Data Ownership: Understanding Data Ownership within Microsoft 365 and why it matters

Constant Sharing Within Massive Amounts of Data

Microsoft 365 stores and shares access to enormous collections of files and data. Hundreds of thousands of business documents, spreadsheets, images and diagrams, arranged into containers.

Microsoft 365 is designed to encourage collaboration between colleagues, customers, partners and others. By ‘collaboration’, we mean sharing access to data with others, then working together with that data.

Individual instances of collaboration can sometimes be clear (‘what’, ‘who’, ‘when’, and ‘why’), but often they are much more ad-hoc. Users are encouraged to share data at every turn. Just try counting the number of ‘share’ buttons on any SharePoint UI! Access to data is shared thousands of times a day.

Every data sharing, every new access granted, every small change to ‘who has access to what’ within the enormous collection of information – carries potential implications which need to be considered.

Why Data Ownership Matters

“Is it OK that Cynthia Moore has access to the HR Employees folder?”.

Before we can take action on a question like that, we first need to ask a different question:

“Who understands the commercial, strategic, regulatory, operational and legal implications of the data in HR Employees folder well enough to decide who should and shouldn’t be able to access it?”.

Or more simply, “Who is the owner of the HR Employees folder?”.

If someone else, like an IT Admin grants, or even just overlooks Cynthia’s access to the HR Employees folder, the chances are they’ll get it wrong. They’re just not qualified to make the decision.

Ensuring data owners are the ones making the decisions about who should have access to their data, is the only way to ensure these decisions are made correctly.

Data Ownership Granularity

The way that files and data is arranged in Microsoft 365 is different for every organisation. Some will organise their data around Teams and Groups. Others will use SharePoint sites, sub-sites, libraries, folders and sub-folders. Most will use all of the above, differing from business area to business area.

Consider this simple structure. A Site (‘Finance’) contains a library (‘Invoice Docs’), which contains a folder per client. Each folder contains invoice documents for that client.

 

 

Within this structure, who should own the data? If the finance team needs an owner per client, then we need to manage ownership at the folder level. If they need an owner for all the invoice docs, then we need to manage ownership at the library level.

In another area, say HR, we may need to manage ownership at the site level. And another, such as R&D may need to manage ownership at the Team/Group level. It depends on the needs of the business area, and the structure of the data.

With Torsion, we call this the ‘ownership granularity’. We can configure the ownership granularity level for each Team / Group / Site Collection / OneDrive.