Having your security and governance rules applied to your Office 365 based digital workplace is crucial for success. An Office 365 governance can be very complex, but also very simple. This mostly varies on the company’s maturity with Office 365, MS Teams and SharePoint, and often on its’ size. Larger enterprises will not have the same needs as medium-sized or smaller companies.

That’s why we have spared no effort to pack new functions for the unification of security and permissions into this autumn’s release of Seamless that will support any kind of company to apply their rules and policies in Microsoft 365.


Default permissions per organizational unit

Larger companies often divide into locations, divisions or subsidiaries. Subsidiaries within a company, such as the Microsoft subsidiaries Nokia or LinkedIn, have individual needs when it comes to collaboration, processes, and branding in one Office 365 Tenant. In order to meet this need, we have introduced the concept of Seamless organizational units in the Seamless Summer 2019 Release. This concept simplifies multi-tenancy in a single Office 365 tenant.

With the new Seamless Release, you can now provide Default permission and membership based on organizational units.

Permissions per org unit


  • The management of a company, division or subsidiary needs to automatically have full access to all workspaces of their organizational unit.
  • Team leaders need read/write access to all workspaces of their team.
  • All members of a team have read-only access to all workspaces of their team
  • To support their users, members of the IT-Department must have admin access to all workspaces.

With this release of Seamless, security and governance rules like the example above can be easily configured per organizational unit.


Default permission based on workspace type

Nowadays, companies are largely organized in different teams of employees collaborating to reach a common goal. Enterprises have many teams and employees can concurrently be members of several teams, sometimes even in different roles. Depending on work content, needs and processes can vary largely between teams. Therefore, companies often characterize teams based on their content such as departments, teams or different types of projects. Because such characterizations are very difficult to realize with SharePoint and MS Teams, we have introduced the concept of Seamless typified workspaces with the Seamless Release in Summer 2019. They easily allow organizations to differentiate and characterize different team-types.

With the Seamless Autumn 2019 Release, you can now provide default permissions and membership based on workspace types.


  • The project management office must have full access to all projects in the company to support the project teams. But, they shall not automatic access to other workspace types such as departments, teams or employees.
  • Members of human resources need to have access to all workspaces of type “employee” to access their information.
  • The Head of a department automatically has access to all workspace types in his department
  • Employees automatically have read rights in all project workspaces of their department, but not to all team workspaces in the department.
  • Members of the IT Department have access to all workspace types in the company but not to financial information or workspaces containing HR information.

With this release of Seamless, security and governance rules like the example above can be configured per organizational unit and workspace type.


Workspace attributes per workspace type

To allow the characterization of project workspaces, Seamless supports the configuration of your individual set of workspace attributes (Metadata) per workspace type.


  • Project: Manager, Deputy, Project ID, Start Date, End Date, Budget, Progress, Phase, Customer, …
  • Customer: Responsible, Customer ID, Customer Name, Address, Street, ZIP, Phone, Website, Primary Contact, …
  • Team: Responsible, Department, Location, …
  • Department: Manager, Cost Unit, Location, Associated Teams, …
  • Employee: Coach, Supervisor, Employee ID, Entry Date, Social Security Number, …
  • Classroom: Location, Capacity, Equipment, …
  • Meeting: Manager, Deputy, Subject, Cadence, …
Workspace attributes to characterize different workspace types

Workspace Relations

In the past, organizational hierarchies were mapped using SharePoint subsites. Subsites can have independent permissions. With pronounced subsite structures, the assignment of authorizations can become demanding. For this reason, Microsoft recommended using flat structures with individual and detached SiteCollections instead of subsites. Microsoft also uses this paradigm in MS teams.

If companies now replace subsite structures with a flat workspace structure, the different workspaces no longer have any connection to each other. Since this is important for large companies with many workspaces, we have introduced the concept of workspace relations. This makes it possible to map workspaces and to build a coupled tree-structures.

Workspace Relelations for SharePoint and MS Teams


Consistent Naming Convention

Each MS Teams or SharePoint Site includes features and tools that have a name or title reflected in your Office 365 Desktop and Mobile Apps such as SharePoint, MS Teams, OneDrive, Word, Excel, PowerPoint, OneNote, etc. By default, they are not uniform. With Seamless, all features and tools that belong to one workspace, team or project reflect the same, unique name. This supports your IT-Organization and your users keeping Office 365 sorted.


What next?

Would you like to find out more about the Security and Governance functions of Seamless for Microsoft 365? Feel free to drop us an email at solutions@askmewhy.com.