Understanding Operating in the Hybrid Cloud - EPC Group Case Study
This blog post will provide "from the consulting trenches" (Hybrid Cloud) strategies and granular details of EPC Group’s approach to the new Hybrid Office 365 and/or SharePoint 2013 architecture's growing proliferation and how it may affect your organization.
New Hybrid (Office 365) Governance Fundamentals
Users that Ignore Governance and Planning for the Real World
If it’s easy to get around it, they will:
-
To ensure it will happen, enforce it transparently
-
If it’s to complex, it won’t happen
-
Strike a balance between:
Note: Always consider compliance around HIPAA, PHI, and PII related data in Office 365 and/or SharePoint 2013.
-
Step 1 – Understand what to Enforce
-
Step 2 – Balance the enforcement
-
Step 3 – How and where to enforce
-
Step 4 – Prioritize the enforcement solutions
-
Step 5 – Continue to Review and Enforce
When and What to Enforce - EPC Group Framework
Governance Feature
|
Enforce Nothing
|
Enforce Something
|
Enforce Everything
|
PII
|
Policy Document (‘here’s our policy on exposing PII’)
|
Monthly Audit (manual or physical; random or comprehensive)
|
Automated Audit on Upload
|
Site Quota
|
No Quotas or Suggested Quotas
|
Tiered Options;
business rules
|
Chargeback model
|
Site Creation
|
Training on Where it Goes
|
IT creates for you
|
Fully automated with workflow
|
Site Expiration
|
At owner discretion
|
Manual email sent to site owners asking..
|
Automated notification/expirationbased on business rules
|
Site Removal
|
Up to owner
|
IT manuallyremoves/archives
|
Automated deletion/archival based on business rules / workflow
|
What to Enforce – What is the Balance (EPC Group Framework Example)
Governance Feature
|
Enforce Nothing
|
Enforce Something
|
Enforce Everything
|
Site Templates
|
Let users pick from laundry list
|
Limit list of templates
|
Automatically pick site template based on business rules
|
Metadata /
DocumentClassification
|
Users pick metadata columns & manually enter metadata
|
Document Library templates and managed metadata
|
Automated metadata population; automated business rule enforcement
|
Site Classification
|
GovernanceDocument
|
Site Label (i.e. HBI/MBI/LBI)
|
Automated site placement based on user input & verification
|
Mission Critical Classification
|
Governance Document
|
IT manually creates site in “special” environment
|
Automated site placement bin redundant data-center based on user input & verification
|
Enforcement Scope – How to Enforce (EPC Group Example)
Governance Provisioning Tools (EPC Group Example)
Object in SharePoint 2013 and/or Office 365
|
Automatable
|
Create Site Collections
|
Create Sub Webs
|
Create Hierarchy
|
Available on
Office 365
|
People | My Sites | Social
|
|
✓
|
✓
|
✓
|
✓
|
Web Parts | Apps
|
✓
|
|
|
|
✓
|
List Templates (STP and XML)
|
✓
|
|
|
|
✓
|
Web Templates (WSP and XML)
|
✓
|
|
✓
|
|
✓
|
Site Quotas
|
✓
|
✓
|
|
|
|
Web Event Receivers
|
✓
|
|
✓
|
|
✓
|
SPD Workflows and Actions
|
✓
|
|
✓
|
✓ *
|
✓
|
Feature Stapling
|
✓
|
|
✓
|
✓
|
✓ *
|
Workflows
|
✓
|
✓
|
✓
|
✓
|
|
Site Definitions
|
✓
|
✓
|
✓
|
✓
|
|
Timer Jobs
|
✓
|
✓
|
✓
|
✓
|
|
Custom Site Provisioning Handlers
|
✓
|
✓
|
✓
|
✓
|
|
Matching the Policy to the Office 365 and/or SharePoint 2013 Scope (EPC Group Example)
Policy Type
|
Scope
|
Possible Options
|
Security\ Identity Management
|
Farm
Web Application
|
Provisioning workflows
Timer Jobs
Web application polices
DNS/Infrastructure
|
Reactive reporting
|
Farm
Web Application
Sites/Webs
|
Timer Jobs
External Database
Event Receivers
|
Proactive
|
Sites/Webs
|
Custom Forms
Event Receivers
Feature Receivers
Custom Field Controls
|
Auditing
|
Farm
Web Application
|
Timer Jobs
External Database
|
Changes
|
Sites/Web
|
Features
Control Delegates
|
Considerations in Complex Environments
• Multi-tenancy (Office 365 Issues when a user goes outside of I.T. to create a new “environment”)
Frequently Asked Questions of EPC Group
• Common header and footer content (standardize and creation of governed branding guide)
• Structured provisioning with workflow
• Site Mapping | Mapping the Owner to Content
EPC Group’s Nationally Recognized Practice Areas
EPC Group leading SharePoint, Office 365, Infrastructure Design and Business Intelligence Practice areas continue to lead the way in providing our clients with the most up-to-date and relevant information that is tailored to their individual business and functional needs.
Additional "From the Consulting Trenches" strategies and methodologies are covered in EPC Group's new book, "SharePoint 2013 Field Guide: Advice from the Consulting Trenches" covering not only SharePoint 2013, Office 365 and SharePoint Online but Information Management, ECM\RM and overall compliance strategies in this ever changing world of "Hybrid IT."
#Collaboration #SharePoint2013andOffice365IdentityManagement #Office365BestPractices #EPCGroupLessonsLearned #Office365Hybrid #HybridCloudOperations