View
320
Download
0
Category
Tags:
Preview:
DESCRIPTION
Webinar presented on Oct 21st (US) and Oct 23rd (EMEA), 2014 by Christian Buckley, Managing Director at GTconsult and Steve Marsh, Director of Product Marketing at Metalogix.
Citation preview
1
Security, Administration and Governance for SharePoint On-Premises, Online,
and Everything In-Between
Steve Marsh, Director of Product Marketing, MetalogixChristian Buckley, Office365 MVP and Managing Director, GTconsult
Steve MarshDirector of Product Marketingat Metalogix
www.metalogix.com
@drstevemarsh
stevem@metalogix.com
Christian BuckleyManaging Director at GTconsultand Office365 MVP
www.gtconsult.com and www.buckleyplanet.com
@buckleyplanet
cbuck@gtconsult.com
3
Serious Tools. For Serious Collaboration.
At Metalogix, our Continuing Mission is to improve the use and performance of Enterprise Content to power knowledge sharing and collaboration.
14,000+ customer licenses shipped
Fastest Growing and Largest ISV.
Complete & Best-of-Breed tools for mission-critical collaboration platforms.
We are committed to your Success with Collaboration across Exchange, SharePoint and the Cloud.
About GTconsult
5
Managing SharePoint On-Premises vs. Online
What we’ll cover today:
• The evolution of SharePoint management
• What’s different about SharePoint Online
• Considerations for your transition to the cloud
• Considerations for managing a hybrid solution
The evolution of SharePoint management
7
SharePoint Growth & Evolution
SharePoint ReleasesMetadata
Content
www.Microsoft.com
8
Infrastructure maintained solely for customer
On premises or off
Managed by the customer, or by a 3rd party hoster
Private Cloud Hybrid Cloud
Multiple infrastructure options
Components both on premises and off premises
Management spread between customer and 3rd party hosters
Infrastructure shared by multiple customers
Off premises
Managed by 3rd party on behalf of customers
Public Cloud
Cloud Infrastructure Options
9
http://social.technet.microsoft.com/wiki/contents/articles/4633.what-is-infrastructure-as-a-service.aspx
Infrastructure
Platform
Software
Service Delivery
Financial Management
DemandManagement
Business Relationship
Management
Service Catalog Management
Service LifecycleManagement
Service Level Management
Continuity & Availability
Management
CapacityManagement
Information Security
Management
Operations
Managem
ent
Understanding service delivery roles
10
http://social.technet.microsoft.com/wiki/contents/articles/4633.what-is-infrastructure-as-a-service.aspx
Build
Buy
In HouseOut Source
Partner Hosted Private Cloud
• Dedicated environment
• Externally hosted
• Externally or internally managed
• Internally designed
Self Hosted Private Cloud
• Dedicated environment
• Internally hosted
• Internally managed
• Internally designed
Shared or Dedicated Public Cloud
• Shared or dedicated environment
• Externally hosted
• Externally managed
• Externally designed
Public Dedicated Cloud• Partially or fully dedicated
• Externally hosted
• Externally or internally managed
• Minimal customization
Traditional on premises
Ye Olde Build vs. Buy argument
11
What are the 5 most common SharePoint management concerns?
12
1. Defining (and communicating) policies and procedures
Always start with non-technical elements
Develop a security policy
Implement a training plan for end users
Develop a strategy for ensuring users know what content is confidential
34% of IT administrators said that they'd "sneaked a peek" at documents they weren't authorized to view, including employee details and salary information (DarkReading)
13
2. Failure to implement any kind of permissions best practices
Apply permissions using Least Privileged principles
Don’t give users Direct Access
Embrace SharePoint Groups and/or Active Directory Groups
Ensure Appropriate Use of the Authenticated Users Group
Clean up Orphan Users
Use Broken Inheritance Responsibly
Revoke permissions quickly
14
3. Failure to regularly audit access to content and sites
Are we adhering to Compliance or Governance requirements?
Who has been accessing specific content?
How often are specific sites being accessed?
What features of SharePoint are being used?
Are we managing the volume of log data?
15
4. Failure to monitor changes to security settings
SharePoint security requirements change over time
Ensure users are continuing to adhere to security policies
Prevent users from causing havoc
We need to plan how we will stay on top of changes
16
5. Failure to empower users and admins with the right tools and permissions
Rapid provisioning of sites and permissions
Find your responsible business content owners
Enable and Equip them to manage access to their content
Ensure management access is limited to those with appropriate permissions
Segment your administration responsibilities – Power Users, business owners
How to manage within SharePoint On-premises
18
Out of the Box Admin Toolkit
The Usual Three Suspects
Permissions Management
Reporting & Insight – e.g. usage, growth
Responding to Audit requests
Clean-up of sites and content
19
Managing Permissions
Farm Admin is Site Collection Admin
AD v SP Groups
Broken Inheritance
Direct Permissions
Misuse of “Authenticated Users”
Anonymous Access
20
Auditing Usage in SharePoint
Beware of the large log file
Beware of the “disappearing” log file
Reactive v Proactive
Be prepared for lots of mouse clicks
Brush up on your Excel skills
Brush up on your SSRS skills
21
User Activity - Popular Items
22
Simple.One SharePoint Site.
23
Not so Simple.More than One Site?
24
The Out of the Box Tools
25
The Security and Compliance Gap
36 percent of SharePoint users are breaching security policies-CMSWire
A survey revealed that 79 percent of the respondent said that they stored sensitive or confidential information on the SharePoint platform - CMSWire
Only 18 percent of enterprises use technical controls to prevent access to sensitive information. Most — 73 percent — rely on written policies or informal understandings with their workforce - CMSWire
“60% of organizations have yet to bring SharePoint into line with existing data compliance policies.” – AIIM
Two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place -Emedia
26
view SharePoint Governance as critical have a well defined strategy
The SharePoint Governance Gap
0%
10%
20%
30%
40%
50%
60%
70%
80%
67%
26%
- Redmond Magazine Survey, 2013
27
The End Result?
How to manage within SharePoint Online
Tactical Team Responsibilities
Operations Team
• Help Enforce Governance Plan
• Manage Routine Maintenance Tasks:
• Nightly Backups
• Usage Monitoring & Analysis
• Scheduled Task Validation
• Security Release & System Upgrades
Support Team
• Create Support System with SLA’s
• Respond to questions, bugs and other issue resolution
• Provide typical SharePoint Admin roles such as:
• Site Provisioning
• Security Permissions for users and groups
Development Team
• New features and program management while adhering to standards.
• Develop customized & personalized solutions for departments & division sites.
Whose job will be changing the most?
From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
Tactical Team Responsibilities
Operations Team
• Help Enforce Governance Plan
• Manage Routine Maintenance Tasks:
• Nightly Backups
• Usage Monitoring & Analysis
• Scheduled Task Validation
• Security Release & System Upgrades
• Oracle & DBA Role will be eliminated
• Active Directory Role could change (Ping Identity, FBA, etc.)
• No Equipment to Support
Support Team
• Create Support System with SLA’s
• Respond to questions, bugs and other issue resolution
• Provide typical SharePoint Admin roles such as:
• Site Provisioning
• Security Permissions for users and groups
Development Team
• New features and program management while adhering to standards.
• Develop customized & personalized solutions for departments & division sites.
From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
Impacts of Office 365
In some ways, it simplifies Governance
SharePoint and Exchange are primarily affected
Biggest impact of 365 has is on sizing limits
Data sprawl must be watched more carefully in Office 365 to avoid hitting capacity limits!
Feature Specifications
Storage (pooled)
10 GB per user500 MB per enterprise user 5 TB per Company
Site collection storage quotas
1 TB
OneDrive for Business storage allocation
1 TB
Site collections per tenant
500,000
Mailbox Size 25 gig
From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
Management Shell
SharePoint Online Management Shell is a Windows PowerShell module that you can use to efficiently manage SharePoint Online users, sites, site collections, and organizations
You can find a list of available cmdlets here (TechNet)
Simple mode Admin experience
When you’re in Simple mode in the SharePoint Online admin center, the left-hand navigation shows only site collections, user profiles, and settings.
Advanced mode
Streamlined Admin tasks
Easier to add users, auto assign available licenses, reset passwords, and manually set passwords (instead of auto generated)
Creating information management policies
Create a policy to use on multiple content types within a site collection.
Create a policy for a site content type.
Create a policy for a list or library. (location-based retention policy)
Transition toward the cloud
38
Keeping up to date with the Office 365 Roadmap
39
Adjusting to Office 365 Updates
No access to Correlation errors or backend.
No ability to troubleshoot.
The continual updates to the site can also cause strange errors.
You may have to use different management tools.
Moving to Office 365 means giving up some level of control. For example, you won't have any control over the patch management process, software upgrades, and other similar administrative tasks.
Management considerations for hybrid
41
Factors in your hybrid planning
Location / facilities
Software licenses and support
Hardware and maintenance
Onsite support, personnel skills
Level of customization
Governance, auditing, security, compliance
Disaster Recovery and Business Continuity
Upgrades and migration
42
Location / facilities Need space and maintenance planning Most likely provided
Software licenses and support
Licensing costs, but also upgrades and ongoing support
Included in vendor-hosted solutions
Hardware and maintenance
Need to purchase, support and maintain, and upgrade as platform matures
Included in vendor-hosted solutions
Onsite support, personnel skills
Administrative, developer, and end user skills and training
Still requires administrative and possibly dev skills, end user training
On Premises Cloud Hybrid
Need space and maintenance planning
Licensing costs, but also upgrades and ongoing support
Need to purchase, support and maintain, and upgrade as platform matures
Administrative, developer, and end user skills and training
43
Level of customization Full control
Limited to none in SaaS, some control over PaaS, full control over IaaS
Limited ability to integrate depending on SaaS, PaaS, or IaaS
Governance, auditing, security,
compliance
Many limitations OTB, but very robust tools from partners Limited
Very complex across on prem and cloud components, very manual
Disaster Recovery and Business
Continuity Needs to be planned, limited features OTB Defined in SLAs
Upgrades and migration
Some OTB capabilities, 3rd party for tighter control and predictability
Microsoft recommends 3rd party tools
On Premises Cloud Hybrid
Very complex across on prem and cloud components, very manual
Some OTB capabilities, 3rd party for tighter control and predictability
44
Hybrid Health Warning!
Search Experience Limitations
Authentication Challenges
Lack of “Global” Navigation
Broken User Experience?
Different Release Schedules
As Complexity Increases the Inherent Weaknesses in the Out of the Box Tools will be Magnified! (1+1=5)
45
SummarySecurity, Administration and Governance for SharePoint On-Premises,
Online, and Everything In-Between
46
Best Practices
Focus on the user experience
Make governance a priority
Understand how your common management tasks scale across your online and on-premises systems
Clarify and document your permissions, information architecture, templates, content types, taxonomy -- and ownership of each
First define what policies, procedures, and metrics are needed to manage your environment, and then look at what is possible across your various tools and platforms
47
ControlPoint: Security and Compliance
BenefitsObjectives
Minimize or eliminate security breaches & unauthorized access to sensitive content
Meet compliance requirements for access control
Anticipate future IT needs to manage at scale
Eliminate human error with policy driven security across SharePoint farms
Mitigate risk of data loss due to unauthorized access to content
Provide audit trails of content access
Provide details of content growth and user activity
Provide automation of governance policies
48
30 Day Trial of ControlPointwww.metalogix.com/controlpoint
Governance Best Practices E-Bookhttp://
www.metalogix.com/Resources/Promotions/ControlPoint/White-Papers-and-E-books/SharePoint-Governance-Best-Practices.aspx
5 Step Plan for Securing SharePoint E-Bookhttp://
www.metalogix.com/Resources/Promotions/ControlPoint/White-Papers-and-E-books/5-Step-Plan-To-Securing-SharePoint.aspx
Recorded Webinar – SharePoint Permissions Audits, Reports & Policy Enforcement
http://www.metalogix.com/Resources/Promotions/ControlPoint/recordings/140925-us-cp-wb-sharepoint-permissions-audits-reports-and-policy-enforcements
Steve MarshDirector of Product Marketingat Metalogix
www.metalogix.com
@drstevemarsh
stevem@metalogix.com
Christian BuckleyManaging Director at GTconsultand Office365 MVP
www.gtconsult.com and www.buckleyplanet.com
@buckleyplanet
cbuck@gtconsult.com
Thank You
50
www.gtconsult.com
www.metalogix.com
Recommended