{"id":10168,"date":"2023-12-07T01:48:32","date_gmt":"2023-12-07T09:48:32","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=10168"},"modified":"2023-12-07T11:10:17","modified_gmt":"2023-12-07T19:10:17","slug":"the-future-of-group-member-management-how-microsoft-is-leading-the-way-with-automation","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/the-future-of-group-member-management-how-microsoft-is-leading-the-way-with-automation\/","title":{"rendered":"The future of Group Member Management: How Microsoft is leading the way with automation"},"content":{"rendered":"

\"MicrosoftJust as it is for everyone, maintaining accurate groups for email and apps such as Microsoft Viva and Microsoft Teams is challenging for us internally at Microsoft.<\/p>\n

Adding and removing employees from groups has been mostly a hand-cramping manual task, and this is especially true for large organizations like ours, where group membership management is daily work. Amidst all the life shifts that employees experience\u2013\u2013role changes, department transitions, taking leaves, moving to hybrid or remote offices\u2013\u2013it\u2019s hard for our admins to keep our groups 100 percent current.<\/p>\n

\"Johnson
The way we think about group member management was ready for transformation, says David Johnson, a principal program manager for our Microsoft Digital Employee Experience team.<\/figcaption><\/figure>\n

And when a group is out of date, people get left out of meetings and communications while others get access to information that\u2019s no longer relevant or, worse, something they should no longer be able to see.<\/p>\n

\u201cManually managing the groups was the old way,\u201d says David Johnson, a principal program manager for our Microsoft Digital Employee Experience team, the organization where we power, protect, and transform the company. \u201cEspecially now with hybrid workspaces, you need connection between the leader and organization in many ways, and you don’t want to have to manually manage that space.\u201d<\/p>\n

Entering data by hand is also an error-prone process that we needed to move beyond. Our Microsoft Digital Employee Experience team responded by building an automated solution that improved our inclusion, compliance, and security.<\/p>\n

[Learn more about Microsoft\u2019s data governance strategy.<\/a> Discover how to set up Dynamic Groups in Microsoft Azure Active Directory.<\/a>]<\/em><\/p>\n

Automating group membership management<\/h2>\n

A few years ago, there was a growing desire to automate Microsoft 365 group membership. As people started to realize the benefits of Microsoft 365 applications for effective live event and community management, the need for a solution to allow rule-based membership management became increasingly intense. However, at that time, there was no good solution readily available to meet these needs. Microsoft needed to manage live events and communities that involved large organizations, and there was not a good solution readily available. For example, organizations eagerly wanted to leverage Microsoft Yammer (we\u2019re now using Microsoft Viva Engage) broadcasting to keep employees connected and engaged with leaders, but maintaining accurate Yammer community members was a manual task. Furthermore, before the shift to the cloud, groups were nested, which means they were folded into hierarchical layers, and each team took the responsibilities to manually manage the immediate team membership and contribute to the parent group level.<\/p>\n

In the cloud, group membership is managed in a flattened way.<\/p>\n

While this structure ensured security and compliance, it also compounded the complexity for manual membership management. Reestablishing roles and permission for every group member in all apps had to be done one at a time by hand, which likely only benefited the businesses of carpal-tunnel therapists.<\/p>\n

The tedious processes required were unwieldy. Maintaining accurate membership is a multi-step process involving batch exporting member lists from HR systems, manually scrubbing from multiple Excel worksheets, then identifying the members to be added or removed. As soon as someone joined or left an organization, an admin would have to do this all over again.<\/p>\n

Group membership was only accurate on the day it was entered, so groups were frequently out of date. Sending personalized messages to individuals with a commonality (such as a holiday, disaster, or local celebration) required manually updating group membership: a time-quaffing undertaking.<\/p>\n

\u201cReaching everyone was so important to us, but the technology to maintain aliases wasn\u2019t there,\u201d says Cindy Jensen, a senior executive assistant with Microsoft Customer and Partner Solutions, one of Microsoft\u2019s Sales and Marketing organizations with over 100,000 people. \u201cOur volumes were too large.\u201d<\/p>\n

We said, let’s build something. We can automate membership management.<\/p>\n

\u2014Olivia Han, a senior program manager with Microsoft Digital Employee Experience<\/p>\n<\/blockquote>\n

\"Han
Group Membership Management dynamically manages the membership of groups in Microsoft Azure Active Directory, says Olivia Han, a senior program manager with Microsoft Digital Employee Experience.<\/figcaption><\/figure>\n

Microsoft Digital Employee Experience dedicated themselves to the challenge of making group member management a better and less manual process.<\/p>\n

Engineering an answer<\/h2>\n

At Microsoft, we realized we had a significant issue back in 2017. We had to manage Yammer communities and live broadcast streams in particular. The demand for reaching broad audiences, especially C-suite level audiences, initiated our journey to find a solution.<\/p>\n

\u201cWe said, \u2018let\u2019s build something,\u2019\u201d says Olivia Han, a senior program manager with Microsoft Digital Employee Experience. \u201cWe can automate membership management.\u2019\u201d<\/p>\n

And they did.<\/p>\n

The tool\u2014broadly launched internally at Microsoft in 2021\u2014is called Group Membership Management (GMM<\/a>). It\u2019s a solution that dynamically manages the membership of Microsoft Azure Active Directory (AAD) Groups. Once it\u2019s set up, it automatically updates when HR data changes and when other source groups membership changes.<\/p>\n

Microsoft already has the powerful Dynamic Groups feature in Microsoft Azure Active Directory,<\/a> which allows attribute-based groups. GMM is needed for large leader-based groups and all of their reporting hierarchy. Now, source groups can have thousands of levels of nesting.<\/p>\n

We never have to think about our aliases again, and we always know our communication is going to the right group.<\/p>\n

\u2014Cindy Jensen, a senior executive assistant with Microsoft Customer and Partner Solutions (MCAPS)<\/p>\n<\/blockquote>\n

\u201cPutting people in groups and taking them out of groups may sound trivial from an outsider\u2019s perspective, but what I\u2019ve come to really love and appreciate about the project is the scale,\u201d says Paul Daly, a principal software engineering manager with Microsoft Digital Employee Experience. \u201cThe scale and impact of this problem necessitates that we focus on both performance and reliability.\u201d<\/p>\n

\"A
Microsoft automatically populates group members in Microsoft 365 and Microsoft Viva using Group Membership Management.<\/figcaption><\/figure>\n

Benefitting from automation<\/h2>\n

Admins at in Microsoft\u2019s Sales and Marketing organization and its more than 100,000 employees were very happy once they were able to start taking advantage of GMM.<\/p>\n

\u201cWe never have to think about our aliases again, and we always know our communication is going to the right group,\u201d Jensen says. \u201cI set my groups up once\u2014I update them never.\u201d<\/p>\n

Automating group membership has resulted in dramatic error reduction, which means there are far fewer security risks posed by stale membership and inappropriate access.<\/p>\n

\u201cAdmins can now focus on more impactful work that can\u2019t be automated,\u201d Han says. Unsurprisingly, freedom to give their attention to other projects is among the first-mentioned benefits by administrators who have leveraged the GMM solution.<\/p>\n

We want everybody to feel valued and included. Group Membership Management gives us that.<\/p>\n

\u2014Cindy Jensen, a senior executive assistant with Microsoft Customer and Partner Solutions (MCAPS)<\/p>\n<\/blockquote>\n

In addition to stronger security, Jensen in Microsoft\u2019s Sales and Marketing organization celebrates the role of accuracy in enhancing inclusivity. When group membership is updated automatically and daily, no one is forgotten or left out, and Jensen says that now she can make special groups on the fly to send personalized messages with very little effort.<\/p>\n

She made aliases for people who celebrate Diwali so she could wish them a joyful one. She\u2019s created aliases for people living in the Puget Sound area so they could participate in a huge annual Microsoft Give drive. This wasn\u2019t easily achievable before.<\/p>\n

\u201cWe want everybody to feel valued and included,\u201d Jensen says. \u201cGMM gives us that.\u201d<\/p>\n

Making automated group membership management more accessible<\/h3>\n

Now, nearly anyone can leverage GMM. It\u2019s an open-source application that\u2019s available to everyone on GitHub.<\/a><\/p>\n

\u201cCustomers needed it,\u201d Han replies when asked why it\u2019s open source. Microsoft did not want to withhold the tool from the public while it waits for a home in within a product.<\/p>\n

\u201cWhat\u2019s cool about GMM, the version that\u2019s on GitHub, is that it\u2019s actually the same version that we run internally,\u201d Daly says.<\/p>\n

\"Key
\nGroup Membership Management has been a lifesaver for Microsoft groups, and its engineers continue to enhance its sophistication. Here are words of wisdom for anyone wanting to leverage the benefits of Group Member Management for their organization.<\/p>\n