Collaborate for free with online versions of Microsoft Word, PowerPoint, Excel, and OneNote. Save documents, spreadsheets, and presentations online, in OneDrive. Get the essential productivity tools that just keep getting better with Microsoft 365. SharePoint Online is a hosted solution that you can get by itself or with a Microsoft 365 subscription. SharePoint Server 2019 is an on-premises solution. See Microsoft 365 plans and pricing.

• Sharepoint 365 Tutorial
• Sharepoint 365 Delete Site
• Sharepoint 365 For Dummies
• Sharepoint 365 Dashboard
• Sharepoint 365 Download

With Microsoft 365 services, you can create a secure and productive file collaboration environment for your users. SharePoint powers much of this, but the capabilities of file collaboration in Microsoft 365 reach far beyond the traditional SharePoint site. Teams, OneDrive, and a variety of governance and security options all play a role in creating a rich environment where users can collaborate easily and where your organization's sensitive content remains secure.

In the sections below, we call out the options and decisions that you as an administrator should consider when setting up a collaboration environment:

• How SharePoint relates to other collaboration services in Microsoft 365, including OneDrive, Microsoft 365 Groups, and Teams.

• How you can create an intuitive and productive collaboration environment for your users.

• How you can protect your organization's data by managing access through permissions, data classifications, governance rules, and monitoring.

This is part of the broader Microsoft 365 collaboration story:

We recommend that you download the Microsoft Teams and related productivity services in Microsoft 365 for IT architects poster and refer to it while you read this article. This poster provides detailed illustrations of how the collaboration services in Microsoft 365 relate to each other and interact.

Get the essential productivity tools that just keep getting better with Microsoft 365. SharePoint Online is a hosted solution that you can get by itself or with a Microsoft 365 subscription. SharePoint Server 2019 is an on-premises solution. See Microsoft 365 plans and pricing. Nov 19, 2020 The first version of SharePoint was released back in 2001 as an on-premises version. Then, in 2011, Microsoft released SharePoint Online and Microsoft Office 365. Following the release, SharePoint Online was not particularly popular, but after a spirited promotion campaign by Microsoft, it gained traction among users, and nowadays it is widely.

Also see the File Protection Solutions in Microsoft 365 diagram for an overview of recommended solutions to protect your data.

Creating a successful collaboration experience

The technical implementation options that you choose for file collaboration in Microsoft 365 should balance what can seem to be contradictory requirements:

• Protecting your intellectual property

• Enabling self-service

• Creating a smooth user experience

Protecting your intellectual property

There are several options discussed later in this article for protecting your intellectual property. These include limiting who files can be shared with, applying governance policies based on sensitivity labels, and managing the devices that users use to access content.

In considering which options to choose, we recommend a balanced approach:

A configuration that allows users to share content freely can lead to accidental sharing of confidential data. However, a user experience that is difficult to use or too restrictive can lead to users finding alternative collaboration options that circumvent your governance policies, ultimately leading to even greater risk.

By using a combination of features – depending on the sensitivity of your data – you can create a collaboration environment that's easy to use and provides the security and auditing controls that you need.

Enabling self-service

In SharePoint Server on-premises, many organizations chose an IT-focused model where users must request sites and provide a business justification. This was done to prevent site sprawl and to apply governance policies around access to sensitive data.

In Microsoft 365, we recommend allowing users to create Teams, Microsoft 365 Groups, and SharePoint sites as needed. You can use sensitivity labels to enforce permissions governance, take advantage of security features that protect your content, and use expiration and renewal policies to make sure unused sites don't accumulate.

By choosing options that favor user self-service, you can minimize the impact on your IT staff while creating an easier experience for your users.

Creating a smooth user experience

The key to creating a smooth user experience is to avoid creating barriers for your users that they don't understand or that they must escalate to your help desk. For example, turning external sharing off for a site might cause user confusion or frustration; whereas labeling the site and its contents as confidential and using data loss prevention policy tips and emails to educate your users in your governance policies, can lead to a much smoother experience for them.

SharePoint, Microsoft 365 Groups, and Teams

In Microsoft 365, SharePoint is integrated with a variety of other services to provide a much richer experience than is possible with on-premises solutions such as SharePoint Server. These integrations affect how you manage user permissions and what your users can do in a collaboration scenario.

Traditionally, SharePoint permissions have been managed through a set of permissions groups within a site (Owners, Members, Visitors, etc.). In SharePoint in Microsoft 365, each SharePoint team site is part of a Microsoft 365 group. a Microsoft 365 group is a single permissions group that is associated with a variety of Microsoft 365 services, including a SharePoint site, an instance of Planner, a mailbox, a shared calendar, and others. When you add owners or members to the Microsoft 365 group, they are given access to the SharePoint site along with the other connected services.

While you can continue to manage SharePoint site permissions separately by using SharePoint groups, we recommend managing permissions for SharePoint by adding people to or removing them from the associated Microsoft 365 group. This provides easier administration as well as giving users access to a host of related services that they can use for better collaboration.

Microsoft Teams provides a hub for collaboration by bringing together all the Microsoft 365 group-related services, plus a variety of Teams-specific services, in a single user experience with persistent chat. Teams uses the associated Microsoft 365 group to manage its permissions. Within the Teams experience, users can directly access SharePoint along with the other services without having to switch applications. This provides a centralized collaboration space with a single place to manage permissions. For collaboration scenarios in your organization, we highly recommend using Teams rather than using services such as SharePoint independently.

For details about how SharePoint and Teams interact, see How SharePoint and OneDrive interact with Microsoft Teams.

Collaboration in client applications

Office applications such as Word, Excel, and PowerPoint provide a wide variety of collaboration features, including coauthoring and @mentions, and are also integrated with sensitivity labels and data loss prevention (discussed below).

We highly recommend deploying Microsoft 365 Apps for enterprise. Microsoft 365 Apps for enterprise provides an always up-to-date experience for your users, with the latest features and updates delivered on a schedule that you can control.

For details about deploying Microsoft 365 Apps for enterprise, see Deployment guide for Microsoft 365 Apps for enterprise.

OneDrive libraries

While SharePoint provides shared libraries for shared files that teams can collaborate on, users also have an individual library in OneDrive where they can store files that they own.

When a user adds a file to their individual library, that file is not shared with anyone else. Users' individual libraries do, however, provide the same sharing capabilities as SharePoint, so users can share files in their individual libraries as needed.

A user's individual library can be accessed from Teams, as well as from the OneDrive web interface and mobile application.

On devices running Windows or macOS, users can install the OneDrive sync app to sync files from both OneDrive and SharePoint to their local disk. This allows them to work on files offline and also provides the convenience of opening files in their native application (such as Word or Excel) without the need of going to the web interface.

The two main decisions to consider for using OneDrive in collaboration scenarios are:

• Do you want to allow Microsoft 365 users to share files in their own library with people outside your organization?

• Do you want to restrict file sync in any way – such as only to managed devices?

These settings are available in the OneDrive admin center.

OneDrive is an important part of the Microsoft 365 collaboration story. For information about how to deploy OneDrive in your organization, see OneDrive guide for enterprises.

Securing your data

A big part of a successful collaboration solution is making sure your organization's data remains secure. Microsoft 365 provides a variety of features to help you keep your data secure while enabling a seamless collaboration experience for your users.

To help protect your organization's information, you can:

• Control sharing – by configuring sharing settings for each site that are appropriate to the type of information in the site, you can create a collaboration space for users while securing your intellectual property.

• Classify and protect information – by classifying the types of information in your organization, you can create governance policies that provide higher levels of security to information that is confidential compared to information that is meant to be shared freely.

• Manage devices – with device management, you can control access to information based on device, location, and other parameters.

• Monitor activity – by monitoring the collaboration activity happening in Teams and SharePoint, you can gain insights into how your organization's information is being used. You can also set alerts to flag suspicious activity.

• Protect against threats – by using policies to detect malicious files in SharePoint, OneDrive, and Teams, you can help ensure the safety of your organization's data and network.

These are each discussed in more detail below. There are many options to choose from. Depending on the needs of your organization, you can choose the options that give you the best balance of security and usability. If you are in an highly regulated industry or work with highly confidential data, you may want to put more of these controls in place; whereas if your organization's information is not sensitive you may want to rely on basic sharing settings and malicious file alerts.

Control sharing

The sharing settings that you configure for SharePoint and OneDrive determine who your users can collaborate with, both inside and outside your organization. Depending on your business needs and the sensitivity of your data, you can:

• Disallow sharing with people outside your organization.

• Require people outside your organization to authenticate.

• Restrict sharing to specified domains.

You can configure these settings for the entire organization, or for each site independently. For detailed information, see Turn sharing on or off and Turn sharing on or off for a site.

See Limit accidental exposure to files when sharing with guests for additional guidance around sharing with people outside your organization.

When users share files and folders, a shareable link is created which has permissions to the item. There are three primary link types:

• Anyone links give access to the item to anyone who has the link. People using an Anyone link do not have to authenticate, and their access cannot be audited.

  An anyone link is a transferrable, revocable secret key. It's transferrable because it can be forwarded to others. It's revocable because by deleting the link, you can revoke the access of everyone who got it through the link. It's secret because it can't be guessed or derived. The only way to get access is to get the link, and the only way to get the link is for somebody to give it to you.

• People in your organization links work for only people inside your Microsoft 365 organization. (They do not work for guests in the directory, only members).

  Like an anyone link, a people in my organization link is a transferrable, revocable secret key. Unlike an anyone link, these links only work for people inside your Microsoft 365 organization. When somebody opens a people in my organization link, they need to be authenticated as a member in your directory. If they're not currently signed-in, they'll be prompted to sign-in.

• Specific people links only work for the people that users specify when they share the item.

  A specific people link is a non-transferable, revocable secret key. Unlike anyone and people in my organization links, a specific people link will not work if it's opened by anybody except for the person specified by the sender.

  Specific people links can be used to share with users in the organization and people outside the organization. In both cases, the recipient will need to authenticate as the user specified in the link.

It's important to educate your users in how these sharing links work and which they should use to best maintain the security of your data. Send your users links to Share OneDrive files and folders and Share SharePoint files or folders, and include information about your organization's policies for sharing information.

Unauthenticated access with Anyone links

Anyone links are a great way to easily share files and folders with people outside your organization. However, if you're sharing sensitive information, this may not be the best option.

If you require people outside your organization to authenticate, Anyone links will not be available to users and you'll be able to audit guest activity on shared files and folders.

Though Anyone links do not require people outside your organization to authenticate, you can track the usage of Anyone links and revoke access if needed. If people in your organization frequently email documents to people outside your organization, Anyone links may be a better option than emailing an attachment.

If you want to allow Anyone links, there are several options for a more secure sharing experience.

You can restrict Anyone links to read-only. You can also set an expiration time limit, after which the link will stop working.

Another option is to configure a different link type to be displayed to the user by default. This can help minimize the chances of inappropriate sharing. For example, if you want to allow Anyone links but are concerned that they only be used for specific purposes, you can set the default link type to Specific people links or People in your organization links instead of Anyone links. Users would then have to explicitly select Anyone links when they share a file or folder.

You can also use data loss prevention to restrict Anyone link access to files that contain sensitive information.

People in your organization links

People in your organization links are a great way to share information within your organization. People in your organization links work for anyone in your organization, so users can share files and folders with people who aren't part of a team or members of a site. The link gives them access to the particular file or folder and can be passed around inside the organization. This allows for easy collaboration with stakeholders from groups that may have separate teams or sites – such as design, marketing, and support groups.

Sharepoint 365 Tutorial

Creating a People in your organization link does not cause the file or folder to show up in search or give everyone direct access to the file or folder. Users must have the link in order to access the file or folder. The link does not work for guests or other people outside your organization.

Specific people links

Specific people links are best for circumstances where users want to limit access to a file or folder. The link only works for the person specified and they must authenticate in order to use it. These links can be internal or external (if you've enabled guest sharing).

Classify and protect information

Data loss prevention in Microsoft 365 provides a way to classify your teams, groups, sites, and documents, and to create a series of conditions, actions, and exceptions to govern how they're used and shared.

By classifying your information and creating governance rules around them, you can create a collaboration environment where users can easily work with each other without accidentally or intentionally sharing sensitive information inappropriately.

With data loss prevention policies in place, you can be relatively liberal with your sharing settings for a given site and rely on data loss prevention to enforce your governance requirements. This provides a friendlier user experience and avoids unnecessary restrictions that users might try to work around.

For detailed information about data loss prevention, see Overview of data loss prevention.

Sensitivity labels

Sensitivity labels provide a way to classify teams, groups, sites, and documents with descriptive labels that can then be used to enforce a governance workflow.

Using sensitivity labels helps your users to share information safely and to maintain your governance policies without the need for users to become experts in those policies.

For example, you could configure a policy that requires Microsoft 365 groups classified as confidential to be private rather than public. In such a case, a user creating a group, team, or SharePoint site would only see the 'private' option when they choose a classification of confidential. For information about using sensitivity labels with teams, groups, and sites, see Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites

Conditions and actions

With data loss protection conditions and actions, you can enforce a governance workflow when a given condition is met.

Examples include:

• If customer information is detected in a document, then users cannot share that document with guests.

• If a document contains the name of a confidential project, then guests cannot open the document even if it has been shared with them.

Microsoft Cloud App Security offers additional granular conditions, actions, and alerts to help you secure your content. These include the ability to remove a user's permissions or quarantine the user when the specified condition is met.

User notifications

User notifications provide a way to communicate to your users – via email or policy tips – that data loss prevention has detected something that they should be aware of. The user can then decide the best course of action depending on the situation. For example, if a user unknowingly attempts to share a document that contains a credit card number, the user is prompted that a credit card number has been found and advised of your organization's policy regarding this.

Manage access

Microsoft 365 provides a variety of governance features to help you create an intuitive but secure collaboration environment for your users.

• Use device management to ensure your organization's information is accessed only by compliant devices.

• Use conditional access to ensure your confidential data is accessed only from locations and apps that you trust.

• Monitor information sharing in real time and through reports to ensure your governance requirements are met and sensitive information is being kept secure.

Additionally, you can use Azure Active Directory access reviews to automate a periodic review of group and team ownership and membership.

Device Management

Through device management, you can take additional steps to secure your organization's information. You can manage pretty much any device that your users might have – PCs, Macs, mobile devices, and Linux computers.

Examples include:

• Ensure devices have the latest updates before allowing access to Microsoft 365

• Prevent copy and paste of confidential data to personal or unmanaged apps

• Erase company data from managed devices

As you consider your options governing access to information through device management, keep in mind that guests are likely to have unmanaged devices. For sites where you've enabled guest sharing, be sure to provide the needed access to unmanaged devices, even if that's just web access via a PC or Mac. Azure Active Directory conditional access (discussed below) offers some options to reduce the risk of guests with unmanaged devices. Some settings can be configured directly from SharePoint.

Intune in Microsoft 365 provides detailed device profiling options and can also deploy and manage individual apps such as Office apps and OneDrive. For detailed information about Intune and device management, see What is Microsoft Intune?.

You can configure device management from the Microsoft 365 Device Management admin center.

Conditional access

Azure Active Directory conditional access provides additional controls to prevent users from accessing your organization's resources in risky situations, such as from untrusted location or from devices that aren't up to date.

Examples include:

• Block guests from signing in from risky locations

• Require multi-factor authentication for mobile devices

You can create access policies that are specifically for guests, allowing risk mitigation for people who most likely have unmanaged devices.

For detailed information, see What is Conditional Access?.

Real-time monitoring with alerts

Microsoft Cloud App Security provides an extensive policy infrastructure that you can use to monitor activity that you consider to be risky for your organization's data.

Examples include:

• Raise an alert when a confidential file is shared externally.

• Raise an alert when there's a mass download by a single user.

• Raise an alert when an externally shared file hasn't been updated for a specified period of time.

Cloud App Security can also watch for anomalous behavior such as unusually large uploads or downloads, access from unusual locations, or unusual admin activity.

By configuring alerts in Cloud App Security, you can be more confident in allowing an open sharing experience for your users.

You can see the alerts on the Cloud App Security alerts page.

For detailed information about Cloud App Security, see Microsoft Cloud App Security overview.

Monitoring with reports

A variety of reports are available in Microsoft 365 to help you monitor site usage, document sharing, governance compliance, and a host of other events.

For info about how to view reports on SharePoint site usage, see Microsoft 365 Reports in the Admin Center - SharePoint site usage.

For info about how to view data loss prevention reports, see View the reports for data loss prevention.

For info about how to view Cloud App Security reports, see Generate data management reports.

Manage threats

You can use ATP Safe Attachments (part of Microsoft 365 Advanced Threat Protection) to protect against users uploading malicious files to OneDrive, SharePoint, or Teams.

When ATP discovers a malicious file, that file is locked so that users cannot open, move, or copy the file.

The locked file is included in a list of quarantined items that you can monitor. You can then delete or release the file as appropriate.

For detailed info, see Microsoft 365 ATP for SharePoint, OneDrive, and Microsoft Teams.

Migrate files from on-premises

Microsoft 365 offers much greater versatility in collaboration scenarios than on-premises solutions such as SharePoint Server. If you have files in document libraries on SharePoint Server or in file shares, you can migrate them to SharePoint by using the SharePoint Migration Tool. The SharePoint Migration Tool can move files, OneDrive libraries, and even entire sites to SharePoint.

As part of your migration, you can use the Azure Information Protection scanner to scan and label sensitive information in your on-premises environment. With this information, you can reorganize your data if needed before migrating it to similarly labeled sites in SharePoint.

If the content that your users are collaborating on is located in SharePoint Server or in file shares, we recommend that you migrate it to Microsoft 365 to take advantage of the broader range of collaboration capabilities.

For information on how to migrate content with the SharePoint Migration Tool, see Download and install the SharePoint Migration Tool.

Related topics

Are you getting the most out of file collaboration in Microsoft 365, or are your users still storing files locally or on network file shares and sending them around in email? Maybe you're paying for another cloud storage service and not taking advantage of the space you get with your Microsoft 365 subscription. This article describes the benefits and key features of file collaboration in Microsoft 365. It also covers the steps to plan for and adopt Microsoft 365 file collaboration in your organization.

The file collaboration capabilities in Microsoft 365 are available to you whatever the size of your organization. If you have a small organization, each user can store their files in their individual library in OneDrive and you might want only a single team in Microsoft Teams for everyone in the organization.

Why use Microsoft 365 cloud file storage?

By taking full advantage of SharePoint-powered file storage in Microsoft 365, you can avoid purchasing cloud storage from other providers and enjoy:

Anywhere access to files

Enterprise-grade security

Secure sharing outside the organization

Real-time collaboration and file versioning

Intelligence that helps users discover files

Anywhere access

When users keep files on their local device or on a network share, they're out of luck when they don't have the device with them or don't have a connection to your network. If something happens to a user's device, the data might not be recoverable. If a user's device is upgraded, local data must be migrated. By storing files in the cloud, users can access them from all their devices, such as their phone and their home computer (depending on what you allow). They can even access files in a browser from other devices they trust. For example, if two colleagues travel to a customer site and one of their two laptops runs out of battery, they can both access all their files by signing in to portal.office.com on the other laptop. Get the SharePoint mobile app.

Note

If you're concerned about users signing in from kiosks or other shared, unmanaged devices, you might want to enable idle session sign-out.

Enterprise-grade security

Files stored in SharePoint-powered storage locations in Microsoft 365 are encrypted in transit and in rest. (You can encrypt files by using your own key if you want.) Files are also scanned for viruses. As an admin, you can use tools in Microsoft 365 to further secure and monitor files in the Microsoft cloud:

• Data loss prevention policies. Warn or prevent users from sharing files that have specific labels outside the organization. See Overview of data loss prevention

• Retention labels. Classify files to be retained, permanently deleted, or marked as a record. See Overview of retention labels

• Sensitivity labels. Classify and protect highly confidential files with encryption and permissions. See Learn about sensitivity labels

• Reports. Monitor activity and usage in SharePoint and OneDrive. See Which activity reports are available in the admin center

• Microsoft 365 Advanced Threat Protection (ATP). Protect against sharing malicious files. More info

• Files Restore. If a location is affected by malicious software, or someone deletes important files, you can restore a document library to an earlier point in time.

Secure sharing outside the organization

SharePoint powers secure file sharing in Microsoft 365. You can specify if you want people outside the organization to be able to access files without authenticating (by signing in or providing a verification code). You can even block external sharing altogether. We recommend using the most permissive sharing option that you can for each set of content. If you heavily restrict sharing and it blocks user productivity, users will typically find other ways to collaborate that provide you less oversight and control. For more info, see Control sharing.

Real-time collaboration and version management

When users store Office files in the Microsoft 365 cloud, they can avoid the hassle of managing changes in different copies of files. Instead, they can collaborate on a single version by using either the desktop apps or the web versions of Office. People don't even need to have the Office desktop apps installed to edit Office files. Learn more about document collaboration and coauthoring. When multiple users edit an Office file at the same time, a notification will show them that other people are working in the file and they can see where in the file others are working.

Version history is also on by default, so users can view earlier changes and roll back as necessary. Learn more about working with version history.

Intelligence that helps users discover files

When users in the organization regularly store files in the Microsoft 365 cloud, they can quickly find recent files and other files that might be of interest. For example, they can discover files that coworkers or frequent collaborators are working on. More info

Key features

Most of the file collaboration features in Microsoft 365 are available to you regardless of your subscription type or the size of your organization.

• Migration tools

• Modern attachments

• A hub for teamwork: Microsoft Teams

• Access to all files in OneDrive

• Syncing for offline access

• Integration with Microsoft Office

• Auditing and reporting

• Hybrid

• Multi-geo

A hub for teamwork: Microsoft Teams

In the past, users would have to frequently switch between tools to collaborate. For example, users would write a document in Word. Then they would switch to Outlook to share the document as an attachment. Or they would open a browser to upload the document to a SharePoint site. In Microsoft 365, users can use Teams to chat, make calls, and have online meetings. They don't have to leave Teams to view and even edit the files they share. Learn more.

Note

When a user attaches a file to a chat, it's automatically uploaded to the user's individual library in OneDrive. When a user attaches a file to a Teams channel, it's automatically uploaded to the library for that team. Files shared with Yammer groups are now also saved in SharePoint.

Access to all files in OneDrive

When your users use OneDrive, they can access their SharePoint or Microsoft Teams files on the web or in the mobile app without leaving OneDrive. Learn more

Because individual libraries in OneDrive are powered by SharePoint, users can easily move files between locations. For example, if a user drafts a file in their individual library in OneDrive, and later wants a team to own the file, the user can simply move the file to the team's library.

Sync for offline access

With the OneDrive sync app, users can sync files between their computer and the Microsoft 365 cloud. When users add, change, or delete a file or folder locally, the file or folder is added, changed, or deleted in the cloud and vice versa. Users can work with synced files directly in File Explorer and the apps they use. Whenever the user is online, any changes that they or other users make will sync automatically. With Files On-Demand (available with Windows 10 and Mac), users can easily browse and organize files in OneDrive and SharePoint by using File Explorer or Finder, but the files don't take up space on the local computer. Learn more about Files On-Demand.

Modern attachments in Outlook

If your users are used to sharing files as attachments in Outlook, they can use the same steps they're familiar with to share a link to a file instead of emailing a copy. Within Outlook, users can even change the permission they give to the recipient. Learn more about attaching files.

Integrate with Microsoft Office

In the Office apps, users can easily open files saved in the Microsoft cloud and save documents to OneDrive. Learn more. When users comment on an Office document and use the @ sign with someone's name, the person mentioned receives mail with a link to the comment. Clicking the link brings them into the document and into the conversation.

Migration tools

You can choose one or more of the following options, depending on the number and location of files that you want to migrate.

• SharePoint Migration Tool. To migrate files from file shares or on-premises SharePoint, you can use the SharePoint Migration Tool. For info, see How the SharePoint Migration Tool works.

• Known Folder Move. If your users save most of their files to their Desktop, Documents, and Pictures folders, you can seamlessly move them to OneDrive using Known Folder Move so users can continue working in the locations they're used to.
  

• FastTrack migration benefit. FastTrack provides you with a set of best practices, tools, resources, and experts. Guidance includes migrating content from file shares, Box, or Google Drive source environments, and introducing capabilities at the pace that works for you. The FastTrack data migration benefit will also perform specific data migration activities on your behalf if you have 500 or more licenses. See more details in the FastTrack Center Benefit Overview. To get started, go to FastTrack.Microsoft.Com, review resources, and submit a request for assistance.

Hybrid

If your organization uses SharePoint Server, setting up a hybrid environment can help you move to the cloud at your own pace. Hybrid features let you tie the two environments together in a variety of ways to make a more seamless user experience. You can consolidate search results between SharePoint Server and Microsoft 365, consolidate user profiles in Microsoft 365, and migrate your users' individual storage to OneDrive. Get started exploring hybrid.

Auditing and reporting

In the new SharePoint admin center, you can see SharePoint activity and usage reports, and go to the Microsoft 365 admin center for details.

Sharepoint 365 Delete Site

Multi-geo

If you're a multinational organization with data residency requirements, you can use Multi-Geo in Microsoft 365 to specify where files are stored. For info, see Multi-Geo Capabilities in OneDrive and SharePoint in Microsoft 365.

Unified search

Microsoft Search helps users find files within modern SharePoint sites and from the SharePoint start page, Office.com, Bing, and more. Learn more about the modern search experience in SharePoint.

Management options

As a global or SharePoint admin for your organization, you have a couple of options for managing SharePoint sites and settings:

• New SharePoint admin center. In the new SharePoint admin center, you can create and delete sites, manage site settings, and manage organization-level settings for SharePoint and OneDrive. The Active sites page of the SharePoint admin center lets you view the SharePoint sites in your organization, including communication sites and sites that belong to Microsoft 365 Groups. It also lets you sort and filter sites, search for a site, and create new sites. Get started with the new SharePoint admin center.

• Microsoft PowerShell. The SharePoint Online Management Shell is a PowerShell module that lets you run command-line operations. It makes performing batch operations more efficient, and is the only way to perform some management tasks in SharePoint and OneDrive. Get started with the SharePoint Online Management Shell.

Prerequisites

Purchase and assign licenses. SharePoint comes with Microsoft 365 plans and Office 365 plans. It also comes as a standalone plan. For more info about the features available in each plan, see the SharePoint service description. Some security features, such as Azure Information Protection, require an E3 or E5 plan. Cloud App Security, Advanced Threat Protection, Customer Lockbox, Customer Key, Advanced eDiscovery. For info, see Office 365 platform service description.

Assign the SharePoint admin role. Users assigned this role will have access to the SharePoint admin center and can change organization-level SharePoint and OneDrive settings, create and delete sites, and change site owners and other site settings. Learn more about the SharePoint admin role.

Sharepoint 365 For Dummies

Estimate and test your network bandwidth. Before you roll out Microsoft 365 in your organization, make sure that your network is set up for optimum performance. Network planning and performance tuning. Before you deploy the sync app, make sure you also estimate the bandwidth users will need for syncing.

Limitations

• For info about SharePoint limits, see the SharePoint service description.

• For info about file name, size, and type limits when using the OneDrive sync app, see Invalid file names and file types.

Manage feature changes

• To learn about features coming soon, see the Microsoft 365 Roadmap.

• To keep on top of the latest SharePoint features rolling out, refer to the Message Center.

• To vote on feature requests or submit your own idea, visit the SharePoint UserVoice.

Plan user adoption

User adoption is important to the overall success of any rollout. To maximize your investment, you need to maximize your user engagement. To do that, start by focusing on three critical success factors:

• Stakeholders. Securing the participation and buy-in of key people within your organization is critical to successful user adoption. This support can come from business-focused leaders, IT leadership, or anyone else who has a vested interest in seeing Microsoft 365 file collaboration succeed in your organization. It's important to have both executive or business leader support and product champions to help carry the knowledge to their peers. Whether you're formally delegating the product champion role or allowing it to grow organically, champions are mission critical to user adoption. Studies have shown that people prefer to learn from a coworker than from an IT employee. For more information about how to identify key stakeholders, see the Identify key stakeholders guide. For more information about building a sustainable champion community, see Build a champion program.

• Scenarios. Identify and define your business scenarios and how those scenarios align with the benefits of file collaboration in Microsoft 365. Work with your key stakeholders to identify the goals of the business scenarios, and then match those goals against usage scenarios. For example, a business goal may be to maximize user productivity; a key usage scenario enabling that goal would be using OneDrive to access files from mobile devices, PCs, and Macs. For help with this process, see the Office 365 Productivity Library.

• Awareness and training. Creating awareness through awareness campaigns such as announcements, launch events, newsletters, town hall meetings, contests, and giveaways is a critical path to maximizing adoption. In addition, providing users with knowledge through classroom-style sessions and self-help guides helps them feel empowered to use OneDrive and Office 365. For more information about user communication and training on Office 365, see the Plan your Office 365 Launch: Communication and Training Guide.

Many resources are available from Microsoft to help you drive user adoption within your environment. For more information about a recommended Microsoft 365 user adoption strategy, see the Microsoft 365 End User Adoption Guide. For more information about driving user engagement, see Success Factors for Office 365 End User Engagement. You can also contribute to or comment on adoption-related ideas in the Driving Adoption Tech Community.

Configure settings

To prepare for file collaboration in Microsoft 365, configure the following settings.

Create sites

When a Microsoft 365 group is created from anywhere within Microsoft 365, a SharePoint site is automatically created. You can let all users create groups, only some users, or you can block group creation and manage it centrally in your IT department. For info, see Manage who can create Office groups. You can also use a naming policy for groups and set an expiration period so that groups that are no longer being used will be deleted. For more info, see Plan for governance in Microsoft 365 Groups. If you allow users to create groups, you can also allow them to create team sites from the SharePoint start page and from OneDrive and manage default site settings. For info, see Manage site creation.

Sharing

To set up external sharing in your organization, you need to make sure that settings across multiple admin centers are set the way you want. Sharing with people outside your organization is enabled by default in SharePoint and OneDrive, but disabled for Microsoft Teams. Configure Microsoft 365 to enable guest collaboration for Teams. Set the external sharing level and the default sharing link type.

Security

• Design and deploy retention labels and DLP policies to protect sensitive and highly confidential files. Learn how.

• Block or limit access from unmanaged devices, sign out inactive users on unmanaged devices, or allow access from only specific IP address ranges. For info about setting up identity and device-access policies to protect content, see Policy recommendations for securing SharePoint sites and files.

Storage

Sharepoint 365 Dashboard

By default, file storage for team sites is managed automatically. If you prefer to control storage manually, see Manage site storage limits. For info about setting the default storage space for individual libraries in OneDrive, see Set the default storage space for OneDrive users. For information about the amount of storage that comes with your plan, see SharePoint limits.

Specify team site libraries to sync automatically

Sharepoint 365 Download

To let users easily access team site files from File Explorer (as they might have previously accessed network file shares), you can specify particular team site libraries to sync on your users' computers automatically. To do this, use the OneDrive Group Policy object 'Configure team site libraries to sync automatically.' Your users need to be running Windows 10 and OneDrive Files On-Demand must be enabled.