SCOPE OF Discussions:
Over the last 10 months under my direction our development team developed a new communication portal for CSM Bakery Solutions. It was first developed in an 0365-development environment both my personal Environment (owned and managed for 6 years) and further developed in a second O365 environment which became our production environment and finally moved to a 2016 production environment where the final alterations and adjustments were made just as they had been made in all the other previous environments.
Throughout this time both my developers and myself as well as our marketing team of in experienced SharePoint users were utilizing site content administrator permissions at the site content level. Subsequently 20 days ago the Cognizant team (Our third party administrators) removed our top-level permissions without warning or provocation .. and we then had to try and support the system in a dysfunctional architecture that was not by design.
At that point and at the request of the Business, I engaged the organization to open a ticket with Microsoft for two reasons:
- Firstly, to get a better understanding of what is and is not best practice when managing Content Management Systems such as SharePoint from an administrative, user and developer perspective and,
- Secondly to begin undertaking a review and Analysis of next steps for us to move from 2016 to O365 given the hick-ups missteps and failed delivery.
It has always been our intent to be on O365 and at this point and the Business has raised significant concerns about IT capabilities as well as concerns about Cognizant as a third part manager, there role and cost and conflict of interest in managing our systems.
It is my contention that however the security and governance of this system was framed using older versions of SharePoint, our currently framed structure it is improper, incorrect and does not lend itself to the standards and capabilities given the level of knowledge expertise and capability of the Development team who engage a full level of support for the system.
Now having moved CSM’s System to the most mature and secure version of SharePoint, and knowing that we will be moving to a single tenant in the other O365 environments in the next three to six months, we need to review our Governance considering these changes and in light of the leaps in security and environment protection Microsoft has built into its current systems.
With mine now 17 years of experience working with all flavors and versions and all features and capabilities and all pillars of the SharePoint environment overseen senior Architects and Developers in my organization and many other roles, it is my contention that we no longer need to have such over bearing security boundaries placed on the Developers and Architects roles in that it hampers the process of development and administration which is the Dual role.
Given the isolation of systems in Site Content Containers, Sandbox solutions, other features in tenant solutions and our development approaches that use nothing but Out of The Box capabilities this old governance model we have now is overly protective and produces un-necessary cost and inefficacies that more represent the old-style application models we used in SharePoint 2007 than the new age model more aligned with the capabilities of the cutting-edge Microsoft technologies.
Moreover, our movement to O365 will introduce more economies and opportunities to reduce administrative overhead by third party companies that pray on companies by enforcing overly restrictive control models to hi-jack and hamstring use of inhouse personnel expertise and abilities (e.g. un-necessary hand holding that produce inefficiencies and make customers un-necessary reliance and developers and advanced users pray to uneasy rules and regulations).
And in an extension of this thought, I must question the UAT environment we have now hurriedly stood up. This environment created at significant expense (both to stand up and maintain) to proffer the vailed value proposition that it offers in that developers now have got a safe place to build and create “Workflow” Forms, List Libraries service such as excel, Visio or capabilities such as access service Information Rights Management, Customized Search, eDiscovery strategies, External access, or to provision master pages or templates or layout pages or Records management, PowerPoint Services, Power Pivot Score Card, Performance Point, on an on … etc. and then move to the third party to enable in the production environment.
What then are we going to do when we go to O365. Should we then also have a “UAT O365 so the developers can build and deploy in the antiquated old school application model. Are should we not start using OOTB features and capabilities builds in production as intended? And assigning the correct rights to develop and build such in production?
Are we to believe that our UAT can maintain synchronized images like the old style 2007 and 2010 systems did when developers were had building customization to the frame work? NO App Model or Web Part development or solution.
At the core of this request .. my concern is that CMS and management is just missing the point that this tool (“SHAREPOINT”) was designed to be used. And used by all at all levels. The capabilities and fail safes built into the system no longer present the risk of damage of failure that the older 2007, 2010 systems presented.
We need to evaluate the risk and rewards that stifle innovation and motivation of our employees and talent base and rather enable them to work with the cutting-edge technologies without unnecessary and obtrusive constraints. We need to be a workforce of the future not the past.
Just a comment I wanted to share – JIM