This document establishes guidelines for consistent, efficient and compliant use of Office 365 groups. Office 365 groups enable collaboration between staff, students, contractors and external users by facilitating:
- Easier Communication – Each group has a calendar and mailbox which provides a simple way to share information and documents;
- File Storage– Groups are allocated a large storage space recommended for up to 25 gigabytes of files (larger collections of documents are recommended to use V Drive);
- Better Collaboration – Most projects and teams produce documentation that is often sent from person to person via email. With an Office 365 group, a team can work on a single set of documents at the same time, avoiding version conflicts and enabling staff to easily recover previous versions of a document;
- More Flexibility – Groups can be easily setup and users added easily using self-service. This means that you can manage groups yourself and archive them when no longer needed;
- Greater Security – All Office 365 group data is stored in Australia and all data is encrypted during transmission and at rest, meaning that you can store files that are security classified as public, internal only and restricted with peace of mind.
The following guidelines must be considered when creating, managing, deleting or archiving Office 365 groups.
- Group names must reflect the usage or project name that they represent.
- For the sake of clarity and context, it is advisable to use meaningful descriptions, and to avoid using acronyms or abbreviations.
- Names containing offensive characters or words will be deleted by ITS upon detection.
- Owners can manage users who can access the group and its content.
- Each group should be assigned at least two owners to minimise potential for loss of access should one owner be unavailable.
- Groups should only be created where there is a need to collaborate and communicate between a number of users.
- Groups are designed for project team or operational team usage, supporting collaboration on documents to achieve an outcome. Groups should never be created for individuals.
- Your personal OneDrive for Business space should be utilised for individuals working on documents with a smaller number of collaborators (more information about sharing).
- To reduce the proliferation of groups, ITS will automatically notify the owners of groups if a group is not utilised (files added or modified) for 180 days.
- This notification will request owners to confirm if the group is still required. If a response isn’t received after 20 days, a second request will be sent.
- After a further 10 days, the group will automatically be archived as per the Backup & Storage section below.
Public and Private Groups
- Only private groups must be created.
- Public groups can be requested for enabling the publication of files and content that is to be accessible by any Flinders University users (staff, students and invited guests).
- Unless exempt, any group set to public will revert to private, as public groups are open to any other user including all staff, students and invited guests.
- It is the responsibility of each group Owner(s) to ensure that access to their group(s) is managed appropriately.
- This includes removing access for those that no longer need access. For more information on adding and removing users please visit the support site.
- Any University user with a FAN or an external user can be invited to a group (or can request access).
- When sharing with an external user (e.g. someone without a FAN), it is the responsibility of the Group owner to control and remove access when it is no longer needed and ensure only those that need access are added as group members.
- Files stored in Groups should be named in a clear and concise manner, preferably making use of the University’s Naming Conventions, in order to provide good search options and context.
- Once a project or undertaking for which a Group is created is nearing its final stages, a Group owner should prepare transfer of the final documents and files in the Group to a suitable record keeping system.
- Records to be transferred consist of final versions of files only (i.e. no working draft versions).
- If the documents have been classified as Public or Internal Only, this can be a suitable folder on a University share drive (V Drive). If the Group contains any final documents, these documents in the Group should be transferred to the HPRM record keeping system.
- Documents are considered to be records regardless of importance, they should never be destroyed outright. For formal destruction of records, contact the Central Records Office .
- Only documents containing information classified as Public, Internal Only and Restricted are permitted to be stored within Groups (or generally within OneDrive for Business).
- Highly Confidential classified information must not be stored and mechanisms are in place to detect the storage of such sensitive information.
- If you have storage requirements for any highly confidential information (as above), please contact ITS Service Desk for assistance.
Backup & Storage
- Deleted group documents are retained for 90 days and a further 12 months after deletion to allow recovery of information for Freedom of Information requests and enable recovery of data accidentally or maliciously deleted.
- Groups are monitored for malicious activities such as deletion of all information.