November 11, 2022

Are you wasting your cloud budget on a bloated Microsoft 365 environment?

Mark Pattie
Modern Work Practice Lead
Cloud collaboration and communication tools like Microsoft 365 are more critical than ever as organisations transition to a combination of remote and on-site working. When Microsoft 365 is deployed, companies usually undertake an audit and deploy the platform accordingly. Then over time, usage patterns change. However, without visibility, it’s very hard to keep tabs on license counts, application utilisation, security gaps, and costs. This is why it’s essential that Microsoft 365 licenses are strategically managed to ensure IT’s cloud budget is used to the best effect; which also means employees – and in turn, your organisation – gain the full value of licensing spend and application capabilities.

Unfortunately, in almost half of businesses, this is not happening with 44% of Microsoft Office 365 licenses currently being underutilised or oversized*. This is due to organisations:

  • Purchasing more licenses than necessary
  • Failing to align licenses with employee needs and app usage
  • Not using licenses they’ve already purchased
  • Not fully driving adoption of Microsoft 365
  • Paying for third-party software licences that duplicate existing Microsoft 365 features

Once rectified, these updates can translate into significant cost savings and productivity boosts. The immediate savings come from reducing licensing costs – if businesses identified and better managed inactive licenses by eliminating or reassigning them, they would save an average of 14% on Microsoft 365 licenses*. At scale, that’s big bucks. Ensuring all staff take advantage of the various services within their existing licence will deliver further savings in employee productivity.

Before we get into all the areas where ROI can be mined, let’s consider Microsoft’s take on the challenge. You would think they would be happy to continue to collect all this wasted money, but it’s not the case. Microsoft wants its business customers to have a good return on investment. Improving usage and security measures, while minimising overspend, creates user satisfaction – which keeps customers on their platform – and in some cases, those savings are spent on other Microsoft products. So, for Microsoft, it’s good business to support customers’ good business practices.

 Now, there’s 4 key areas where you can look to optimise your Microsoft 365 investment:

  • Governance and security
  • User adoption
  • Unused licenses
  • Internal chargeback models

Microsoft 365 governance and security gaps

Better management translates to better security. Yet the proper application of governance and security is a critical ingredient commonly found missing in Microsoft 365 environments. Failure to implement basic security practices is a massive risk, particularly with so many users working from home. Still, over three-quarters of Microsoft 365 administrators have yet to activate multi-factor authentication (MFA), a small security step that blocks 99.9 % of account hacks^. It’s also common to find that Microsoft 365 administrators have excessive control of the environment – over half of all admins. These admins have free reign to access, modify, or share critical and sensitive data

17% of Microsoft 365 admins are Exchange admins** – which means they have access to all employee inboxes right up to the CEO.

Visibility of your Microsoft 365 environment enables customers to understand their security gaps, risks and the actions needed to keep environments protected from a range of cyber security threats. In particular, moving from the Microsoft 365 E3 to E5 license tier could offer the advanced security features needed to protect your organisation from escalating threats.

It’s worth mentioning shadow IT here. A reported 61% of cloud apps are not sanctioned by IT^^. The use of third-party systems with no IT oversight means sensitive company information could be unwittingly shared with compromised parties – a business risk in terms of IP, but the chance of a data breach is raised with every unsecure app that is installed. By working closely with all staff to know what they want, and need, in order to do their job, can go a long way to help eliminating the prevalence of unsanctioned apps. On the topic of unsanctioned apps, as most of these are required by staff for various aspects of their roles, it’s important to acknowledge and understand that they exist – and will continue to exist – and that the business needs to bring these into the fold by integrating them with Azure AD to maintain security through single sign-on.

Adoption challenges

A lack of application adoption can often be attributed to a misalignment between what the employees need, and the type of licenses they are given. This might be because IT purchases licenses in batches without aligning to employee profiles, or employees are not well-versed in using the apps in their role. There are two ways to minimise this alignment:

  • Employees can either be trained to make better use of the apps and therefore improve their productivity. Or,
  • license packages can be downgraded to better suit the need of individual employees, therefore reducing license spend.

Both options can increase your ROI, and which way to go depends on several intersecting factors that only detailed analysis can determine.

The cost of unused licenses

It’s not exactly great practice to pay for something that you don’t need. However, due to things like employee churn, maternity/paternity leave and contractors, it happens. A lot. This is because, without visibility, it’s tough to identify inactive licenses. It’s worth doing – tracking inactive licenses and eliminating or reassigning can deliver huge savings. In this earlier blog, we put the spotlight on a number of use cases where savings in the first year alone have been upward of $500,000.

Introducing accountability with the chargeback model

This is an internal shared service model that ensures individual departments remain fiscally accountable by setting up internal IT chargeback for distributed Microsoft 365 licenses. Department billing codes are assigned to each user account. All licenses utilised can then be crossmatched so that associated costs can be billed to the right business unit. A regular report can be automatically sent to the department head, ensuring license expenditure and wastage does not spiral out of control.

How can you regain control of your Microsoft 365 environment?

It should be clear by now that lax license management leaves organisations paying too much for existing licenses, and struggling with end-user adoption. The main culprit is a lack of visibility – and Microsoft 365 Optimiser by Data#3, brings total visibility and more to your Microsoft 365 licensing challenges.

Microsoft 365 Optimiser is a managed service to bring software and licensing spend under control. By providing a complete view of your Microsoft 365 environment, we can:

  • help you optimise license usage
  • expose security risks
  • look at how Microsoft 365 is configured
  • get visibility of insecure admin accounts, and
  • drive adoption of Microsoft 365

Ultimately, we ensure all users are matched to the right level of functionality and that new licenses are brought in only when they are needed. Following initial analysis and recommendations, we work with you on an ongoing basis to stop organisational overspend and keep your Microsoft 365 environment optimised and under control.

Let Data#3 help you better govern your M365 environment 

Contact a Data#3 Microsoft 365 Specialist to learn how much money Data#3’s Microsoft 365 Optimiser can save your company by driving adoption, optimising license usage, exposing security vulnerabilities and providing insights needed to better govern your M365 environment.

Data#3 is Microsoft’s largest Australian business partner with the highest certified level of competency across the Microsoft ecosystem. Our scale and expertise enable our unparalleled support, so our customers can confidently select, deploy, manage and secure Microsoft applications, products, and devices.

Contact A Microsoft 365 Specialist

* CoreView (2020), 50% of Microsoft 365 Users are Not Managed by Default Security Policies, CoreView Research Finds [ONLINE]
^ ZDNet (), Microsoft: Using multi-factor authentication blocks 99.9% of account hacks [ONLINE]
** CoreView, M365 Application Security, Data Governance and Shadow IT Report [ONLINE]
^^ Microsoft (June 2019). Microsoft Cloud App Security [ONLINE]