The initial crawl of your environment is complete. You're comfortable with the layout of ShareGate Protect, have considered policies, and have tested some features.

Now you may wonder, "What's the best order to roll out ShareGate Protect to my organization?"

In this step of the ShareGate Protect guide, we outline the order that we recommend.

Now that you better understand how ShareGate interacts with owners, we recommend assigning owners to any orphaned teams and groups in your environment.

Owners are in the best position to know what to do with their teams and groups. They know the business purpose, how sensitive the data shared within it is, and what guests no longer require access.

By assigning owners, you can use ShareGate to delegate tasks and collaborate on your policies.

Organize your environment by business purpose and sensitivity level to gain better visibility of the information in teams and groups, and to apply the right governance policies.

Purpose tags show you the intended business purpose of teams and groups, while sensitivity tags help you understand their data sensitivity and apply the right security settings.

ShareGate comes ready with a variety of default tags you can use. Or, you can create tags that best reflect your organization:

With your tag options in place, use the Ask owner(s) features to send owners a notification asking them to apply a purpose tag or sensitivity tag.

Now that existing teams and groups in your environment are organized by business purpose and sensitivity level, use ShareGate to send automated notifications when owners create new teams and groups.

To turn on automation, go to Policies. Expand the Purpose tags and/or Sensitivity tags section, then toggle on Automatically ask owners.

Inactive teams and groups impact sprawl and security of your Microsoft environment. ShareGate can help you take action on current and future inactivity.

Choose your preferred Azure storage account so you and owners can take advantage of ShareGate's archiving features.

Select your storage account in the Settings.

Are there already inactive teams and groups in your environment? Use the Ask owner(s) about inactivity feature so owners can take action.

Now that your environment is clear of inactive teams and groups, automate the Inactivity detection policy and let ShareGate monitor for teams and groups that become inactive in the future.

Before setting up the policy, ask yourself, "How long can a team or group be inactive in our organization before it leads to sprawl or before it becomes a security risk?" Use this timeframe in your policy.

For the steps on how-to, see Set up and automate the Inactivity detection policy.

Using purpose tags, you can set a custom inactivity threshold on the business purpose of a team or group.

For example, a departmental group or team may not need its activity verified as often as a time-based project that could be archived as soon as the project is finished.

For the steps on how-to, see Create and edit purpose tags.

The External sharing review policy lets you ask owners to review and remove any unnecessary external sharing links and guest access from their teams and groups.

Set up the policy so owners can review on a schedule that suits your organization's needs.

For the steps on how-to, see Set up and automate the External sharing review policy.

Using sensitivity tags, you can set a custom start date and review recurrence based on a team or group's security needs.

For example, a team or group with a Confidential sensitivity tag may share highly sensitive information, which should be reviewed more often than your default policy allows.

For the steps on how-to, see Create and edit sensitivity tags.

Next