Managing SharePoint On-Premises vs. Online -- Compare and Contrast
•Download as PPTX, PDF•
14 likes•10,080 views
Presentation first given at SPTechCon Boston 2014. Focuses primarily on capabilities and limitations of Office 365 administration.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (17)
Similar to Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Similar to Managing SharePoint On-Premises vs. Online -- Compare and Contrast (20)
More from Christian Buckley
More from Christian Buckley (20)
Recently uploaded
Recently uploaded (20)
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
- 1. Managing SharePoint On-Premises vs. Online: Compare & Contrast CHRISTIAN BUCKLEY MANAGING DIRECTOR @GT_CONSULT
- 2. Christian Buckley Managing Director & Office 365 MVP GTconsult www.buckleyplanet.com @buckleyplanet cbuck@gtconsult.com
- 3. Managing SharePoint On-Premises vs. Online What I’ll cover today: • The evolution of SharePoint management • What’s different about SharePoint Online • Considerations for your transition to the cloud • Best practices for managing a hybrid solution
- 5. SharePoint Growth & Evolution SharePoint Releases Metadata Content
- 6. Infrastructure maintained solely for customer On premises or off Managed by the customer, or by a 3rd party hoster Private Cloud Hybrid Cloud Multiple infrastructure options Components both on premises and off premises Management spread between customer and 3rd party hosters Infrastructure shared by multiple customers Off premises Managed by 3rd party on behalf of customers Public Cloud More infrastructure options
- 7. Partner Hosted Private Cloud • Dedicated environment • Externally hosted • Externally or internally managed • Internally designed Self Hosted Private Cloud • Dedicated environment • Internally hosted • Internally managed • Internally designed Shared or Dedicated Public Cloud • Shared or dedicated environment • Externally hosted • Externally managed • Externally designed Public Dedicated Cloud • Partially or fully dedicated • Externally hosted • Externally or internally managed • Minimal customization Traditional on premises Ye Olde Build vs. Buy argument
- 8. Service Delivery Understanding service delivery roles
- 9. What are the 5 most common SharePoint management concerns?
- 10. 1. Defining (and communicating) policies and procedures Always start with non-technical elements Develop a security policy Implement a training plan for end users Develop a strategy for ensuring users know what content is confidential 34% of IT administrators said that they'd "sneaked a peek" at documents they weren't authorized to view, including employee details and salary information (DarkReading)
- 11. 2. Failure to implement any kind of permissions best practices Apply permissions using Least Privileged principles Don’t give users Direct Access Embrace SharePoint Groups and/or Active Directory Groups Ensure Appropriate Use of the Authenticated Users Group Clean up Orphan Users Use Broken Inheritance Responsibly Revoke permissions quickly
- 12. 3. Failure to regularly audit access to content and sites Are we adhering to Compliance or Governance requirements? Who has been accessing specific content? How often are specific sites being accessed? What features of SharePoint are being used? Are we managing the volume of log data?
- 13. 4. Failure to monitor changes to security settings SharePoint security requirements change over time Ensure users are continuing to adhere to security policies Prevent users from causing havoc We need to plan how we will stay on top of changes
- 14. 5. Failure to empower users and admins with the right permissions Find your responsible business content owners Enable and Equip them to manage access to their content Ensure management access is limited to those with appropriate permissions Segment your administration responsibilities – Power Users, business owners
- 17. Impacts of Office 365 In some ways, it simplifies Governance SharePoint and Exchange are primarily affected Biggest impact of 365 has is on sizing limits Data sprawl must be watched more carefully in Office 365 to avoid hitting capacity limits! Feature Specifications Storage (pooled) 10 GB per user 500 MB per entprse user 5 TB per Company Site collection storage quotas 100 GB My Site storage allocation 500 MB Site collections per tenant 300 Mailbox Size 25 gig From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
- 18. Tactical Team Responsibilities Operations Team • Help Enforce Governance Plan • Manage Routine Maintenance Tasks: • Nightly Backups • Usage Monitoring & Analysis • Scheduled Task Validation • Security Release & System Upgrades Support Team • Create Support System with SLA’s • Respond to questions, bugs and other issue resolution • Provide typical SharePoint Admin roles such as: • Site Provisioning • Security Permissions for users and groups Development Team • New features and program management while adhering to standards. • Develop customized & personalized solutions for departments & division sites. Whose job will be changing the most? From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
- 19. Tactical Team Responsibilities Operations Team • Help Enforce Governance Plan • Manage Routine Maintenance Tasks: • Nightly Backups • Usage Monitoring & Analysis • Scheduled Task Validation • Security Release & System Upgrades • Oracle & DBA Role will be eliminated • Active Directory Role could change (Ping Identity, FBA, etc.) • No Equipment to Support Support Team • Create Support System with SLA’s • Respond to questions, bugs and other issue resolution • Provide typical SharePoint Admin roles such as: • Site Provisioning • Security Permissions for users and groups Development Team • New features and program management while adhering to standards. • Develop customized & personalized solutions for departments & division sites. From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
- 20. Management Shell SharePoint Online Management Shell is a Windows PowerShell module that you can use to efficiently manage SharePoint Online users, sites, site collections, and organizations You can find a list of available cmdlets here (TechNet)
- 21. Simple mode Admin experience When you’re in Simple mode in the SharePoint Online admin center, the left-hand navigation shows only site collections, user profiles, and settings.
- 22. Advanced mode
- 23. Streamlined Admin tasks Easier to add users, auto assign available licenses, reset passwords, and manually set passwords (instead of auto generated)
- 25. Microsoft System Center 2012 R2 Microsoft System Center is an integrated management platform that helps you manage data center, client devices, and hybrid cloud IT environments. Office 365 admins who use System Center now have the option to import the Office 365 Management Pack, which enables you to view all service communications within Operations Manager in System Center. Using this tool gives you access to the status of your subscribed services, active and resolved service incidents, and your Message Center communications. System Center supports alerts that are generated when a specific condition, such as a service incident in a subscribed service, occurs. You can configure these alerts so they trigger email notifications, keeping you in the loop on the status of your environment.
- 27. Sidebar: Partner Perspective Microsoft provides management tools and a dashboard, referred to as the Partner Admin Center, specifically for partners that maintain Office 365 environments for their customers. This tool supersedes an Office 365 admin center that didn't consolidate all of a partner's customers and was more focused on selling new or additional services. The new partner admin center has five main functions: To provide a Microsoft service-outage notification service to keep partners a step ahead of customers. To provide a view into a customer's Office 365 service health status and details. To provide a federated view of all of the partner’s customers for which it has delegated admin privileges. To enable a partner to create, edit and view service requests on behalf of customers. To allow a partner to perform administrative tasks on behalf of customers.
- 28. Sidebar: Partner Perspective A client management tab shows all of a partner's customers along with any alerts next to each customer's name about their service health. Drilling into the service health tab for each customer shows a granular list of the services a customer uses. Each service has a green checkmark for the day if all is well, or one of a number of symbols if all isn't well. Trouble signals include service interruption, service degradation, restoring service, extended recovery, investigating, service restored or additional information.
- 30. Office 365 Service Communications API The Office 365 Service Communications API enables you to access Office 365 service communications the way you want. This API gives you the ability to create or connect your tools to Office 365 service communications, potentially simplifying how you monitor your environment. The Service Communications API enables you to monitor the following in your environment: Real-time service health. New and ongoing service incidents and ongoing maintenance events that impact you can be queried for status updates. Message Center communications. Find Message Center communications that are applicable to your Office 365 environment. Planned maintenance notification. Advanced notification of planned maintenance enables you to develop appropriate communications and operational strategies for your organization. The Service Communications API also supports admins who manage Office 365 environments on behalf of others, for example, partners.
- 31. O365 Message Center Remember to check the Message Center regularly to stay in the loop and up to date with what is going on in your Office 365 environment. Notifications on any potential issues with your environment, changes to your service, and other communications from Microsoft will come through the Message Center.
- 32. Proactively check DNS records To help ensure that you have the correct configuration, Microsoft provides a solution that enables Office 365 to proactively check your DNS records. If your DNS records do not match your environment, you will receive a notification through the Office 365 admin center, including proposed actions to resolve potential DNS records issues.
- 33. Boundaries and Limitations Find the boundaries and limitations based on your Office 365 plan: Storage per user (contributes to total storage base of tenant) Additional storage (per GB per month); no minimum purchase Storage base per tenant Site collection storage limit Site collections (#) per tenant Sub-sites Personal site storage Public Website storage default File upload limit File attachment size limit Sync limits Maximum number of users per tenant Number of external user invitees
- 34. Security, compliance, and privacy With Office 365, Microsoft thinks about security, compliance, and privacy as having two equally important dimensions: Service-level capabilities that include technical features, operational procedures, and policies that are enabled by default for customers using the service. Customer controls that include features that enable businesses to customize the Office 365 environment based on the specific needs of their organization. See the Office 365 Trust Center information portal for more information
- 35. Searching for Sensitive Data Data Loss Prevention (DLP) for SharePoint Online and OneDrive for Business is now built into your existing Enterprise Search. It allows you to search for sensitive content in your existing eDiscovery Center. Search on 51 built-in sensitive information types across both SharePoint Online and OneDrive for Business. Export the results or download a copy of the query results, or save the query so that you can conduct in-depth research on the query results. Once saved, you can inspect the documents, check for false positives, and further hone or expand the query if needed. Document location is included, as well as the original file structure from SharePoint, so that all paths are preserved in the downloaded copy. Use DLP in SharePoint Online to identify sensitive data stored on sites (TechNet)
- 36. Creating information management policies Create a policy to use on multiple content types within a site collection. Create a policy for a site content type. Create a policy for a list or library. (location-based retention policy)
- 37. Audit log events Opened and downloaded documents, viewed items in lists, or viewed item properties (This event is not available for SharePoint Online sites) Edited items Checked out and checked in items Items that have been moved and copied to other location in the site collection Deleted and restored items Changes to content types and columns Search queries Changes to user accounts and permissions Changed audit settings and deleted audit log events Workflow events Custom events
- 38. Available audit reports Content modifications. Reports changes to content, such as modifying, deleting, and checking documents in and out. Content type and list modifications. Reports additions, edits, and deletions to content types. Content viewing. Reports users who have viewed content on a site. In SharePoint Online, this report will be blank as these events are not captured during auditing. Deletion. Reports what content has been deleted. Run a custom report. You can specify the filters for a custom report, such as limiting the report to a specific set of events, to items in a particular list, to a particular date range, or to events performed by particular users. Expiration and Disposition. Reports all events related to how content is removed when it expires. Policy modifications. Reports on events that change the information management policies on the site collection. Auditing settings. Reports changes to the auditing settings. Security settings. Reports changes to security settings, such as user/group events, and role and rights events.
- 39. Managing your App catalog The app catalog is how you make apps available to your organization. It’s a SharePoint library that contains all of the apps you have for your org. The Office clients point to this library, so if you want to give your users access to a new app for Office, just add the manifest file to the library, and the app will automatically show up. Also true for SharePoint apps. Just add the app package to library and it will appear for everyone. Since the app catalog is a SharePoint library you can easily manage who gets access to what app, and quickly make updates when needed.
- 40. External collaboration settings Office 365 provides a single console from which you can manage external collaboration. By enabling these settings, you can give your users the ability to share access to their SharePoint sites and documents and Exchange calendars, so they can collaborate more easily with people in external organizations. By enabling the Lync collaboration setting, you can give your users the ability to communicate with people outside of your organization.
- 41. Platform Telemetry What documents are used by the most people? What documents host apps? What are the most popular apps? Are they running properly and not, for example, consuming too much CPU time? Are solutions loading from the local disk? SharePoint? As mail attachments? How long do add-ins slow down the loading of Office apps? How can I manage solutions centrally? Deploy Telemetry Dashboard (TechNet)
- 42. What about OneDrive? Sync & share documents Collaborate on document security with individuals inside and outside the company Access content and information anywhere and from almost any device Control content life cycle and versioning Manage access permissions Access with native mobile client apps for windows 8 and IOS. 3rd party company (concept searching)to manage – could solve compliance and governance issues with OneDrive From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole
- 44. Keeping up to date with the Office 365 Roadmap
- 45. Adjusting to Office 365 Updates No access to Correlation errors or backend. No ability to troubleshoot. If you receive an error, the logs don’t provide much help because it can take Microsoft days or weeks to come back with a correlation ID, if they do at all. The continual updates to the site can also cause strange errors. For example, for a couple of weeks you couldn’t save a template of a site. This was caused by some code changes the developers had made on the server which obviously needed to be rolled back or fixed, but requires the entire O365 environment to be hot-fixed.
- 46. Adjusting to Office 365 Updates You may have to use different management tools. Moving to Office 365 means giving up some level of control. For example, you won't have any control over the patch management process, software upgrades, and other similar administrative tasks.
- 48. Factors in your cloud planning Location / facilities Software licenses and support Hardware and maintenance Onsite support, personnel skills Level of customization Governance, auditing, security, compliance Disaster Recovery and Business Continuity Upgrades and migration #T16CloudESPC
- 49. Need space and maintenance planning Most likely provided Licensing costs, but also upgrades and ongoing support Included in vendor- hosted solutions Need to purchase, support and maintain, and upgrade as platform matures Included in vendor- hosted solutions Administrative, developer, and end user skills and training Still requires administrative and possibly dev skills, end user training On Premises Cloud Hybrid Need space and maintenance planning Licensing costs, but also upgrades and ongoing support Need to purchase, support and maintain, and upgrade as platform matures Administrative, developer, and end user skills and training
- 50. Full control Limited to none in SaaS, some control over PaaS, full control over IaaS Limited ability to integrate depending on SaaS, PaaS, or IaaS Many limitations OTB, but very robust tools from partners Limited Very complex across on prem and cloud components, very manual Needs to be planned, limited features OTB Defined in SLAs Some OTB capabilities, 3rd party for tighter control and predictability Microsoft recommends 3rd party tools On Premises Cloud Hybrid Very complex across on prem and cloud components, very manual Some OTB capabilities, 3rd party for tighter control and predictability
- 52. Best Practices Focus on the user experience Make governance a priority Look at your systems holistically (a business view), regardless of where the servers sit Clarify and document your permissions, information architecture, templates, content types, taxonomy -- and ownership of each First define what policies, procedures, and metrics are needed to manage your environment, and then look at what is possible across your various tools and platforms
Editor's Notes
- Demo – Permissions Report Highlight how someone gets permissions Show users with Direct Permissions Show Cleanup User Permissions Show Authenticated Users Orphan User Revoke Permissions From pervious slide – show tagging sites to show confidential, etc
- Demo Audit log report Site or Site Collection features Talk about archiving the audit log
- Demo CP alerts for permissions changes - Receive alerts when changes are made CP policies - Prevent users from causing havoc
- These factors will help you decided how much your own organization can support, as well as help you determine the suitability of vendors
- Point out that in this example, cloud = Office365