Managing SharePoint On-Premises vs. Online -- Compare and Contrast

Managing SharePoint
On-Premises vs. Online:
Compare & Contrast
CHRISTIAN BUCKLEY
MANAGING DIRECTOR @GT_CONSULT

Christian Buckley
Managing Director & Office 365 MVP
GTconsult
www.buckleyplanet.com
@buckleyplanet
cbuck@gtconsult.com

Managing SharePoint
On-Premises vs. Online
 What I’ll cover today:
• The evolution of SharePoint management
• What’s different about SharePoint Online
• Considerations for your transition to the cloud
• Best practices for managing a hybrid solution

SharePoint Growth &
Evolution
SharePoint Releases
Metadata
Content

Infrastructure
maintained
solely for
customer
On premises or
off
Managed by the
customer, or by
a 3rd party
hoster
Private Cloud Hybrid Cloud
Multiple
infrastructure
options
Components
both on premises
and off premises
Management
spread between
customer and 3rd
party hosters
Infrastructure
shared by
multiple
customers
Off premises
Managed by 3rd
party on behalf
of customers
Public Cloud
More infrastructure options

Partner Hosted
Private Cloud
• Dedicated environment
• Externally hosted
• Externally or internally
managed
• Internally designed
Self Hosted
Private Cloud
• Dedicated environment
• Internally hosted
• Internally managed
• Internally designed
Shared or Dedicated
Public Cloud
• Shared or dedicated
environment
• Externally managed
• Externally designed
Public Dedicated
Cloud
• Partially or fully dedicated
• Externally or internally
managed
• Minimal customization
Traditional
on premises
Ye Olde Build vs. Buy argument

Service Delivery
Understanding service delivery roles

What are the 5 most
common SharePoint
management concerns?

1. Defining (and communicating)
policies and procedures
 Always start with non-technical elements
 Develop a security policy
 Implement a training plan for end users
 Develop a strategy for ensuring
users know what content
is confidential
34% of IT administrators said
that they'd "sneaked a peek"
at documents they weren't
authorized to view, including
employee details and salary
information (DarkReading)

2. Failure to implement any kind of
permissions best practices
 Apply permissions using Least Privileged principles
 Don’t give users Direct Access
 Embrace SharePoint Groups and/or Active Directory Groups
 Ensure Appropriate Use of the Authenticated Users Group
 Clean up Orphan Users
 Use Broken Inheritance Responsibly
 Revoke permissions quickly

3. Failure to regularly audit access
to content and sites
 Are we adhering to Compliance or Governance
requirements?
 Who has been accessing specific content?
 How often are specific sites being accessed?
 What features of SharePoint are being used?
 Are we managing the volume of log data?

4. Failure to monitor changes to
security settings
 SharePoint security requirements change
over time
 Ensure users are continuing to adhere to
security policies
 Prevent users from causing havoc
 We need to plan how we will stay on top
of changes

5. Failure to empower users and admins
with the right permissions
 Find your responsible business content owners
 Enable and Equip them to manage access to
their content
 Ensure management access is limited to
those with appropriate permissions
 Segment your administration responsibilities –
Power Users, business owners

Impacts of Office 365
 In some ways, it simplifies
Governance
 SharePoint and Exchange are
primarily affected
 Biggest impact of 365 has is on
sizing limits
 Data sprawl must be watched
more carefully in Office 365 to
avoid hitting capacity limits!
Feature Specifications
Storage
(pooled)
10 GB per user
500 MB per entprse user
5 TB per Company
Site collection
storage quotas
100 GB
My Site storage
allocation
500 MB
Site collections
per tenant
300
Mailbox Size 25 gig
From Office365: Is Governance Affected and Where Do We Start? By Stacy L. Deere-Strole

Tactical Team Responsibilities
 Operations Team
• Help Enforce Governance
Plan
• Manage Routine
Maintenance Tasks:
• Nightly Backups
• Usage Monitoring & Analysis
• Scheduled Task Validation
• Security Release & System
Upgrades
 Support Team
• Create Support
System with SLA’s
• Respond to
questions, bugs and
other issue resolution
• Provide typical
SharePoint Admin
roles such as:
• Site Provisioning
• Security
Permissions for
users and groups
 Development Team
• New features and
program
management while
adhering to
standards.
• Develop customized
& personalized
solutions for
departments &
division sites.
Whose job will be changing the most?

Tactical Team Responsibilities
 Operations Team
• Help Enforce Governance
Plan
• Manage Routine
Maintenance Tasks:
• Nightly Backups
• Usage Monitoring & Analysis
• Scheduled Task Validation
• Security Release & System
Upgrades
• Oracle & DBA Role will be
eliminated
• Active Directory Role could
change (Ping Identity, FBA, etc.)
• No Equipment to Support
 Support Team
• Create Support
System with SLA’s
• Respond to
questions, bugs and
other issue resolution
• Provide typical
SharePoint Admin
roles such as:
• Site Provisioning
• Security
Permissions for
users and groups
 Development Team
• New features and
program
management while
adhering to
standards.
• Develop customized
& personalized
solutions for
departments &
division sites.

Management Shell
 SharePoint Online Management Shell is a Windows PowerShell module that
you can use to efficiently manage SharePoint Online users, sites, site
collections, and organizations
 You can find a list of
available cmdlets
here (TechNet)

Simple mode Admin experience
When you’re in Simple mode in the SharePoint Online admin center, the left-hand navigation
shows only site collections, user profiles, and settings.

Streamlined Admin tasks
 Easier to add users, auto assign available licenses, reset passwords,
and manually set passwords (instead of auto generated)

Microsoft System Center 2012 R2
 Microsoft System Center is an integrated management platform that helps you
manage data center, client devices, and hybrid cloud IT environments. Office 365
admins who use System Center now have the option to import the Office 365
Management Pack, which enables you to view all service communications within
Operations Manager in System Center.
 Using this tool gives you access to the status of your subscribed services, active and
resolved service incidents, and your Message Center communications.
 System Center supports alerts that are generated when a specific condition, such as a
service incident in a subscribed service, occurs. You can configure these alerts so they
trigger email notifications, keeping you in the loop on the status of your environment.

Sidebar: Partner Perspective
 Microsoft provides management tools and a dashboard, referred to
as the Partner Admin Center, specifically for partners that maintain
Office 365 environments for their customers.
 This tool supersedes an Office 365 admin center that didn't
consolidate all of a partner's customers and was more focused on
selling new or additional services.
 The new partner admin center has five main functions:
 To provide a Microsoft service-outage notification service to keep
partners a step ahead of customers.
 To provide a view into a customer's Office 365 service health status and
details.
 To provide a federated view of all of the partner’s customers for which it
has delegated admin privileges.
 To enable a partner to create, edit and view service requests on behalf
of customers.
 To allow a partner to perform administrative tasks on behalf of customers.

Sidebar: Partner Perspective
 A client management tab shows all of a partner's customers along with any alerts next to each customer's
name about their service health. Drilling into the service health tab for each customer shows a granular list
of the services a customer uses.
 Each service has a green checkmark for the day if all is well, or one of a number of symbols if all isn't well.
Trouble signals include service interruption, service degradation, restoring service, extended recovery,
investigating, service restored or additional information.

Office 365 Service
Communications API
 The Office 365 Service Communications API enables you to access Office
365 service communications the way you want. This API gives you the ability
to create or connect your tools to Office 365 service communications,
potentially simplifying how you monitor your environment.
 The Service Communications API enables you to monitor the following in
your environment:
 Real-time service health. New and ongoing service incidents and ongoing
maintenance events that impact you can be queried for status updates.
 Message Center communications. Find Message Center communications that are
applicable to your Office 365 environment.
 Planned maintenance notification. Advanced notification of planned
maintenance enables you to develop appropriate communications and
operational strategies for your organization.
 The Service Communications API also supports admins who manage Office
365 environments on behalf of others, for example, partners.

O365 Message Center
 Remember to check the Message Center regularly to stay in the
loop and up to date with what is going on in your Office 365
environment.
 Notifications on any potential issues with your environment, changes
to your service, and other communications from Microsoft will come
through the Message Center.

Proactively check DNS records
 To help ensure that
you have the correct
configuration,
Microsoft provides a
solution that enables
Office 365 to
proactively check
your DNS records.
 If your DNS records do
not match your
environment, you will
receive a notification
through the Office
365 admin center,
including proposed
actions to resolve
potential DNS records
issues.

Boundaries and Limitations
 Find the boundaries and limitations based on your Office 365 plan:
 Storage per user (contributes to total storage base of tenant)
 Additional storage (per GB per month); no minimum purchase
 Storage base per tenant
 Site collection storage limit
 Site collections (#) per tenant
 Sub-sites
 Personal site storage
 Public Website storage default
 File upload limit
 File attachment size limit
 Sync limits
 Maximum number of users per tenant
 Number of external user invitees

Security, compliance, and privacy
 With Office 365, Microsoft thinks about security, compliance,
and privacy as having two equally important dimensions:
 Service-level capabilities that include technical features,
operational procedures, and policies that are enabled by default
for customers using the service.
 Customer controls that include features that enable businesses to
customize the Office 365 environment based on the specific
needs of their organization.
 See the Office 365 Trust Center information portal for more
information

Searching for Sensitive Data
 Data Loss Prevention (DLP) for SharePoint Online and OneDrive for Business is now built
into your existing Enterprise Search. It allows you to search for sensitive content in your
existing eDiscovery Center.
 Search on 51 built-in sensitive information types across both SharePoint Online and
OneDrive for Business.
 Export the results or download a copy of the query results, or save the query so that
you can conduct in-depth research on the query results. Once saved, you can
inspect the documents, check for false positives, and further hone or expand the
query if needed. Document location is included, as well as the original file structure
from SharePoint, so that all paths are preserved in the downloaded copy.
Use DLP in
SharePoint Online
to identify
sensitive data
stored on sites
(TechNet)

Creating information
management policies
 Create a policy to use on multiple content types within a site collection.
 Create a policy for a site content type.
 Create a policy for a list or library. (location-based retention policy)

Audit log events
 Opened and downloaded documents, viewed items in lists, or viewed item
properties (This event is not available for SharePoint Online sites)
 Edited items
 Checked out and checked in items
 Items that have been moved and copied to other location in the site
collection
 Deleted and restored items
 Changes to content types and columns
 Search queries
 Changes to user accounts and permissions
 Changed audit settings and deleted audit log events
 Workflow events
 Custom events

Available audit reports
 Content modifications. Reports changes to content, such as modifying,
deleting, and checking documents in and out.
 Content type and list modifications. Reports additions, edits, and deletions
to content types.
 Content viewing. Reports users who have viewed content on a site. In
SharePoint Online, this report will be blank as these events are not captured
during auditing.
 Deletion. Reports what content has been deleted.
 Run a custom report. You can specify the filters for a custom report, such as
limiting the report to a specific set of events, to items in a particular list, to a
particular date range, or to events performed by particular users.
 Expiration and Disposition. Reports all events related to how content is
removed when it expires.
 Policy modifications. Reports on events that change the information
management policies on the site collection.
 Auditing settings. Reports changes to the auditing settings.
 Security settings. Reports changes to security settings, such as user/group
events, and role and rights events.

Managing your App catalog
 The app catalog is how you
make apps available to your
organization.
 It’s a SharePoint library that
contains all of the apps you
have for your org.
 The Office clients point to this
library, so if you want to give
your users access to a new
app for Office, just add the
manifest file to the library, and
the app will automatically
show up.
 Also true for SharePoint apps.
Just add the app package to
library and it will appear for
everyone.
 Since the app catalog is a
SharePoint library you can
easily manage who gets
access to what app, and
quickly make updates when
needed.

External collaboration settings
 Office 365 provides a single console from which you can manage external collaboration.
 By enabling these
settings, you can give
your users the ability to
share access to their
SharePoint sites and
documents and
Exchange calendars,
so they can
collaborate more
easily with people in
external organizations.
 By enabling the Lync
collaboration setting,
you can give your users
the ability to
communicate with
people outside of your
organization.

Platform Telemetry
 What documents are used by the most people?
 What documents host apps?
 What are the most popular apps?
 Are they running properly and not, for example, consuming too
much CPU time?
 Are solutions loading from the local disk? SharePoint? As mail
attachments?
 How long do add-ins slow
down the loading of Office apps?
 How can I manage solutions
centrally?
Deploy Telemetry Dashboard (TechNet)

What about OneDrive?
 Sync & share documents
 Collaborate on document security with individuals inside and
outside the company
 Access content and information anywhere and from almost
any device
 Control content life cycle and versioning
 Manage access permissions
 Access with native mobile client apps for windows 8 and IOS.
 3rd party company (concept searching)to manage – could
solve compliance and governance issues with OneDrive

Keeping up to date with the
Office 365 Roadmap

Adjusting to Office 365 Updates
 No access to Correlation errors or backend.
 No ability to troubleshoot. If you receive an error, the logs
don’t provide much help because it can take Microsoft days
or weeks to come back with a correlation ID, if they do at all.
 The continual updates to the site can also cause strange
errors. For example, for a couple of weeks you couldn’t save a
template of a site. This was caused by some code changes
the developers had made on the server which obviously
needed to be rolled back or fixed, but requires the entire O365
environment to be hot-fixed.

Adjusting to Office 365 Updates
 You may have to use different management tools.
 Moving to Office 365 means giving up some level of control.
For example, you won't have any control over the patch
management process, software upgrades, and other similar
administrative tasks.

Factors in your cloud planning
 Location / facilities
 Software licenses and support
 Hardware and maintenance
 Onsite support, personnel skills
 Level of customization
 Governance, auditing, security, compliance
 Disaster Recovery and Business Continuity
 Upgrades and migration
#T16CloudESPC

Need space and
maintenance
planning
Most likely provided
Licensing costs, but
also upgrades and
ongoing support
Included in vendor-
hosted solutions
Need to purchase,
support and
maintain, and
upgrade as
platform matures
Included in vendor-
hosted solutions
Administrative,
developer, and end
user skills and
training
Still requires
administrative and
possibly dev skills,
end user training
On Premises Cloud Hybrid
Need space and
maintenance
planning
Licensing costs, but
also upgrades and
ongoing support
Need to purchase,
support and
maintain, and
upgrade as
platform matures
Administrative,
developer, and end
user skills and
training

Full control
Limited to none in
SaaS, some control
over PaaS, full
control over IaaS
Limited ability to
integrate depending
on SaaS, PaaS, or
IaaS
Many limitations OTB,
but very robust tools
from partners Limited
Very complex
across on prem
and cloud
components, very
manual
Needs to be
planned, limited
features OTB
Defined in SLAs
Some OTB
capabilities, 3rd party
for tighter control and
predictability
Microsoft
recommends 3rd
party tools
On Premises Cloud Hybrid
Very complex
across on prem
and cloud
components, very
manual
Some OTB
capabilities, 3rd party
for tighter control and
predictability

Best Practices
 Focus on the user experience
 Make governance a priority
 Look at your systems holistically (a business view),
regardless of where the servers sit
 Clarify and document your permissions, information
architecture, templates, content types, taxonomy -- and
ownership of each
 First define what policies, procedures, and metrics are
needed to manage your environment, and then look at
what is possible across your various tools and platforms

Thank you!
www.buckleyplanet.com
@buckleyplanet
cbuck@gtconsult.com

Managing SharePoint On-Premises vs. Online -- Compare and Contrast

More Related Content

What's hot (20)

Viewers also liked (17)

Similar to Managing SharePoint On-Premises vs. Online -- Compare and Contrast (20)

More from Christian Buckley (20)

Recently uploaded (20)

Managing SharePoint On-Premises vs. Online -- Compare and Contrast

Editor's Notes