#FAQFriday: 10 Things That Make Office 365 Groups Different From Other Groups

As companies are adopting Microsoft Office 365 and Exchange Online in droves, the same few questions inevitably come up from IT Admins, Engineers and IT Support Managers alike: What’s the difference between Office 365 Groups and other types of groups? Why should we use them? How do we support them for our users? And eventually… How do we lock them down?

At a glance, it’s certainly easy to understand why so many IT admins are left scratching their heads when they first see these strange new groups compared to groups that are available with Microsoft Exchange on-prem. After all, Microsoft already offers several types of groups with overlapping functionality (Security Groups, Mail-Enabled Security Groups, Distribution Groups, Dynamic Distribution Groups).

How are Office 365 Groups any different?

Well, surprisingly, there’s a lot of ways.

To make understanding Office 365 groups a bit easier, we like to break it down into a list of 10 distinct features and characteristics that make Office 365 Groups different from the rest.

Here is our "real world" list from supporting and engineering Office 365 groups in the last few years:

1. Office 365 groups are integrated with email (Exchange and Outlook), SharePoint, OneDrive, Power BI, Teams, Azure, and Yammer. This is a much heavier cross-pollination of Microsoft applications than other types of groups, meaning they have more uses, and they create a common, shared space for members to collaborate with greater ease than with other types of groups.

2. Office 365 groups are not simply pass-through objects like Exchange distribution groups, Dynamic Distribution groups, or Active Directory Security groups. They store data in SharePoint. Read that again… they actually store data.

3. Because data for Office 365 Groups is stored in SharePoint, when the group is deleted, Office 365 stores the O365 group for an additional 30 days (just as if it were a deleted user account). This retention period is known as a soft deletion, and it can be restored during the 30 days. After the 30 day cycle completes, the deleted O365 group will be permanently deleted.

4. If you need to permanently delete an O365 group and not wait for 30 days, PowerShell is required to purge the data before 30 days

*Hint: To delete an O365 group with PowerShell, use cmdlet: Remove-UnifiedGroup -Identity "test group" .To purge an O365 group, you will need to get the object ID (yes, we’re serious!), then purge it, then confirm the O365 group is purged.

Cmdlet to get the object ID: Get-AzureADMSDeletedGroup
Then purge it: “Remove-AzureADMSDeletedDirectoryObject –Id <objectId>
Then confirm it is purged: Get-AzureADMSDeletedGroup

Note: Sometimes O365 groups don’t purge immediately. It can take up to 24 hours for replication.

5. IT Admins often wish to lock down Office 365 Groups, so the users don’t get all “willy-nilly”, and create multiple Office 365 groups at will for purposes that over-lap with other groups with similar names and the same intent. Organizations with greater security requirements should be extra careful of this, as Office 365 Groups can serve as an easy way for security procedures to be unknowingly broken by users as they share confidential company data with external recipients.

6. Office 365 Groups contain a web interface, whereas other types of groups do not.

7. Office 365 Groups have a dedicated calendar and file storage area for the group. This is separate from their personal mailbox’s calendar and their personal OneNote, Planner Notebooks, OneDrive, and SharePoint sites. The calendar and group files/notebooks are available to all members of an Office 365 Group.

8. Users can access data in their Office 365 Groups from their mobile devices, much like OneDrive or SharePoint.

9. Unlike other types of groups, Office 365 Groups require an Office 365 license. In order to create and use Office 365 Groups full functionality, users will require an Office 365 license such as Business Essentials, Business Premium, E1, E3, E5, A2-A4, G1-G4, Office 365 Kiosk, Nonprofit Business Essentials or Nonprofit Business Premium license.

10. If IT Admins or Security Engineers want to use advanced security or compliance features to monitor and secure their Office 365 Groups, an additional license involving security may be required depending on the Security and Compliance features desired.

In short, Office 365 Groups are a great way for members of your organization to collaborate efficiently, effectively, and with a greater sense of organization. However, it’s equally important to understand that these groups differ greatly from other types of groups available in Office 365 / Exchange Online. They can be a security risk and a support headache if they are not locked down and managed.
Posted in

Related Posts