New Zealand Public Sector Agency Achieves Regulatory Compliance with Data Governance and Lifecycle Management from AvePoint

The AvePoint Solution

A key to procurement for the public sector agency was verification of the vendor’s security protocols to ensure the security of public sector information. After reviewing AvePoint's security certifications and accreditations, the agency was able to verify the solutions met their stringent security qualifications, such as passing the standards of the New Zealand government’s certification and accreditation (C&A), and Information Security Registered Assessor Program (IRAP).

The agency chose AvePoint Cloud Governance and AvePoint Opus to manage data within Microsoft SharePoint sites and Microsoft Teams, as well as the guest users that access these applications.

Through the agency’s AvePoint Cloud Governance implementation, they will be able to manage over 800 SharePoint site collection through configured policies. The agency has also automated services for creating different types of Teams (internal, external, etc.) through the use of AvePoint MyHub, empowering self-service capabilities for users. Additionally, they set up inactivity thresholds, which automate renewal notifications for workspace owners after a specified period of inactivity, reducing the risk of workspace sprawl.

Once they established the initial set of governance rules, they started their implementation small, applying the new rules to just three site collections at first. Once they saw Cloud Governance was working well, without impacting their data or environment, they felt confident rolling it out to all 800 sites.

Implementing Cloud Governance also gave the agency oversight on Microsoft 365 applications’ permission management for internal and external projects, ensuring that access and documents are provided only to those who need them. This allowed them to meet their security requirements more efficiently, without overburdening the IT team.

The agency also got much-needed support from AvePoint Opus to manage their content in Microsoft 365. With AvePoint Opus, the organization streamlined their business classification scheme, empowering them to have real-time notification, as well as access to detailed reporting, on Microsoft 365 file changes.

This means the agency gained a single-pane-of-glass view of all active, inactive, and deleted content, which was previously not accessible to them natively. Through Opus, they are alerted about inactive or deleted files. The notification also displays more information about the date and reason for the changes, which helps them gather more information about the justification for the movement of these records.

The agency was able to simplify their disposal strategy, reducing the risks of non-compliance with PRA requirements; it helped them confirm archived files were retained for the necessary length of time before being appropriately disposed and prepare for any upcoming regulatory audits. Together, the two AvePoint solutions helped the agency organize their data and avoid data sprawl while having complete control and visibility of the specific teams that access their information. Best of all, AvePoint was able to deliver the solutions within the agency’s tight timeframe, allowing them access to these important capabilities as soon as possible.

The agency achieved a more organized and controlled workspace, which in turn would increase their agility and productivity, helping them respond quickly to changing environmental circumstances and better serve citizens.