infrastructure & Operations Info-Tech Research Group

• Fred brings extensive practical experience in all aspects of enterprise IT Infrastructure, including IP networks, server hardware, operating systems, storage, databases, middleware, virtualization and security.

Aaron Shum

Practice Lead, Security, Risk & Compliance Info-Tech Research Group

• With 20+ years of experience across IT, InfoSec, and Data Privacy, Aaron currently specializes in helping organizations implement comprehensive information security and cybersecurity programs as well as comply with data privacy regulations.

Cole Cioran

Practice Lead, Applications and Agile Development Info-Tech Research Group

• Over the past twenty-five years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.

Barry Cousins

Practice Lead, Applications – Project and Portfolio Mgmt. Info-Tech Research Group

• Barry specializes in Project Portfolio Management, Help/Service Desk, and Telephony/Unified Communications. He brings an extensive background in technology, IT management, and business leadership.

Jack Hakimian

Vice President, Applications Info-Tech Research Group

• Jack has close to 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries, including Financial Services and Telecommunications. Jack also served several large public sector institutions.

Vivek Mehta

Research Director, CIO Info-Tech Research Group

• Vivek publishes on topics related to digital transformation and innovation. He is the author of research on Design a Customer-Centric Digital Operating Model and Create Your Digital Strategy as well as numerous keynotes and articles on digital transformation.

Carlos Sanchez

Practice Lead, Enterprise Applications Info-Tech Research Group

• Carlos has a breadth of knowledge in enterprise applications strategy, planning, and execution.

Andy Neill

Practice Lead, Enterprise Architecture, Data & BI Info-Tech Research Group

• Andy has extensive experience in managing technical teams, information architecture, data modeling, and enterprise data strategy.

Michael Fahey

Executive Counselor Info-Tech Research Group

• As an Executive Counselor, Mike applies his decades of business experience and leadership, along with Info-Tech Research Group’s resources, to assist CIOs in delivering outstanding business results.

Related Info-Tech Research

Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

• Reinforce service orientation in your IT organization by ensuring your IT metrics generate value-driven resource behavior.

Use Applications Metrics That Matter

• It all starts with quality and customer satisfaction.

Take Control of Infrastructure Metrics

• Master the metrics maze to help make decisions, manage costs, and plan for change.

Bibliography

Bach, Nancy. “How Often Should You Measure Your Organization's KPIs?” EON, 26 June 2018. Accessed Jan. 2020.

“The Benefits of Tracking KPIs – Both Individually and for a Team.” Hoopla, 30 Jan. 2017. Accessed Jan. 2020.

Chepul, Tiffany. “Top 22 KPI Examples for Technology Companies.” Rhythm Systems, Jan. 2020. Accessed Jan. 2020.

Cooper, Larry. “CSF's, KPI's, Metrics, Outcomes and Benefits” itSM Solutions. 5 Feb. 2010. Accessed Jan 2020.

“CUC Report on the implementation of Key Performance Indicators: case study experience.” Committee of University Chairs, June 2008. Accessed Jan 2020.

Harris, Michael, and Bill Tayler. “Don’t Let Metrics Undermine Your Business.” HBR, Sep.–Oct 2019. Accessed Jan. 2020.

Hatari, Tim. “The Importance of a Strong KPI Dashboard.” TMD Coaching. 27 Dec. 2018. Accessed Jan. 2020.

Roy, Mayu, and Marian Carter. “The Right KPIs, Metrics for High-performing, Cost-saving Space Management.” CFI, 2013. Accessed Jan 2020.

Schrage, Michael, and David Kiron. “Leading With Next-Generation Key Performance Indicators.” MIT Sloan Management Review, 26 June 2018. Accessed Jan. 2020.

Setijono, Djoko, and Jens J. Dahlgaard. “Customer value as a key performance indicator (KPI) and a key improvement indicator (KII)” Emerald Insight, 5 June 2007. Accessed Jan 2020.

Skinner, Ted. “Balanced Scorecard KPI Examples: Comprehensive List of 183 KPI Examples for a Balanced Scorecard KPI Dashboard (Updated for 2020).” Rhythm Systems, Jan. 2020. Accessed Jan 2020.

Wishart, Jessica. “5 Reasons Why You Need The Right KPIs in 2020” Rhythm Systems, 1 Feb. 2020. Accessed Jan. 2020.

What strategic, technical, and support implications should be considered in support of a move to VDI or DaaS?

Executive Summary

Insight

End-user experience is your #1 consideration

Virtual desktop infrastructure (VDI)/desktop as a service (DaaS) users expect their user experience to be at least equal to that provided by a physical PC, and they do not care about the underlying infrastructure. If the experience is less, then IT has failed in the considerations for VDI/ DaaS. In this research we analyze the data that the IT industry tracks but doesn't use or sometimes even look at regarding user experience (UX).

Identify the gaps in your IT resources that are critical to success

Understanding the strengths and weaknesses in your in-house technical skills and business requirements will assist you in making the right decision when it comes to VDI or DaaS solutions. In the case of DaaS this will include a managed service provider for small to medium-sized IT teams. Many IT teams lack a seasoned IT project manager who can identify gaps, risks, and weaknesses in the organization's preparedness. Redeploy your IT staff to new roles that impact management and monitoring of UX.

IT should think about VDI and DaaS solutions

Ultimately, IT needs to reduce its complexity, increase user satisfaction, reduce management and storage costs, and maintain a secure and effective environment for both the end user and the business. They must also ensure productivity standards throughout the considerations, strategically, tactically, and in support of a move to a VDI or DaaS solution.

Executive Summary

Info-Tech Insight

Every IT organization needs to be asking what success looks like. If you do not consider how your end user will be impacted, whether they are doing something as simple as holding a team meeting with voice and video or working with highly technical workloads on a virtual environment, you will run into multiple issues that affect end-user satisfaction, productivity, and adoption. Understand the tension metrics that may conflict with meeting business objectives and KPIs.

Voice of the customer

The enterprise end-user compute landscape is changing

Surveys are telling us a story

End-user KPI metrics are difficult to gather

Security is always quoted as a primary justification for VDI/DaaS, while UX is far down the list of KPIs. WHY? IT engineers use network and performance metrics to manage end-user complaints of “slowness,” which in reality is not what the user is experiencing. IT needs to invest in more meaningful metrics to manage end-user pain: Logon duration App load time App response time Session response time Graphic quality and responsiveness and latency Application availability and performance

(Source: Enterprise Strategy Group, 2020)

Dimensions of user experience

The dimensions of end-user experience can be broken down into four distinct categories that will impact not only the end user but also the business. Picturing your landscape in this framework will help clearly define your considerations when deciding on whether a VDI or DaaS solution is right for your business. We will investigate how these scenarios impact the end user, what that means, and how that can guide the questions that you are asking as you move to an RFP. Info-Tech Insight In the world of VDI and DaaS, if you do not get buy-in from the end user, the rate of adoption and the overall success of the implementation will prove difficult to measure. It will be impossible to calculate ROI even as you feel the impact of your TCO.

KPIs and metrics

Understand the types of end-user activities that are most likely to be reported as being slow. You need to know what storage, CPU, memory, and network resources are being used when the user performs those activities. In other words, what is the OS doing behind the scenes and what hardware is it using? Once you have determined which resources are being used by the various activities you will have to monitor the UX metrics to see which OS, network, storage, or server configuration issue is causing the performance issue that the user is reporting. What IT measures Most business KPI objectives concentrate on business goals, whether it be cost containment, security, simplification, ease of management, or centralization of apps and data, but rarely is there a KPI for end-user experience. You can’t fix what you can’t see. Putting a cost benefit to end-user satisfaction may come in the form of productivity. This may be a central reason why VDI has not been widely adopted as an architecture since it came to the marketplace more than 15 years ago.

VDI processes to monitor

Monitoring end-user metrics will mitigate the tension between business KPIs and end-user satisfaction

“If employees are the competitive edge and key differentiator for a business, I&O has a duty of care to ensure that the employees’ digital experience enables and does not impede the value of that asset.” (John Annand, Principal Director, Info-Tech Research Group)

The case for VDI today

Is security and data sovereignty the only reason?

“Though the desktops are moving to the cloud, accountability is not.” (Gary Bea, Director of Consulting Services and Technical Operations, Goliath Technologies)

The case for DaaS

Any device anywhere: key benefits of DaaS

Technical capability comparison

X as an endpoint client

From an end-user experience perspective, what makes sense in terms of usage and cost?

Security: on-premises versus cloud

Security decisions based on risk tolerance

• What is your risk tolerance? When deciding between VDI and DaaS, the first consideration is whether the business is better served with an on-premises or a cloud solution.
• Low risk tolerance: Considerer data sovereignty, complex compliance requirements, and data classification. For example, at the Pentagon, DoD requires heavy compliance with security and data sovereignty. DaaS cloud providers may be in a better position to respond to threats and attacks in a timely manner.
• Low risk tolerance: If the business mandates security tools that cannot be deployed in cloud solutions, VDI is a better solution.
• Low risk tolerance: Smaller businesses that don’t have resources with the expertise and skill set to handle security are better served in cloud. Security operations centers (SOCs) are more likely to present in large corporations.
• Low risk tolerance: When patching requires customization, for example in legacy applications, the ability to test patches is impacted, which may cause possible complications or failures.
• High risk tolerance: For cloud-based solutions, patching is taken out of the IT team’s hands, and testing is done against the complete cloud solution.

Info-Tech Insight

What is the better security posture and control plane? Clarify your stakeholders’ objectives, then see if VDI is an adequate solution.

Security needs for VDI and DaaS

• IDENTITY AND ACCESS MANAGEMENT — MFA, authorization, provisioning, SSO, identity federation, data owners, workflows, role-based access control (RBAC), user lifecycle management
• ENCRYPTION — TLS 1.3, and 256-bit, endpoint encryption, file encryption, AES, PKI, BitLocker
• DATA LOSS PREVENTION — Centralized policy management, sensitive data detection, HIPAA, GDPR
• ANTIVIRUS & PATCH MANAGEMENT — Group policy management, AV exclusions, anti-ransomware, keylogger mitigation
• DDoS protection — HTTP, UDP flood mitigation, content delivery network, always-on services
• ENDPOINT DETECTION & RESPONSE — Detect and react to advanced active attacks on endpoints

Activity

Define the virtual infrastructure solution for your end users

1. Define and build your value hypothesis/proposition
   1. What is the business case? Who is championing the investment?
   2. Identify the project management team and stakeholders.
   3. Set goals to be achieved based on value.
   4. Identify KPIs and metrics to measure success.
2. Identify use cases and personas
   1. Identify possible user friction (e.g. emotional, cognitive, interaction).
   2. Understand current infrastructure shortcomings/capabilities (e.g. network, security posture/tolerance, staffing needs, qualified technicians, end-user devices).
3. Articulate use cases into functional and nonfunctional requirements
   1. Separate must haves and nice to haves.
   2. Categorize requirements into identifiable functionality capabilities.
   3. Review your outputs and identify “gotchas” using the MECE (mutually exclusive, collectively exhaustive) principle.

Related Info-Tech Research

	Modernize and Transform Your End-User Computing Strategy Phase 3.2 of this research set covers virtual desktop infrastructure.
	Implement Desktop Virtualization and Transition to Everything as a Service Follow Info-Tech’s process for implementing the right desktop virtualization solution to create a project plan that will help ensure that you not only choose the right solution but also implement it effectively.
	Cloud Strategy Workbook Use this tool to assess cloud services (desktop-as-a-service).
	Desktop Virtualization TCO Calculator This tool is designed to help you understand what desktop virtualization looks like from a cost perspective.

Bibliography

Anderson, Joseph. “Five Ways VDI Will Grow in 2022 Thanks to Hybrid Work.” StratoDesk, 28 Feb. 2022. Web.

Bowker, Mark. “Are Desktops Doomed? Trends in Digital Workspaces, VDI, and DaaS.” ESG, May 2020. Web.

“The CISO's Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to COVID-19.” Hysolate, Oct. 2020. Web.

King, Val. “Why the End-User Experience Is Not Good for Your Remote Workforce .” Whitehat Virtual Technologies, 2 Dec. 2021. Web.

Perry, Yifat. “VDI vs DaaS: 5 Key Differences and 6 Leading Solutions.” NetApp, 26 Aug. 2020. Web.

Rigg, Christian. “Best virtual desktop services 2022.” TechRadar, 20 Jan. 2022 . Web.

Seget, Vladan. “Key metrics to consider when assessing the performance of your VDI/DaaS environment.” vladan.fr, 19 April 2021. Web.

Spruijt, Ruben. “Why Should You Care About VDI and Desktop-as-a-Service?” Nutanix, 28 Jan. 2020. Web.

Stowers, Joshua. “The Best Desktop as a Service (DaaS) Providers 2022.” business.com, 21 Dec. 2021. Web.

“Virtual Desktop Infrastructure(VDI) Market 2022.” MarketWatch, 5 Jan. 2022. Web. Press release.

Zamir, Tal. “VDI Security Best Practices: Busting the Myths.” Hysolate, 29 Nov. 2021. Web.

Zychowicz, Paul. “Why do virtual desktop deployments fail?” Turbonomic Blog, 16 Dec. 2016. Web.

State of Hybrid Work in IT: A Trend Report

When tech giants can’t agree and best practices change by the minute, forge your own path to your next normal.

Hybrid is here. Now how do we do this?

The pandemic has catapulted hybrid work to the forefront of strategic decisions an organization needs to make. According to our State of Hybrid Work in IT survey conducted in July of 2022, nearly all organizations across all industries are continuing some form of hybrid or remote work long-term (n=518). Flexible work location options are the single greatest concern for employees seeking a new job. IT departments are tasked with not only solving hybrid work questions for their own personnel but also supporting a hybrid-first organization, which means significant changes to technology and operations.

Faced with decisions that alter the very foundation of how an organization functions, IT leaders are looking for best practices and coming up empty. The world of work has changed quickly and unexpectedly. If you feel you are “winging it” in the new normal, you are not alone.

95% of organizations are continuing some form of hybrid or remote work.

n=518

47% of respondents look at hybrid work options when evaluating a new employer, vs. 46% who look at salary.

n=518

Hybrid work model decision tree

Your organization, your employees, your goals – your hybrid work

The days of a “typical” workplace have passed. When it comes to the new world of hybrid work, there is no best-of-breed example to follow.

Among the flood of contradictory decisions made by industry leaders, your IT organization must forge its own path, informed by the needs of your employees and your organizational goals.

All IT work models can support the broader organization. However, IT is more effective in a hybrid work mode.

Stay informed on where your industry is headed, but learn from, rather than follow, industry leaders.

All industries reported primarily using partial, balanced & full hybrid work models.

All industries reported some fully remote work, ranging from 2-10% of organizations surveyed.

Construction and healthcare & life sciences did not require any fully in-office work. Other industries, between 1-12% required fully in-office work.

Move beyond following tech giants

The uncomfortable truth about hybrid work is that there are many viable models, and the “best of breed” depends on who you ask. In the post-pandemic workspace, for every work location model there is an industry leader that has made it functional. And yet this doesn’t mean that every model will be viable for your organization.

In the absence of a single best practice, rely on an individualized cost-benefit assessment rooted in objective feasibility criteria. Every work model – whether it continues your status quo or overhauls the working environment – introduces risk. Only in the context of your particular organization does that risk become quantifiable.

Don’t make the mistake of emulating the tech giants, unless they are your direct competition. Instead, look to organizations that have walked your path in terms of scope, organizational goals, industry, and organizational structure.

Comparative

Your competitors

Info-Tech Insight

Remember, your competitors are not just those who compete for the same customers but also those who compete for your employees.

IT must balance commitments to both the organization and its employees

IT has two roles: to effectively support the broader organization and to function effectively within the department. It therefore has two main stakeholder relationships: the organization it supports and the employees it houses. Hybrid work impacts both. Don't make the mistake of overweighting one relationship at the expense of the other. IT will only function effectively when it addresses both.

Track your progress with the right metrics

This report contains:

1. IT and the Organization
   1. IT Effectiveness
      in a Hybrid World
   2. The Impact of Hybrid on Infrastructure & Operations
2. IT and Its Employees
   1. What Hybrid Means for the IT Workforce
   2. Leadership for Hybrid IT Teams

This report is based on organizations like yours

This report is based on organizations like yours

This report is based on organizations like yours

This report is based on organizations like yours

At a high level, hybrid work in IT is everywhere

INDUSTRY

ORGANIZATIONAL SIZE

POSITION LEVEL

• Executive
• Director
• Supervisor/Manager
• Student/Contractor/Team Member

100% of industries, organizational sizes, and position levels reported some form of hybrid or remote work.

Work model breakdown at the respondent level

n=516

Industry lens: Work location model

Percentage of IT roles currently in a hybrid or remote work arrangement

Work location model by organization size

Hybrid work options

Expense reimbursement

NOTES

n=518

Home office setup: One-time lump-sum payment

Home utilities: Gas, electricity, lights, etc.

Other: Office supplies, portion of home rent/mortgage payments, etc.

01 TECHNOLOGY

IT and the Organization

Section 1

The promise of hybrid work for IT department effectiveness and the costs of making it happen

In this section:

1. IT Effectiveness in a Hybrid World
2. The Impact of Hybrid on Infrastructure & Operations

Hybrid work models in IT bolster effectiveness

IT’s effectiveness, meaning its ability to enable organizational goal attainment, is its ultimate success metric. In the post-pandemic world, this indicator is intimately tied to IT’s work location model, as well as IT’s ability to support the work location model used by the broader organization.

In 2022, 90% of organizations have embraced some form of hybrid work (n=516). And only a small contingent of IT departments have more than 90% of roles still working completely in office, with no remote work offered (n=515).

This outcome was not unexpected, given the unprecedented success of remote work during the pandemic. However, the implications of this work model were far less certain. Would productivity remain once the threat of layoffs had passed? Would hybrid work be viable in the long term, once the novelty wore off? Would teams be able to function collaboratively without meeting face to face? Would hybrid allow a great culture
to continue?

All signs point to yes. For most IT departments, the benefits of hybrid work outweigh its costs. IT is significantly more effective when some degree of remote or hybrid work is present.

n=518

Remote Work Effectiveness Paradox

When IT itself works fully onsite, lower effectiveness is reported (6.2). When IT is tasked with supporting fully, 100% remote organizations (as opposed to being fully remote only within IT), lower effectiveness is reported then as well (5.9). A fully remote organization means 100% virtual communication, so the expectations placed on IT increase, as do the stakes of any errors. Of note, hybrid work models yield consistent effectiveness scores when implemented at both the IT and organizational levels.

IT has risen to the challenge of hybrid

Despite the challenges initially posed by hybrid and remote organizations, IT has thrived through the pandemic and into this newly common workplace.

Most organizations have experienced an unchanged or increased level of service requests and incidents. However, for the majority of organizations, service desk support has maintained (58%) or improved (35%). Only 7% of IT organizations report decreased service desk support.

Is your service desk able to offer the same level of support compared to the pre-pandemic/pre-hybrid work model?

How has the volume of your service requests/incidents changed?

Has hybrid work impacted your customer satisfaction scores?

Industry lens: Volume of service requests

It is interesting to note that service request volumes have evolved similarly across industries, mirroring the remarkable consistency with which hybrid work has been adopted across disparate fields, from construction to government.

Of note are two industries where the volume of service requests mostly increased: government and media, information, telecom & technology.

With the global expansion of digital products and services through the pandemic, it’s no surprise to see volumes increase for media, information, telecom & technology. With government, the shift from on premises to rapid and large-scale hybrid or remote work for administrative and knowledge worker roles likely meant additional support from IT to equip employees and end users with the necessary tools to carry out work offsite.

How has the volume of your service requests/incidents changed?

The transition to hybrid was worth the effort

Hybrid and remote work have been associated with greater productivity and organizational benefits since before the pandemic. During emergency remote work, doubts arose about whether productivity would be maintained under such extreme circumstances and were quickly dispelled. The promise of remote productivity held up.

Now, cautiously entering a “new normal,” the question has emerged again. Will long-term hybrid work bring the same benefits?

The expectations have held up, with hybrid work benefits ranging from reduced facilities costs to greater employee performance.

Organizational hybrid work may place additional strain on IT,
but it is clear IT can handle the challenge. And when it does,
the organizational benefits are tremendous.

88% of respondents reported increased or consistent Infrastructure & Operations customer satisfaction scores.

What benefits has the organization achieved as a result of moving to a hybrid work model?

n=487

Hybrid has sped up modernization of IT processes and infrastructure

Of the organizations surveyed, the vast majority reported significant changes to both the process and the technology side of IT operations. Four key processes affected by the move to hybrid were:

• Incident management
• Service request support
• Asset management
• Change management

Within Infrastructure & Operations, the area with the greatest degree
of change was network architecture (reported by 44% of respondents), followed closely by service desk (41%) and recovery workspaces and mitigations (40%).

63% of respondents reported changes to conference room technology to support hybrid meetings.

n=496

IT Infrastructure & Operations changes, upgrades, and modernization

What process(es) had the highest degree of change in response to supporting hybrid work?

Hybrid has permanently changed deployment strategy

Forty-five percent of respondents reported significant changes to deployment as a result of hybrid work, with an additional 42% reporting minor changes. Only 13% of respondents stated that their deployment processes remained unchanged following the shift to hybrid work.

With the ever-increasing globalization of business, deployment modernization practices such as the shift to zero touch are no longer optional or a bonus. They are a critical part of business operation that bring efficiency benefits beyond just supporting hybrid work.

The deployment changes brought on by hybrid span across industries. Even in manufacturing, with the greatest proportion of respondents reporting “no change” to deployment practices (33%), most organizations experienced some degree of change.

Has a hybrid work model led you to make any changes to your deployment, such as zero touch, to get equipment to end users?

Industry lens: Deployment changes

Has a hybrid work model led you to make any changes to your deployment, such as zero touch, to get equipment to end users?

Hybrid work has accelerated organizational digitization

Over half of respondents reported significantly decreased reliance on printed copies as a result of hybrid. While these changes were on the horizon for many organizations even before the pandemic, the necessity of keeping business operations running during lockdowns meant that critical resources could be invested in these processes. As a result, digitization has leapt forward.

This represents an opportunity for businesses to re-evaluate their relationships with printing vendors. Resources spent on printing can be reduced or reallocated, representing additional savings as a result of moving to hybrid. Additionally, many respondents report a willingness – and ability – from vendors to partner with organizations in driving innovation and enabling digitization.

With respect to changes pertaining to hard copies/printers as a result of your hybrid work model:

Hybrid work necessitates network and communications modernization

The majority (63%) of respondents reported making significant changes to conference room technology as a result of hybrid work. A significant proportion (30%) report that such changes were not needed, but this includes organizations who had already set up remote communication.

An important group is the remaining 8% of respondents, who cite budgetary restrictions as a key barrier in making the necessary technology upgrades. Ensure the business case for communication technology appropriately reflects the impact of these upgrades, and reduce the impact of legacy technology where possible:

• Recognize not just meeting efficiency but also the impact on culture, engagement, morale, and external and internal clients.
• Connect conference room tech modernization to the overall business goals and work it into the IT strategy.
• Leverage the scheduling flexibility available in hybrid work arrangements to reduce reliance on inadequate conference technology by scheduling in-person meetings where possible and necessary.

Have you made changes/upgrades
to the conference room technology to support hybrid meetings?
(E.g. Some participants joining remotely, some participants present in a conference room)

How we can help

For a comprehensive list of resources, visit
Info-Tech’s Hybrid Workplace Research Center

02 PEOPLE

IT and Its Employees

Section 2

Cultivate the dream team in a newly hybrid world

In this section:

1. What Hybrid Means for the IT Workforce
2. Leadership for IT Hybrid Teams

Hybrid means permanent change to how IT hires

Since before the pandemic, the intangibles of having a job that works with your lifestyle have been steadily growing in importance. Considerations like flexible work options, work-life balance, and culture are more important to employees now than they were two years ago, and employers must adapt.

Salary alone is no longer enough to recruit the best talent, nor is it the key to keeping employees engaged and productive. Hybrid work options are the single biggest concern for IT professionals seeking new employment, just edging out salary. This means employers must not offer just some work flexibility but truly embrace a hybrid environment.

What are you considering when looking at a potential employer?

A recession may not significantly impact hybrid work decisions overall

Declining economic conditions suggest that a talent market shift may be imminent. Moving toward a recession may mean less competition for top talent, but this doesn't mean hybrid will be left behind as a recruitment tactic.

Just over half of IT organizations surveyed are considering expanding hybrid work or moving to fully remote work even in a recession. Hybrid work is a critical enabler of organizational success when resources are scarce, due to the productivity benefits and cost savings it has demonstrated. Organizations that recognize this and adequately invest in hybrid tools now will have equipped themselves with an invaluable tool for weathering a recession storm, should one come.

What impact could a potential recession in the coming year have on your decisions around your work location?

Hybrid work may help small organizations in a declining economy

The potential for a recession has a greater impact on the workforce decisions of small organizations. They likely face greater financial pressures than medium and large-sized organizations, pressures that could necessitate halting recruitment efforts or holding firm on current salaries and health benefits.

A reliance on intangible benefits, like the continuation of hybrid work, may help offset some of negative effects of such freezes, including the risk of lower employee engagement and productivity. Survey respondents indicated that hybrid work options (47%) were slightly more important to them than salary/compensation (46%) and significantly more important than benefits (29%), which could work in favor of small organizations in keeping the critical employees needed to survive an economic downturn.

Currently considering some form of hiring/salary freeze or cutbacks, if a recession occurs

NOTES

n=520

Small: <101 employees

Medium: 101-5000 employees

Large: >5,000 employees

Hybrid mitigates the main challenge of remote work

One advantage of hybrid over remote work is the ability to maintain an in-office presence, which provides a failsafe should technology or other barriers stand in the way of effective distance communication. To take full advantage of this, teams should coordinate tasks with location, so that employees get the most out of the unique benefits of working in office and remotely.

Activities to prioritize for in-office work:

• Collaboration and brainstorming
• Team-building activities
• Introductions and onboarding

Activities to prioritize for remote work:

• Individual focus time

As a leader, what are your greatest concerns with hybrid work?

Hybrid necessitates additional effort by managers

When it comes to leading a hybrid team, there is no ignoring the impact of distance on communication and team cohesion. Among leaders’ top concerns are employee wellbeing and the ability to pick up on signs of demotivation among team members.

The top two tactics used by managers to mitigate these concerns center on increasing communication:

• Staying available through instant messaging.
• Increasing team meetings.

Tactics most used by highly effective IT departments

Team success is linked to the number of tools at the manager’s disposal

The most effective hybrid team management tools focus on overcoming the greatest obstacle introduced by remote work: barriers to communication and connection.

The most effective IT organizations use a variety of tactics. For managers looking to improve hybrid team effectiveness, the critical factor is less the tactic used and more the ability to adapt their approach to their team’s needs and incorporate team feedback. As such, IT effectiveness is linked to the total number of tactics used by managers.

IT department effectiveness

Autonomy is key to hybrid team success

Not all hybrid work models are created equal. IT leaders working with hybrid teams have many decisions to make, from how many days will be spent in and out of office to how much control employees get over which days they work remotely.

Employee and manager preferences are largely aligned regarding the number of days spent working remotely or onsite: Two to three days in office is the most selected option for both groups, although overall manager preferences lean slightly toward more time spent in office.

Comparison of leader and employee preference for days in-office

Do employees have a choice in the days they work in office/offsite?

For most organizations, employees get a choice of which days they spend working remotely. This autonomy can range from complete freedom to a choice between several pre-approved days depending on team scheduling needs.

Work is still needed to increase autonomy in hybrid teams

Organizations’ success in establishing hybrid team autonomy varies greatly post pandemic. Responses are roughly equally split between staff feeling more, less, or the same level of autonomy as before the pandemic. Evaluated in the context of most organizations continuing a hybrid approach, this leads to the conclusion that not all hybrid implementations are being conducted equally effectively when it comes to employee empowerment.

As an employee, how much control do you have over the decisions related to where, when, and how you work currently?

Connectedness in hybrid teams lags behind

A strong case can be made for fostering autonomy and empowerment on hybrid teams. Employees who report lower levels of control than before the pandemic also report lower engagement indicators, such as trust in senior leadership, motivation, and intention to stay with the organization. On the other hand, employees experiencing increased levels of control report gains in these areas.

The only exception to these gains is the sense of team connectedness, which employees experiencing more control report as lower than before the pandemic. A greater sense of connectedness among employees reporting decreased control may be related to more mandatory in-office time or a sense of connection over shared team-level disengagement.

These findings reinforce the need for hybrid teams to invest in team building and communication practices and confirm that significant benefits are to be had when a sense of autonomy can be successfully instilled.

Employees who experience less control than before the pandemic report lowered engagement indicators ... except sense of connectedness

Employees who experience more control than before the pandemic report increased engagement indicators ... except sense of connectedness

Case study: Hybrid work at Microsoft Canada

How we can help

For a comprehensive list of resources, visit
Info-Tech’s Hybrid Workplace Research Center

Recommendations

The last two years have been a great experiment, but it’s not over.

Info-Tech Insight

Hybrid and remote teams require more attention, connection, and leadership from managers. The shift from doing the day-to-day to effectively leading is critical for the success of nontraditional work models. As hybrid and remote work become engrained in society, organizations must ensure that the concept of the “working manager” is as obsolete as the rotary telephone.

Bibliography

“8 Unexpected Benefits of Online Learning for Development.” Center for Creative Leadership (CCL), 14 Oct. 2020. Accessed 5 Nov. 2021.
“2021 Global Workplace Report.” NTT, 2021. Accessed 6 July 2022.
“Advantages of Online Learning for Leadership Development: What Our Research Says.” CCL, 8 Dec. 2020. 5 Nov. 2021.
“Annual Work Trend Index Report – Great Expectations: Making Hybrid Work Work.” Microsoft WorkLab, 2022. Accessed 6 July 2022.
Aten, Jason. “Google’s Employees Return to the Office Today. This Former Exec Says Hybrid Work Won’t Last.” Inc.Com, 4 April 2022. Web.
Bariso, Justin. “Google Spent 2 Years Researching What Makes a Great Remote Team. It Came Up With These 3 Things.” Inc.Com, 8 April 2019. Web.
Berger, Chloe. “What Is ‘Hybrid Guilt’? Going to Office Part-Time May Be Worst Option.” Fortune, 22 Aug. 2022. Web.
Brodkin, Jon. “After Remote-Work Ultimatum, Musk Reveals Plan to Cut 10% of Tesla Jobs.” Ars Technica, 3 June 2022. Web.
Brown, Brené, host. “Brené with Scott Sonenshein on Why We’ll Never Be the Same Again (and Why It’s Time to Talk About It).” Dare to Lead with Brené Brown, 11 April 2022. Brené Brown, https://brenebrown.com/podcast/why-well-never-be-the-same-again-and-why-its-time-to-talk-about-it/.
Burgess, Mark. “Most Asset Managers Operating Under Hybrid Work Model: Survey.” Advisor’s Edge, 13 Sept. 2022. Web.
Caminiti, Susan. “Workers Want Hybrid but Say It’s Exhausting Them. Here’s How Companies Can Fix That.” CNBC, 8 Feb. 2022. Web.
Capossela, Chris. “The next Chapter of Our Hybrid Workplace: Update on Our Washington State Work Sites.” The Official Microsoft Blog, 14 Feb. 2022. Web.
Carrigan, John. “Meta Embraces ‘Work From Anywhere’ Ahead of Return to Office.” Human Resources Director, 25 March 2022. Web.
Chaturvedi, H., and Ajoy Kumar Dey. The New Normal: Reinventing Professional Life and Familial Bonding in the Post COVID 19 Era. Bloomsbury Publishing, 2021.
Commonwealth of Massachusetts. “Alternative Work Options.” Mass.Gov, n.d. Accessed 17 Sept. 2022.
Commonwealth of Massachusetts. “Hybrid Work for Commonwealth Employees.” Mass.Gov, n.d. Accessed 17 Sept. 2022.
“COVID-19 and the Future of Business.” IBM, 21 Sept. 2020. Web.
Daniel, Will. “The Layoffs at Tesla Show That White-Collar Workers Are Screwed, Hedge Funder Famous from ‘The Big Short’ Predicts.” Fortune, 29 June 2022. Web.
D’Auria, Gemma, and Aaron De Smet. “Leadership in a Crisis: Responding to Coronavirus.” McKinsey, 16 March 2020. Web.
Dave, Paresh. “Google Mandates Workers Back to Silicon Valley, Other Offices from April 4.” Reuters, 3 March. 2022. Web.
Delaney, Kevin. “What We Know Now About the Business Impact of Hybrid Work.” Time, 6 Sept. 2022. Web.
Dobson, Sarah. “Legal Considerations for Hybrid Work.” Canadian HR Reporter, 15 Sept. 2022. Web.
Dondo, Jean. “Hybrid Work Is the Way for More Than a Quarter of Canadian Investment Firms.” Wealth Professional, 14 Sept. 2022. Web.
Elias, Jennifer. “Twitter to Reopen Offices March 15, Though Remote Work Remains an Option.” CNBC, 3 March 2022. Web.
Esade Business & Law School. “Leadership After Covid-19: Learning To Navigate The Unknown Unknowns.” Forbes, 30 March 2021. Web.
“Famous Companies Without Offices.” The Hoxton Mix, 19 Oct. 2021. Web.
Gerdeman, Dina. “COVID Killed the Traditional Workplace. What Should Companies Do Now?” HBS Working Knowledge, 8 March 2021. Web.
Gleason, Mike. “Apple’s Hybrid Work Plans Draw Worker Pushback.” SearchUnifiedCommunications, TechTarget, 24 Aug. 2022. Web.
Gleeson, Brent. “13 Tips For Leading And Managing Remote Teams.” Forbes, 26 Aug. 2020. Web.
Gratton, Lynda. “How to Do Hybrid Right.” Harvard Business Review, 1 May 2021. Web.
“Guide: Understand team effectiveness.” re:Work, Google, n.d. Accessed 5 Nov. 2021.
Hardy, Karen. “Your Business Has Decided on Hybrid Work… Now What?” CIO, 12 Sept. 2022. Web.
Hirsch, Arlene S. “How to Boost Employee Performance in a Hybrid Work Environment.” SHRM, 6 Sept. 2022. Web.
“How to Get Hybrid Work Right.” CBRE Canada, 14 June 2022. Web.
“Hybrid Work: When Freedom Benefits from Rules.” Audi, 12 Sept. 2022. Accessed 18 Sept. 2022.
“Hybrid Workplace | Global Culture Report.” O.C. Tanner, 2022, Web.
“Intel Is Hiring for Various Roles with Temporary Remote Work Benefits.” SightsIn Plus, 11 June 2022. Web.
Iyer, Viswanathan. “Council Post: Hybrid Work: Beyond The Point Of No Return.” Forbes, 14 Sept. 2022. Web.
Johnson, Ricardo. “Securing Hybrid Work All Starts with Zero-Trust.” SC Media, 29 Aug. 2022. Web.
Jones, Jada. “The Rules of Work Are Changing, and Hybrid Work Is Winning.” ZDNET, 1 Sept. 2022. Web.
Kowitt, Beth. “Inside Google’s Push to Nail Hybrid Work and Bring Its 165,000-Person Workforce Back to the Office Part-Time.” Fortune, 17 May 2022. Web.
Kumra, Gautam, and Diaan-Yi Lin. “The Future of (Hybrid) Work.” McKinsey, 2 Sept. 2022. Web.
Lagowska, Urszula, et al. “Leadership under Crises: A Research Agenda for the Post-COVID-19 Era.” Brazilian Administration Review, vol. 17, no. 2, Aug. 2020. Web.
Larson, Barbara Z., et al. “A Guide to Managing Your (Newly) Remote Workers.” Harvard Business Review, 18 March 2020. Web.
“Leadership During COVID-19: Resources for Times of Uncertainty.” CCL, n.d. Accessed 5 Nov. 2021.
“Managing Remote Employees: How to Lead From a Distance.” CCL, 7 April 2020. Accessed 5 Nov. 2021.
“Managing Remote Teams.” Know Your Team, n.d. Web. Accessed 5 Nov. 2021.
Mayhem, Julian. “Virtual Leadership - Essential Skills for Managing Remote Teams.” VirtualSpeech, 4 Nov. 2020. Web.
McKendrick, Joe. “Keeping Hybrid Workers In Sync, Digitally And In-Person.” Forbes, 22 Aug. 2022. Web.
McKenna, Karissa, et al. “Webinar: Build Leadership Skills for the New World of Work.” CCL, 15 June 2020. Accessed 5 Nov. 2021.
Mearian, Lucas. “Microsoft Edges Back to ‘Normal’ with Workplace Reopening Plan.” Computerworld, 14 Feb. 2022. Web.
“Meta Careers.” Meta, n.d. Accessed 17 Sept. 2022.
Miller, Mark. “5 Tips to Make Your Hybrid Work Model More Effective.” Entrepreneur, 25 Aug. 2022. Web.
Nica, Irina. “How to Manage a Remote Team: 14 Effective Tips for Your Business.” Business 2 Community, 8 July 2021. Web.
O’Halloran, Joe. “Organisations Struggle to Support IT in a Hybrid Work Model.” ComputerWeekly.com, 17 June 2022. Web.
Ong, Ivan. “Council Post: Why Hybrid Work Is The Way To Go.” Forbes, 12 Sept. 2022. Web.
Osborne, Charlie. “The End of Fully Remote Work? Google Begins Shift to the Hybrid Office.” ZDNet. 3 March 2022. Web.
Pazzanese, Christina. “Back to Office? Stay Remote? Go Hybrid?” Harvard Gazette, 24 Aug. 2022. Web.
“PinFlex.” Pinterest Careers, n.d. Accessed 17 Sept. 2022.
Rand, Ben. “Does Hybrid Work Actually Work? Insights from 30,000 Emails.” Harvard Business School – Working Knowledge, 6 Sept. 2022. Web.
“Remote Locations, Working with Flexibility.” Amazon.jobs, n.d. Accessed 17 Sept. 2022.
Renjen, Punit. “The Heart of Resilient Leadership: Responding to COVID-19.” Deloitte Insights, 16 March 2020. Web.
Shih, Clara. “Keeping Hybrid Employees Engaged.” Harvard Business Review, 11 Aug. 2022. Web.
Singerman, Michelle. “Is the Hybrid Work Model Working? CPAs Spill the Beans.” Chartered Professional Accountants Canada, 24 Aug. 2022. Web.
Stern, Stefan. “Hybrid Working: Why the Office-Home Balance Is Still a Challenge.” Financial Times, 4 Sept. 2022.
Subramaniam, Vanmala, et al. “Ready to Go Back to the Office? Employers and Workers Are Divided over the Fate of Remote Work.” The Globe and Mail, 1 Sept. 2022. Web.
Tong, Goh Chiew. “Inflation and Hybrid Work ‘skyrocketed’ Demand for Flexible Workspace, WeWork Says.” CNBC, 6 Sept. 2022. Web.
Tsipursky, Gleb. “Commentary: The Psychology behind Why Some Leaders Are Resisting a Hybrid Work Model.” Fortune, 8 June 2021. Web.
Turner, Jack. “Tesla Doubles Down on Remote Working Ban, Tracks Office Attendance.” Tech.Co, 3 July 2022. Web.
“Virtual Leadership Styles for Remote Businesses.” Maryville Online, 4 Feb. 2021. Web.
“Webinar: How Leaders Can Build Organizational Resilience.” CCL, 15 June 2020. Accessed 5 Nov. 2021.
“Why GitLab Uses the Term All-Remote to Describe Its 100% Remote Workforce.” GitLab, 2022. Accessed 17 Sept. 2022.
Wigert, Ben, and Sangeeta Agrawal. “Returning to the Office: The Current, Preferred and Future State of Remote Work.” Gallup, 31 Aug. 2022. Web.
Wingard, Jason. “Elon Musk’s Big Bet Against Remote Work: Will Tesla Win?” Forbes, 4 June 2022. Web.