Some SharePoint history
The SharePoint platform  has gone through a significant  transformation in the past ten years. From the first version released in 2000 to the current SharePoint Online, the product evolved from a glorified web-based file repository system, into a collaboration and development platform. The product versions include:

  • SPS 2001 – SharePoint Portal  Server was a slim and more affordable version of Microsoft CMS ( Content Management System) , it was a web-based  indexed content management system with search, and a collaborative  intranet platform.
  • Windows SPS 3.0 – Windows SharePoint Services 3.0  is based on .NET 2.0. and provided a better UI including tree views, bread crumbs, taxonomy, and some ability to customize the product.
  • SharePoint 2007 – part of Office products family with improved functionalities over the SPS 3.0 and new functionalities including  Business Data Catalog and InfoPath Form services.
  • SharePoint 2010 – Enhanced user interface with new workflow features , wiki pages, social profiles, better content editor, and multiple browser support.
  • SharePoint 2013 –  Becoming a stronger platform with embedded Fast search, more design capabilities, database caching, drag and drop capabilities, discussion board with Facebook like activity. new WebPart around the new search engine.
  • SharePoint 2016 – Hybrid mode, improved mobile ready, larger file support

 

SharePoint empowering users to easily create websites and manage content with powerful functionalities in their fingertips. Some of the key features includes search, metadata, content types, automation with workflows, forms, page design, content editors, permission management, and much more. As Architects, Admins, and developers, we used those features in our on-premises farms, from the early infant stages of SharePoint 2003 , growing to SharePoint 2007,  developing into 2010, maturing into 2013 and 2016, and now we finally arrived to the clouds with office 365 and SharePoint Online.

In this introduction, I will bring some of my key impressions on SharePoint Online, and what should be the strategy for implementing the platform without losing control on the farm. Once users start using SharePoint Online they can create subsites that actually will serve as team sites or department sites. Without polices and guidelines in place you can end up with different flavors of department sites that have been created by different users.

This will be a high-level description with questions that will help any organization currently thinking of implementing SharePoint Online, to from the polices and guidelines as part of their SharePoint Online adaption process.

SharePoint Online is a part of the Office 365 Microsoft Suit, and it is still a platform for crating and managing website and collaboration, but it became the main storage platform for office 365 (glorified file repository… remember). SharePoint Online providing video streaming capabilities for example, no need to relay on other solutions for presenting videos on your sites, it is integrated in such a way that SharePoint owns the roll of storing the file and Office 365 Video is the platform that presents the videos.

SharePoint Online is the engine behind Office 365 OneDrive which is a personal cloud base repository (kind of a MySite). SharePoint is not only a front-end platform but a collection of services working on Office 365 backend and providing SharePoint features through API to Office365 products.

Key Advantages and disadvantages depends on your perspective:

  • Cloud-based collaboration platform  which is accessible from anywhere.
  • Multi device platform, Out of the box SharePoint Online  is portable.
  • Sharing content with external users is much easier all you need is to tie a Microsoft account to their corporate e-mail address.
  • You can share links to guests without requiring authentication.
  • One TB of one drive storage that is not counted against your overall SharePoint storage.
  • One drive = the old mySite… kind of… the control of user’s OneDrive can be managed by SharePoint Admin. This feature can replace the network share drive in some scenarios.
  • No more updates and patching … halleluiah… from now on, all patches, accumulative updates, service packs,  and security updates,  are automatically being pushed and  implemented by Microsoft.
  • No more SharePoint versions every 4-5 years.
  • Scaling your farm, the license  model allow growth without the need to worry about the hardware and servers architecture.
  • Maintenance – cost reduction, server maintenance and support is no longer on-premises .
  • compliance  with the following standards OOTB :
    • HIPAA
    • FISMA
    • ISO 27001
    • FERPA
    • SSAE 16
    • EU Model Clauses
    • US-EU Safe Harbor Framework
  • Every Team Site is an Office 365 Group
  • Disadvantages
  • Network access to the organization backbone servers, services, and data from the cloud.
  • Migrating exiting workflows and custom coding from on-premises environment to SharePoint Online ( in some cases code rebuild is required ).
  • Can’t develop server side web-parts or deploy server side code .
  • Costs – license per seat Vs license per server.
  • DR for SharePoint online is not controlled .
  • Backup plan – Microsoft taking over backups and redundancy plans, but you can take a manual backups and save it locally. a custom backup plan is required.
  • You have less control on the frontend and backend.
  • Speed – on-premises you have more control on resources and therefore on-premises environment can be faster the SharePoint Online, since you  are not sharing resources including servers and  bandwidth with other tenants.
  • Security, sensitive information is on the cloud ( just a mental wall ?) , prevent user mistakes exposing data outside the organization can be challenging.High level steps:
  • You can see from the advantages above, that establishing security model, and polices regarding external access for example, is a key in the strategy for the adaption of SharePoint Online.
  1. Developing policies for SharePoint Online.
  2. Building user cases to support policies, and flesh out requirements.
  3. Based on Polices develop strategy on implementing the policies with the user of setting limits and boundaries within SharePoint, and communicating the policies to the end-user community.
  4. Monitoring and enforcing the policies with the use of build in reporting 3th party tools.

Developing the policies

Policies allow us  to provide guidelines to the our users and a way to inforce restrictions that will minimize data lose and security risks. it also provides a set of recommendation on how to use the SharePoint Online platform without risking the entire farm.

Polices provides four layers:

Restrictions – Identify system restriction and usage restrictions, and providing guidelines.

Implementation –  setting up the system to support our Polices with the user of Administrative tasks and settings, with the use of the Admin tools and PowerShell scripts.

Training – providing a resource for the guide line and training on how to use the platform.

Monitoring – In order to make sure Polices are fallowed and to track mistakes and inconsistencies, monitoring tools and reporting needs to be created to support SharePoint Online.

Since the platform is available with Office 365, we want to make sure it is not misused, and that it follows the company policies and requirements. We also need to make sure it can be easily maintained and controlled. For example, can users use their SharePoint site as a department site, is that ok? (not really). The policies should describe the type of sites and the type of content the user can maintain on the SharePoint Online Platform. here are some of the questions and key discussion points that needs to be fleshed out when working on SharePoint Online policies.

    1. Who will have right to use SharePoint Online?
  1. All users, group of users, by department or organization unit?
    1. Is it only for personal (my site ), or can it replace team or department sites?
  2. Can user create team sites under their SharePoint Online account?
  3. What are the boundaries for the end-user for SharePoint Online?
  1. Can users share content to guests?
    1. Can cross function sites exists on SharePoint online? for example projects, foundation, trips.
  2. How to manage those sites that are not related to a specific user.
    1. Limit Thresholds and Guidelines.
  3. File types
  4. File Size
  5. Site size
  6. Folder structure
    1. Retention plan
  7. How long content will be maintained, automated process.
  8. Archive folders.
  9. How long backup are saved.
    1. Templates
  10. What site templates are available for the end-user?
  11. Look and feel and design guidelines.
  12. Design options or limitation- using tools or OOTB functionalities.
    1. Custom coding
  13. Allow coding ?
  14. What are the guidelines
  1. Deployment process.
  2. Storage of source code.
  3. Documentation of code.
  4. Tracking power shell code execution.
    • Site Permissions.
  5. Who handle site permissions.
  6. The use of AD groups in an online environment.
  7. How to maintain consistent security model across all end-user sites.
    1. Trash bin policies.
  8. retention plan for trash bin
    1. Document recovery policies
  9. What is the policies that will drive backup plan?
  10. What is the recovery time required after a user reports a missing file?
    1. How to decommission SharePoint Online site.
  11. Base on policies
    1. Create a SharePoint online policy site
  12. The site will contains all the policies and guidelines.
  13. It can be part of the SharePoint training site.
  14. A training can be produced in a way that any user assigned with SharePoint Online should go through this training and signoff the policies.
    1. Add the policies to the SharePoint online training site
    2. Implement policies through SharePoint settings, PowerShell commands, and scripts.
  15. Develop SharePoint online training site.
  16. Request process / onboarding process
    1. Delivery time.
    2. Form or E-form request,  automated process.
    3. Policy agreement – policy page/site.
    4. Request Queue and approvals.
    5. Permissions – allowing or disallowing profiles..
  17. Administrating
    1. Soft launch with few users.
  18. Lessons learned
    1. Open SharePoint online by request or by milestones.
  19. Hybrid for SharePoint server 2013
  20. Content migration
    • Site Migration
  • Which site will be migrated, what are the best candidates: Department sites, team sites, cross functional .
  • My sites ( one drive )
  • Old content
  • Users cleaning up old content before migrating
    • Workflows
  • OOTB publishing
  • SharePoint Designer
    • Nintex
  • Migrating workflows ?
  • Migrating Forms ?
  • License for the cloud?
    • Custom Code
  • Allow SharePoint designer?
  • client side coding
  • API
  • deployment
  • Building apps
    • Customization
  • allow? What level
  • Security
    1. Same Security model, Roll base vs content base.
    2. Special Ad groups for SharePoint Online or re using exiting groups.
    3. Blocking guest sharing? To everyone, specific site types ( group )?
  1. Limitations
    1. Site Storage
    2. File types
    3. Customization
  2. Monitoring
    1. Check and balances.
  3. Backups and DR
    1. Backup Plan
    2. DR Plan

References :

SharePoint Online Planning Guide for Office 365 for business