How Microsoft does SharePoint Governance for their internal platform

english sources from:http://www.balestra.be/2012/04/how-microsoft-does-sharepoint-governance-for-their-internal-platform.html

April 5th, 2012 | Posted by Marijn in community | Governance | Microsoft

A few months ago, Microsoft IT released a document( and webcast) that describes the extra effort they took to balance their SharePoint implementation.

In short, they had following problems with their platform:
1.Environment was growing at a rate of 1 terabyte every three months

    • MSIT lacked formal lifecycle management processes.
    • Negative impact on the relevance of search results
    • Difficult for users to find content.

2. Rapid growth created multiple usability and performance issues for users

    • Difficulty keeping track of all their sites.
    • Little guidance about what type of site would best suit their needs.
    • Lacked centralized visibility to the sites they created.
    • many orphaned team and personal sites
    • Inactive document and meeting workspaces.

3. Team or project sites inaccessible by a site owner leaving the organization with no rollover of site ownership.

    • Information security classification standards weren’t being consistently and properly applied to content that was being added to libraries.
    • Unsure about the business risk and impacts for their particular content

First action: Create a Governance board

First of all, they formed a governance board. This board had members from Legal, Security, IT operations and Records management.
Their job was to:

    • Review the SharePoint information architectures
    • Identify potential inefficiencies.
    • determined project goals
    • Governance policies.

The goal was to:

    • Manage SharePoint growth.
    • Reduce the number of unused site collections by 25 percent.
    • Achieve 100 percent compliance for site classifications.
    • Establish clear end-user ownership and accountability for at least 90 percent of site collections.

Action!

The board came up with these following 4 policies and actions :

Policy 1: Site Classification

This policy had 2 implications:

Sites must assign and maintain

    – site information classification & expiration date
    – information security classification
    – Ownership

Team sites must have at all times.

    – one full-time employee site owner
    – two administrators

For new sites, they developed a self-service framework for site owners and administrators. Here, users can select from a variety of hosting options that include personal, team collaboration, extranet, dog food (beta), portal, and customized sites. They fill out a form that defines audience reach and primary intended use and select a template.
Existing sites get a notification about actions that have to be taken in order to allow the site to exist.

A second development MSIT took was to create a custom functionality: My Site Collection Manager. That is used to Manage, classify, and delete unused sites.

A third development was the Security Risk classification. To help users properly classify their sites as part of the site provisioning process, or in response to a site alert, MSIT has provided a set of questions to the user about the content that will be stored on their site. Based on the user’s answers, the site is automatically classified for them according to the information security requirements for their content type:

High business impact (HBI)
• Only authorized people with a need to know
• Unauthorized disclosure of HBI could cause severe or catastrophic material loss that includes (without limitation) theft of financial instruments or property, operational disruption, identity theft, brand misappropriation, damage to Microsoft’s reputation, or significant legal and regulatory liability.
• HBI also includes highly sensitive personally identifiable information (PII), which is also subject to the Microsoft privacy policy.

Medium business impact (MBI)
• This information is usually labeled Confidential or MBI.
• Only specific groups of employees, or approved non-employees with a legitimate Microsoft business need, have access to MBI content.
• Unauthorized disclosure may cause serious material loss due to identity or brand damage, operational disruption, damage to Microsoft’s reputation, or legal or regulatory liability.

Low business Impact (LBI)
• LBI information is not confidential and is generally intended for wide audiences under the non-disclosure agreement (NDA).
• Unauthorized disclosure could cause limited to no material loss.

Policy 2: Site lifecycle management of expired/abandoned sites

Sites expire one year after creation and must be renewed annually. Sites that have no activity over a period of six months are considered abandoned and are subject to decommission.
Reducing the number of site collections to only those that are active helps MSIT to:
• Govern their SharePoint hardware usage by minimizing the infrastructure footprint.
• Reduce the size of the Search Index and improve relevancy of user search results.
• Minimize downtime during server upgrades and patching.

Policy 3: Site storage and quota management

Depending on the hosting environment, storage quota limits range from 2 gigabytes (GB) to 100 GB, depending on the type of sites and hosting options. SharePoint libraries and lists are not to exceed 5,000 items. Sites are backed up daily and recoverable up to 14 days.
MSIT leveraged many SharePoint 2010 configuration features to impose limits, or quotas, on the size of SharePoint sites. This encourages users to be mindful of keeping only active and useful information on SharePoint sites. Quota templates define site collection size and storage availability, and are different for each hosting platform:
• Quotas range from 2 GB for a personal site, 5 or 10 GB for a portal, and up to 100 GB for a fee-based custom site.
• An automated email warning is mailed to the site administrators as the site’s storage quota approaches. Site owners can either request more space, or clean up and archive their old content.

MSIT performs a full data backup once every Sunday, followed by six daily differential backups. In the event that a restore is necessary, recovered data will reflect the state of the application at last successful backup. Three complete consecutive data backup sets are retained and rotated to provide MSIT the ability to support a 14-day recoverability service level agreement (SLA). One full backup is committed to tape each month and sent offsite for 90 days. MSIT cannot respond to requests that are outside of the data retention policies.

MSIT can only recover entire deleted sites or subsites from backup. Libraries, lists, and document content cannot be recovered through backup. SharePoint 2010 Service Pack 1 provides a user-accessible Recycle Bin for document content, libraries, and lists from which users can restore their deleted content.

Policy 4: Customization and server-side access

To prevent changes in the environment that might negatively impact other site collections, require additional resources for proper monitoring, or prevent future server upgrades, MSIT does not allow server-side access or configuration changes by users on most of the standard SharePoint hosted services offerings (utility environment). The utility environment only includes SharePoint Out-Of-Box (OOB) features. Only site-level customizations (web parts, basic page configurations, and other OOB components) are supported by MSIT. Server-side customizations are allowed only in custom portal solutions, and by using the new sandbox feature in SharePoint 2010. The sandbox solution allows site collection owners to deploy server-side code that pertains only to their site collection.

Outcome and conclusions

Reducing the number of unused site collections has made more efficient use of the resources that MSIT commits to SharePoint and IT Operations by ensuring that all of the data that MSIT must make available, redundant, and recoverable is current and valid. For example, one of MSIT’s SharePoint implementations has more than 40,500 site collections. After analysis of the last modified dates as documented in the self-service framework, 10,000 sites were identified as inactive and decommissioned. Of the remaining sites, an additional 16,000 have been locked and are currently pending decommission.

For example, one of MSIT’s SharePoint implementations has more than 40,500 site collections. After analysis of site expiration dates and out of compliance deadlines as documented in the self-service framework, 10,000 sites were identified as inactive and decommissioned. Of the remaining sites, an additional 16,000 have been locked and are currently pending decommission. MSIT is on track to clean up roughly 50 percent of the site collections in that single SharePoint farm. At an average of 5 GB per site, the reduction in disk space alone has been a significant savings. User performance has also been improved as searches are faster and the results are more relevant.

By enforcing quotas and reducing the amount of disk space consumed by inactive and abandoned sites, MSIT has been able to manage its rate of growth, freeing up the resources and the capacity for new SharePoint projects.
With the development of the self-service framework, users now are better able to manage their sites. Automating the process for classifying data against the information security classification standards and removing broad access to sites with HBI and MBI information has improved the security of the content as well as raised user awareness and encouraged their active participation in maintaining compliance.

[IT学习]微软如何做网站内容治理的更多相关文章

  1. 《Spring Cloud》学习(一) 服务治理!

    前言:之前网上学习过Spring Cloud,对于工作上需要是足够了,总归对于一些方面一知半解,最近难得有些闲暇时间,有幸读了崔永超先生的<Spring Cloud 微服务实战>,一方面记 ...

  2. 学习微软中间语言(MSIL)的绝佳工具 Dotnet IL Editor 推荐

    Dotnet IL Editor是一款.NET平台反编译工具,可以反编译.NET程序集文件为IL代码,并且可以执行,调试反编译后生成的IL代码.它的设计出发点比较直观,新建一个项目,添加程序集文件,设 ...

  3. html5与css3学习实践--基础的内容划分标签

    从位置上划分出网页的区域以后,就需要用到网页的内容标签了,比如<article>.<aside>.<nav>.<p>.<h1>等.网页中,这 ...

  4. html学习第一讲(内容html常规控件的的使用)

    <html> <head> <title> 这是网页的标题</title> </head> <body> <h2>& ...

  5. 3天学习完AngularJS基础内容小结

    简介:AngularJS 是一个 JavaScript 框架.它是一个以 JavaScript 编写的库. 一.AngularJS大致功能模块 二.页面交互变得简单 1.示例:计算价格 <htm ...

  6. 侯捷STL学习(12)--STL相关内容hash+tuple

    layout: post title: 侯捷STL学习(12) date: 2017-08-01 tag: 侯捷STL --- 第四讲 STL相关的内容 Hash Function 将hash函数封装 ...

  7. java学习方向及主要内容

    Java分成J2ME(移动应用开发),J2SE(桌面应用开发),J2EE(Web企业级应用),所以java并不是单机版的,只是面向对象语言.建议如果学习java体系的话可以这样去学习: *第一阶段:J ...

  8. anyproxy学习3-修改返回内容(beforeSendResponse)

    前言 fiddler可以抓包打断点后,修改返回的内容,便于模拟各种返回结果.anyproxy也可以通过写rule模块规则,模拟返回状态码.头部.body beforeSendResponse befo ...

  9. 【WPF学习】第二十章 内容控件

    内容控件(content control)是更特殊的控件类型,它们可包含并显示一块内容.从技术角度看,内容控件时可以包含单个嵌套元素的控件.与布局容器不同的是,内容控件只能包含一个子元素,而布局容器主 ...

随机推荐

  1. Ubuntu使用tcpdump工具

    Ubuntu默认是安装好了tcpdump工具的,如果没有安装的话使用sudo apt-get install tcpdump即可安装.   (如果遇到tcpdump: no suitable devi ...

  2. VS2010 error C3861: “exit”: 找不到标识符

    #include <stdlib.h> 可以解决问题

  3. Android概述

  4. dbca no protocol support

    http://blog.itpub.net/26937943/viewspace-1325094/

  5. UML中的依赖关系

    UML中的五种关系和设计模式中的代码实现. 又重新听了一遍UML中的关系.感觉又是收获很大. UML中的关系有依赖,关联(聚合,组合),泛化(也叫继承),实现 现在一个一个的来实现: 一:依赖 依赖关 ...

  6. PHP 文件上传类

    FileUpload.;                $];                $_newname = date(,). :                             To ...

  7. strcat函数造成的段错误(Segmentation fault)

    转自:http://book.51cto.com/art/201311/419441.htm 3.21  strcat函数造成的段错误 代码示例 int main() { char dest[7]=& ...

  8. hdu 1430+hdu 3567(预处理)

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=1430 思路:由于只是8种颜色,所以标号就无所谓了,对起始状态重新修改标号为 12345678,对目标状 ...

  9. CC2540开发板学习笔记(五)——串口通信

    (一)串口发送 一.实验现象: 开发板实现功能发送 二.实验过程 1.PL2303 USB转串口电路图 2.串口发送 (1)查看用户手册有: UART0 对应的外部设备 IO 引脚关系为: P0_2 ...

  10. Hark的数据结构与算法练习之地精(侏儒)排序

    算法说明 地精排序是交换排序的一种,它是冒泡排序的一种改良,我感觉和鸡尾酒排序挺像的. 不同之处是鸡尾酒排序是从小到大,然后再从大到小切换着排序的.而地精排序是上来先从小到大排序,碰到交换到再从大到小 ...