Within the Univé organization, until recently an immense bulk (an estimated 15 million) of customer-related documents were stored via Docubird in on-premise SharePoint environments. Every day hundreds of employees simultaneously use Docubird to process customer-related documents. From the demand for more central management, less locally installed systems and fewer required licenses the desire arose to migrate to Microsoft SharePoint Online.
At the time, the Netherlands had limited knowledge and experience with large-scale migrations to the SharePoint Cloud and with storing millions of documents in SharePoint Online. In addition, these documents contained information about (private) customers and were therefore potentially sensitive to privacy. As an insurer Univé is under supervision of De Nederlandse Bank, but also of privacy watchdogs. This created not only a technical, but also a compliance challenge.
How can sensitive information be protected and how can unintentional disclosure be prevented?
Sensitive information can include financial data or Personally Identifiable Information (PII), such as credit card numbers, bsn numbers or health records. And these documents can reside in all sorts of locations. Many companies, including Univé, use Outlook for their e-mail traffic and SharePoint and OneDrive for their document management. The documents are then stored in Teams sites.
The main areas of compliance
For Univé, these are the main areas of compliance when it comes to content control of all emails and documents:
- Data Retention makes it possible to manage the life cycle of content. After a certain period of time, the document can be deleted, created as a record, moved or archived.
- Records Management is a unique area of Data Retention: Documents are designated as 'records', making them indestructible (they cannot be deleted).
- Data Loss Prevention (DLP): Prevents accidental or malicious sharing of data. DLP scans documents for personally identifiable information and prevents anyone from sharing it externally.
- eDiscovery allows organisations to perform a 'legal hold' on data to prevent anyone from deleting or modifying the document. Important for the legal hold obligation.
In order to achieve compliant document management, it is necessary to set up a classification scheme within the Microsoft 365 tenant. Microsoft's classification scheme contains four categories.
- Highly confidential: share most critical data only with named recipients.
- Confidential: Limited distribution, on a need-to-know basis.
- General: Daily work, internal sharing throughout the organisation.
- Public: Unlimited and sharing with the outside world possible.
Privacy labels can be added automatically by scanning all documents, but with Univé's archive of more than 15 million documents and e-mails, it can take years for Microsoft to scan all data.
A faster process is to make the privacy labels available to the users. They get a 'tip' the moment PII data is found. This works in Outlook, Word, Excel and PowerPoint and is triggered when documents are created, saved, edited and shared. It is also possible to add privacy labels to images and PDFs.
How does Univé manage this for its users?
Within Univé, the Docubird application has been used for a long time to store documents in SharePoint. With the arrival of the 2.0 version, Docubird has become an add-in within the Microsoft 365 environment. Directly from Outlook, Word, Excel and PowerPoint documents can be searched and saved in the SharePoint libraries.
The Docubird bar is visible on the right-hand side of the screen. Here the SharePoint libraries to which the user has access are shown. To search for a document, a library can be selected.
The search bar can be used to search directly for existing text (full text search). Within the Univé environment, it is possible to search directly for things such as client number. Thanks to the link with the CRM system, it is possible to search directly in CRM for the right client on the basis of: CRM number, Client number, name, etc. A document can be opened or shared directly.
A document received by email is simple. The recipient selects the email to be saved and chooses whether or not to save it with an attachment, the user can also choose to only save the attachment in the desired library in SharePoint, Teams or OneDrive. By selecting the right library, the meta data fields to be filled in become visible and the CRM can be searched for the right customer directly, for example by filling in the Client name or number. The following combinations can be searched for example;
- Client number
- Policy number
- Client postcode
- Client number
- Kvknumber (business)
Find and send documents
Finding a document and sending it by e-mail is also easy. Add name or author or any of the metadata mentioned above and Docubird will show all the documents that have the specified metadata. If it's not clear in which library a document is stored or if you want to search for all documents in all libraries (SharePoint, Teams and OneDrive), you can do so via "Advanced Search". Here you can search for documents on general and specific metadata.
Documents can be opened, attached or sent as a link to the document in the e-mail.
Read also: What is Meta Data Management?
In consultations between Univé, supervisors and Microsoft, solutions were found for the compliance issues, especially on which physical locations the files would be stored. Then the actual migration could begin. During this project the Docubird team found solutions for specific features of SharePoint Online compared to the on-premise versions. By quickly making adjustments in Docubird for use in combination with SharePoint Online the progress remained guaranteed.
Because the total size was in the terabytes, the available infrastructure was heavily loaded. Through smart planning and migrating outside of office hours in particular, Univé's daily operations were hardly burdened. Because the employees continued to use the Docubird user shell, the impact on them was nil. Hardly any differences were experienced in performance either.
In this way, behind the scenes for the users, a large-scale migration to the Cloud was carried out. A minimal impact for the users, who continued to work with their familiar Docubird shell on SharePoint, and major benefits for the organisation in terms of costs and manageability.