Blog Banner

Tag Archives: SharePoint

Message In a Bottle – Identity and Access Management in the SharePoint World

Decorative image of ship in bottle


For a long time, identity and access management (IAM) has been something outside the world of most implementations. Who you are, and what you can do, have stayed almost entirely within the walled garden of SharePoint farms.

Over the past few years, however, SharePoint’s been spilling out of its bottle – into the cloud and into engagement with users and systems outside the realm of on-premises data centers, networks, and Active Directory. IAM is no longer something done for “other” enterprise systems, but important to consider as new usage comes into SharePoint, and as SharePoint apps and content are extended outside the traditional farm.

Better Together: HiSoftware and Cryptzone

Decorative image of the better together milk and cookiesIf you read this morning’s newswires you may have seen that HiSoftware made a significant announcement. Cryptzone, a global provider of data security and identity and access management (IAM) solutions, has acquired HiSoftware. This is an exciting time for both companies as we unite, as well as for our rapidly growing customer base.

Chris McNulty Awarded Microsoft MVP Award for Second Year

Headshot of Chris McNulty, HiSoftware CTOIt is with great pleasure that I congratulate our CTO, Chris McNulty (@cmcnulty2000), for once again being awarded the Microsoft® MVP Award. Chris was first awarded the prestigious accolade in 2013 and has once again received it for 2014.

The Microsoft Most Valuable Professional (MVP) Award is Microsoft’s way of saying thank you to exceptional, independent community leaders who share their passion, technical expertise, and real-world knowledge of Microsoft products with others. It is part of Microsoft’s commitment to supporting and enriching technical communities. Even before the rises of the Internet and social media, people have come together to willingly offer their ideas and best practices in technical communities.

SharePoint’s Most Wanted Governance Offenders

Earlier this year, we asked you to tell us about the biggest offenders in SharePoint who are constantly putting their organizations at risk, bypassing governance and training, and whose bad habits are frustrating their co-workers. Meet the 5 Most Wanted characters we uncovered in our new infographic, and learn a few helpful tips to stop them in their tracks.

Infographic image of Most Wanted Offenders

Download a copy of the SharePoint’s Most Wanted Governance Offenders Infographic.


SharePoint 2013 Tips – Part 3 Branding SharePoint & ILM

To date in my SharePoint 2013 tips series I’ve discussed information architecture at scale, site sprawl and version control in part one and sharing and sending documents as well as storage in part two. Today’s third part of my series I’m discussing branding SharePoint and Information Lifecycle Management.

Decorating SharePoint

No more blue boxes. Literally.  SharePoint “branding” used to be a more esoteric science of hand tooled features and CSS files.  SharePoint 2010 introduced the seldom-used ability to define custom site themes by using PowerPoint.  That was an interesting step (no one ever used it), but now you can make key changes directly from the browser using Composed Looks.

With Composed Looks, a site owner can restyle a site with custom layouts, fonts, colors and background images.  Here’s the editing screen – you get here from the Site Settings menu option.  Or just pick “Change the look” from the setting “gear” icon in the top right of the screen.

SharePoint 2013 Tips – Part 1 Scale, Sprawl and Control

Over the next five week’s I’ll offer advice and tips on SharePoint 2013 collaboration. Today’s blog focuses on information architecture at scale, site sprawl and version control.

“Nobody goes there anymore. It’s too crowded.” – Yogi Berra

In many ways, that’s become SharePoint’s problem in its second decade.  We take it for granted.

Now, don’t feel bad for Microsoft.  SharePoint has an enviable track record of sustained double digit growth, with hundreds of millions of users on premises and in the cloud.  Now on its fifth major release, SharePoint 2013, SharePoint offers peerless document-centric storage and collaboration on a platform most enterprises already own.

It hasn’t been a seamless rise, though. The first version of SharePoint Portal Server 2001 offered web-based document storage, but it was primitive and low capacity.  It wasn’t until SharePoint 2003 that enterprises began moving substantial content from legacy file shares into SharePoint.

Screen shot of SharePoint Portal 2003SharePoint 2003, from

However, while the platform has continued to grow and evolve over the past decade, many business user expectations haven’t moved on from the days when Kid Rock ruled the music charts:

  • All documents on a site had the same permissions
  • One library per site
  • A different site for each kind of content
  • Documents described with naming and titles, not metadata
  • Maximum of 2 million documents

But that’s not SharePoint today.  Let’s look at some of the tools and tips that make it a far more powerful tool for collaboration.   Pretend that the last ten years never happened, and SharePoint 2013 is the first version of the platform you’ve used.  Where to start?  What have you missed in the last ten years?

Let’s get caught up.  We’ll start by looking at baseline changes in architecture, permissions, communications and versioning.  Then we’ll look at how you can add color to your documents with user interface design and metadata.  Finally, we’ll conclude with a review of SharePoint’s new collaboration features, like co-authoring.

SharePoint’s collaboration foundation

Information architecture at scale

Ten years ago, most SharePoint farms were organized as hierarchies, limited to Active Directory logins.   You had a corporate home page, a few departmental sites, and most “Team Sites” were temporary collaborative spaces, set up as children of a parent department.

  • Home Page (One big site collection)
    • US
      • HR
      • IT
        • Project1
    • Marketing
    • Department1
    • Department2
      • Team2
      • Project3
        • Project3 Archive
      • ProjectX
  • Europe
    • Etc.


SharePoint 2013, on the other hand, has the capacity to handle vastly increased amounts of content, and to have multiple libraries on the same site – with granular permissions possible for each document.   In addition, multiple hybrid authentication schemes leveraging “claims” make it possible to unify internal AD users and external stakeholders on the same sites.   These collaboration areas are likely to be independent site collections[1], so sharing there doesn’t require giving permission to child or parent sites.  It also allows for a “flatter” information architecture.

Getting rid of site sprawl

SharePoint ‘adoption’, at one point, was mostly about pointing people to the right subsection of the site.  And if there was another team that needed similar information, people copied those files to the other site.  In the example above, if the IT department was supporting ProjectX, it was likely that some of the ProjectX documents were added to the IT site to make them “easier to find”.  Many enterprises kept all their sites in one massive site collection – leading to great security complexity.  Also, because of authentication complexity, internal and external stakeholder seldom shared the same sites.

As a result, you’re more likely to see site structures like this:

  • Internal Home page
    • Divisions
      • US
      • EMEA
  • Departments
    • HR
    • IT
    • Marketing
    • Department1
    • Department2
    • Documents
    • Collaboration Home page (Web Application)
      • Projects (Managed path)
        • Project1 (Site collection)
        • Project3
        • ProjectX
  • Teams
    • Team2

In this example, the division and department sites are, more than likely, publishing content to be used INSIDE the enterprise.

Finally, SharePoint 2010 and 2013 introduced a new site template – the Document Center. Document Centers are designed to be large scale, common document repositories for 250,000 documents or more.  Whereas SharePoint 2003 required a new site for each library, leading to LOTS of small libraries, you can store thousands of documents in the same place, and use security, dynamic access, and filters to generate focused views of the content.

One version of the truth

SharePoint 2013 is a high capacity platform.  Expansions in SQL and storage optimization, along with tools like Remote BLOB Storage create nearly limitless capacity for enterprise documents – up to 4TB under the right conditions.    But that’s no reason to allow SharePoint to proliferate with redundant or obsolete content.

Have you ever seen a file share, or even a library, with files named:

  • 2009 Proposal
  • 2009 Proposal_AKedits
  • 2009 Proposal_Final

If you add those files to SharePoint, all three can be edited independently.  It’s far better to keep all three “linked” as part of one logical document.  Versioning can be enabled for any library in SharePoint, allowing you to see who edited the file, what changed, and when.  Once enabled, the context menu […] can bring you to the version history inside the browser.

Screen shot of SharePoint Version History

And once enabled, the versions are also surfaced inside Office 2013’s ‘Backstage” controls (the colored leftmost tab in the UI.

Screenshot of Versions and Check Out

From Office or the browser, you can review, compare, or rollback older versions.  In more advanced use cases, you can also require documents have to be “checked out” before editing – ensuring only one person can make changes at a time.  You can still maintain a clean interface because you’re not showing redundant copies of the same thing – but they’re all still there, stacked “behind” the current file in Version History.

In part two, I’ll look at sharing and sending documents as well as storage.

[1] Or you could use Dynamic Access and use metadata classification to define security.

Understanding the Limitations of SharePoint Permissions Inheritance

Decorative image of Permission keyboardThe underlying Microsoft model may look simple, but it creates several complex issues and problems. It also has significant limitations when finding solutions for non-employee access. For example:

  • If the site administrator is responsive to the user’s needs, then hundreds of sites will get created to satisfy collaboration demands.
  • Users quickly find that there are too many sites, creating confusion and difficulty in searching for content. Where are their documents? Where should they put new documents?
  • On the other hand, if the site administrator is not responsive, then collaboration is stifled and user productivity drops.
  • Alternatively, if the administrator allows users to break the inheritance to create unique security permissions by using the Sharing tool, then it does not take much for a reasonably sized team to exceed the threshold for unique security scopes (5,000).

Business need to go beyond the constraints of inheritance and item permissions to achieve their objectives.

Powered by WordPress