Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SharePoint Governance: stories, myths, legends and real life

1,602 views

Published on

SharePoint governance starts with a 600-page document. At our 30-person company, we need a 40-person SharePoint Governance committee, and nobody can determine why a housekeeper has access to the governance document.

Have you heard this type of statement? We most certainly have. In this session, Toni will bust myths like these by providing a workable approach to SharePoint governance in small and large enterprises. We will talk about setting policies as well as what makes sense and what doesn’t. We will break down the governance plan and examine its pieces. Most importantly, we will talk about implementing these policies based on real-life use cases, where no one reads 600-page documents.



Session highlights:

- Developing a workable governance plan
- Setting realistic governance policies
- Automatizing policies implementation

Published in: Technology
  • Be the first to comment

SharePoint Governance: stories, myths, legends and real life

  1. 1. SharePoint Governance: stories, myths, legends and real life Toni Frankola @tonifrankola SharePoint MVP Acceleratio Ltd,. Croatia
  2. 2. Grant, add Delete, remove Clone, transfer Generate entire SharePoint documentation, check the custom solutions, save farm deployment. Analyze and manage permissions live: clone, transfer, create groups, add or remove users. Monitor farm health, track changes and compare. Report on site contents and audit farm setup. One solution for all your SharePoint troubles… Farm Assessment Permissions Farm Audit Save time! Single console! Validate!
  3. 3. Explore and compare SharePoint Online permissions. Review all your Office 365 tenants, licenses and subscriptions. Track changes and monitor users Exchange Online data. Groups Users Administrators One tool for entire Office 365… Tenant Overview Permissions Reports Review all! Save time! Examine! Compare
  4. 4. The size of digital universe 4 ZB 2013 44 ZB 2020
  5. 5. OneDrive storage plans change in pursuit of productivity and collaboration …a small number of users backed up numerous PCs and stored entire movie collections and DVR recordings. In some instances, this exceeded 75 TB per user or 14,000 times the average.
  6. 6. The goals for this session • Demystify SharePoint Governance • Rules for governance plan • Forming a governance team • Creating a sample governance plan • Policy / Responsibility / Process • 4 examples of processes for implementing policies
  7. 7. FACT: NOBODY REALLY LIKES GOVERNANCE • Time consuming • Costly • Outcome is difficult to measure
  8. 8. Why don’t we do SharePoint governance? • SharePoint Governance is only important for large deployments. • SharePoint Governance is a book. A big book. • We don’t have people for real governance board. • Governance is nothing more than consultancy hours
  9. 9. What is SharePoint Governance? Governance is the set of policies, roles, responsibilities, and processes that control how an organization's business divisions and IT teams work together to achieve its goals. (Microsoft)
  10. 10. IT Management, 2 Information management, 4 Security management, 3 Application management, 5 0 1 2 3 4 5 6 Low Medium High GOVERNANCEEFFORT Governance effort per SharePoint maturity
  11. 11. Typicalamountofgovernance Proportion of site types in a typical environment Central published site (Intranet home page) Departmental site Group and team sites Projects and workspaces Personal sites (My Sites) Governance and Site Types
  12. 12. SPGovernance A. IT Governance (S+S) A1. Security, infra, and web app policies A2. Data protection (backup + rec) A3. Site policies A4. Quotas A5. Asset classification B. Information management (content) B1. Architecture B2. Access B3. Management tools C. Application management (Custom Solutions) C1. Customization policy C2. Branding C3. Custom Solutions / Apps
  13. 13. A. IT Governance (Software + Services)
  14. 14. A1. Security, infra, and web app policies • How is the system and infrastructure maintained? • Hardware, Software, Updates, Services Running • Who has access at what levels? • Privileged Access • Permissions (a topic for a dedicated conference)
  15. 15. A1-A. Deployment governance • Track installations Use AD. • Block installations SP, SPD, InfoPath • Keep current with software updates Keep your servers current. Test and install recommended software updates. • Site collection upgrades Site collections can now be upgraded independently from the content databases.
  16. 16. A1-B Permissions • Share with external users (who and what) • SharePoint Groups (when and how many) • AD groups • Clean up and testing
  17. 17. A2. Data Protection • Backup and restore • Frequency • Level • Software boundaries and limits for SharePoint (2007/2010/2013) Limit Maximum value Limit type Notes Number of content databases 500 per farm Supported The maximum number of content databases per farm is 500. Content database size (general usage scenarios) 200 GB per content database Supported The default file size is 50 MB, which can be increased to a maximum of 2 GB. Content database size (all usage scenarios) 4 TB per content database Supported Content databases of up to 4 TB are supported*
  18. 18. A3. Site policies • Site Lifecycles • Site Deletion • Site Creation • Management
  19. 19. A4. Quotas • How much data can be stored in a site collection • Maximum size of uploaded files • Database growth predictions
  20. 20. B. Information management (content) Versions, Records, Information Architecture
  21. 21. C. Application management (Custom Solutions) Proces for piloting and testing solutions Guidelines for packaging and deploying customizations Guidelines for updating customizations Approved tools for customizations
  22. 22. C2. Lifecycle management Development Pre-production Production Test new and updated apps and solutions Control source code and use versioning Keep environments in sync to get best results from testing Sync Sync
  23. 23. C3. Branding • Custom Logo + Custom Theme • Master Pages • Localization • Responsive
  24. 24. Myth 1: Governance is important only for large deployments
  25. 25. “We just want to collaborate”  Creating SharePoint artifacts without a plan (Infrastructure, Information Architecture)  No Enterprise Content Management No permissions concept, archiving, no retention  SharePlosion (can happen with relatively small amounts of content)
  26. 26. How did this happen? Inadequate infrastructure No information architecture No security concept Wild customizations No proper training Governance hell
  27. 27. What is SharePoint Governance? Governance is the set of policies, roles, responsibilities, and processes that control how an organization's business divisions and IT teams work together to achieve its goals. (Microsoft) Policy Role / Responsibility Process CDB cannot contain more than 20 SCs Farm Admin Weekly: Create CDBs / Move SCs / Delete SCs
  28. 28. Myth 2: The Governance Plan The SharePoint Governance Plan is a guidebook outlining the administration, maintenance, and support of X Corporation’s SharePoint environments. It identifies lines of ownership for both business and technical teams, defining who is responsible for what areas of the system. Furthermore it establishes rules for appropriate usage of the SharePoint environments. Microsoft SharePoint Governance Template Myth 2: The Governance Plan
  29. 29. Governance plan • Small and concise • Bullets, posters • Wiki Policy Role / Responsibility Process
  30. 30. Policies Roles/Responsibilities Processes IT Governance Information management Security Management Application management Your Governance Plan
  31. 31. Your governance plan Don’t try to cover everything. Make sure that the Governance Body has authority to decide and react quickly.
  32. 32. Myth 3: The Governance Body We recommend that you create a team from various disciplines across your organization to develop and maintain these policies. Include people from as many roles as possible. Microsoft Technet
  33. 33. https://technet.microsoft.com/en-us/library/cc263356.aspx Governance team
  34. 34. https://technet.microsoft.com/en-us/library/cc263356.aspx
  35. 35. Your Governance team Governance Body Enterprise Architect Project Lead(s) [Business] Lead SP Admin Lead Software Architect Workers council Compliance Officer Risk Officer Data Privacy officer SP Influencers Project Sponsor
  36. 36. Myth 3: The Governance Body Focus on needs and resources Keep it small Authority to decide
  37. 37. Real world example: Large Real Estate customer
  38. 38. Real world example 8.000 Site Collections CRM
  39. 39. Real world example • Auto-provisioned from external system (CRM) • 200-10000 documents (avg. 500) • 24 Security Groups • 4 groups with prepopulated membership (CRM) • “Nested” through group owners • Hierarchical permissions management • “Managers” can break permission inheritance • 60 Content types. CT Inheritance • Records management (InPlace + DM) • Site policies according to Project Lifecycle RE FARM
  40. 40. Governance Challenges Farm health Permissions Content types Content monitoring ECM Applications
  41. 41. Policies Roles/Responsibilities Processes IT Management Information management Security Management Application management Your Governance Plan
  42. 42. IT/SP Management Policy Role/Responsibility Process Measure network latency Network latency cannot be larger than X Chief Network Administrator, Mr. John Smith Tool X will be configured to automatically measure network latency in 10-days intervals. If latency is larger than X... SP Logs Hard drives size Drive partitions where log drives are stored cannot be used more than 75% Chief Network Administrator, deputy Mr. Adam Doe SC will be configured to monitor drives, and to archive logs... SP Health check Regular SP Farm health check Chief Network Administrator, Mr. John Smith Tool X will be used to... SP Best practices Regular SP Best Practices monitoring Chief Network Administrator, Mr. John Smith A tool will be used to automatically monitor SP Best Practices every week and to report
  43. 43. Challenge 1: SharePoint Farm Health • SharePoint Farm Status • SharePoint Best Practices
  44. 44. Infrastructure / SharePoint Policy Role/Responsibility Process Best Practice SharePoint Logs have to be stored on a separate drive Chief Network Administrator, Mr. John Smith Best Practices check to determine if Logs are in proper location Best Practice Loopback Check disabled Chief Network Administrator deputy Mr. Adam Doe Best Practices check to determine if loopback check is configured properly
  45. 45. SharePoint Best practices • Microsoft TechNet • PowerShell / Central Admin • SPDocKit SharePoint Best Practices Portal https://bp.spdockit.com
  46. 46. Challenge 2: Dead content • Documents not accessed • Documents whose authors are not....
  47. 47. Information Management Policy Role/Responsibility Process Site structure Project sites can contain only predefined libraries Chief Network Administrator, Mr. John Smith Use SharePoint Manager, or PowerShell script A, to identify project sites with custom document libraries Dead content Dispose of the content that is unused since 6 months Chief Network Administrator deputy Mr. Adam Doe Once a month use PowerShell to locate content which is not used since 6 months, and inform the content owners... Sites in retention Regular SP Farm health check Compliance officer, Ms Anna Smith, Chief Network Administrator... PowerShell Script X will be executed every Monday which finds the site collections that... Content types Content types are provisioned only through the CTH Taxonomy officer, Ms Jane Smith, Chief Network Administrator... PowerShell Script Y will be executed every Monday which iterates the site collections...
  48. 48. Challenge 3: Permission governance • Reporting permissions for sites and users • SharePoint Group and Permission level management • Permission inheritance
  49. 49. Permissions and security Policy Role/Responsibility Process Item level permissions No item level permissions are enabled in the “Reports” library Chief Network Administrator X, Compliance Officer Y Develop security event receiver that prevents breaking permissions on the item level in the document library “Reports” Auditors Every six months, enable auditing process on the “Reports” library Chief Network Administrator X, Compliance Officer Y On demand, use code to create Permission Level and SharePoint Group for Auditors, so they can access content in the “Reports” library External Users (Microsoft Account) External users are not allowed in library “Reports” Chief Network Administrator X, Compliance Officer Y PowerShell Script X will be executed every day which finds and removes external users... Group Owners Project Managers SP Group is owner of all other SP Groups Chief Network Administrator X, Compliance Officer Y PowerShell Script Y will be executed every Monday which iterates the site collections...
  50. 50. Challenge 4: Customizations governance • Assert the necessity of customization • Code quality
  51. 51. Applications Policy Role/Responsibility Process Custom code policy in portal site In the portal site, only apps are allowed Chief Network Administrator, Mr. John Smith No server side custom code is allowed for deployment in the portal web application. Every 7 days, PowerShell script A will detect... Server side code in project sites All server side code in project sites must be approved Head of Development, Ms Samantha Doe Before installation of any server side package SPCop / SPCAF will be used for code quality check .NET 3.5 workflows No .NET 3.5 workflows allowed – only WM or K2... Head of Development, Ms Samantha Doe PowerShell Script Y, run once a day, will be used to iterate site collections and detect and deactivate Workflows...
  52. 52. Code quality and tools  Coding conventions (your own or Microsoft’s)  StyleCop (stylecop.codeplex.com)  SharePoint server side code quality  SPDisposeCheck  SPCAF (www.spcaf.com)
  53. 53. Real world use case • Infrastructure provisioning • Content provisioning and management • Responsibilities, roles and permissions • ECM Policies (Records + Site Policies) Governance Plan (24 pages) • Project Sponsor • Project lead • Enterprise Architect • Software Architect Governance Body
  54. 54. • Governance is necessary for small and large deployments • Demystify governance, keep it straightforward • Keep focus on implementation (processes)
  55. 55. Questions Thank you!

×