Email / Calendar Solution: Assessment Matrix

DfgDfg Admin
edited December 2011 in Tech & Games
If you're ever need to learn how to assess things, this will be a great article to read. I mean, I enjoyed reading it and it made a lot of sense to switch to Google vs MS.

The following matrix supports the recent email and calendar solution forthe UC Berkeley campus. The evaluation was undertaken as part of theOperational Excellence (OE) sponsored Productivity Suite project andfocused on features and requirements to meet key objectives of OEincluding service improvement, project and operating cost, speed ofdeployment, architectural alignment, accessibility, storage of data inthe United States, and privacy and security issues. For for information,the Campus Selects Google as New Email and CalendarSolution.

[h=2]Microsoft vs Google Assessment Matrix[/h]


[TH="class: ucbito_dark_blue_bg centered middle"]Priority[/TH]
[TH="class: ucbito_dark_blue_bg centered middle"]Category: Issue[/TH]
[TH="class: ucbito_dark_blue_bg centered middle"]Google Apps for Education[/TH]
[TH="class: ucbito_dark_blue_bg centered middle"]Office 365[/TH]
[TH="class: ucbito_dark_blue_bg centered middle"]Advantage To:[/TH]





1
Email/Calendar Cloud/Local Solution:



Speed of Migration and Deployment
As a guide, Google offers a 6-10 week migration plan for institutions wanting to migrate quickly. This would be a starting point for us. A UC Berkeley migration to Google can start faster and with less infrastructure investment. Also, we will be able to use a significant amount of our recently upgraded mail routing infrastructure with this solution. Due to the recent issues with CalMail, this is a very significant issue.
Office 365 requires on-premise installation and configuration of Exchange 2010 before migration can begin along with a significant change in our mail routing infrastructure. This has the tradeoff of giving more flexibility in integrating on-premise and cloud main and management of authentication.
Google has the advantage for speed of starting a migration and options for self-service migration of user data. Also, with a multiple-instance model, we can allow for large subdomains to plan and execute their own migrations.


Support of Migration and Deployment
Google relies on partner vendors for on-premise migration project management, but does have a deployment specialist that can answer questions. This, along with the support that we can gather from already-migrated partners, such as UC Santa Cruz and Lawrence Berkeley Lab, allows us to migrate, with support at a significantly lower cost.
MS offers consulting and deployment services that can manage the migration project. These come at a significant cost to the project.
Google, since we have close partners that have already completed migrations and can offer support.


Integration with Collaboration Tools
The option of integration with the suite of other Google Apps products — Google Docs, Groups, Sites. These applications were not extensively reviewed during this process, but are already used in other departments for teaching and learning purposes. Also, BOX, which campus has contracted with, integrates with Google.
Office 365 comes with its Office online apps and the option of deploying SharePoint Online and Lynx (which were not reviewed).
Google integrated with partner software campus has already purchased. Both Google and Office 365 would offer a more integrated collaborative tools environment than what currently exists on campus.


Ease of Tools Development
Powerful open standards-based API for extending base functionality. An API based on technologies that we currently have campus expertise in developing against. Also, specific APIs for migrating data in and out of the service. Google has a program for specifically moving data in and out of their products efficiently, see http://www.dataliberation.org/.
A much more platform and tool-specific development environment and API. Software development against Exchange and the MS suite of software is not a widely held skill on campus. This would be a significant negative compared to our ability to extend functionality for the current mail system.
Google has a more robust and documented API aligned with the skillsets on campus and a program to support migrating data out of Google if we ever so choose.


User Familiarity
The ability to leverage a better known interface and product by the student population based on email forwarding information. Using Google Apps, users will be able to continue to retain multiple, separate email accounts between their berkeley.edu and subdomain email accounts. Gmail, and to a lesser extent Google Calendar, is already used by a significant percentage of our students. An analysis done last year of CalMail forwarding showed 25 percent of students forwarded email with Google being far and ahead having the largest share of that percentage.
There is not a consumer version of Office 365 that can be compared to Gmail/Calendar. Users with current multiple email accounts would be required to consolildate their multiple email accounts into a single account. There are significant groups on campus that do use Outlook (the preferred client for Office 365/Exchange).
Overall: Google.
Current Google Users: Google.
Users with multiple Berkeley accounts: Google.
Current Outlook and Exchange Users: Microsoft.


Mailman Migration Option
The opportunity to, eventually, migrate Mailman mailing lists with the core product offering. Google Groups could be used for this purpose, but it is not part of this project.
Replacement of Mailman mailing list software without 3rd party software. Microsoft themselves recommended that we do not attempt to migrate from Mailman to Exchange distribution groups as it is an insufficient replacement.
Google has a product that could be evaluated for possible migration off of our Mailman product, offering an opportunity to reduce operational risk with very little cost. MS has no such product built into their suite.


On-Premise Integration
Google Apps does not offer integration with on-premise email or calendar software as part of their default product. Any on-premise email and calendar solution offered to users that require on-premise email will be different and lacking the same experience of Google Apps without local development toward that goal.
Integrated on-premise email /calendar solution. Office 365 offers as part of the core product, tight integration for mail, calendar, free/busy, and tasks between an on-premise Exchange 2010 installation and their cloud offering. What this will allow is for users and groups that are using on-premise email to seamlessly interact with cloud users and have the same tools and experience as cloud users.
Microsoft is built with this type of integration in mind. Since we would require an on-premise solution for any campus mail/calendar service, this gives it the advantage.


Administration
Google does not offer delegated administration for multiple domains hosted on a single Apps for Education instance. In order to effectively delegate full administration to current CalMail departmental email administrators, we would adopt a model with multiple Apps for Edu instances for our large CalMail subdomains.
Exchange does not offer the option or workaround to simply delegate administration. Exchange administration is heavily centrally managed. Functions currently handled by CalMail and email support providers would have to be built out.
Google. Neither solution offers the robust management and delegated administration tools as CalMail currently does. Google has a system that will come closest to the current functionality.


Authentication
Google does not allow us to keep all passwords and authentication information onsite. Google supports SAML 2.0 for single sign-on for its web applications, but using Google with desktop applications and mobile devices requires storing credentials with Google. Universities such as NYU and University of Minnesota have (in documentation) strongly recommended that their users migrate to web clients only. Google-based passwords are still required for all mobile clients.
Office 365 has the ability to allow us to keep our authentication tied to local Active Directory infrastructure (for single sign-on, desktop, and mobile).
Microsoft has the advantage of giving us this option and keeping all our credentials within our borders.


Mobile Integration
Google Sync supports Android, iOS, Windows Mobile, and Blackberry devices. Standard IMAP for email is also supported.
Office 365 uses ActiveSync and works similar to an Exchange server for the purposes of mobile integration. Email, Calendar, Contacts can be synced to any device supporting ActiveSync. Mail can also be set up using standard IMAP. BlackBerrys are currently not supported with a BES server. This is on their roadmap.
Draw. Both products offer better integrated mobile support than campus's current offerings. Both solutions also support standard IMAP/SMTP for receiving and sending mail.


Email/Calendar Cloud/Local Solution: SUMMARY

Google's solution is optimized for web-based interaction. It is designed to be quickly provisioned and a migration to Google could begin more quickly than one to Office 365. The tradeoff is that without significant output of resources, the on-premise email and calendar system would not be on-par with the cloud services offered.

Office 365 offers an integrated experience for on-premise and cloud users. This comes at a greater ongoing, operational expense and complexity of maintaining central infrastructure. Office 365 is a very new service, even universities such as Nebraska that were first to sign-up are still not migrated. Microsoft's previous online service offerings (BPOS, Live@EDU) did not have exceptional track records for performance.

Migrating to either solution will require changes in the way campus runs their email and calendar service. From policies, security, DR, administration, and end-user support, neither Google nor Microsoft will fit UC Berkeley exactly. That being said, both solutions have their advantages and weaknesses. Functionally, Google has significant advantages that Berkeley can quickly and cost-effectively take advantage of; its most significant weakness is its lack of integration with an on-premise email and calendar solution in the way Office 365 does. Microsoft requires significant central AD and Exchange infrastructure.





2
Calendar



Acceptance
More general acceptance and familiarity with this solution in the community, particularly with faculty, researchers, and students. Haas and URel may want to splinter off and use an on-premises Exchange installation.
Faces less acceptance; less familiarity with it; prejudice against Microsoft. Many groups likely to splinter off and continue using Google.
Google: Faculty, researchers, and students.Microsoft: Administrative power users, plus Haas and URel.


Security & Privacy
Does not allow per-event privacy controls as Oracle Calendar does. Can only set access rights to the calendar as a whole.

More difficult for an administrator to set access controls for groups of people. Cannot set access controls by role.
Does not allow per-event privacy controls as Oracle Calendar does. Can only set access rights to the calendar as a whole. Has 4 levels of access control. Easier for administrators to set access controls from the PowerShell interface.

Can set access controls by role.
Microsoft.


Choice of access
Outlook 2010 (via Google Sync app)
Outlook 2011 (Mac) ?
Outlook Web App(OWA) N/A
iCal (via CalDAV protocol)
Google Calendar (web) +

+ Well-supported.
Less supported; may be issues.
? Unknown if this configuration possible.
N/A This configuration not available.
Outlook 2010 +
Outlook 2011 (Mac) +
Outlook Web App (web) +
iCal
Google Calendar (web) (via Google Sync app: requires Outlook 2010 to set up)

+ Well-supported.
Less supported; may be issues.
Microsoft.


Functionality & Features
Features superior to Microsoft
  1. Very easy to subscribe to other calendars.
  2. Multiple calendar views easily layered.
Features less than Microsoft
  1. Recurring meetings: When one meeting in a set of recurring meetings is changed, it falls out of the series and can't be changed as part of the series.
  2. It's not possible to track the invitations one has sent out or received. One must search the calendar to look for them.

Features superior to Google
  1. Recurring meetings: meetings remain as part of a series and can be managed as a group or changes can be made to individual meetings. However, once a change has been made, subsequent changes to the series do not affect previously changed individual instances.
  2. Invitations and acceptances can be tracked via the in-box common to email and calendaring.
Features less than Google
  1. Not easy to subscribe to other calendars.
  2. OWA (Outlook Web App) only displays multiple calendars side by side. Outlook will display calendars in a layered view as well as side by side.

Microsoft.


Interoperability
Google Calendar does not have interoperability with other instances of Google Calendar nor other types of calendar systems. While it is easy to see another person's calendar on the system, it is not possible to schedule with them in real-time as it is with Office 365. Calendaring invitations are sent by email and responded to by email.

Invitations to users at an email address other than the one used for their main calendar may cause it to create a new calendar.
Office 365 is fully interoperable with any other Exchange installation (i.e., it would be fully interoperable with UCSF and an on-premises Exchange installation.) It is possible to schedule in real-time with cloud or on-premise or users on another linked Exchange instance.

Offsite scheduling:
It is easy to schedule with external Outlook users. Outlook will recognize calendar events in an email and easily enter them on the calendar system. It is a standard among businesses, so many administrative departments that deal with external businesses or organizational would find it easy to schedule events with each other.
Microsoft.


Mobile Devices
Google Sync supports Android, Windows Mobile, iPhone, and BlackBerry platforms. (BlackBerrys require an additional app to be downloaded. Android phones connect natively. Other platforms use built-in ActiveSync client.)
Office 365 can sync with any device that has an ActiveSync client (includes iPhones, Android devices, Windows Mobile phones). BlackBerry phones would require a 3rd-party ActiveSync client or support via the upcoming hosted BES (BlackBerry Enterprise Server) that is scheduled to be part of the Office 365.
Draw.


Ease of Use / Familiarity
The Google calendar interface is widely regarded as intuitive and easy to use even for people unfamiliar with online calendaring. Many more people are familiar with its interface as it has been available for free for many years.
While the Outlook-style interface is familiar to many staff, the web version is less so and has a significant usability issue in that it cannot layer calendars. Its stronger features also means that it is more complicated to use, a factor for everyone, although less so for current CalAgenda power users.
Google: Everyone except CalAgenda power users.

Microsoft: CalAgenda power users.


System Administration
Rudimentary system administration capabilities out of the box. Cannot easily distribute control to units (this might be possible with additional programming). Difficult to create or set up access rights in a batch mode. Lawrence Berkeley Lab reports that they don't need to do much in the system administration control panel.
More advanced system administration features including capability for doing many jobs in a batch mode such as setting permissions. Much easier to distribute administrative functions around the campus so individual units would have more control over their accounts. Capabilities for scripting administrative tasks are very robust.
Microsoft.


On-premises solution
None.
Exchange is a well-known calendaring and email system that could be hosted on campus (which already has several Exchange installations). It would work seamlessly with Office 365.
Microsoft.


Calendar: SUMMARY

Calendar users are sharply divided on campus between three major categories: 1) those who do not use an online calendar or who only use one for themselves and don't schedule with others, 2) average CalAgenda users or users of other calendar systems who schedule only for themselves and maybe a few others, and 3) power CalAgenda users who may schedule dozens of meetings a day for several administrators and keep track of one to two dozen calendars minute by minute.

Google Calendar would be an acceptable alternative for the first two categories of users. They would easily adapt if unused to it, and it would meet their needs fairly well.

The third category would find the transition to Google Calendar hard, and it is likely that its use would impact their productivity both during the transition period and going forward due to problems with the migration and ongoing reduced functionality of the product.

It is also quite likely that some top University administrators' duties would be disrupted by problems with their calendars both during the actual cutover migration and during an extended transition period where events that existed on the previous CalAgenda were still in the new system.

Transition problems are also a possibility with a move to Office 365, but as best as can be estimated, would be less. There is more experience and understanding in the area of transition to Exchange than in the transition to Google, and fewer areas of stark incompatibility between Exchange/Office 365 and Oracle Calendar than between Google and Office 365.

The lessened functionality in Google would be a detriment to these power users' productivity going forward. While their total number may be five percent of the total users on the calendar system, their actual calendar use may well be half of the system.





2
Security and Privacy:



Acceptable Use Policy (AUP)
UC adopts Google's acceptable use policy. With notice to UC, Google may interpret and enforce the policy in a manner UC finds objectionable.
UC retains the right to apply its own acceptable use policy and the contract assigns sole responsibility for AUP enforcement to UC.
Microsoft.


Non-consensual Access to End-User Data
Google will only use or disclose UC end-user data as provided in the agreement. Google has no obligation to supply UC with records detailing any access by Google to UC end-user data.
There are only a few circumstances in which Microsoft personnel have the right to monitor or disclose UC end-user data and any exception must be authorized in writing by UC. However, Microsoft declined to supply UC with records detailing any access by Microsoft to UC end-user data. And, Microsoft may disclose the contents of end-user messages to third parties if Microsoft determines the messages contain malware.
Draw.


Authentication
Credentials for email/calendar clients reside on Google's servers. Two-factor authentication available but specific to Google and only supported on web-based clients.
UC stores end-user credentials locally and may be able to leverage planned implementation of two-factor authentication for campus Active Directory.
Draw.


e-Discovery
Google contract offers no cost support to meet e-Discovery requirements if Admin Tool will not suffice. The contract is unclear about whether Google will help UC respond to third-party demands against UC. And, Google's e-Discovery capabilities are relatively immature.
Microsoft provides robust e-Discovery tools and supports configuration of different retention policies on specific sets of mailboxes.
Draw.


Location of Data
Google contractually commits to permanently storing data at rest in the United States for Core Content (including email, calendar details, and Google docs). Google may also transfer, store, and process Customer Data in any country in which Google or its agents maintain facilities; Core Content shared with non-UC users may be stored outside the U.S.
Microsoft will contractually commit to locate all Exchange, SharePoint and Lync servers that will be accessed by End Users in production and disaster recovery data centers only in the continental United States. This does not apply to antivirus or antispam services. Microsoft has stated (not in the contract) that as Office 365 is presently architected, customer data will reside in the U.S. (except for AV, AS, and some support issues), but reserves the right to modify its architecture moving forward.
Microsoft (slight).

Google has more qualifications on U.S. data storage obligation in minor respects.


Encryption of Email at Rest
Not available.
IRM add-on (extra cost) available to provide encryption of stored email so as to prevent Microsoft personnel from having access to sensitive messages and attachments.
Microsoft.


Security and Privacy: SUMMARY

Google inferior on all fronts but only by a small margin.

Microsoft superior. Microsoft offers a better AUP policy, better e-Discovery options, and slightly better terms on the location of data. On the whole, Microsoft comes out better than Google but only by a small margin on all categories.





3
Contractual:



Data Transfer upon Termination:
Provided Customer requests that they do so prior to termination, Google commits to maintain Customer Data for at least six months after expiration or termination of an agreement. May charge data retention fee that shall not exceed the cost of providing the service. Provides self-service tools for data extraction.
Unless Customer requests immediate deletion of data, Microsoft commits to maintain Customer Data for 90 days after expiration or termination of an agreement. May charge data retention fee that shall not exceed the cost of providing the service. Provides self-service tools for data extraction.
Microsoft (don't need to request prior to termination trumps time delta).


Data Management and Transfer
Google contractually commits to permanently storing data at rest in the United States for Core Content (including email, calendar details, and Google docs). Google may also transfer, store, and process Customer Data in any country in which Google or its agents maintain facilities; Core Content shared with non-UC users may be stored outside the U.S.
Microsoft will contractually commit to locate all Exchange, SharePoint and Lync servers that will be accessed by End Users in production and disaster recovery data centers only in the continental United States. This does not apply to antivirus or antispam services. Microsoft has stated (not in the contract) that as Office 365 is presently architected, customer data will reside in the U.S. (except for AV, AS, and some support issues), but reserves the right to modify its architecture moving forward.
Draw.


Accessibility
Google is willing to make commercially reasonable efforts to provide updated VPATs.
Microsoft is unwilling to address this in the contract, though they have completed VPATS for all in scope services.
Marginal in favor of Google.


HIPAA/BAA
No BAA in place. Contract silent on HIPAA.
Microsoft has an acceptable BAA in place.
Microsoft. Without commitment to HIPAA portions of campus, UHS and Optometry are not good fits.


Account Suspension
If Customer materially breaches contract, and subject to cure, Google may suspend service in whole or in part. Google may suspend the services in whole or in part as a result of an Emergency Security Issue. In the event of an Emergency Security Issue, Google will limit suspension to the minimum extent and duration possible. Google maintains the right to suspend accounts based off of AUP violations.
Microsoft may suspend the Office 365 Services in whole or in part and without notice: (1) if Microsoft believes that Enrolled Institution's use of the Office 365 Services represents a direct or indirect threat to Microsoft's network function or integrity or anyone else's use of the Office 365 Services; (2) if reasonably necessary to prevent unauthorized access to Institution Data; (3) to the extent necessary to comply with legal requirements. If Microsoft suspends the services without notice, Microsoft will provide the reason for such suspension if Institution requests. In the event of a breach of contract, and subject to cure, Microsoft may suspend services in whole or in part. Any suspension of Office 365 Services shall apply to the minimum necessary portion of the Office 365 Services.
Microsoft, due to Google rights to suspend related to AUP.


Notification on Access
Unless prohibited by law, Google will notify Customer of Legal Request and comply with Customer's reasonable requests to oppose such and provide tools to respond to such request.
Microsoft will attempt to redirect any Legal Request to Customer. If not successful and not prohibited by law, will provide Customer reasonable notice prior to disclosure.
Draw.


Limitation of Liability
Google does not limit their liability in regards to its confidentiality obligations and includes Customer Data in definition of Confidential Information. Google is responsible for any actions of its employees and agents.
Microsoft caps its liability for "free" services at $5K including any damages related to Institution Data short of Gross Negligence or Willful Misconduct.
Google is far superior.


Defaults
Google may modify its service and will make commercially reasonable efforts to notify customer of such. Google may change Service descriptions and SLAs, though if Customer objects within 30 days they may operate under the previous terms for the then current term.
Microsoft may modify its service from time to time. If customer objects to a modification it may terminate the service with no refund for unused paid services.
Google.


Service Level Agreements
Credit tied to payment.
Credit tied to payment.
Draw.


Contractual: SUMMARY

Microsoft has a superior contract due to the following: HIPAA, Data Transfer, and Account Suspension.

Limitation of Liability is the most salient area where Google is superior.




Link: http://technology.berkeley.edu/productivity-suite/google/matrix.html

Comments

  • chippychippy <b style="color:pink;">Global Moderator</b>
    edited December 2011
    Google is fast becoming a threat to Microsoft's dominance. It's about time someone did. Lets hope this continues and one does not buy out the other.
Sign In or Register to comment.