Governance in SharePoint – Part 4
January 4, 2013 Leave a comment
In Governance in SharePoint – Part 1 I focussed on some of the key thoughts, definitions and critical factors of developing and implementing SharePoint governance. Part 2 explored some of the best practical and theoretical frameworks I’ve come across to effectively apply SharePoint governance. Governance in SharePoint – Part 3 identified some of the main aspects for consideration when creating a SharePoint governance plan while this article will highlight some of the main out-of-the-box features that can be harnessed in SharePoint to implement governance policies, standards and procedures.
SharePoint provides a number of features that assists in governing SharePoint. These features are primarily based on the 2010 version of the platform however a vast majority are still relevant across the board. While compiling this list a couple of blog posts worth reading proved useful – Michal Pisarek has a number of useful posts at SharePoint Analyst HQ and Kanwan Khipple’s article Practical SharePoint Governance for Everyone also provided numerous practical examples.
SharePoint features that can help implement governance
Track or block SP2010 installations: After going through all the effort of establishing a governance plan, it is quite difficult to enforce it if you don’t know a farm is being hosted somewhere across the organisation separate to the main IT controlled farm. Fortunately, you are able to track or block SharePoint 2010 installations to prevent this from being an issue.
Web application permission policies: These permission policies provide a centralised way of managing permissions within a web application. They are useful for any governance around security for web applications enabling you to GRANT or DENY permissions.
Maximum File Upload Size: This setting helps in terms of enforcing policies around file sizes to prevent content database sizes spiraling out of control. You can set the maximum file upload size per web application – just be aware there are also some other configurations necessary to enable large file uploads as per the previous link.
Blocked File Types: Just as you can control the maximum size of uploaded files so can you control the types of files unable to be uploaded. This helps you enforce governance policies around what content is allowed to exist within SharePoint, for instance giving you the ability to prevent mp3 files from being uploaded.
SP Designer: Central administration allows you to control access to SharePoint Designer. This feature allows you to enforce governance policies relating to customisation, specifically regarding what users can do with SPD.
Site Content and Structure: Information architecture, site hierarchy and navigation are all huge elements of information governance, and SharePoint provides the tools to manage those aspects. Both the inbuilt navigation within site settings and the Site Content and Structure page are useful tools to control these governance aspects – the publishing feature is required to be enabled however.
Site Templates: Site templates allow you to pre-define a number of aspects of a site to allow you to conform to numerous information governance aspects. It is important to automate as much governance as possible, and by building in best practice guidance into the site templates it makes it far more likely that the governance defined will be followed throughout the organisation.
Site Quotas: Another way to control the size of your site collections, along with setting the maximum file upload size, is setting site quotas. This enforces storage limits on the site collections and allows you to align this with your governance plan to prevent limited resource issues.
Locks: Locks are useful for a number of governance scenarios. One particular one that stands out is in terms of site lifecycle policies particularly in terms of archiving. Locking a site collection can ensure that the content remains archived and no new content will be added to it.
Self-service site creation: Depending on your governance policy you may determine that the bottleneck of IT creating site collections for the business is an unnecessary hurdle and that it would be great if the business could create their own site collections. This is were self-service site creation steps in.
Site collection auto-deletion: If your governance policy specifies the site lifecycle time including disposition, then site collection auto-deletion can assist. Resources can be freed up after a specified period of inactivity or based on a response to a notification.
Policies for user profiles and my sites: Any governance policy worth its salt should touch on social in SharePoint – whether that is denying its use altogether or determining how it will be used. A number of configurations exist for my sites and user profiles to help enforce those governance policies.
Solutions and Features: Any defined software development lifecycle should factor in the deployment of that custom development and SharePoint assists in implementing those governance policies by providing the solution and feature framework. You’d hope that any governance policy recommended the best practice approach to solution deployment for SharePoint which would fit right in with these features.
Sandboxed solutions: Sandboxed solutions opened up the door for different forms of governance over solution deployment and customisations. Not only did it allow flexibility over SDLC strategies but also introduced a number of other elements which could be governed including resource points, solution quotas and solution validation.
Workflows: One of the best ways governance can be enforced throughout SharePoint sites is by using workflows. The flexibility in terms of what can be achieved here is huge, but for a basic example workflows can be used to enforce governance policies around content validation and publishing, auditing requirements and really most things which are process based.
Document & Records management: One of the major aspects of information governance in SharePoint is document and records management. SharePoint provides numerous features that assist in the governance of this area, more than can be listed here, so I’d suggest reading the 2 links to discover what is available.
Digital asset library: The digital asset library assists in governing digital assets within SharePoint. It can be used to set up specific approval workflows for publishing assets or assigning specific metadata to them.
Content approval: As mentioned above workflows are able to be used for content validation – however SharePoint also provides another feature which assists with governing content called content approval. It is a more simple method of enforcing content validation within SharePoint.
Groups and Permission levels: One of the key factors of SharePoint governance is maintaining security and ensuring the only users who have access to content are the ones that should. SharePoint provides a number of mechanisms to maintain this security, primarily using groups and user permission levels.
Access request: It’s one thing to lock down security on a site but often a governance plan will need to factor in how access is managed down the track including granting access to users who need it at a later date. SharePoint includes the ability for a user to request access to a pre-configured address to assist in this process.
Information Rights Management: Taking the premise of security to the next step, SharePoint is able to enforce information rights management governance policies for documents stored in document libraries. It may be that the governance policy states that particular users can access a document but should not have rights to edit, copy text, download/save or print the document – all enforceable by IRM.
Master pages, page layouts and themes: Another facet of governing SharePoint identified was establishing a consistent brand and content structure. SharePoint provides a number of ways to enforce these guidelines including themes, master pages and page layouts.
Versioning: The versioning of documents can quickly lead to blown out content database sizes as each copy of the document is stored. Having governance policies around what level of versioning is required for documents can be easily enforced configuring the version settings available in SharePoint including whether to retain versions at all, limiting the number of versions retained and whether minor versions are also required.
eDiscovery: Legislative and legal requirements are factors that must be considered when defining a governance policy for SharePoint. One feature that helps to assist in this area is eDiscovery to locate and produce information to support litigation, audits or investigations.
Information Management Policies: Two key aspects of information governance include the ability to audit use and to expire information after a certain period of time. These features (as well as labelling and barcoding) are enabled via the information management policy feature in SharePoint.
Content Types: Content types are the best way of ensuring stipulated metadata requirements identified in a governance plan are consistent across a site. SharePoint also includes the content type hub to enable this consistency across site collections.
Managed Metadata: One of the major facets of information governance is establishing a taxonomy and metadata sets. To handle this requirement, SharePoint introduced managed metadata to structure term sets and terms to be applied across an organisation.
Search: Search is an integral part of any organisation’s SharePoint implementation and it is important that a governance plan consider the search requirements for a given site. There are a number of settings which are able to assist in creating the search experience an organisation requires including but not limited to managed properties, best bets, scopes and refinements.
Diagnostic logging (Event logging and Trace logging): A key component of IT assurance involves monitoring error logs to ensure everything is running smoothly. This can be difficult however if the amount of information that is being logged is either too little or too great. SharePoint’s diagnostic logging contains a number of settings that assist in ensuring that logging of errors is appropriate including event throttling, correlation IDs and event log flood protection.
Health check analyzer: Another method of ensuring a healthy system built in to SharePoint is the health check analyzer. This functionality works by automating a number of health checks across the system and reporting on any issues that are discovered.
Web analytics: As mentioned in numerous SharePoint governance literature, no governance process would be complete without the ability to measure the success of it. SharePoint provides a number of reporting capabilities to assist in this manner via its web analytics feature including traffic, search and inventory reporting. For a good explanation of the 3 have a read of Implementing Governance in SharePoint 2010.
Managed accounts and password management: A common output of an IT assurance governance policy is determining service accounts to be used for SharePoint and complying with any password policies the organisation may have. SharePoint’s managed accounts functionality assists in complying with those policies.
Timer jobs: The key to a good governance process is for it to be continual – it is imperative that reporting is performed consistently and any automated processes that need to run do so when required. SharePoint’s timer jobs allow either pre-defined or custom jobs to be scheduled to run over different time periods.
Backup / Restore: One of the most important aspects of a SharePoint governance plan is the backup/restore and disaster recovery plans. SharePoint provides a number of backup and restore features to assist in implementing those plans to form an overall strategy that may include the central administration features, STSADM/PowerShell, SQL backup or 3rd party tools.
In this post we highlighted some of the main out-of-the-box features that can be harnessed in SharePoint to implement governance policies, standards and procedures. While the list is long, is should not be considered exhaustive and proposes to serve as an eye opener to some of the many features that SharePoint includes to assist with the implementation of your governance plan. This series has touched on a number of aspects from definitions to frameworks, aspects for consideration to implementation features. It is hoped that it will help promote the message of how important SharePoint governance is for a successful implementation of the platform and help steer organisations in the right direction to achieving a quality governance process and plan.