Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Options for Building a Modern Extranet


Published on

Presented at SharePointFest Seattle 2019 by Microsoft RD + MVP Christian Buckley (@buckleyplanet) and Sr. Product Manager at Microsoft, Mark Kashman (@mkashman).

There are many solutions that allow for collaboration with customers, partners, and virtual teams that stretch inside and outside of your organization, but which tools work the best in different scenarios?

In this session geared toward end users, we'll discuss how the latest Office 365 tools and solutions can be leveraged for different extranet scenarios, and help you to decide which of them best fit your specific needs. Solutions to be discussed include SharePoint, Teams, Yammer, OneDrive, Stream, and more.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Options for Building a Modern Extranet

  1. 1. Options for Building a Modern Extranet Christian Buckley & Mark Kashman
  2. 2. Christian Buckley Microsoft RD & MVP CollabTalk LLC @buckleyplanet Mark Kashman Sr. Product Manager Microsoft @mkashman
  3. 3. Take the Survey! External Sharing Survey for #SPFestSea
  4. 4. Why share?
  5. 5.
  6. 6.
  7. 7.
  8. 8. A key insight from network science is the power of brokering, the act of moving information from one group to another. Network “brokers” make “sticky” information more fluid by connecting to multiple networks and sharing information across information silos and other networking barriers. Network brokers (i.e. – connectors) have three advantages:  Breadth. They pull their information from diverse clusters.  Timing. While they may not be the first to hear information, they are first to introduce information to another cluster.  Translation. They develop skills in translating one group’s knowledge into another’s insight. Combined, these three advantages give an individual an overall vision advantage to see, create, and take advantage of opportunities. Why Being the Most Connected is a Vanity Metric, Forbes
  9. 9. Why do I need an extranet?  Exchange large volumes of data  Share product catalogs exclusively with wholesalers or those "in the trade"  Collaborate with other companies on joint development efforts  Jointly develop and use training programs with other companies  Provide or access services provided by one company to a group of other companies, such as an online banking application managed by one company on behalf of affiliated banks  Share news of common interest exclusively with partner companies
  10. 10. Networking is a Human Behavior
  11. 11. Sharing Drives Productivity  Social interaction adds context and adds metadata to your content  Metadata drives search, content and task aggregation, and enables many of the new AI and machine learning-based features within Microsoft 365  All of these interactions expand intelligence through the Microsoft Graph  …which enhances discovery  Productivity improves human interaction with our systems and data, and provides that “social fabric” to help our technology better fit within our team and corporate culture  More productivity = more IP creation
  12. 12. Industry Example: Healthcare  For healthcare organizations, providing a seamless environment to departments, providers, manufacturers, and external agencies is essential.  A great case study is the Canadian Agency for Drugs and Technologies in Health, an independent, not-for-profit organization providing decision-makers with objective evidence, analysis, and recommendations to help them make informed decisions about the optimal use of drugs and medical devices.  As with most healthcare organizations, CADTH utilized a shared IT organization, so centralized governance and administration is essential. CADTH was regularly creating collaborative workspaces as new organizations fell underneath their umbrella, but needed an extranet solution that would allow for user delegation, centralized governance, and secure authority from multiple sites.
  13. 13. Industry Example: Construction & Engineering  For construction and engineering organizations, it is important to efficiently manage their collaboration efforts with sub-contractors, associations, government bodies, and clients.  An example in the construction and engineering sector is Associated Engineering, an award-winning consulting firm providing services in planning, engineering, environmental science, and asset management. With more than 900 staff across 21 locations in Canada, Associated Engineering needed a secure and manageable solution for collaborating and communicating with clients, contractors, agencies, and other external organizations, with some multi-year projects including hundreds of participants.  Leveraging Microsoft's Azure AD B2B solution and 3rd party tools, Associated Engineering was able to deploy a flexible and automated solution that provided a customized invitation process for external partners, auto-provisioning of Azure AD, and delegation of management to business owners.
  14. 14. Industry Example: Non-Profits  For non-profits or registered charities, reducing the costs of infrastructure hosting and ongoing operational costs is key, while also allowing the organization to quickly scale to add thousands of users, sponsors, and partners to their extranets.  An example is OntarioMD, a government- funded not-for-profit organization responsible for driving adoption of Electronic Medical Record systems by 14000 physicians in the province of Ontario. OntarioMD made the decision to decommission their legacy platform in an effort to reduce their infrastructure and ongoing operational costs, and to move to a cloud-based solution.  OntarioMD developed a responsive, visually appealing extranet site that included physician self-registration, an onboarding process that validated new users using Azure multi-factor authentication, and full auditing of all profile updates and attempted login activity.
  15. 15. New Features that Support Extranet Activities
  16. 16.  Create a folder in OneDrive and/or SharePoint Online where you can request an external user to upload files.  The external user will then receive an email with the request link. Clicking on the link, they can then choose their files, and upload them. Once successfully completed, the original requestor receives an email letting them know the files were uploaded.  A single link can be used for multiple requests, and the uploader is only able to view their specific files.  Available in Q4 of 2019 on the current roadmap. Audience heat mapRequest Files
  17. 17.  When you're collaborating on a PowerPoint, you often need opinions/input on a particular slide or a particular section of slides. This is especially challenging when co-authoring larger PowerPoint decks.  Now you will have the ability to choose a specific slide within a PowerPoint presentation and share a link directly to the slide.  What this means is an external user can receive a link to the presentation, when they click on the presentation and login, they will be accelerated right to the slide that needs their attention!  Available as of June of 2019 in the Web-only version of PowerPoint. Audience heat mapSharing PowerPoints with Context
  18. 18.  A new reporting enhancement will be available in SharePoint Online that will track all of the unique permissions and sharing links setup on a particular site collection.  This will provide you with a detailed summary of all the active external sharing activities taking place in a given site.  You will have the ability to export this report as a CSV. file which will allow you to slice and dice the data in your chosen reporting tool, whether that be Power BI or Excel. Audience heat mapSharePoint Reporting Enhancement
  19. 19.  Previously, this has been an area that has caused some confusion as there was direct sharing from SharePoint as well as Azure B2B sharing, which is managed within Azure Active Directory. Now they are one and the same.  When a document is shared to a user requiring them to login, they will be created as a Guest User in the Azure AD tenant.  This allows those users to gain access with the newly released One Time Passcode (OTP) functionality that has been part of Azure B2B since early 2019. Audience heat mapAzure AD B2B Integrations with Sharing
  20. 20.  Site admins can define how long a guest user has access to site contents.  IT access policies are defined at the organization level (i.e. All users will lose access after 60 days).  Site Admin can extend access for users expirations if additional time is permitted. Audience heat mapExpiring External Access
  21. 21. External Sharing in SharePoint and OneDrive Discussion on the latest SharePoint and OneDrive external sharing capabilities with MVP Peter Carson (@carsonpeter), and Microsoft's Mark Kashman (@mkashman) and Stephen Rice at the SharePoint Conference 2019. Video:
  22. 22. What is an Unstructured Extranet?  External sharing in Office 365 strongly supports ad-hoc collaboration  Sharing documents with a few to a few dozen external people  Secure Link sharing to sites, libraries, and documents • Anyone with a link (Anonymous) • People in your organization • People with existing access • Specific people
  23. 23.  Invitation-only  Business owner knows who to invite  Direct invitation  Bulk import of external users  Private registration  Business owner knows someone who knows who to invite  Private registration link that is not easily guessed  Can be forwarded any number of times  May or may not want approvals on registration  May auto-approve based on email domains  Public registration  Anyone should be able to discover and register  Typically linked from a public website page  May or may not want approvals on registration  May auto-approve based on email domain What is a Structured Extranet?
  24. 24. Structured Extranets and Azure B2B  Simple • Partners are invited into your Azure AD • Each partner user uses an existing Azure AD account or one that is easily created during invitation acceptance • Permissions can be managed through Azure AD groups  Secure • All access is controlled through your Azure AD directory • Partner users can be removed from your Azure AD and their access is immediately revoked • When the partner user leaves the partner organization, access is lost automatically  Seamless • Partner companies who need access do not need to have Azure AD • Azure AD B2B collaboration provides a simple user sign-up experience for these partners
  25. 25.  External sharing is not scalable  Individual users need permission management to invite  Permissions become a mess, governance goes out the window  Azure Ad B2B is not user-friendly  Azure portal is overwhelming  All-or-nothing delegation  No self-registration  No integration to other line-of-business systems  No integration to on-premises AD Understand the Gaps
  26. 26. Extranet Options: Azure AD B2B
  27. 27. Azure Active Directory (Azure AD) business-to- business (B2B) collaboration lets you securely share your company's applications and services with guest users from any other organization, while maintaining control over your own corporate data. Allows you to work safely and securely with external partners, large or small, even if they don't have Azure AD or an IT department. A simple invitation and redemption process lets partners use their own credentials to access your company's resources. Developers can use Azure AD business-to-business APIs to customize the invitation process or write applications like self-service sign-up portals. Where to Start a ConversationWhat is Azure AD B2B?
  28. 28. • Partner users can be granted access to any part of your SharePoint Online environment • Considered external users by Microsoft • No Office 365 subscription is required for the partner users • Permissions in SharePoint Online can be applied to Azure AD groups Where to Start a ConversationAzure AD B2B and Office 365
  29. 29. Where to Start a ConversationAzure AD B2B Onboarding Experiences
  30. 30. Options: PowerApps Portals
  31. 31. Enable organizations to build low-code, responsive websites which allow external users to interact with the data stored in the Common Data Service. Using a simple, dedicated designer experience, makers can create pixel-perfect websites which are custom branded and allow users to interact with data stored in the Common Data Service. PowerApps Portals allow organizations to create websites which can be shared with users external to their organization either anonymously or through the login provider of their choice like LinkedIn, Microsoft Account, other commercial login providers. You can also integrate enterprise login providers using a variety of industry standard protocols like SAML2, OpenId Connect and WS-Fed . Websites can also be created for Employees who can connect using their corporate Azure Active Directory account. low-code-websites-for-external-users/ Where to Start a ConversationWhat are PowerApps Portals?
  32. 32. Options: 3rd Party Solutions
  33. 33. Options: 3rd Party Solutions
  34. 34. • There are also Microsoft partners that integrate with Azure AD B2B and Office 365 to deliver more robust end user experiences, such as Extranet User Manager ( • Add groups and users directly from the SharePoint Online site • Permissions are automatically wired up in the background by EUM Flow Connector • Full administrative capabilities • Add, Edit, Remove groups • Add, Edit, Remove users • Search, Add, Edit, Import users & groups • Copy and share private link for registration • Delegated access for business owners Where to Start a ConversationExtranet Options: 3rd Party Solutions
  35. 35. What tool should you use, and when?
  36. 36. Where to Start a Conversation Outlook SharePoint & OneDrive Where to start a conversation
  37. 37. Outlook Inner Loop SharePoint & OneDrive Where to Start a ConversationWhere to start a conversation
  38. 38. Outlook Outer LoopInner Loop SharePoint & OneDrive Where to Start a ConversationWhere to start a conversation
  39. 39. Outlook The Open Loop Outer LoopInner Loop SharePoint & OneDrive Where to Start a ConversationWhere to start a conversation
  40. 40. Audience heat map More Internal Users More External Users More Task-Focused More Initiative-Focused SharePoint Yammer OneDrive Teams PowerApps Portals Audience Served
  41. 41. Simple Complex IT Managed End User Managed SharePoint Yammer OneDrive Teams PowerApps Portals Audience heat mapManagement Overhead
  42. 42. Unstructured Structured Process-Focused Ad Hoc SharePoint Yammer OneDrive Teams PowerApps Portals Audience heat mapCollaboration Focus
  43. 43. 1. Who will be accessing the extranet? 2. Would you like to have a self-registration option or invitation-only? 3. How will your extranet users authenticate into your extranet application? 4. What interactions are your external users going to have with the extranet? 5. What applications will have to be accessible through the extranet? Questions To Ask:
  44. 44. • Upcoming webinars from EUM: • Use SharePoint Online as a business-to-business (B2B) extranet solution • Create an external business-sharing site in SharePoint Online us/sharepoint/create-external-business-sharing-site • Linked: How Everything Is Connected to Everything Else and What It Means for Business, Science, and Everyday Life • Six Degrees: The Science of a Connected Age • Bursts: The Hidden Patterns Behind Everything We Do, from Your E-mail to Bloody Crusades • External Sharing in SharePoint and OneDrive • Sharing is All About Control • External Sharing Announcements from #SPC19 • The Ultimate Survival Guide for Charities eBook Audience heat mapResources
  45. 45. @buckleyplanet Thank you very much! @mkashman