1 / 25

Top 10 Bad Practices

Top 10 Bad Practices. SharePoint_ITP220 Ben Curry, CISSP, Microsoft SharePoint MVP. Agenda. What is a Best Practice? What is a Bad Practice? The Top 10 Bad Practices See http://mindsharpblogs.com/ben for details on each of these topics. I’ll be writing on these for the next few weeks.

mira
Download Presentation

Top 10 Bad Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Top 10 Bad Practices SharePoint_ITP220 Ben Curry, CISSP, Microsoft SharePoint MVP

  2. Agenda What is a Best Practice? What is a Bad Practice? The Top 10 Bad Practices See http://mindsharpblogs.com/ben for details on each of these topics. I’ll be writing on these for the next few weeks.

  3. What is a Best Practice? • Adapts to culture, politics, business, and security • Intellectually Simple • Practical application may be difficult  • Aligns with organizational strategy • Intentional, Deliberate practice for a given set of requirements • Often different between verticals

  4. What is a Bad Practice? • Ignores expert advice • Doesn’t account for business requirements • Directly conflicts with design, examples are: • SLA • Configuration management • Change management • Security Policy • Ignores corporate culture

  5. Example Bad Practice

  6. The Top 10 Bad PracticesIt’s worth noting that every organization will have a different set of the “Top 10”

  7. #1 – No Implementation Methodology • “setup.exe, I Agree, Next, Next, Finish” is chaos waiting to happen • Pick one and stay with it • ITIL, PMI, MSF/MOF, Agile, INCOSE • See sessions by Paul Culmsee, Andrew Woodward, and RuvenGotz • Should align with corporate strategy • Consistency is key • Requires Stakeholder support

  8. Minimum Implementation Plan: Get the stakeholders involved Gather requirements from the business people (the more interviews, the better) Create a project plan Get some training! Engage the services of an architect if you don't have one on staff Create an IT Governance (assurance) plan for the project Prototype solutions Create a Test and/or Development environment Execute a test plan Document, Document, Document!

  9. #2 – Lack of Requirements • Business • Executives, Managers, Business Analysts • Information Workers • Technical • Power Users • IT Staff • Performance • Policy • IA, Security

  10. Requirements Gathering • Define ‘need’ versus ‘want’ and prioritize accordingly • Elicitation Techniques • Traditional – questionnaires, surveys, discussion groups • Existing Systems • Pain Points as Requirements • Group – brainstorming, lunch and learn (free food) • Prototyping • Contextual

  11. #3 – Insufficient Training • Leads to poorly implemented, under-engineering, over-engineered, underutilized, and impossible to use systems • Who should I train? • Stakeholders (end user training) • Information Workers • Business Analysts • Administrators and Developers • Designers and Architects

  12. Example Training Solution:

  13. UserVersity Certification Paths • Collaboration Specialist Be able to use the tools such as search, navigational aids, site directory to navigate and find content within SharePoint. Use of list and libraries within a site including all list and library features. Collaboration within workspace sites, wiki sites and blog sites. • My Sites Specialist Personalize My Profile in My Site, Manage Colleagues in My Site and use the colleague tracker web part, Microsoft Office 2007 integration with My Site, SharePoint sites web parts, My workspaces web part, recent blog posts web part and the My Links drop-down, User Libraries In My Sites. • Security Specialist Know how on security in WSS 3.0, Manage permission levels and SharePoint groups, Create custom permission levels and SharePoint groups, Manage access to a Site, Manage access to a library or list, Manage permission inheritance. • Publishing Specialist Overview of Microsoft Office SharePoint Server 2007, Overview of Web Content Management. Create pages in Publishing sites, Edit pages in Publishing sites, Approve content in Publishing sites, Version history in Publishing sites, Overview of News sites. • Content Management Specialist – separate slide • Site Creation and Customization Specialist - separate slide

  14. #4 – No Governance Plan • While everyone doesn’t agree on what governance is, you still need it • Assurance or Governance? • Does it align with IT Governance? Corporate Governance?

  15. Preliminary Governance Requirements • Usage Reporting • Search Security* • Versioning • Branding • Custom Development • Publication • Taxonomy • Retention • Backup/Restore* • Authentication* • Authorization • System Monitoring* • Antivirus* • IT vendor oversight • Alerting/Notification • Auditing Policies • Distribution

  16. #5 – Not Using Solutions for Customization • Why don’t people use them? • Don’t know how • Too difficult • Too lazy (sorry in advance if this applies) • Hard to maintain consistency without them • Can dramatically increase maintenance costs

  17. Web Part Maintenance Example • A Web Part requires: • .dll • .webpart XML • Feature.xml • Elements.xml • Safe Control • CAS (if applicable) • So if a single server, and single Web part, then 6 actions to deploy…but…

  18. What if you have 3 servers x 3 Web apps? 36 actions! A .dll to be deployed to the web application BIN directory so that it can implement Code Access Security. (Deploy to 3 web app bin directories on 3 servers = 9 changes) A .webpart XML file (Deploy to 12\TEMPLATE\FEATURES on 3 servers = 3 changes) A Feature.xml file (Deploy to 12\TEMPLATE\FEATURES on 3 servers = 3 changes)  An Elements.xml file (Deploy to 12\TEMPLATE\FEATURES on 3 servers = 3 changes) A Safe Control entry for the web application’s web.config file (Change the web.config file for 3 web applications on 3 servers = 9 changes) Code Access Security policies that defines what the web part will be allowed to do. (Change the web.config file for 3 web applications on 3 servers = 9 changes)

  19. #6 – Insufficient DR Planning and Testing • Define RPO and RTO Targets • Recovery Point Objective • Recover Time Objective • Get Stakeholders buy-in and agreement • Define granularity of restores • SQL + Native Backups or 3rd Party Solutions • High Availability • Document, Test, Refine, Document

  20. #7 – Lack of Capacity Planning and Testing • What works for 1 user may not work for 500 • Lots of tools for testing • Visual Studio Team Suite, Fiddler, Ping.exe, wireshark, etc. • Software vs. Hardware Boundaries • See Mike Watson’s blog and TechNet • Plan for the worst, hope for the best! • Don’t guess – know

  21. #8 – No Configuration/Change Management Windows Server platforms, IIS Configuration Information Management Policies / Auditing SharePoint Web Applications SQL Server Dependent systems (e.g. via BDC) Site Collection / Sites AuthN and AuthR Content Types, Metadata, etc.

  22. #9 – Solving Every Problem With SharePoint • It’s a tool – use the right tool for the job • SharePoint commonly addresses: • Forms, business workflows, Task Order Management, calendaring, collaboration, search, aggregation, search, organization, presentation • SharePoint probably doesn’t address: • CRM, Accounting, ERP, ERM, Time & Expense, Portfolio Management, and Resource Management

  23. #10 – No Information Organization / Information Architecture Lack of consistency in how data is input into the information system Lack of agreed-upon meanings for metadata keywords, lowering findability Data redundancy goes up, incurring incremental costs Lack of findability of information in an e-discovery proceeding can cost millions, jury might infer fraud Inefficient IA costs much more than a IOPS

  24. #11 – Solving Every Problem With Code • Developers love to write code • If there’s a problem, writing code will fix it  • Use OOB Web parts as much as possible • Refer to original business requirements before customizing SharePoint • Test before implementing • Test before upgrades, Service Packs, etc. • Remember when adding servers to the farm!

  25. Thank you for attending! Please fill out your evaluation and turn it in on the back table!

More Related