- Jonathan Stuckey
Microsoft makes your operational risk decisions...
As an ex-MS I get frustrated when they do dumb-things, and with O365 releases this is more frequent than I'd like, but I just read this message centre notification about removing the ability to control versioning on libraries is infuriating and flagrantly idiotic move.
What this means to our content control and operational mgmt
Lets start in the basement...
Resetting version floor, and disabling controls on existing site libraries breaks all the business rules agreed and applied by organisations already in practice.
Each incremental version retained immediately adds to blow-out the storage consumption across a site - despite SP being able to handle differential updates on files Microsoft does not account for this being enabled in Office 365*
*shredding and differential versions are enabled for SharePoint Online, but the library reporting (version history) and site storage do not report this as incremental amount - they report as though all items are retained - this then impacts on your tenant storage reporting which roles all site usage up - in effect you are treated as thought it has retained all the actual versions, even though it technically hasn't.
Hey Microsoft did announce they are generously adding more storage to each of our SP tenants, up'ing the user-bonus from 500MB to 10GB per person. See storage announcement for details.
Why is it important? Well document size on avg is trending up - 20 - 50mb per item; images, PowerBI reports, GIS data-sets for mapping and videos are all into Gigs and SPO Modern UI notes every typed or changed attribute in display-panel as a version
Q: How long do you think the increase our tenants are getting will last?
Well here's some real-world examples below for those interested...
Basic Storage Mgmt Example
I upload load a short-video as .mp4 (~300MB) to a library, that previously had versioning disabled.
Using the nice modern library ui I :
add a Title (v1),
business function data (v2),
select 3 publishing key-words - (v3 - 6),
Total storage consumed is 7 x 300MB = ~2200MB or 2GB.
Actual working project example :
document turn-over in medium sized business project:
500 - 700 items + evidentiary emails and comms.
approx. 68% of items are collaboratively edited
avg no. versions in history 22 - but not retained
avg size (Word = 12MB, PowerPoint = <45MB, Excel = >10MB, PDFs = 8.5MB, support content >80MB per item)
Total storage consumed is:~5.3GB
Project site setup
Min. 6 metadata attributes added to items.
3 inherited automatically; 3 required in life-cycle stages
library versioning tuned to 10 major vers, 8 minor;
FastForward: Apply this global reset to 100 versions, compound issue with applied Office AutoSave on by default...
On my estimator - scaling to all included versions and allowing for a "10% uplift" from AuotSave gaffs (low-estimate)... well suffice to say the number was significantly north of 20GB for same content output.
Note: this is example is based on a tightly controlled space, with data averaged from over 60 projects and forced clean-up on close.
...imagine team and dept workspaces?!
The cynical side of me says this is an easy way to gouge for storage fees, because you can guarantee the tenant storage increase wont be sufficient with average file-sizes growing, Microsoft saving full-copy for every change in metadata, and "open/close" accidental versions from Office AutoSave.
The second is more insidious issue: Microsoft is forcing an organisation to bare an operational risk on unnecessary retention of information *after business rules have been signed-off and put in place*.
The combination of this arbitrary increase of versions and change in control, coupled with Office AutoSave defaulting to on, cause every document opened to be versioned and become "live" - this resets the period it is to be retained and be managed.
What this means is Microsoft are putting your company at risk of breaching data-disposal rules for critical items - by resetting modified dates and versions kept it forces items to now be included in available set of documents and content admissible in a legal-discovery, or required to be handed over in event of a legal hearing.
My question: Who in Microsoft has contacted every company using their service, and got a written approval to change their retention policy and sign off the operational risk profile for that organisation?
I have other examples where this combined with AutoSave would breach record controls, and create a massive legal risk to businesses - I wonder if Office 365 financial SLA covers data-access breach caused by IT support changes?
I would like to think Microsoft is listening, but bitter experience says that this will get ignored until someone inside Microsoft exec or legal run afoul of this change and it bites them. Well with GDPR pending, and MS doing such a concerted job to provide all the tools to support it, I think that may be sooner than they expect.
What do you think? I would really like to hear.