I see many customers looking to move their entire document and communication to Microsoft 365, and although its a wonderful platform with a list of benefits as long as the eye can see. There are some things to look out for. Hopefully in a few months / years I’ll be able to look at this post and all will have been resolved, I guess we’ll see….

As a long time user of what was originally Office 365, now Microsoft 365 I’ve managed to come across a number of its challenges. Don’t get me wrong, I think M365 is a superb platform, honestly – in my eyes, as a complete solution – I don’t think there is better on the market when you compare functionality to other cloud collaboration platforms such as Google Workspace.

Like everything on the blog, I use it to write down my opinions, but also things I discover along the way in the hope that it helps someone. So here goes…


YOUR responsibility, not Microsoft’s

Despite pretty much every backup vendor on the planet spending a lot of money advertising this, in the hope that you’ll choose their product, its amazing even now the number of companies who run the risk. Reddit and other platforms are full of people saying “its ok, just put everything on litigation hold”. If someone deletes a mailbox or there is some funny MS-based corruption, you’re not covered – so find yourself a backup tool and use it.

Feature Parity

The on prem solution is NOT the same as online.

If you’re moving from the Microsoft on-prem solutions, many would think that all those on-prem features exist in the SaaS product. You’d be wrong. Here are a few useful comparisons

Exchange vs Exchange online

Here is a link to the formal comparison of the products from Microsoft’s own site, but the standout difference here are around integrations with your on-prem platforms (especially if some are getting a little long in the tooth), lack of control of data protection (big in the world of law) and the obvious being that your messaging engineers no longer are able to control all elements, and therefore fix the issues in the event of an issue.

Sharepoint Server vs Sharepoint Online

Sharepoint Server has far fewer limitations vs its SaaS based sibling such as:

  • Limit of 5000 items per library in Sharepoint Online
  • 400 character URL limit in Sharepoint Online
  • 93-day retention period for deleted data in Sharepoint Online
  • Max file size in document library is 100GB in Sharepoint Online

Not to mention that you’re able to granularly buy licenses for the on-prem version vs the bundled option with O365. The limitations though are a huge thing to consider if you’re going to migration to the M365 flavour.

Command Line Tooling

Which do you use to manage what?

This is one of my big bearers with O365. They have a rather complex ‘admin’ app online, of which there are tonnes of ‘sub apps’ to controls setting for individual apps such as OneDrive, or Teams. There used to be a Security Center and Compliance Centre, but now they’ve split, and then they changed name and there isn’t an admin anywhere which knows which URL to bookmark.

Want to run a report? or do ANYTHING in bulk? Forget using the GUI, you’ll need to powershell that, with the numerous cmdlets available, but again – which cmdlet for which function.

Oh and by the way, we’d prefer you to use GraphAPI now, cause powershell is slow.

OneDrive and Sharepoint are like Ant and Dec

You can’t have one without the other

For the UK readers, whenever you see Ant without Dec its just weird right? Well thats how Microsoft feels about Sharepoint and OneDrive. If you enable one for a user, they get the other, and vice versa. Not an issue, but if you wanted to gradually migrate to one or the other, you can’t. Thats why many migrate in 1 go.


Distribution Groups, M365 Groups, Teams Groups – its complex and confusing

Get this wrong from the get-go and you’ll find this ever so difficult to fix. Lets list the different type of groups there are within M365:

  • M365 Groups
  • Distribution Groups
  • Security Groups
  • Mail-enabled security groups

Firstly, don’t let users create them. It’ll get out of hand quickly, and you’ll never pull it back. And secondly, before you do anything – read this bit of documentation, then read this handy article.

File Sharing

Be careful with what is on by default

Sharing files externally is turned on by default – if a user shares a file externally via a link, it doesn’t require sign-in and can be accessed by anyone with the link.

Let that sink in for a minute. So any of your files can be shared with very little tracability. I would strongly suggest changing this in both Sharepoint and OneDrive (different admin portals again) to match a more strict policy

User Management

What happens when you offboard an employee?

Once you delete an employee in AD M365 marks that account to be deleted. 30 days later all their OneDrive files and gone, permanently. Find a process that works for you, whether that be assigning those files to a manager, or moving them into a Sharepoint library, but make sure you’re quick about it.

Teams File Management

I can give read-only access to the files right?

Many people will be migrating their documents from on-prem file shares, where access, although a little legacy, was incredibly granular. Teams doesn’t allow for that. So if you want to store your files in a Teams channel, and just give certain people access to modify those docs, and the rest to have read-only access, its over to Sharepoint and modifying permissions there. Looks like there is a user voice request that has been hanging around for a while for this.

Office Online

NOT a replacement for Office Desktop at all

Sadly, this is something I have personally experienced. Unless you buy E3 or above for your users, they don’t get access to the Windows and Mac Desktop Office Apps, currently known as Office Pro Plus however they do get access to the web-based equivalents known as Office Online.

There are plenty of comparison articles for Word, Excel & Powerpoint, and although they are great for co-authoring, there are far too many features missing to be ‘Enterprise-Ready’.


Yes, it’s still super confusing

Whether its F1, E1, E3, E5 or any number of additional modules, addons, this is still horribly complex. My recommendation is to find a partner who is well versed in this and lean on them for assistance. Failing that, check out M365Maps for a really good comparison – one for the bookmarks!

Just to give an example of the confusion, and the impact, should you get it wrong is with Data Loss Preventon or DLP.

DLP is included with E3, but only for Exchange, Sharepoint and OneDrive, Teams Chat and Channel messages requires Microsoft 365 E5, Microsoft 365 E5 Compliance, Microsoft 365 E5/A5 Info Protection & Governance, Office 365 E5. Miss this, and you could find sensitive data being shared with guests without you knowing…

Changing Settings

It isn’t always ‘instant’

Sounds bizzare, but when applying a lot of rules or apps, it is always caveated with ‘this can take up to 24hrs’. Sometimes, it does. I assume this is because behind the scenes Microsoft is still using legacy techniques, based on schedules.

New Features

When will it land in your M365 tenancy?

Interested in a new feature? Good look finding out when it will land in your tenancy as it can vary by over a month, and there is almost no way of finding out when your tenancy will benefit. Sadly, not even support can tell you.


Not everything is tracked….

Audit wise, M365 is pretty good – the problem is this is limited to GUI changes, because Powershell changes or activity doesn’t show in the M365 audit log.

Data Geolocation

You can’t dictate where ALL your data is kept sadly

Your data is held in the EU right? Maybe, maybe not. Some of your data might be, but some might not – keep an eye on this. I’ve put a screenshot of an example of this – look how data everything is held in the UK, except for Intune, Planner, Sway, Yammer, Whiteboard, Forms and Workplace Analytics. So yeah, not everything huh?

Example of the UK on 17/07/21

Recycle Bin

Not everything is exactly what it seems

On pretty much every SaaS platform I’ve used that has a recycle bin, there is a clear retention period. Not in M365, it varies across apps, and these aren’t little variances – it can differ by months. I’ve put a few obvious ones below which demonstrates this perfectly

  • 0 Days – Power BI & Yammer
  • 14 Days – Exchange – 14 days
  • 30 Days – Azure AD
  • 93 Days – Sharepoint and OneDrive

Like I said at the top of the page, M365 is superb. Despite the issues I’ve raised on this page, I don’t think there is a more complete platform out there for pretty much any business, whether you have a handful of employees or hundreds of thousands.

The one take away here, is make sure that you are well trained and you fully understand the shortcomings of each and every app before you deploy it to your users.

As always, I hope this was useful for someone and if anyone has anything to add to this that you’ve discovered using M365, or maybe you have a solution for one of the above challenges – drop me a message on socials!