Atrium Health (formerly Carolinas HealthCare System) is one of the largest non-profit healthcare systems in the US, with over 60,000 employees. In the last five years, Atrium has upgraded Exchange and SharePoint to Office 365, which has introduced changes for both end users and the IT department. This session covered the upgrade / migration, how governance changed, and what operational changes have occurred along the way. Attendees walked away from this session with both specific governance tactics they can implement, as well as, the reasoning behind them.
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
How Atrium Health Implemented and Governs Office 365
1. Notes from the field
How Atrium Health Implemented
and Governs Office 365
2. Who am I?
•Kelly D. Jones
• Atrium Health
• IAS Director (SharePoint / OneDrive / Yammer / Custom Dev)
• 19+ years industry experience; 10+ SharePoint
•My blog: http://www.KellyDJones.com
•Twitter: @KellyDJones
5. Why this presentation?
•Office 365 impact – real world example
•Practical advice – beyond the sales demo
•Is the way we do things perfect? Um, no. Your
mileage may vary.
6. What is Atrium Health?
public, not-for-profit healthcare
system in the nation
Second largest
team members
60,000+
in revenues
$9 billion
in community benefit
$1.65 billion
More than 40 hospitals
900+ care locations
patient encounters
12.5 million
9. • Dec. 2007
• One Server
• It’s FREE!
WSS 3.0
• July 2011
• 3 Server Farm
• 70 Web Apps!
SP 2010 POC
• July 2013
• 13 Server
Farm
SP 2010
Before Office 365
10. • Cost justification only referenced Exchange
• SharePoint was too small
• Only 400GB of storage used in SharePoint
• Home directories store 75+TB
• File shares store another 75+ TB
• Adoption was low
The Decision – Spring 2013
11. •History of WSS
• Advanced functionality used only a little, if at all
•Alternate solutions already provided by IT
• BI – Data Warehouse, Business Objects, etc.
•SharePoint Server Admin skill set
Why not hybrid SharePoint?
12. •400+ Site Coll.
•~7000 sub sites
•400GB
SP 2010
• 330 Site Coll.
• 500GB
SPO
Migrating to SharePoint Online
13. • Aligning the Atrium environment to Microsoft requirements
• Technical Issues
• Compliance Issues
• IT Management
• Change Management
• End user adoption
Biggest Challenges
15. • Spring 2013 – Decision made
• July 1, 2013 – Contract signed
• Estimate is six months to migrate Exchange and SharePoint
• Fall 2013 – Infrastructure updates start
• ADFS login process
• SharePoint team selects migration tool (MetaVis, now owned by Metalogix)
• IS teams start to really dig into project
• January 2014 – Pilot migrations begin
• Exchange mailboxes (those belonging to IS Office 365 teams)
• SharePoint Online sites – New requests are offered as SPO pilot sites
Aligning Our Environment - Timeline
16. • During pilot, IS teams start to really learn about issues
• Desktop
• Windows XP / IE8 / Office 2010 – on a lot of machines
• Windows 7 / IE8 / Office 2013 – standard image
2014 - Pump the brakes…Technical Issues
17. • IE 8 support ended in April, 2014
• IE8 didn’t break, immediately
• MS announced IE8 will only be able to use “lite version” of Outlook Web Access
by end of June 2014
• Death by a thousand paper cuts – IE8 broke piece by piece
• Solved? Google Chrome
• Chrome was already deployed on 13k+ of our computers, so IS finished the
deployment
• Those with IE8 could use Chrome instead
• Lesson learned: End users didn’t want to learn when to use which browser for which app….
We’ve since deployed IE11 to all workstations, but left Chrome installed.
2014 – Technical Issues (cont.)
18. • Clinical (Doctors, Nurses, etc.) – signed into Windows not as
themselves
• SharePoint 2010 had option to “sign in as Different User”
Technical issue: Shared Workstations
19. • Integrated authentication ease of use (Information Workers) versus
Shared workstation ease of use (Clinical)
• Solved with link on intranet site
• Checks for browser version
• Displays message to IE8 users to use Chrome
• Redirects to a smart link based on type of user (custom dev)
• Search for something called “smart links for ADFS”
Technical issue: Shared Workstations
20. • Prior to late 2015 – “Groove.exe”
• Could not require clients stored files on encrypted drive
• Could not require clients be company computers
• We built a custom solution to disable sync by disabling “offline client availability”
• Solved Fall 2015 – “OneDrive.exe” released
• Limit sync to company computers – machines joined to a white listed AD
domain
• Prevents non-company Windows PCs
• Additional setting to prevent all Macs – can’t identify company or personal
• User experience – much better than previous client (which Microsoft apologized
for at Ignite May 2015)
• Atrium enabled OneDrive sync Jan. 2018
• 1200+ teammates are syncing files
• Two people are syncing more than 150k files (!)
Compliance Issue: File Synchronization
21. • Prior to late 2015 – “Groove.exe”
• Could not require clients stored files on encrypted drive
• Could not require clients be company computers
• We built a custom solution to disable sync by disabling “offline client availability”
• Solved Fall 2015 – “OneDrive.exe” released
• Limit sync to company computers – machines joined to a white listed AD
domain
• Prevents non-company Windows PCs
• Additional setting to prevent all Macs – can’t identify company or personal
• User experience – much better than previous client (which Microsoft apologized
for at Ignite May 2015)
• Atrium enabled OneDrive sync Jan. 2018
• 1200+ teammates are syncing files
• Two people are syncing more than 150k files (!)
Compliance Issue: File Synchronization
Lesson Learned: Explorer View
• Attractive alternative to file sync (NOT REALLY)
• Only works with IE
• Users can seriously mess up their sites
• “I don’t need folder”
• Not changing work habits that are 20+ years old
22. • Users that don’t have a license in your tenant
• Options
• Disable
• Enable authenticated external users
• Whitelist / Blacklist email address domains (added in 2015?)
• Enable anonymous guest links
• Options can be set
• Each SharePoint site collection
• All OneDrive sites
Compliance Issue: External Sharing
23. • Process
• Site owner sends an invitation to an email address (J.Doe@partner.com)
• John Doe receives the email and clicks on the link…
• …John Doe creates a new Microsoft account (jdoe@RoadRunner.com)
• Jdoe@RoadRunner.com has access to the document that the site owner
intended for J.Doe@partner.com
Compliance Issue: External Sharing
• Solved - Microsoft Update in 2015
• Microsoft called this the “golden ticket” internally and has given the option to
only allow tickets to be accepted with an account that matches the email
address
• Settings are in the SharePoint & OneDrive Admin Center:
24. • External Sharing
• Enabled Data Loss Prevention (DLP) in OneDrive and SharePoint
• Enabled external sharing for OneDrive after DLP was enabled
• External sharing is disabled by default for SharePoint team sites
• External sharing is enabled by default for Office 365 Groups
• Enabled in SharePoint site collection by site owner request
• SharePoint Team provides weekly report to site owners
• List all external users
• What address the invitation was sent to
• What email address accepted the invitation
Compliance Issues: Reduce Risk
25. • 2014 was spent preparing Atrium environment
• Updating desktops
• Windows 7, IE10, Office 2013
• Learning from pilots
• Exchange mailboxes migrated for pilot users
• Net New SharePoint sites – all but one site owner agreed to pilot
• OneDrive
• Yammer – spread virally in October 2014 when CIO jumped in
Aligning the environment - 2014
26. • January 2015 – OneDrive
• No migrations – file moves are up to user
• February 2015 –
• SharePoint
• No new SharePoint 2010, all SharePoint Online
• Site migration started
• Exchange
• Mailbox migrations
• March 2015 – Yammer
Launching Office 365
27. • SharePoint Site Collections
• September 2014 – April 2015 = 25
• May 2015 – September 2015 = 287
• Oct. 2015 – June 2016 = 23
• No more SharePoint on premises
• Exchange mailboxes
• January – May 2015 = 34k+
• December 2016 = 7k+
• No more Exchange end user mailboxes on premises
• Still hybrid configuration for other reasons
• Skype for Business
• Moved all users to Skype Online Q4/2017 – Q1/2018
Completing Migrations
29. • Microsoft’s goal is to update Office 365 constantly, at “the speed of the
internet”
• Your organization will need to move at this same speed.
• They aren’t kidding.
Change Management:
Updates at the “Speed of the Internet”
31. •Atrium Test Tenant
• Targeted Release Tenant for the entire tenant
• Dev AD domain, ADFS servers, dev domain joined workstations
• Used by Office 365 team
•Atrium Production Tenant
• Targeted Release for Select Users – Office 365 Team (some)
• Note: Features could appear in prod in as little as seven days after
appearing in dev
Change Management: Testing Changes
32. • Microsoft rolled out UI enhancements to OneDrive and SPO
• Starting in April 2014, our users started seeing this above document
libraries:
• This update was rolled out per user
• We confirmed this via a Microsoft support ticket, when users noticed a
different experience than what they saw on others’ screens.
Updates may apply to users not tenant
33. • Microsoft will notify customers about upcoming “disruptive changes”
• Microsoft defines whether a change is disruptive
Disruptive Changes
34. • Microsoft deprecated Access Web Apps in March 2017
• Atrium received phone call from product group one week prior
(AWESOME)
• because we were heavy users (NOT SO AWESOME)
• 12+ month notice
• Access Web Apps will be deleted on April 1, 2018
• extended by customer request
• Switch to turn off creation of new ones, or disable all, was
deployed May 2017
Disruptive change – Access Web Apps
35. From Microsoft employee post on TechCommunity:
“There is DIFFERENT governance for service removals in Office 365. The strict
guidance is that Microsoft will give at least 30 days notice when we've indicated a
replacement product; 365 days notice if there is no replacement; and that
undocumented, unsupported features or risks which are found to compromise the
security or platform integrity could be turned off immediately. For example, if we
found a huge security loophole in the "Widget" web part, for example, we might
remove that web part immediately to protect our customers while we work on the
issue.”
…“By precedent, even though we identified a replacement tech for Access Web
Apps (PowerApps) we communicated that service removal 15 months in
advance.”
https://techcommunity.microsoft.com/t5/SharePoint/InfoPath-support-in-
SharePoint-Online/m-p/97876#M9157
Disruptive changes: InfoPath & Designer?
36. •Office 365 Admin Center – Service Health Dashboard
• Service health
• Issues that Microsoft determines at least one of your users might be seeing
• Message center
• Change announcements that are applicable to your tenant
• Planned maintenance outages – typically seven day notice
• Example: SharePoint and OneDrive were read only from 9pm-1am (Wed-Thurs)
with one week notice
• Office 365 Admin app – same data as Admin Center web
site
• Mobile and desktop versions
• Push notifications for health issues
How to keep up?
37. • Office blogs: https://blogs.office.com/ Microsoft Tech Community Blogs
• Curate a list of blogs by industry MVPs
• Microsoft Tech Community:
• https://techcommunity.Microsoft.com
• Roadmap:
• Thin on details and few if any dates published
Usage reports update: new reports for SharePoint, OneDrive and Yammer
New reports in the Office 365 usage dashboard. We continue to add new usage
reports, including Yammer groups, SharePoint clients and OneDrive clients, to
provide you with a complete picture of how your organization is using Office
365.
Feature ID: 70929
How to keep up?
New Infographic:
http://icsh.pt/TheJoneses
38. Where did they announce this change?
1. The Office 365 Message Center for announcements
2. The Office 365 Health Dashboard
3. Tech net
4. Blogs published by the product groups (Office Blogs, PowerApps,
Planner, O365 Roadmap, SharePoint)
5. Blogs by industry MVPs (150+)
6. Product team announcements in the Microsoft Tech Community
forums
7. Plus Spaces in the Microsoft Tech Community (aka forums, 20+)
#6 – “The Office Retirement Blog” – which didn’t exist until this post. I
spotted it because of #5…
Disruptive change – Access Web Apps
39. • Individual teams (SharePoint, Exchange, Desktop)
• Monitor news from Microsoft daily (blogs, Message Center, etc.)
• Office 365 Tech Team / Leads
• Meet weekly to coordinate efforts
• Determine what needs to be escalated
• Teammate Workgroup – IS and business users/leaders
How do we handle changes?
40. • Yammer announcements
• Information on People Connect (top level intranet)
• Focused emails (ex: site owners only)
• Enterprise wide emails
• Announcements on home page of People Connect
How do we communicate change?
42. • Attempting to engage our users at a higher level
• Not just break/fix
• Let us help you take advantage of Office 365
• Moving quick questions to eLearning
• reduce burden on help desk
• Improving eLearning
• Rebuilt site to improve usability – Prefer linking to free materials instead of
creating – can be difficult to constantly update materials as 365 changes
• Added tutorials to share longer answers to commonly asked questions (some
include Skype video recordings)
User Adoption
43. • Taking advantage of Yammer
• Q/A, Announcements, Tips
• Office 365 Roadshows
• Two hour introductory presentation
• Delivered to 1200+ teammates over
two years (2014-2016)
• Webinars
• Weekly with a topic
• Weekly Office Hours – open Q & A
• Carolinas Tech Bar
• Three hour window (around
lunch) in hospitals
• 12+ IS teams ready to
answer questions
• Think vendor expo
• Extremely popular
User Adoption
47. •SharePoint Online
• 9.7TB storage (Doubling in size every 12 months)
• 950+ site collections / 7k+ sub sites
• 739 Office 365 Groups
• 4+ Million files
• 19k+ Active users in the last 30 days
•OneDrive
• 13.4TB storage
• 6+ Million files
• 18k+ Active users in the last 30 days
SharePoint Online Environment Today
Microsoft
Increased
SPO
Storage by
20x!!!
49. Speaker Survey
and Raffle
• This year we are replacing the paper version
of Speaker Survey with Microsoft Forms.
• Scan the QR code for each session to access
and submit your survey.
• QR codes can be found in the program guide
or on the room sign located by the door.
• You will receive ONE raffle ticket for each
session survey you complete.
• The raffle ticket volunteer will validate your
First and Last name before providing your
ticket(s)
• Drawing will be held this afternoon 4:00-4:30
pm.
• Must be present to win.
You can download and use the QR Reader app
available for both iOS and Android
50. SharePint Happy Hour event held after
SPSCLT18 at Duckworth’s Grill and Taphouse
Uptown.
Walking distance from UNC Charlotte Center
City campus and the 7th street light rail stop.
52. Migrating to SharePoint Online
Monday Tuesday Wednesday Thursday Friday
Week 1 SP
Team
Migrate site (full
copy)
SP Team Testing SP Team Testing
Week 1
Business
Owner
Business owner
testing
Business owner
testing
Week 2 SP
Team
Migrate site to
production
(incremental)
Identify next
batch of sites
Week 2
Business
Owner
Business Owner
Testing
Business Owner
Testing
Business Owner
Sign Off
• Tool used: MetaVis Architect Suite (now Metalogix Essentials)
53. Completing Migrations
• SharePoint Site Collections
• September 2014 – April 2015 = 25
• May 2015 – September 2015 = 287
• Oct. 2015 – June 2016 = 23
• No more SharePoint on premises
• Exchange mailboxes
• January – May 2015 = 34k+
• December 2016 = 7k+
• No more Exchange end user mailboxes on premises
• Still hybrid configuration for other reasons
3 2 1 3 3 2
11
116
88
50
19
14
6 7
2 2 1 3 1 1
0
20
40
60
80
100
120
140
September
October
December
January
February
March
April
May
June
July
August
September
October
November
December
January
February
March
April
June
2014 2015 2016
SharePoint Team Site Migrations
Completed Per Month
I thought you started in 2013?
What happened in 2014?
Editor's Notes
Presentation Title:
How Office 365 has transformed Carolinas HealthCare System
Presentation Abstract:
Carolinas HealthCare System (Atrium) is one of the largest non-profit healthcare systems in the US, with over 60,000 employees. In the last four years, Atrium has upgraded Exchange and SharePoint to Office 365, which has introduced changes for both end users and the IT department. This session will cover the Atrium upgrade / migration, how governance changed, and what operational changes have occurred along the way. Attendees will walk away from this session with both specific governance tactics they can implement, as well as, the reasoning behind them.
Speaker Bio:
Kelly D. Jones has over eighteen years of IT experience, the last ten focused on SharePoint. He’s one of two directors responsible for Office 365 at Carolinas HealthCare System, with his teams focusing on SharePoint, OneDrive, Office 365 Groups, and business process automation.Before moving to Waxhaw, North Carolina in 2010, he and his family (wife and two children) lived in Columbus, Ohio. They enjoyed Columbus (especially The Ohio State University), but not the weather, so they moved south to be closer to the sun.