Most staff during the pandemic were just trying to get on with their job as best they could. I’d suggest speaking to your staff in an understanding and blame-free way. Send out a quick survey, to get a better understanding of how widespread your data storage now is. Follow up with discussions around potential places staff stored information. Some of these locations may still be in use now.
The next step is to accept that working will likely include a hybrid, work-from-home component for the foreseeable future.
Once you have a better understanding of how widespread your data is and accept that remote work isn’t going away, you’ll need a strategy that works for your staff and your company.
Engage a specialist
In most cases, I’d recommend getting in a consultant to help strategise the best solution. This could be as simple as “Going forward all company files are stored and accessed through SharePoint online and managed by the internal team.” Sounds simple, right?
Unfortunately, life is not quite that simple. However, there are great solutions out there to help make data consolidation a reality. To really enforce it, consider some key technologies. Many may already be available in the Microsoft license you currently hold. (For example Microsoft 365 Business Premium includes the features listed below).
Security by design
When thinking about the new environment, security by design should be considered at every step. This is to help protect your information from external and internal threats.
With security, I always recommend using the principle of least privileged access. In simple terms, you only give someone access to what they need to complete their job and nothing more. Gone are the days of general permissions to simplify things. Granular permissions are here to stay.
Now if you have access to the files, such security does not stop a user from moving the files to Dropbox or Google Drive, which is outside of the company’s control. This is where some other products come into play.
Microsoft Purview Data Loss Prevention (commonly known as DLP).
The main function of DLP is to stop sensitive information from leaving your environment. This could be via an algorithm that monitors for things like client numbers or credit card information. Or it could be through a tag placed on sensitive files that blocks download or external file sharing.
Microsoft Purview Information Protection (formerly Microsoft Information Protection).
This product works hand in hand with DLP. Its main function is to protect data if you allow it to leave your environment. It does this by encrypting files and requiring a login if accessed from outside of your company network or devices.