SharePoint FAQ

Our migration methodology includes six phases: (1) Discovery & inventory — cataloging all content, permissions, and workflows; (2) Assessment — identifying migration complexity, compliance requirements, and cleanup needs; (3) Architecture design — planning the target information architecture; (4) Pilot migration — migrating a representative sample to validate the approach; (5) Phased production migration — migrating in waves to minimize disruption; (6) Validation & cutover — verifying content integrity and transitioning users. We use enterprise migration tools like Sharegate and AvePoint, plus custom scripts for complex scenarios.

For most cloud-to-cloud migrations (SharePoint Online to SharePoint Online, or tenant-to-tenant), we achieve zero downtime through our parallel-run approach — users can access both old and new environments during migration. For on-premise to cloud migrations, we schedule content cutovers during low-usage windows (typically nights or weekends) and use delta sync tools to capture any changes made during the migration window. Critical production environments are always migrated last, after thorough testing.

Full metadata preservation is a core commitment of every migration we perform. Managed metadata, term stores, content types, and custom columns are all migrated and validated. Permission structures — including unique permissions at the document, list, and site levels — are preserved exactly. For workflows, we assess whether legacy SharePoint Designer workflows can be migrated as-is, need to be rebuilt in Power Automate (Microsoft's recommended successor), or retired. We provide a complete workflow migration plan during the assessment phase.

M&A migrations are one of our specialties. The process involves mapping source and destination user accounts (including email address changes), planning the new unified information architecture, migrating content in phases while maintaining business continuity, and handling identity federation. We typically complete 25,000-user tenant consolidations in 60–90 days. Our retail industry case study demonstrates a 4TB, 25,000-user migration completed within a 90-day acquisition deadline.

Yes. We regularly migrate from Google Drive/Workspace, Box, Dropbox, Lotus Notes, file servers (NAS/SMB shares), and other document management systems to SharePoint Online. The main challenges are metadata mapping (Google and Box have limited metadata compared to SharePoint), permission translation, and content organization. We handle all of this during the assessment and architecture phase, ensuring your content arrives in SharePoint with the right structure, permissions, and metadata.

We have migrated environments ranging from 500GB to 50TB+. Migration throughput depends on network bandwidth, content complexity, and Microsoft's throttling limits. For SharePoint Online migrations, we typically achieve 100–500GB per day in production. Our healthcare case study involved 50TB migrated for 15,000 users with zero data loss. Large migrations are always planned with a detailed timeline and milestone-based progress reporting.

All migrations include a 30-day post-migration support window for issue resolution. We also offer ongoing managed support packages for long-term SharePoint health monitoring, governance enforcement, and user support. Post-migration, we provide a final validation report confirming 100% content integrity, permission accuracy, and user adoption metrics.

SharePoint Server 2019 reaches end of life (end of support) on October 14, 2026. Unlike SharePoint 2013 and 2016, SharePoint 2019 has NO extended support phase — it goes directly from mainstream support to zero support on the same date. After October 14, 2026, Microsoft will not provide security patches, bug fixes, or technical assistance for SharePoint Server 2019. Organizations still running SharePoint 2019 at that point face serious security vulnerabilities, compliance violations, and operational risks. We recommend starting your migration assessment immediately — with 8 months remaining, there is enough time to execute a well-planned migration to SharePoint Online. Contact us for a free SharePoint 2019 EOL assessment.

You have two primary options: (1) Migrate to SharePoint Online — the recommended path for most organizations. SharePoint Online is included in your Microsoft 365 subscription, receives automatic updates, and supports Microsoft Copilot AI. (2) Upgrade to SharePoint Server Subscription Edition (SPSE) — Microsoft's current on-premises product with no fixed end-of-life date, if you have hard data sovereignty requirements. SharePoint 2016 extended support and SharePoint 2019 mainstream support both end October 14, 2026. Acting now ensures a planned, zero-downtime migration versus a rushed emergency migration.

Our 24/7 managed SharePoint support covers: proactive health monitoring (alerts before issues impact users), break-fix support for outages and errors, performance optimization, security patch management, governance enforcement, end-user helpdesk support, and monthly health reports. Support is delivered through a dedicated portal with SLA tracking, and emergency issues receive a guaranteed 1-hour response from a senior SharePoint engineer — not a first-tier help desk.

For emergency support engagements, we guarantee a 1-hour response from a senior SharePoint architect. For standard managed support, response times are: Critical (site down, data inaccessible) — 1 hour; High (major functionality broken) — 4 hours; Medium (partial degradation) — 8 business hours; Low (general questions, enhancements) — next business day. All SLAs are contractually backed with remedies for violations.

Yes. We routinely take over support for SharePoint environments built by Microsoft, system integrators, or internal IT teams. Our onboarding process includes a full environment health assessment (2–4 weeks), documentation of your architecture, governance policies, and customizations, and a risk remediation plan for any issues found. This gives us the context to support your environment as effectively as if we had built it.

Yes. End-user training and administrator training are available as standalone engagements or included in managed support packages. Training options include live instructor-led sessions (virtual or on-site), self-paced e-learning modules, quick-reference guides, and custom training for your specific SharePoint configuration. We train users on SharePoint fundamentals, Microsoft Teams + SharePoint integration, Copilot AI usage, and role-specific workflows relevant to your organization.

SharePoint consulting pricing depends on scope and engagement type. Hourly rates for specialized SharePoint architects range from $175–$350/hour. Project-based consulting (intranet builds, governance frameworks, architecture reviews) typically ranges from $15,000 for targeted assessments to $150,000+ for full enterprise intranet deployments. Managed support retainers start at $2,500/month for small environments. Migration projects are priced by data volume, user count, and complexity. We provide a detailed statement of work with fixed-price options for clearly scoped projects.

We offer both. Fixed-price engagements are available for clearly scoped projects — migrations with defined data volumes, intranet builds with agreed-upon features, and governance framework implementations. Fixed pricing gives you budget certainty and aligns our incentives with yours. Time and materials engagements suit ongoing support, complex advisory work, or projects where scope may evolve. We recommend starting with a fixed-price assessment to define scope before committing to a larger implementation.

ROI varies by use case, but our clients typically see: 30–50% reduction in time spent finding documents (Forrester Research average); 20–40% reduction in email volume through structured collaboration; 60–80% reduction in paper-based processes for manufacturing and healthcare clients; $500–$2,000 per user annually in productivity savings for large enterprises. Our global manufacturer client achieved $8M in productivity gains in the first year after intranet deployment. We provide a business case template and ROI calculator during the discovery phase of every engagement.

Yes. We offer a complimentary 30-minute SharePoint strategy consultation with a senior consultant. During this session, we review your current environment, discuss your business objectives, identify your highest-priority opportunities, and provide initial recommendations — with no obligation. Schedule through our contact page or Calendly link. For organizations with immediate needs, we can also provide a rapid 2-day assessment with a detailed findings report.

Our SharePoint health assessment covers: governance and permissions audit; content architecture review; performance analysis; security and compliance posture review; Microsoft 365 license optimization; integration gap analysis; adoption metrics; and a prioritized remediation roadmap. Assessments are delivered as a comprehensive findings report with an executive summary and a 90-day action plan. Assessment pricing ranges from $3,500 (targeted) to $12,000 (full enterprise audit).

SharePoint Online can be configured to be HIPAA compliant, but compliance requires proper configuration — it is not automatic. Required steps include: executing a Business Associate Agreement (BAA) with Microsoft; enabling Microsoft Purview sensitivity labels and data loss prevention (DLP) policies; configuring access controls and audit logging for PHI; implementing retention policies; and conducting regular access reviews. Our healthcare SharePoint practice has helped 50+ healthcare organizations achieve and maintain HIPAA compliance, with zero compliance incidents reported.

Microsoft 365 (which includes SharePoint Online) holds SOC 2 Type II certification, FedRAMP High authorization (for GCC High tenants), ISO 27001, FISMA, HITRUST, and PCI DSS certifications at the platform level. Your organization still needs to configure SharePoint correctly to maintain compliance in your specific environment. We implement and document the controls, policies, and audit trails required for SOC 2, FedRAMP, GDPR, and industry-specific regulations — and we prepare you for your compliance audits.

Data protection during migration includes: encrypted transfer over TLS 1.2/1.3; no intermediate storage of client data on third-party systems; permission preservation to prevent unauthorized access at the destination; audit log review pre and post migration; and a data validation report confirming integrity. For HIPAA and FedRAMP environments, we use compliant migration tooling and document all data flows for audit trail purposes. Our engineers hold security clearances for government client work.

Microsoft Copilot for Microsoft 365 uses your organization's SharePoint content as its knowledge base. It can answer questions about documents stored in SharePoint, summarize long files, draft content based on existing documents, and surface relevant information across Teams, Outlook, and Word. For Copilot to work effectively, your SharePoint environment needs proper governance: well-organized content architecture, accurate permissions (so Copilot only surfaces content users are authorized to see), and metadata tagging for accurate search. We help organizations prepare their SharePoint environment for Copilot deployment.

Before deploying Microsoft Copilot, we recommend: (1) Permission audit — Copilot respects SharePoint permissions, but overshared content will surface to users who shouldn't see it; (2) Content cleanup — Copilot works best with accurate, current content; outdated documents produce poor AI responses; (3) Sensitivity labels — Apply Microsoft Purview labels so Copilot doesn't surface confidential content to unauthorized users; (4) Search optimization — Ensure your content is indexed correctly; (5) Governance policy — Define what data Copilot can and cannot access. Our Copilot readiness assessment addresses all five areas.

Microsoft's research shows Copilot users save an average of 1.2 hours per week on document-related tasks. For a 1,000-person organization at $75/hour average salary, that's $4.7M in annual productivity savings. Our technology client achieved a 35% productivity boost and 50% faster document creation after deploying Copilot across 8,000 users. ROI is highest for knowledge workers who spend significant time creating, reviewing, and searching for documents — typical in legal, financial services, consulting, and healthcare.

Our typical engagement follows four phases: (1) Discovery & scoping — 30-minute free consultation followed by a detailed requirements workshop (1–2 weeks); (2) Proposal & SOW — we deliver a fixed-price statement of work with clear deliverables, timeline, and milestones within 5 business days; (3) Implementation — phased delivery with bi-weekly status calls, a dedicated project manager, and a shared project workspace; (4) Handoff & support — knowledge transfer, documentation, user training, and optional transition to our managed support service. You have a named senior consultant as your primary contact throughout.

Yes. We serve enterprise clients across North America (US, Canada, Mexico) and work with multinational organizations on global SharePoint deployments. We have experience with multi-region Microsoft 365 tenants, data residency requirements (GDPR for EU data, Canadian data sovereignty), multilingual SharePoint sites (supporting 42 languages in one deployment), and time zone coordination for global rollouts. All projects are managed in English, with local resources available for select markets.

We work with enterprises ranging from 250 employees (mid-market) to 50,000+ employees (global enterprises). Our sweet spot is organizations with 1,000–10,000 users where SharePoint is a mission-critical platform, compliance requirements are significant, and the cost of a failed implementation is high. We also serve healthcare networks, government agencies, and financial institutions regardless of size due to their compliance complexity. We do not typically take on small business (<100 user) projects.

For new client engagements, we can typically begin a discovery/assessment within 1–2 weeks of contract signing. Emergency support engagements can begin within hours — our emergency hotline connects you directly to a senior SharePoint engineer for immediate triage. Managed support contracts can be activated within 3–5 business days for environments with existing documentation, or 2–4 weeks for environments requiring our health assessment onboarding process.

Yes. We have 10 published case studies on our website covering healthcare, financial services, government, manufacturing, legal, technology, retail, and education industries. We can also provide client references for organizations in your specific industry — healthcare CIOs, financial services CTOs, or government IT directors — upon request. Our references typically speak to our methodology, communication quality, and the accuracy of our initial project scoping.

For organizations already using Microsoft 365, SharePoint is the stronger choice — it is included in your existing license (no additional cost), integrates natively with Teams, Office, and Microsoft Copilot, and provides enterprise-grade compliance controls. Confluence excels for pure wiki use cases and Atlassian/Jira-native teams. The decisive 2026 factor: Microsoft Copilot is deeply integrated with SharePoint content, while Atlassian's AI offering is significantly less mature. For regulated industries (healthcare, financial services, government), SharePoint's compliance tooling is far more advanced.

OneDrive is personal cloud storage for individual files — your "My Documents" in the cloud. SharePoint is team and enterprise collaboration storage — shared document libraries, sites, and portals for groups. In Microsoft 365, every Teams channel stores files in SharePoint, while each user's personal files go to OneDrive. For enterprise content management (policies, project files, compliance documents), SharePoint is always the right platform. OneDrive is appropriate for personal drafts and individual work files that don't need to be shared broadly.

Teams and SharePoint are not competing — they are the same storage layer. Every Teams channel has a corresponding SharePoint site and document library behind it. Files you share in Teams are stored in SharePoint. The difference is the interface: Teams provides a chat-centric interface optimized for real-time collaboration, while SharePoint provides a document management interface with full metadata, versioning, search, and governance controls. For compliance, search, and governance purposes, always manage your content through SharePoint Admin Center.

For Microsoft 365 organizations, SharePoint is almost always superior to Box or Dropbox for enterprise file storage: it is included in your license at no extra cost, provides native co-authoring in Word/Excel/PowerPoint, integrates with Teams, supports enterprise compliance controls (DLP, retention, legal hold), and enables Microsoft Copilot AI search. Box and Dropbox have their own strengths (simpler interface, cross-platform focus, strong external sharing), but for organizations already invested in Microsoft 365, they add cost without adding value commensurate with SharePoint's capabilities.

Use both for different purposes. SharePoint excels at document-heavy project management (project portals, meeting notes, deliverables storage, compliance documentation) while dedicated PM tools like Jira and Asana excel at task tracking, sprint management, and dependency management. The best enterprise setup: SharePoint as the document management and project portal layer, Microsoft Planner (included in M365) for task tracking and sprints, integrated via Teams. For complex software development workflows, Jira remains the standard — but SharePoint handles the documentation and governance layer even in Jira-heavy environments.

SharePoint Online is included in all Microsoft 365 business and enterprise plans: Business Basic ($6/user/month), Business Standard ($12.50/user/month), Business Premium ($22/user/month), E3 ($36/user/month), and E5 ($57/user/month). The feature depth varies — E3 and E5 include advanced compliance, eDiscovery, and DLP capabilities that Business plans lack. SharePoint Premium (AI document processing, eSignature) and Microsoft 365 Copilot ($30/user/month) are available as add-ons. See our [Microsoft 365 SharePoint licensing guide](/blog/microsoft-365-sharepoint-licensing-guide-2026) for a full comparison.

For most organizations, Microsoft 365 E3 provides sufficient SharePoint compliance capabilities including sensitivity labels, basic DLP, eDiscovery Standard, and audit logging. E5 is necessary when you require: advanced eDiscovery with AI-assisted review, extended audit log retention, customer-managed encryption keys, communication compliance for SEC/FINRA requirements, or insider risk management. Financial services, healthcare covered entities with high-volume eDiscovery needs, and government agencies with CUI/ITAR requirements should evaluate E5. If in doubt, start with E3 and upgrade only if compliance gaps emerge.

Research consistently shows Microsoft 365 Copilot saves knowledge workers 30-45 minutes per day — well above the $1 daily cost. The SharePoint-specific value: natural language search across all organizational content ("find the Q4 compliance report"), one-click document summaries, AI-assisted content creation, and Copilot Studio for building custom AI agents grounded in your SharePoint data. We recommend starting with a 50-user pilot among high-document-volume knowledge workers (legal, finance, HR, project managers) and measuring actual time savings before full deployment.

Every Microsoft Teams team automatically creates a SharePoint site behind the scenes. Files you share in Teams channels are actually stored in a SharePoint document library — Teams is the collaboration interface, SharePoint is the storage layer. Standard channels share a SharePoint site; private channels get their own dedicated SharePoint site collection. This means SharePoint permissions, governance, and storage policies apply to all Teams file content. Organizations should govern Teams and SharePoint together, not as separate platforms.

Yes, and for many use cases SharePoint is the better choice. Use SharePoint directly (not Teams) for: company-wide intranet content and policies, formal document repositories accessed by large audiences, content requiring fine-grained permissions beyond team-level, and records management with retention policies. Use Teams for: real-time collaboration on projects, ongoing department communication, and workstreams with a defined team. Many organizations use both — Teams for active collaboration, SharePoint sites for structured document management and intranet content.

Teams membership directly controls SharePoint permissions: Team Owners get Full Control, Team Members get Edit access, and Guests get limited Edit access. To restrict SharePoint access differently than Teams membership: create SharePoint-only permission groups for specific libraries, use sensitivity labels to restrict downloading from Teams-connected libraries, and configure information barriers for regulated industries. Note that private channels automatically create separate SharePoint sites with isolated permissions — only private channel members can access those files.

Since September 2023, Teams meeting recordings are stored in Microsoft 365 cloud storage: non-channel meetings go to the organizer's OneDrive (My Recordings folder), and channel meetings go to the associated SharePoint site's Recordings folder. Recordings have a default expiration policy (typically 60-120 days depending on your org settings). For recordings that need long-term retention — training sessions, all-hands, board meetings — move them to a governed SharePoint library with an appropriate retention label applied.

Deleting a Teams team soft-deletes the associated Microsoft 365 Group and puts the SharePoint site into the SharePoint Recycle Bin. You have 93 days to recover the site before it is permanently deleted. If a retention policy applies to the site's content, that content is preserved even after the site is deleted — it moves to the Preservation Hold Library. Best practice: archive Teams teams instead of deleting them when the project ends, which puts the team in read-only mode in Teams while keeping the SharePoint site fully accessible.

Several methods: (1) Site Settings → People and groups — shows all groups and their members; (2) SharePoint Admin Center → Active sites → [Site] → Membership; (3) PowerShell: Connect-SPOService then Get-SPOUser -Site [URL] -Limit All exports all users; (4) Microsoft Purview Content Explorer shows permissions for sensitivity-labeled content. For enterprise-wide permission reporting, tools like ShareGate or AvePoint provide comprehensive cross-site reports. We recommend quarterly permission audits for all Tier 1 (sensitive) sites.

Permission inheritance means child objects (libraries, folders, files) automatically inherit permissions from their parent site. Breaking inheritance creates unique permissions on a specific object, independent of the parent. Break inheritance at the library or folder level — never at the individual file level (creates unmanageable complexity). Appropriate reasons to break inheritance: a sensitive HR library within a broader team site, an external-facing client folder within an internal project site, or a legal hold library that should be read-only for most users. Minimize inheritance breaks — every unique permission set increases admin overhead and audit complexity.

Copilot strictly respects SharePoint permissions — it can only surface content the user is already authorized to access. However, in overpermissioned environments, this creates risk: if a user has access to 500 sites (common without governance), Copilot will search across all 500 when answering their questions, potentially surfacing content they technically have access to but would never have found manually. Before deploying Copilot, complete a permissions audit to remove unnecessary access, apply sensitivity labels to restrict Copilot on confidential content, and remove all "Everyone" grants from sensitive libraries.

SharePoint governance is the set of policies, procedures, roles, and technical controls that guide how your SharePoint environment is managed, used, and maintained. It covers: who can create sites (site provisioning policy), how content is classified and labeled (information architecture), who owns sites and libraries (ownership model), how long content is retained (retention policy), who can share externally (sharing policy), and how compliance is enforced. Without governance, SharePoint environments accumulate orphaned sites, inconsistent permissions, unclassified sensitive content, and compliance gaps within 12-18 months of deployment. Good governance reduces IT support burden, accelerates eDiscovery, and satisfies auditors.

Site sprawl occurs when users create unlimited sites with no lifecycle governance. Prevention strategies: (1) Control site creation — limit who can create Microsoft 365 groups/teams/sites via Azure AD group policy; (2) Site request workflow — require users to submit a request through a Power Apps form with justification, primary owner, and expected lifecycle; (3) Site lifecycle policy — sites inactive for 90 days trigger an automated email to the owner requesting confirmation; Microsoft 365 then archives or deletes sites with no response (configurable in SharePoint Admin Center); (4) Hub site architecture — channel site creation into hub-associated sites with consistent navigation and branding; (5) Regular governance reviews — monthly report of new sites, orphaned sites, and storage outliers.

A comprehensive SharePoint governance document covers: (1) Roles and responsibilities — Global Admin, SharePoint Admin, Site Owner, Site Member, Visitor definitions and duties; (2) Site provisioning policy — who can create sites, what approvals are required, what templates are available; (3) Naming conventions — site URLs, team names, document library names, column naming standards; (4) Information architecture — hub site structure, content type taxonomy, managed metadata term groups; (5) External sharing policy — what can be shared, with whom, under what conditions; (6) Retention and records management — retention labels by content type, records declaration, disposition process; (7) Security standards — minimum permission requirements, guest access rules, sensitivity label taxonomy; (8) Site lifecycle — review cadence, archival criteria, deletion process; (9) Support model — who handles site creation requests, permission issues, and technical problems.

When a site owner leaves the organization, the site becomes "orphaned" — no active owner to manage permissions, approve access requests, or handle lifecycle decisions. Best practice prevention: require two site owners (primary + backup) at provisioning time. Remediation: (1) PowerShell: Get-SPOSite | Where-Object {$_.Owner -eq ""} identifies orphaned sites; (2) Automated flow: When a user account is disabled in Entra ID, trigger a Power Automate flow that identifies all sites owned by that user, notifies their manager, and requests ownership transfer within 7 days; (3) SharePoint Admin Center: Manually update the site owner (Site Details → Owners); (4) Governance review: Monthly report of sites where primary owner account status is "Disabled."

A SharePoint intranet is a curated employee-facing portal built on SharePoint Online, typically using communication sites and hub sites, with intentional design for company-wide communication, news, resource discovery, and employee self-service. A regular SharePoint site (team site) is a collaboration workspace for a specific team or project — functional and file-centric, not designed for broad audiences. Modern SharePoint intranets use hub site architecture to connect departmental communication sites under a common navigation and search experience. They feature audience-targeted content (employees in Finance see different news than employees in IT), Viva Connections integration for mobile experience, and Viva Engage (formerly Yammer) for social engagement.

A modern SharePoint intranet deployment timeline: (1) Discovery and architecture design: 2-4 weeks — stakeholder interviews, information architecture mapping, hub site design, content strategy; (2) Hub site and navigation setup: 1-2 weeks; (3) Departmental site templates: 2-4 weeks (building reusable templates each department can provision); (4) Content migration and population: 2-8 weeks depending on volume; (5) Testing and UAT: 1-2 weeks; (6) Training and launch: 1-2 weeks. Total: 3-6 months for a mid-size enterprise (1,000-10,000 users). For a 50,000+ user enterprise with complex content requirements, 6-12 months is realistic. Phased launches (core company site first, then department sites rolling out over 3-6 months) are often better for adoption.

Intranet success metrics fall into three categories: (1) Usage metrics — unique visitors/month, pages viewed/month, search queries/month, news article views, top content by views (available in SharePoint Admin Center → Usage reports); (2) Adoption metrics — % of employees who visited in the past 30 days, % who have favorited a page or site, search satisfaction score, mobile usage rate; (3) Business impact metrics — reduction in "where do I find X" IT help desk tickets, employee survey results on information findability, intranet vs. email for policy distribution (what % of employees accessed policy via intranet vs. email). Benchmark: healthy intranets see 70%+ of employees visiting monthly; great intranets see 85%+ with positive search satisfaction scores.

Our SharePoint migration services include: (1) Pre-migration assessment — inventory of source content, permissions audit, metadata analysis, and target architecture design; (2) Migration planning — project timeline, cutover strategy, pilot migration scope, communication plan; (3) Data migration — automated transfer of documents, metadata, permissions, and version history using enterprise tools (ShareGate, Metalogix, AvePoint, or Microsoft SPMT); (4) Validation — automated and manual QA to verify content fidelity, permissions, and metadata accuracy; (5) Cutover coordination — minimal downtime cutover with rollback plan; (6) Post-migration support — 30-90 day hypercare to resolve issues found by end users. We handle migrations from SharePoint Server 2013/2016/2019, file shares (Windows, NAS), Google Workspace, Box, Dropbox, and tenant-to-tenant (M&A) scenarios.

We use enterprise-grade migration tools selected based on migration type and scale: ShareGate Desktop and ShareGate Shell (most common — excellent for SharePoint to SharePoint Online with full metadata and permissions), Microsoft SharePoint Migration Tool (SPMT — good for file share migrations, free), AvePoint Fly (large enterprise with complex permission mapping needs), Metalogix Content Matrix (SharePoint-to-SharePoint with granular control), and Mover/Microsoft 365 Migration Manager (Box, Dropbox, Google Workspace sources). Tool selection depends on source platform, data volume, metadata complexity, and permission requirements. We recommend avoiding the built-in SharePoint drag-and-drop migration for anything beyond 100 documents — metadata and version history are not preserved.

Permissions migration is the most complex and risk-prone aspect of any SharePoint migration. Our approach: (1) Permission inventory — map all unique permission levels in the source environment (SharePoint unique permissions, NTFS ACLs for file shares, Google Workspace sharing settings); (2) Group normalization — convert individual user permissions to Azure AD security groups wherever possible before migration; (3) Permission mapping — create explicit map of source → target permission structures; (4) Pilot validation — migrate 5-10% of content first and have content owners validate access; (5) Post-migration permission audit — automated report comparing source and target permissions for discrepancies. Warning: broken inheritance (unique permissions at document level) dramatically increases migration time and complexity — we recommend consolidating to library/folder-level permissions before migration when possible.

Yes. Our largest migration to date was 50TB across 15,000 users with zero data loss and a 4-hour final cutover window. Strategies for large-scale, low-disruption migration: (1) Pre-migration bulk transfer — migrate 80-90% of content during normal business hours 2-4 weeks before cutover (users stay on source during this phase); (2) Delta sync — continuously sync changes from source to target in the final weeks; (3) Cutover weekend — only the delta (recent changes) needs to move during the cutover window, dramatically reducing downtime; (4) Parallel running — keep source read-only for 30 days post-cutover as a fallback; (5) Staged rollout — migrate by department over 4-8 weeks rather than all at once. For financial services and healthcare clients, we coordinate with compliance teams to ensure no migration window conflicts with regulatory reporting periods.

For many organizations, yes — especially with Microsoft 365 E5 and Microsoft Purview. SharePoint Online combined with Microsoft Purview Records Management provides: retention labels and schedules, records declaration (immutable records), event-based retention, disposition reviews, eDiscovery and legal hold, sensitivity labels and encryption, DLP policies, and audit logs. This covers the functional requirements of most mid-market DMS implementations. Where dedicated DMS systems still have advantages: law firms with complex matter-centric workflows, regulated pharmaceutical companies needing 21 CFR Part 11 electronic signatures, and organizations requiring physical records tracking. EPC Group has migrated organizations from iManage, OpenText, and Laserfiche to SharePoint + Purview successfully, with estimated license savings of $60-120/user/year.

Microsoft 365 E3 includes: Information Protection (sensitivity labels, manual classification), Data Loss Prevention (basic DLP policies), Compliance Manager (assessment tools), Audit (standard 90-day audit log), and basic eDiscovery (content search only). Microsoft 365 E5 adds: Advanced Compliance — full records management with retention labels and event-based retention, Premium eDiscovery (legal hold, advanced queries, export), Insider Risk Management, Communication Compliance, Advanced Audit (1-year log retention, critical events), Information Barriers (ethical walls), and Privacy Management. The E5 Compliance add-on ($12/user/month) provides all E5 compliance features without the full E5 upgrade. For organizations with formal records management programs, eDiscovery obligations, or regulatory requirements (FINRA, HIPAA, SEC), E5 Compliance is generally necessary.

Microsoft Purview eDiscovery integrates directly with SharePoint Online for legal hold and eDiscovery workflows: (1) Content Search — run KQL (Keyword Query Language) searches across SharePoint sites, OneDrive accounts, and Exchange mailboxes simultaneously; filter by date, author, site, content type, and sensitivity label; (2) eDiscovery Cases — create isolated cases per litigation matter, assign reviewers, and track all actions for chain of custody; (3) Legal Hold — place custodian-level holds on SharePoint sites and OneDrive accounts, preserving all content including deleted items (held in Preservation Hold Library); (4) Review and Export — tag documents (responsive, privileged, non-responsive), export in EDRM XML, native, or PST format for review platforms; (5) Premium eDiscovery — near-duplicate detection, email threading, predictive coding for large data sets. Microsoft 365 E5 is required for full Premium eDiscovery capabilities.

Retention policy design depends on your industry regulatory requirements, legal obligations, and business needs. Common starting framework: (1) Email — 3-7 years depending on industry (financial services: 7 years per SEC/FINRA, healthcare: 6 years per HIPAA, general business: 3-5 years); (2) Financial records (invoices, GL, tax) — 7 years per IRS; (3) HR records (personnel files) — 7 years post-separation; (4) Contracts — 7 years post-expiration; (5) Board minutes/corporate records — permanent; (6) IT logs and audit records — 1-3 years; (7) Litigation holds — until matter is finally resolved (overrides all other retention). We recommend engaging your legal counsel and records manager to build the formal retention schedule before configuring Purview labels. EPC Group provides retention schedule development as part of compliance engagements.