One growing area in the broad landscape of data challenges is enterprise migration to Microsoft 365 (O365), which being rapid adopted across large corporations. The movement of critical corporate data to the cloud raises security and data protection concerns. Thus, O365 migration should be viewed as a critical business initiative that requires the involvement of the legal department as one of the primary decision makers every step of the way during a migration.
Whether legal is at the helm, or simply being called in by IT or another group to make sure legal requirements are met, there are a handful of best practices that mitigate legal and compliance risk from start to finish. I recently discussed these practices in an article on Bloomberg Law.
Some of the tips discussed include:
- Define stakeholders and drivers: O365 implementations may be driven by a variety of internal sponsors, all bringing varying needs and goals to the table. Stakeholders should be fully aligned about the goals of the project, and include an executive sponsor that will ensure everyone is engaged at the right level.
- Build around e-discovery and retention requirements: Over-preservation of data is a common mistake that more than half of organizations make pursuant to legal hold. Establish migration processes and policies that are tailored to existing e-discovery and legal hold needs and preservation requirements per regulators.
- Examine security and back-up needs and capabilities: It is critical for cloud security parameters to be closely scrutinized to ensure the cloud provider meets the organization’s unique needs.
- Selecting a migration methodology: Many organizations struggle with identifying the best migration methodology for their environment. Understanding each of the options, and defining the vision for how it is going to take place will go a long way in getting the job done with minimal disruption.
- Addressing international factors: Legal teams within large organizations understand that they must think about cross-border issues. Obligations vary greatly by region, but most importantly, legal needs to have a voice across all locations and build multi-national considerations into the migration plan.
- Technical considerations to vet with IT: There are a handful of additional factors that legal should raise with the IT department in advance of and during a migration. These include identifying network upload capacity, compatibility testing, data validation and maintaining proper preservation long-term.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.