Office 365 - Pros and Cons of a Consolidated Tenant with Global User Dispersion
A single Office 365 tenant may not be sufficient for some organizations. In certain cases, a company may need to provision mailboxes or manage end users in more than one tenant.
Below is a detailed breakdown and summary of a single global Office 365 tenant versus multiple tenants. This assumes that there are two or more agreements in place.
As it exists today, a single Enterprise Agreement cannot have licenses allocated to multiple tenants without an exemption and Microsoft intervention to allow it. However, agreements made underneath that entity, such as a second Enterprise Agreement for a sub-company in another country or division of the organization can have its own tenant.
Single Global Tenant
- Single name space support.
Example: company.com is shared across the organization and everyone needs it as the primary email address. In this scenario, there is no way to provide a unified email address alias without all users existing in the same tenant.
- Single point of control and management - The proper implementation of Role Based Access Control allows for flexible controls to be put in place to manage licensing, users, and services such as Exchange.
- Branding controls for portal pages and SharePoint sites is unified.
- Tenant location is nearest to the primary company listed as the contact location for Office 365. In some cases this is beneficial where the largest set of users exist in a specific office. Retail would commonly see this as a benefit, for example, where the corporate office contains most of the information workers.
- Perfect solution when a single directory for the entire company is leveraged for user, group, and device management.
- No flexibility in the location of the services today. All services such as Exchange, Skype for Business, and SharePoint are provisioned in the nearest datacenter to where the company's contact listing.
- Role Management is very cumbersome - even with groups.
- One directory and its trusted relationships can be synchronized, a third party tool must be used if the company has multiple directories and no trusts in place.
- Can be very complex when you are leveraging multiple AD forests and Trusts - Overlapping contacts and sync errors are common.
- Services can be very slow when global access is enabled. An example is Skype, which has a low tolerance for latency and is impacted significantly for users outside of the country where the tenant is provisioned.
- Global instances of Yammer and SharePoint can cause companies to rethink putting all collaboration sites in the cloud.
- Primary benefit is autonomy and control of your own portal and services underneath it.
- Performance on a per company / agreement basis is markedly better due to the location being closer to the sub-company.
- Provides less complexity about managing admin roles on a large scale and can be less cumbersome.
- In scenarios where the company is global and large sets of users are distributed, this provides the best performance on a per agreement basis.
- Managing licenses is much easier and based intimately on the way each company operates.
- No single namespace and consolidated company domain support exists today.
- Global policy adherence is very difficult to achieve since the policy setting company doesn't have a view into the settings.
- Multiple locations to manage licensing can have limitations if only a single Microsoft licensing agreement exists.
- Security of company information is in the hands of each company managing its own portal.
- Compliance configurations are hard to regulate and enforce on an individual and consistent level.
If you have any addtional questions or would like to discuss, please contact us.
About the author
Welcome to the Interlink Cloud Blog
All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.