Delivering Intelligent Governance and ManagementTony CoppaAvePoint – Technical Solutions Professional (TSP) Manager

tony.coppa@avepoint.com

AvePoint Corporate Overview

Specialized

• Founded and Debuted in 2001• World's Largest SharePoint-Exclusive Research & Development Team

with 1,000 Employees (600+ in R&D)

Experienced

• World's Largest Provider of Enterprise-Class Governance and Infrastructure Management Solutions

• 25 Offices, 13 Countries in 5 Continents & 8000+ Customers

Invested

• Depth-Managed, Microsoft Certified Partner• Comprehensive SharePoint Governance & Management Platform• Offering True 24 x 7 Support - Microsoft Certified Technicians

Agenda

• Definition and Purpose of Governance• SharePoint Governance Challenges

– IT Governance– Information Governance– Application Management

• What does SharePoint Governance look like?• Final Considerations

“”

Governance defines the processes, people,

policies and technologiesthat deliver a service

What is governance?

Bringing your governance plan into focus…

Key Players of Governance

People

Process

Technology

Policy

Governance Spectrum

ChaosRestricted

Introducing a Governance Plan

Integration

Applications

Collaboration

Content

Information Governance

Application Management

IT Governance

Today’s Focus Areas for SharePoint Governance

• IT governance of the software itself and the services you provide

• Information governance of the content and information that users store in those services.

• Application governance of the custom solutions you provide

Getting the right tools for the job…

• Standard administration interfaces– Quotas, locks, permissions,

records management• Powershell

– Administrative functions, Data protection

• SharePoint services and features– Managed metadata service for

classification– ISV solutions for management

• SharePoint Designer, Visual Studio

ManualAutomated

IT Governance

Centrally Managed Locally

Managed

A successful IT service includes the following elements:

• A governing group defines the initial offerings, policies, and evaluates success of the service• The policies you develop are communicated to your enterprise and are enforced• Users are encouraged to use the service and not create their own solutions – installations are

tracked• Multiple services are offered to meet different needs in your organization

Software, Services, and Sites are hosted and managed centrally by a core IT group

Software, Services, and Sites are hosted and

managed locally by individual groups

Governance and Site types

What to govern in SharePoint?

• Best Practices: Quotas and Limits• Content: Site lifecycle management • Social or not? • Asset classification• Security, Infrastructure and Web Application policies• Service Level Agreement

Impact = ExposureIf this leaks, will it hurt

my business?

Value = AvailabilityIf this isn’t available,

can my business run?

Service-level agreements should include:

• Length of time and approvals necessary to create a site.• Costs for users/departments.• Operations-level agreement – which teams perform which

operations and how frequently.• Policies around problem resolution through a help desk.• Negotiated performance targets for first load of a site,

subsequent loads, and performance at remote locations.• Availability, recovery, load balancing, and failover strategies.• Customization policies.• Storage limits for content and sites.• How to handle inactive or stale sites.

Throttling and Limits

Function Limit Configurable

List View Threshold 5,000 (20,000 for admins & auditors)

Yes, Central Admin/web App Settings

List View Lookup 8 Yes, Central Admin/web App Settings

Allow Object Model Override

On by default Yes, Central Admin/web App Settings

Daily time window None Yes, Central Admin/web App Settings

Indexes Per List 20 No

Unique Permissions 50,000 Yes, Central Admin/web App Settings

SharePoint Workspace 30,000 No

Social

Social Feature Benefits Considerations

Tagging Navigation, Search, Personal

Content Control, Security, Search

Note Board Quick communication Content Control, Security, Search

Ratings Feedback Usage

Bookmarklets Quick and easy links External links

Expertise Find people Examples, Privacy, Content Control

Profiles Additional Info Privacy, Content Control

Blogs Knowledge Transfer Corporate Policy

Wikis Knowledge Transfer Performance and Policy

Discussion Boards Knowledge Transfer Moderation and Policy

Reports and Inventory of Usage

• Web Analytics Reporting– Traffic– Search– Inventory

• PowerShell• Inventory

– Sites– Quotas– Content Types– Branding– Customizations– Security

Simplifying IT Governance Implementation with Technology

• Centrally enforce limitations – plans and policies for – Data Protection, Recovery, and Availability– Audit Policies– Permission management

• Scalability in Management– Giving IT Teams the technology to manage thousands of

users– Terabytes of Content– Millions of Audit Records

• May need to consider 3rd party products

Demo: Meeting SLAs and providing IT assurance with DocAve

• Backup and Restore to configure customizable backup schedules, apply backup templates to specified sites

• Report Center to report on growth, system health, and more• Administrator to simplify SharePoint configuration and

security implementation in compliance with policies

© 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.

Information Governance

Content is tagged with structured metadata, permissions are tightly controlled, content is archived or purged per retention schedules.

Content is tagged only socially and not tracked; permissions and archiving are not controlled or managed.

Appropriate for:• Structured content• High-business-impact content• Personal identifiable

information• Records

Appropriate for:• Low-business-

impact content• Short-term projects• Collaboration

Loosely Managed Highly

Restricted

Information Governance Challenges

Proliferation

Information Architecture vs. Management

Information Architecture

• Organize and describe content– Metadata– Structure– Relationships

• Inputs– Knowledge Management team– Librarians– Content owners– Subject matter experts (SMEs)

• Outcomes– Site map (navigation)– Taxonomy– Search– Targeting (audiences)

Management

• Manage the content & service– Access levels (permissions)– Lifecycle– Storage

• Inputs– Information management policies– IT usage policies– Regulatory environment– SLAs

• Outcomes– Access levels– Records management– Compliance– Performance

Information Architecture

Wireframe & Site Map

Search & Navigation

Managed Metadata

Content Types

Information Architecture

Management controls and scopes

Service

Application

Configuration and Data

Farm

Web Application Service ApplicationZone

Content DB

Site collection

Top-level site

List/Library

[Folder]

Item / Document

Sub site Sub site

Security Permissions

Features

Data Storage

SLAs

Blocked File Types

SSL

SharePoint Service Isolation

Quotas

Security Permissions

Ownership

(Full Control)

Questions to ask when designing a site or solution:• How will the site or solution be structured and divided into a set of site

collections and sites?• How will data be presented?• How will site users navigate?• How will search be configured and optimized?• Is there content you specifically want to include or exclude from search?• What types of content will live on sites?• How will content be tagged and how will metadata be managed?• Does any of the content on the sites have unique security needs?• What is the authoritative source for terms?• How will information be targeted at specific audiences?• Do you need to have language- or product-specific versions of your sites?

Information Access

Determine the rules or policies that you need to have in place for the following types of items:

• Pages• Lists• Documents• Records• Rich media

• Blogs and Wikis• Anonymous comments• Anonymous access• Terms and term sets• External data

Information Management: Permissions and Audiences

How do I structure permissions in a

site?

How do I target content to specific

audiences?

Should I use Information Rights Management (IRM) to protect content?

IT Governance: Access

How do I make this content accessible to external users?

How do I make sure that only

people who need access have it?

Information Assessment

Availability

AccessRedundancy

Birth Life Rest

Information Lifecycle Management

Information ManagementKeep content ‘clean’, enable auditing, restructure as you grow

SharePoint 2010 IM: In Place RecordsLock down documents, pages, and list items without an archive

Declare items records in bulk

Lock down non-document

content, like wikis

In Place Records & PoliciesCreate separate retention schedules for records

Different policies for records

Schedule declaration as

part of lifecycle policy

Demo: Content Lifecycle Management with DocAve

• Connector or Migrator to import content into SharePoint• Report Center to identify growth patterns• Content Manager to restructure sites• Storage Manager to ensure appropriate storage locations of existing, active

SharePoint content• Archiver to manage (archive, delete, preserve) end-of-life SharePoint content

© 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.

Strictly Managed Loosely

Managed

Application Management

Determine customization types you want to allow, and how to manage them:• Service level descriptions• Processes for analyzing customizations• Process for piloting and testing customizations• Guidelines for packaging and deploying

customizations

• Guidelines for updating customizations• Approved tools for development• Who is responsible for ongoing code

support• Specific policies regarding each potential

type of customization (done through the UI or SD)

Customizations must adhere to customization policy, deployments and updates tested and rigorously managed.

Rules about development environments or

customizations are less rigid.

Customizations & Branding

• Isolate custom solutions: Sandbox Solutions– Cannot use certain computer and network resources – Cannot access content outside the site collection they are deployed in. – Can be deployed by a site collection administrator. – Governed: only a farm administrator can promote a sandboxed solution to run

directly on the farm in full trust. • Master Pages and Page Layouts• Themes• To “Designer” or not to “Designer”• Separate development, pre-production, and production environments

(keep these environments in sync)

Lifecycle management process

Application Lifecycle Management

Source: Microsoft TechNet, MSDN, and blogs

Demo: Automating ALM with DocAve• Deployment Manager to deploy Solutions within/across

farms• Administrator to manage permissions across farms to ensure

Devs have more permissions in Dev farms & only Admins have rights to deploy solutions to Production Servers

© 2011 AvePoint, Inc. All rights reserved. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.

Implementing Governance Policies

Governance Plans

Backup

1 hour

1 day

1 week

Storage

Tier 1 – SAN

Tier 2 – NAS

Tier 3 – Azure

InfoMgmt

7 years

3 years

1 year

Auditing

Full Audit

Views + Edits

Views

Quotas

10 GB

50 GB

100 GB

Customizations

SP Designer

Site Galleries

Sandbox Solutions

Information

Ownership

Content Types

Ethical Walls

SharePoint Policy Bundles

Gold Silver Bronze

Backup 1 hour 1 day 1 week

Storage Policy (RBS) Tier 1 – SAN Tier 2 – NAS Tier 3 – Azure

Info Mgmt Policies 7 years 3 years 1 year

Auditing Full View + Edits Views

SharePoint Designer Enabled Disabled Disabled

Content Database Isolated DB Shared Shared

Sandboxed Solutions Enabled Disabled Disabled

Quota 100Gb 50Gb 10Gb

Cost $$$$$$ $$$$ $$

Service Request Types – Surfacing Options to Content Owners and Business Users

• Site Collection Request• Transfer / Clone User Request• Site Collection Content Lifecycle Request• Sub-site Request• Content Move Request• Solution Package Deployment Request• Gallery Artifact Deployment Request• Recover Content Request• Report Request

Service Request Type - Site Collection Request

Sales HR Project

Policy Silver Silver, Bronze Gold, Silver

Security Sales Management HR Management Marketing Management

Site Templates Custom Sales Template

Enterprise Wiki Team Site, Publishing Site

Service Type Metadata

Acct Type: EPG/SMB/FIN

Workflow 1 Step 3 Step 2 Step

Global Metadata Location Location Location

Primary/Secondary Site Contact

*Fill in the blank* *Fill in the blank* *Fill in the blank*

Additional Considerationsand wrap-up

Governance and Training

• Governance doesn't work without user adoption and compliance.

• End-user training and education, good content, and search are keys to user adoption.

• Document governance plan.

Governance Stakeholders

Form and use a governance group to create and maintain the policies and include the following roles:

• Information architects or taxonomists

• Compliance officers• Influential information workers• IT technical specialists• Development leaders• Trainers• IT managers• Business division leaders• Financial stakeholders• Executive stakeholders

Key takeaways

• Governance is there to ensure IT solutions achieve business goals

• Start simple• Training• Keep it fresh• Don’t have a policy unless you can enforce it

Contact

AvePoint

Phone(201) 793-11111-800-661-6588 (toll-free)

Email sales@avepoint.com

Social & Community

www.DocAve.com

http://www.facebook.com/AvePointInc

@AvePoint_Inc

Tony Coppa

Slides www.slideshare.net/mlmackie

Emailtony.coppa@avepoint.com