At the end of 2014, Microsoft bought Acompli, creators of a popular email app that it quickly rebranded as Outlook. The familiar name doubtless drew in more users, but it also gave IT teams a set of expectations about the security and management options a product called Outlook would have.\nGiven that Acompli's slogan was \u201cLoved by users, and trusted by IT\u201d \u2013 and that it was the way they were working with enterprise IT departments that caught Microsoft's attention in the first place \u2013 it seemed a perfect example of the \u201cdual use\u201d strategy CEO Satya Nadella often talks about: Instead of two separate versions of every tool \u2013 one friendly and easy to use, the other carefully secured and limiting what you can do \u2013 develop an application that\u2019s both powerful and intuitive to users, then let the IT team have enough controls to keep information safe without locking things down so much that people don't want to use it.\nBut which side of that precarious balance matters most? After decades of giving admins the controls to lock down features, the Outlook app was a clear demonstration that Microsoft was prepared to prioritize the user experience.\nBuilding value, not chaos\nThat was a shift in priority Jared Spataro, the general manager of Office 365, had warned of at the SharePoint 2014 conference, to explain why anyone could create a group in Yammer. \u201cOur philosophy is we will optimize for the user experience first, to prove value to an end user, and then build IT controls.\u201d\nSpataro even shared the old Microsoft in-joke that it used to build the switch to turn the feature off before they built the feature, and he insisted it\u2019s not doing that now. He insisted they\u2019re \u201cnot trying to create chaos. It's just if we don't deliver value to end users, no matter how much you like it as an IT pro \u2013 even if you love it, we have to have people in the business feel like \u2018I want this thing; it helps me get my work done\u2019.\u201d\n[Related: Office 365 vs. Google for Work: A cloud comparison for small businesses]\nExchange administrators were surprised to discover that the Outlook app was caching Exchange credentials and a month of email messages, contact details, calendar appointments and possibly attachments in the cloud (originally on AWS servers, and although Microsoft promised to shift that to Azure and Office 365 with regional data centres during 2015, it also indicated that the cloud structure was a strategic part of the Outlook architecture they plan to continue). It needs that information to deliver push notifications for new messages, and for features like easy unsubscribe and the \u201cfocused inbox\u201d that highlights messages.\nIt wasn\u2019t that there was a security flaw in how the credentials and content was being stored. The Exchange password is encrypted with a unique AES-128 key on each device, as well as with another unique key on the cloud service. The encrypted password isn\u2019t stored on the device (which is what EAS clients that connect to Exchange usually do) and the device key isn\u2019t stored in the cloud; instead the key is used to decrypt the password in the cloud, all the connections are over TLS, and all the information cached in the cloud is also encrypted. Admins could also block the Outlook app using MDM products or ActiveSync device management policies and remote wipe devices.\nBut putting the focus on user experience rather than IT security wasn't what enterprise IT teams had come to expect from Microsoft. The app store approvals policies make it hard for Microsoft to guarantee when an app will come out for iOS, so the IT pros hadn\u2019t had any warning that a new Outlook app with a very different approach was about to show up.\nSecure the device. Don\u2019t control the behavior.\nThey also weren\u2019t happy about the fact that the app didn\u2019t enforce PIN and password policies (that came in an update two weeks after launch). In June, Microsoft also added Active Directory Authentication Library (ADAL)-based authentication, multi-factor authentication, conditional access support so you can check devices that get mail aren\u2019t compromised, and Intune MDM support for stopping users pasting or copying to and from the Outlook app if they aren\u2019t transferring the data to another Intune-managed app \u2013 but those are only for Office 365. If your users are on Office 365, the Outlook app now uses Oauth to have Office 365 handle their login rather than passing on their credentials itself; Exchange on your own server doesn\u2019t support that.\nThat adds up to a good set of security options that let you focus on the security of the device rather than on trying to control user behavior, but Microsoft didn\u2019t wait until they were ready to put the Outlook name on an app that users had been happily using for months under another name. Rather than only focusing on security improvements, the Outlook team kept on working on feature updates like improving the calendar and address book and letting users customize swipes. And most importantly, it didn\u2019t back away from the idea of using a cloud service to deliver a better user experience, even though not all its enteprise customers were comfortable with the idea of email going into even a secure cloud service.\n[ Related: Can LibreOffice successfully compete with Microsoft Office?]\nThe same kind of questions came up when Microsoft launched the Clutter service on Office 365, for automatically filtering out messages people are less likely to be interested in so they can focus on the email they actually might care about. That\u2019s now being made available to all Office 365 tenants (although there\u2019s an option to disable it) and it\u2019s provoking more discussion. Some administrators wanted to be able to turn the feature on and off for specific users; others wanted to be able to stop mail from the CEO being filed as clutter.\nMicrosoft backed down and admins can now mark specific senders and messages so that they stay in the inbox, even if they\u2019re the kind of message users ignore or delete. Ironically, the feature is used by Clutter itself, to show you a daily list of all the email messages that it\u2019s decided you didn\u2019t want to see, that you have to delete by hand. (Microsoft tells us the alert is meant to arrive weekly but an unfixed bug is sending it out every day.)\nThe Clutter bypass rules are good if you have a legal requirement to prove that you delivered a message, not so good if you use them to prevent people controlling their own email experience. Email \u2013 even business mail \u2013 is very personal, and employees are so used to choosing where, when and how they read their messages that trying to take back control of their inbox is only going to drive them to other mail services\u2026to email alternatives like Slack (or, if you\u2019re lucky, your own enterprise social network).\nWith even Microsoft firmly committed to prioritising user experience \u2013 something it has to do to compete with Apple and Google \u2013 CIOs need to evaluate what would be create too much uneasiness for them and what\u2019s just discomfort at switching to securing information rather than devices, and make sure that they have a policy that will deal with the next big-name app that raises these kind of questions.\u00a0 \u00a0\nIt\u2019s also time to look at whether IT is going to be the route through which users are going to learn about every new feature on every service that they use. The Office 365 roadmap and other tools will give IT a general heads-up about what\u2019s coming, but with mobile apps and cloud services, users are used to getting new options regularly. Having your IT team curating what features users get and when, and holding some features back until they\u2019re tested and understood, may just drive your users into the warm embrace of shadow IT.