Enforcing SharePoint Governance


Published on

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Mary Leigh
  • Creation of a well constructed governance plan is a core task for any org looking to establish good controlled sharepoint deployment….But it is just the beginning…
  • JohnEmphasis here on communication and accountability. Governance is the set of policies, roles, responsibilities, and processes that guides, directs, and controls how an organization's business divisions and IT teams cooperate to achieve business goals. Regardless of what gets documented for the organization, the question of “What’s possible” (technology) is key. We are writing specific governance plans for a technology, so knowing what to enforce is key. Does this sound like you? Anonymous AvePoint customer quote: "We have a lot of great standards that people don't really want to follow."
  • John(+Toby – very restricted is easy out of the box – need a perfect mix)Today we are looking at a spectrum for each area of governance: 1. Few restrictions, everyone has access (i.e., SharePoint Designer) – typical sayings are “I can’t find anything,” “It’s so slow,” “UXvaries from site to site,” “everyone has access to things they shouldn’t.”2. Restricted: “It’s a file share,” “It’s ugly,” “Nobody has access,” “Red tape to get anything done.”Depending on how regulated you are, you may not have a choice which route to go in! Hosting service providers, PR / Advertising companies with competing accounts, restricted R&D, “ethical walls.”
  • When is the right time? We see most line of businesses within organizations progressing in this sequence. We’re focusing today on how to introduce governance for each of these areas, because it’s never too late to start!
  • Our focus today is on a subset of these categories, drawing on the major themes above. IT Assurance for the platform, services, content, etc. Information Governance for managing collaboration
  • Progression from Manual to Automated, again back to the technology of Governance. We are only implementing a solution as strong as our enforcement.
  • SharePoint’s Grassroots adoption vs. liability that it causes is an important question. How many people have used SharePoint to manage a project because it was simple to set up a site and manage it through to completion? What about Office 365 governance, who is managing that?For IT governance, you can control the services that you offer, and you can control or track software installations in your environment to prevent proliferation of unmanaged servers for which you can't provide support. What will you provide with each service, and what will you include in service-level agreements for each service?When you develop an IT service to support SharePoint 2010 Products, a key to success is your enterprise's ability to govern the service and ensure that it meets the business needs of your organization in a secure and cost-effective way. A successful IT service includes the following elements:A governing group defines the initial offerings of the service, defines the service's ongoing policies, and meets regularly to evaluate success.The policies you develop are communicated to your enterprise and are enforced.Users are encouraged to use the service and not create their own solutions – installations are tracked.Multiple services are offered to meet different needs in your organization. Offering a set of services enables you to apply unique governance rules and policies at various levels and costs.
  • We need to establish a benchmark for how we will be checking and enforcing the policies and SLAs. Goal here is to find outliers, whether we’re meeting these plans, and whether adoption is going up. Shown on the left- examples of monitoring available in SharePoint, to the right, in DocAve.
  • Our environment today is a single-farm deployment of SharePoint, using multiple web applications to simulate multiple farms. DocAve version 6 (currently being showcased at AvePoint’s booth) is the tool of choice for our examples.
  • Continuity of Operations Plan (COOP) and Disaster Recovery (DR), NOTE: IT Assurance is really about the service (SLAs), includingArchitecture - Provision IA, restructure IA, replicate IA, and extend storage architectureInfrastructure- Disaster Recovery- Platform level backup - protecting all critical SharePoint assets, quickly restoring, maintaining warm stand-by databases for failoverSLAs - InstaMount, fast granular recovery, Performance - SQL database performance with auditor, extender, archiver, monitoringSupports the long-term content and information management requirementsExtends SharePoint storage beyond SQL (storage scalability)Automates content deletion, retention, or preservation based on customizable business rulesIntegrates with enterprise-strength storage systems to provide enhanced HSM, content deduplication, and support long-term storage via WORM or tape ([ML]: Dan or whoever- this one needs help :) ]Arhitect & implement COOP & DR capabilitiesContinuity of Operations Plan (COOP) Ensures resiliency of service in the face of disasterMaintains warm stand-by databases for one-switch failoverComprehensively protects all SharePoint assets- synchronously- for consistency upon restoreQuickly recovers lost or corrupted content with fast farm, database, or granular restores (inc. InstaMount)Level 3 examples (platform recovery)Protects business data, supporting enterprise SLAs for RTO and RPOComprehensively protects all SharePoint assets- synchronously- for consistency upon restoreQuickly recovers lost or corrupted content with fast farm, database, or granular restores (inc. InstaMount)Helps to meet varying SLAs for SharePoint content with granular backupLevel 3 examples (data protection)Delivers highly-available serviceMaintains warm stand-by databases for one-switch failoverLevel 3 examples (high availability)
  • TO OVERCOME CHALLENGES MENTIONED IN MARKET PROBLEMS SECTION for compliance, appropriateness, and restrictions
  • Information management is the governance of information in an enterprise — its documents, lists, Web sites, and Web pages — to maximize the information’s usability and manageability. Another aspect of information management is determining who has access to what content – how are you making content available internally and externally and to whom?
  • Important because the management controls will sometimes determine elements of information architecture- at which levels various options can be controlled that are required to support the business need – eg. Uploading large documents or blocking certain file types has to be controlled at the web app- if you only want that functionality for specific departments or use cases, that might require a new web application.
  • These are the components of information architecture- all of this helps determine how you manage, and your users find, interact with, and leverage data. Planning for these components ultimately can simplify management- and the application of policies can be drastically simplified- for instance, information management policies, auditing, etc can all be enabled per content typeFor those who want more information on Managed Metadata, Andrew Connell has about a 6-part blog series on it here:http://www.andrewconnell.com/blog/archive/2011/06/15/sharepoint-2010-managed-metadata-about-the-series.aspx
  • Be sure to consider access to content when you design your solution and sites. This overlaps with IT Governance as you consider your entire environment.
  • When thinking about content, consider the balance between the following factors, and perhaps have business users fill out an assessment for their site. Which of these factors is the highest priority for each type of content?Availability: available when users need it (can get to it) – so where will content be located? What geography should we locate the data? Do we need to provide mobile access to this content? Access: who has access to the content, if it should be secure, is it? How are we ensuring that is the case? Weekly security audits required? Ongoing monitoring of users? Redundancy: Do we really need another site, or more content? Have we considered shared sites or resources or copies to reduce redundancy, and provide one version of the truth? For example, having a single copy of a document is good for reducing redundancy, but it is a problem for availability and access if it is deleted. What steps need to happen when a list item, document, or page is created, updated, or deleted and who gets affected? Introduce a site contact to speak for the business. For best results, develop a long term solution with them, rather than a temporary solution.
  • Much of the balancing act on the previous slide should be covered by your document and records management plans, but also consider the storage costs for the content. Understand the capacity planning limits for documents and items, and keep performance and scale in mind.Migration & Planning, onboarding potentially different systems- File share to SharePoint, have users been educated on how content is tagged, and how permissions will work? Have we assessed the changing taxonomy of bringing over other ECM data? Storage decisions for life of content, which could include geography (cloud), retention (WORM), or even availability ( redundancy). Plan for expiration of content today. Content curves are exponential, but as a major financial customer asked AvePoint: “How do we get to the point where I no longer have to purchase new hardware for SharePoint?” Governance helps us dictate the lifecycle of content, including death.
  • Storage Optimization pitch: Connect to keep out of SQLStorage Manager to externalize to less expensive storage based on customizable rules and policies (eg. File size, type) Archiver to take end-of life content out of SharePoint completelyIntegrates with EMC, NetApp, IBM, Dell, and Hitachi storage systems to optimize storage costs for SharePoint BLOBs, backup and archive data, as well as audit logs.Simplifies and automates administrative and management proceduresDeploys changes to security and configuration in batch modeReports on SharePoint sites, users, storage, and activity in real-time or on a scheduled basisProduces actionable reports on SharePoint users, security, and contentProactively alerts adminsitrators when activity, storage, or network usage thresholds are metLevel 3 examples (governance)Level 3 examples (CLI) - e.g. Automatically provision SharePoint content or media files to connect up to petabytes of file share content into SharePoint. Generalized: Automate the execution of existing plans, or automatically configure additional DocAve plans to provision, delete, edit, or reconfigure SharePoint content and configurations en masse.Level 3 examples (API/SDK)Enable information management while enforcing policies and standards:Empowers business users to manage SharePoint while enforcing policies and standardsSecurity trims administrative functions based on role or SharePoint permission (delegation)Level 3 examples (governance and automation portal)Integrates with and supports leading SharePoint hardware and software solutionsProtects Nintex, NewsGator, and KnowledgeLake solutions, as well as any custom application databaseLevel 3 examplesPlatform consolidation (not in 6.0)Migrates from more than 14 different content management systemsMaintains critical data, including content, metadata, and security with customizable mappingProvides for minimal business disruption over the course of the migration project with live or scheduled migration optionsLevel 3 examples (migration)
  • SharePoint’s third phase of growth, as an application development platform, also requires another analysis on our Governance spectrum. The same way we have tried to find a balance between the business and what services IT can offer, we must consider the IT Assurance and other governance aspects again!
  • Environment setupInstalling SharePointHardware requirementsTeam developmentbuilding implementationsTool supportsource control in VSeWSS projectsDebugging trickyno out of the box build server abilityVersioned releasesFeaturesContent typesVersion 1.1 was always a scary thoughtSee also: http://wss.made4the.net/archive/2009/10/26/factors.aspxhttp://wss.made4the.net/archive/2009/07/06/how-asp-net-developers-can-leverage-sharepoint-webcast.aspx
  • Combining best practices from Microsoft, with service agreements (plans built in DocAve)
  • Given back to the business at a value. AvePoint won’t provide the billing mechanism for you, but gives you the tools you need to establish a full SLA, defined in an automated interface.
  • So just to recap, essentially we have some options with how we plan to implement and enforce SharePoint governance policies. The heavily manual apprach, which requires people to essentially police themselves, we can use tools like powershell or the docavesoftwaer platform in a semi-automated approach, as we just saw in the previous example of policy creation and implementation , so a fully automated approach would really be the holy grail- which is what I’d like to spend the last few minutes discussing. Governance Automation is a product that we’ll be releasing soon, that will surface the pre-configured policies in a form to business users for a variety of service requests. So if we take this site provisioning example, we just saw how we can align various docave rules with various policiy levels, but lets look at how we would expose that to the business. Once a business subcribes to a policy, the coorespondingdocuave plans would automatically be associated with that site, in the site provisioning use case. But there are several other use cases we’re targeting- whether site collection lifecycle mangaement,, deploying galler artifacts, etc. for more information on that product, we do have a web page up where you can read more information and see what’s coming.
  • Automation gives you the chance now to specify how sites may be created!(this is an example of what a Governance Automation form could look like)
  • These are the other types of services and use cases that we could target with GA+
  • Need to hyperlink/add graphics
  • Enforcing SharePoint Governance

    1. 1. Planning Microsoft® SharePoint® Governance:How to Implement an Effective GovernancePlan in SharePoint,Roberto Vazquez DelgadoAvePoint – Technical Solutions ProfessionalRoberto.Delgado@AvePoint.com
    2. 2. AvePoint Corporate Overview • Founded and Debuted in 2001 • Worlds Largest SharePoint-Exclusive Research & Development TeamSpecialized with 1,000 Employees (600+ in R&D) • Worlds Largest Provider of Enterprise-Class Governance and Infrastructure Management SolutionsExperienced • 25 Offices, 13 Countries in 5 Continents & 8000+ Customers • Depth-Managed, Microsoft Certified Partner • Comprehensive SharePoint Governance & Management Platform Invested • Offering True 24 x 7 Support - Microsoft Certified Technicians
    3. 3. Agenda• Definition and Purpose of Governance• SharePoint Governance Challenges – IT Governance – Information Governance – Application Management• What does SharePoint Governance look like? – Out of the box capabilities – When to think about additional technology options• Final Considerations
    4. 4. Bringing your governance plan into focus…
    5. 5. Key Players of Governance People Policy Process Technology
    6. 6. Governance Spectrum Chaos Restricted
    7. 7. Introducing a Governance Plan Integration Applications Collaboration Content
    8. 8. Today’s Focus Areas for SharePoint Governance • IT governance of the software itself and the services you provide IT Information Governance • Information governance Governance of the content and information that users store in those services. Application Management • Application governance of the custom solutions you provide
    9. 9. Getting the right tools for the job…• Standard administration interfaces – Quotas, locks, permissions, records management• Powershell – Administrative functions, Data protection• SharePoint services and features – Managed metadata service for classification – ISV solutions for management• SharePoint Designer, Visual Manual Studio Automated
    10. 10. IT Governance Centrally Managed Locally Managed Software, Services, and Sites are hosted and Software, Services, and managed centrally by a Sites are hosted and core IT group managed locally by individual groups A successful IT service includes the following elements: • A governing group defines the initial offerings, policies, and evaluates success of the service • The policies you develop are communicated to your enterprise and are enforced • Users are encouraged to use the service and not create their own solutions – installations are tracked • Multiple services are offered to meet different needs in your organization
    11. 11. Service-level agreements should include:• Length of time and approvals necessary to create a site.• Costs for users/departments.• Operations-level agreement – which teams perform which operations and how frequently.• Policies around problem resolution through a help desk.• Negotiated performance targets for first load of a site, subsequent loads, and performance at remote locations.• Availability, recovery, load balancing, and failover strategies.• Customization policies.• Storage limits for content and sites.• How to handle inactive or stale sites.
    12. 12. Reports and Inventory of Usage• Web Analytics Reporting – Traffic – Search – Inventory• PowerShell• Inventory – Sites – Quotas – Content Types – Branding – Customizations – Security
    13. 13. Simplifying IT Governance Implementation withTechnologyCONSIDER 3RD PARTY TOOLS TO:• Centrally enforce limitations – plans and policies for – Data Protection, Recovery, and Availability – Audit Policies – Permission management• Scalability in Management – Giving IT Teams the technology to manage thousands of users – Terabytes of Content – Millions of Audit Records
    14. 14. Providing IT Assurance with DocAve Ensure service availability Workflows Solutions Applications Quickly recover lost or corrupted content SharePoint Storage Manage SharePoint growth and configuration DocAve Data Protection Scope © 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
    15. 15. Enhancing Security and ComplianceCompliance, Appropriateness, and Restrictions Map user access & Security permissions to all content Configurations Monitor user and item access and activity Reports Implement auditing policies in accordance with Search regulatory guidelines Storage Ensure content compliance © 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
    16. 16. Information Governance Loosely Managed Highly Restricted Content is tagged only socially Content is tagged with structured and not tracked; permissions and metadata, permissions are tightly archiving are not controlled or controlled, content is archived or managed. purged per retention schedules. Appropriate for: Appropriate for: • Low-business- • Structured content impact content • High-business-impact content • Short-term projects • Personal identifiable • Records information • Collaboration • Records
    17. 17. @danholmeInformation Architecture vs. ManagementInformation Architecture Management• Organize and describe content • Manage the content & service – Metadata – Access levels (permissions) – Structure – Lifecycle – Relationships – Storage• Inputs • Inputs – Knowledge Management team – Information management policies – Librarians – IT usage policies – Content owners – Regulatory environment – Subject matter experts (SMEs) – SLAs• Outcomes • Outcomes – Site map (navigation) – Access levels – Taxonomy – Records management – Search – Compliance – Targeting (audiences) – Performance
    18. 18. Information Architecture Wireframe & Search & Site Map Navigation Information Architecture Managed Content Types Metadata
    19. 19. Management controls and scopes Farm Service Zone Web Application Application Content DB Site collection Top-level site Sub site List/Library Sub site [Folder] Item / Document
    20. 20. Information Access Information Management: IT Governance: Access Permissions and Audiences Should I use How do I makeHow do I structure How do I target How do I make this Information Rights sure that only permissions in a content to specific content accessible Management (IRM) people who need site? audiences? to external users? to protect content? access have it? Determine the rules or policies that you need to have in place for the following types of items: • Pages • Blogs and Wikis • Lists • Anonymous comments • Documents • Anonymous access • Records • Terms and term sets • Rich media • External data
    21. 21. Information Assessment Availability Redundancy Access
    22. 22. Information Lifecycle Management Birth Life Rest
    23. 23. Managing Information and Storage with DocAveOptimize & evaluatecontent utilization todecrease storage costs Storage SecurityAutomate administrativetasks for content, polices, Configurations& security to controlproliferation ReportsEnable efficient contentlifecycle management Searchwhile enforcing policiesand standards © 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
    24. 24. Application Management Strictly Managed Loosely Managed Customizations must adhere to customization policy, Rules about development deployments and updates tested environments or and rigorously managed. customizations are less rigid.Determine customization types you want to allow, and how to manage them:• Service level descriptions • Guidelines for updating customizations• Processes for analyzing customizations • Approved tools for development• Process for piloting and testing customizations • Who is responsible for ongoing code• Guidelines for packaging and deploying support customizations • Specific policies regarding each potential type of customization (done through the UI or SD)
    25. 25. Customizations & Branding• Isolate custom solutions: Sandbox Solutions – Cannot use certain computer and network resources – Cannot access content outside the site collection they are deployed in. – Can be deployed by a site collection administrator. – Governed: only a farm administrator can promote a sandboxed solution to run directly on the farm in full trust.• Master Pages and Page Layouts• Themes• To “Designer” or not to “Designer”• Separate development, pre-production, and production environments (keep these environments in sync)
    26. 26. @jthakeChallenges with SharePoint development• Environment setup• Platform learning curve• Toolset support• Team development• Versioned releases http://wss.made4the.net/archive/2009/10/26/factors.aspx http://wss.made4the.net/archive/2009/07/06/how-asp-net-developers-can- leverage-sharepoint-webcast.aspx
    27. 27. Application Lifecycle ManagementSource: Microsoft TechNet, MSDN, and blogs
    28. 28. Streamlining ALM with DocAve WFE Elements WFE Elements WFE Elements Solutions Solutions Solutions Customizations Customizations Customizations Development Staging Production• Centrally enable or disable SharePoint Designer• Control propagation of artifacts, customizations and solutions within or across environments• Compare environments for selective artifact propagation• Easily copy content from production back to dev/text environments to increase testing quality
    29. 29. Implementing Governance Policies
    30. 30. Governance PlansQuotas Customizations Information10 GB SP Designer Ownership50 GB Site Galleries Content Types100 GB Sandbox Solutions Ethical WallsBackup Storage InfoMgmt Auditing1 hour Tier 1 – SAN 7 years Full Audit1 day Tier 2 – NAS 3 years Views + Edits1 week Tier 3 – Azure 1 year Views
    31. 31. SharePoint Policy Bundles Gold Silver BronzeBackup 1 hour 1 day 1 weekStorage Policy (RBS) Tier 1 – SAN Tier 2 – NAS Tier 3 – AzureInfo Mgmt Policies 7 years 3 years 1 yearAuditing Full View + Edits ViewsSharePoint Designer Enabled Disabled DisabledContent Database Isolated DB Shared SharedSandboxed Solutions Enabled Disabled DisabledQuota 100Gb 50Gb 10GbCost $$$$$$ $$$$ $$
    32. 32. Maturing Governance in the Organization Governance Plan Manual Semi-Automated Automated • Resource Intensive • DocAve Software • What’s next: • Rely on People to Platform Governance police themselves • Powershell Automation © 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
    33. 33. Service Request Type - Site Collection Request Sales HR ProjectPolicy Silver Silver, Bronze Gold, SilverSecurity Sales Management HR Management Marketing ManagementSite Templates Custom Sales Enterprise Wiki Team Site, Template Publishing SiteService Type Acct Type:Metadata EPG/SMB/FINWorkflow 1 Step 3 Step 2 StepGlobal Metadata Location Location LocationPrimary/Secondary *Fill in the blank* *Fill in the blank* *Fill in the blank*Site Contact
    34. 34. Service Request Types – Surfacing Options to ContentOwners and Business Users• Site Collection Request• Transfer / Clone User Request• Site Collection Content Lifecycle Request• Sub-site Request• Content Move Request• Solution Package Deployment Request• Gallery Artifact Deployment Request• Recover Content Request• Report Request
    35. 35. Key takeaways• Governance is there to ensure IT solutions achieve business goals• Start simple• Training• Keep it fresh• Don’t have a policy unless you can enforce it
    36. 36. ContactAvePoint Roberto V. DelgadoPhone Slides (sorry, no phone ) (201) 793-1111 www.slideshare.net/robertovd 1-800-661-6588 (toll-free)Email Email sales@avepoint.com roberto.delgado@avepoint.comSocial & Community Social & Community www.DocAve.com www.DocAve.com http://www.facebook.com/AvePointInc www.facebook.com/AvePointInc @AvePoint_Inc @sharepointrober
    37. 37. ResourcesProduct Info: http://www.avepoint.com /sharepoint- solutions/governance- and-complianceNEW PRODUCT! Governance Automation: http://www.avepoint.com /GovernanceAutomation Website houses all white papers, case studies, download links, datasheets, etc! Download a FREE, fully-enabled 30 Day trial of DocAve at www.avepoint.com/download
    38. 38. Additional Resources(Please Click Images or Visit www.AvePoint.com/resources) WhitePapers from AvePoint’s OwnCustomer Success Stories SharePoint Experts © 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.