Protecting Corporate Information in SharePoint and OneDrive
Protecting corporate data is one of the most important tasks of our time. Microsoft 365 helps you...
There’s little doubt that SharePoint is an indispensable Microsoft 365 collaboration platform. Playing a key role in the ability to achieve business objectives, SharePoint can be considered a linchpin for many organizations. That’s because by enabling and easing the sharing of information, SharePoint provides quick access to the most valuable commodity for any business – data.
While SharePoint can become an incredibly complex asset (especially in the current context of Microsoft Teams Sprawl) it’s importance should still be underscored, despite its complexities. SharePoint is highly configurable and customizable; it functions across all devices; it can serve as an organization’s intranet; it can be utilized by every team, department and division to collaborate internally as well as externally; and it has the ability to streamline and automate business processes with workflows. Bottom line is - by effectively managing documents, content and data, and furnishing a platform for users and teams to easily collaborate, SharePoint increases workplace productivity – which ultimately increases your organization’s bottom line.
Viewed through that lens, it’s easy to see why SharePoint is treated as such a crucial platform to business operations. However, as much as it is the very architecture, the foundation of collaboration that most organizations are built on - that foundation is still susceptible to weakness. SharePoint can collapse either due to internal mismanagement or unauthorized access, putting your data at risk of being exposed, leaked, or lost forever. From those optics, the importance of Governance is crystal clear.
Governance - a system of sanctioned policies, procedures and processes for handling the shared resource, ultimately help guide and manage how the organization will move forward with the implementation, roll-out and everyday operation of SharePoint. Therefore, implementing best practices for effective SharePoint Governance is critical to ensure the security, performance, compliance, user adoption, and cost optimization of your organization's SharePoint environment.
In a perfect world, organizations would have created and implemented a scalable SharePoint Governance plan prior to any sort of migration, and prior to adopting Microsoft Teams. The reality is that during the height of the pandemic and during this mad dash to the cloud, many organizations most likely did not have this structure fully mapped out, nor did they have the governance infrastructure in place.
Due to the SharePoint sites that are automatically attributed to every Microsoft Teams team created, many organizations now find themselves suffering from Teams Sprawl. Ensuring that all associated Microsoft Teams content is necessary, secure and correctly governed is more important now than ever before. Below are some best practices we’ve identified for effective SharePoint Governance that should help get you back on track, or stay on track.
Approaching best practices in a linear fashion, one should start by establishing a Governance team or committee to oversee the implementation and maintenance of the governance plan for your organization. Ideally this team would be comprised of representatives from different departments, with an established meeting cadence during which to review, appraise and ensure that Governance rules according to the plan are being implemented and followed.
Subsequently, you’ll need to outline the functions required to deploy your SharePoint environment at the enterprise, organizational and site levels. You should define and assign roles to the Governance team based on a sensible alignment between that stakeholder’s skill set and business function within the organization. Roles such as Owner, Approver, Reviewer, and Participant should be designated for each task, and should articulate clearly the correlating responsibilities.
Once your team is assembled and aligned, you can begin creating a Governance plan that makes sense for your organization. Make sure you’ve already created a Governance Team SharePoint site where the Governance plan can live and be accessed along with other templates and communications. Promote transparency and have an organized that provides answers.
All organizations are structured differently, so it’s almost impossible to develop a generic Governance policy that can be recommended and applied universally. However, every organization needs to have a living, formal document that clearly defines the rules of engagement around SharePoint usage. This document should be reviewed periodically and updated on an ad hoc basis by the Governance team, and it should serve as a reference point for potential disputes over SharePoint Governance.
A sound, properly structured Governance plan must communicate how SharePoint will be used and applied across the organization. This should include the information architecture, site hierarchy methods and navigation convention; security and permissions, along with identified authority levels; sharing guidelines as well as a content management plan; and it should also provide the flexibility to adapt to new users and behaviors. Developing this plan is a benchmark for SharePoint Governance best practices, and the cornerstone of an effective Governance strategy.
Once your Governance plan has been created, implemented and established, adherence to those guidelines is critical for effective SharePoint Governance. Not only that, but the policies and procedures themselves must be consistent across your organization. Certain divisions and business units might have different information rights management rules than others, but the policies that govern how those rules are managed should be consistent throughout the organization.
The main challenge IT pros face is the inconsistency in user behavior. However, another benchmark for SharePoint Governance is to have a user Communication Plan in place. Such a plan communicates clearly policies and procedures and aids your resource management strategy, especially during times of migrations or upgrades.
Having the framework for a user Communication Plan at your fingertips benefits everyone during times of distress. Short-lived outages, even minor changes to the UI, can disrupt workplace productivity when they come as a surprise. Communicating these types of outages and changes before, during and after they happen helps the user better absorb and understand the impact on their day-to-day duties.
The idea behind a user Communication Plan or campaign is to inform the SharePoint user community about any upcoming changes. Key message components should include the who/what/when/where/why/how. Who is impacted by the change? What exactly is changing? When will the change take effect, and when might the user possibly be impacted by it? Where can users go for more info, or report issues? Why is this happening? How is IT handling it?
This type of information is especially critical for a future SharePoint migration or upgrade. Having an escalation map in place will also complement your user Communication Plan. Having a clear escalation process in place helps to clear up any confusion or misunderstanding that users might encounter.
Below are some notable factors associated with SharePoint that can quickly escalate and become unmanageable for IT when best practices for SharePoint Governance are not followed.
Sprawl: This can quickly escalate when one or more users are given permission to create their own site and apps and upload content. Avoid content sprawl/Microsoft Teams sprawl by developing policies and procedures for content management including document retention, version control, and metadata management.
Organizational Conflict: Occurs when there’s no documented designation of roles and responsibilities, and it isn’t clear who has access or creation rights, and why. This is where the Governance SharePoint site and Governance plan will come into play.
Poor Adoption: Often results from a lack of awareness and/or training from IT, which can elicit a fear of change in users. Mitigate this issue by simply training users on how to adopt SharePoint effectively and securely, including ways to create and manage content and inform all users specifically how to adhere to governance policies and procedures.
Negative Perception of IT: If the IT department is constantly working on short term fixes and patches, and IT is also the only savior during downtime and times of crisis, it can create a sense of ownership imbalance amongst users with the impression that IT controls SharePoint.
Operational Inefficiencies: If the infrastructure is poorly designed and administered, then downtime and inefficiency are sure to follow. The impacts of downtime are costly and disruptive, and they can have far-reaching consequences. Having an updated disaster management plan ready to execute is something that typically remains on the backburner while IT attends to day-to-day tasks on the front end of the system, especially when things are not properly configured. This can lead to longer IT response times during moments of crisis. Having a proper and well executed communication and disaster management plan helps alleviate poor user experiences while elevating the perception of the IT department.
Who’s using what? How are they using it? What is being shared internally and externally? Reporting helps you take back control by identifying trends, monitoring user activity, and providing the utmost visibility into exactly how your SharePoint environment is being used.
For example, you could identify the most active users, evaluate their business function, and from there ensure they have the necessary permissions to access data pertinent to their duties. With reporting, you can quickly and easily identify areas that need attention and require improvement, better enabling you to optimize your environment.
Since SharePoint is often used by finance and legal teams and departments on many projects, it typically houses sensitive documents and information. Therefore it’s critical to ensure that SharePoint is secure from unauthorized access. Monitoring helps detect security breaches, reporting can help prevent them, and governance ensures that security policies and procedures are in place.
While Microsoft does provide visibility via its numerous administration centers, often that demands a good amount of manual effort in order to meet your organization’s reporting requirements. You need a powerful reporting solution so that you’re well-equipped to fight Microsoft Teams sprawl, and also gain a better understanding of who is accessing your organization’s resources and how.
Due to its intricate nature, SharePoint is a platform that requires constant monitoring in order to safeguard its performance. Without monitoring, it’s extremely difficult to diagnose potential issues that could impact the stability and performance of the platform. Considering that SharePoint is used to manage large amounts of data, poor performance has a huge impact on workplace productivity. Monitoring helps quickly identify any performance issues, and proper governance ensures SharePoint is optimized for maximum performance.
Monitoring has a multitude of supplemental benefits relative to SharePoint. From an adoption angle, monitoring can identify areas of poor usage where users seem to be struggling; obviously SharePoint is only useful if it is adopted and utilized by users. Which leads to another benefit - cost optimization. SharePoint can be expensive to implement and operate, but with a proper monitoring and reporting tool you can easily identify license usage areas where costs can be reduced. Governance assists with cost optimization overall by ensuring SharePoint is initially configured and designed to minimize those costs.
Additionally, many organizations are subject to regulatory requirements, and many of these same organizations use SharePoint to store and manage compliance-related data. Monitoring helps maintain compliance, and governance efforts will confirm that SharePoint is configured to comply with regulations.
With a robust SharePoint reporting and monitoring tool at your disposal, you’ll be able to quickly detect performance issues, monitor server performance, track usage patterns, maintain compliance, and generate reports on SharePoint's overall health, performance, and fortification.
The fact is, Microsoft’s native monitoring and reporting tools often do not provide outage information in a timely manner, nor do they possess the comprehensive monitoring and reporting solutions you need to implement best practices around SharePoint Governance.
With ENow's Adoption and Governance module in our Microsoft 365 Monitoring and Reporting Solution, we'll help your organization gain more visibility into Microsoft Teams, Exchange, SharePoint Online and OneDrive usage. Armed with this powerful solution you’ll be better equipped to fight Microsoft Teams sprawl, and gain understanding as to who is accessing your organization’s resources and how. Featuring a new report pack with over 30 reports including Folders and Files shared internally and externally for SharePoint Online and OneDrive Sites. You will be able to identify Microsoft Teams without owners, and report better on creation and deletion events.
Are you ready to start the conversation around SharePoint Governance? Let ENow give you a hand and take back control of your SharePoint!
In a cloud-world, outages are bound to happen. While Microsoft is responsible for restoring service during outages, IT needs to take ownership of their environment and user experience. It is crucial to have greater visibility into business impacts during a service outage the moment it happens.
ENow’s Microsoft 365 Monitoring and Reporting solution enables IT Pros to pinpoint the exact services effected and root cause of the issues an organization is experiencing during a service outage by providing: