Day: November 9, 2016


Why Hybrid SharePoint Isn’t Halfway to the Cloud

Despite a strong push or desire by organizations to move to the cloud, 2015 will undoubtedly be the year that many organizations move to a hybrid SharePoint environment. And that’s where the confusion begins. The term “hybrid SharePoint” can mean different things depending on how you choose to adopt the cloud.

Everyone from Microsoft to third-party cloud hosting providers offer differing definitions of hybrid SharePoint. For me, it means running SharePoint on-premises and in the cloud leveraging Office 365/SharePoint Online, third-party hosting providers, or simply running SharePoint with your favorite IaaS provider.

Ultimately hybrid SharePoint is a safer approach as organizations already have long tail plans to move to the cloud when the time is right. And hybrid solutions allow organizations to provision new workloads or start moving existing workloads to the cloud. For many organizations the long-term goal is to move as many workloads to the cloud as possible. Hybrid SharePoint offers these organizations additional flexibility and granularity that allows teams to move, manage and secure one or several workloads.

In addition, a new practice is emerging which sees SharePoint admins using the cloud to create new workloads in test environments that will eventually replace their current workloads. While this involves more effort, it’s a clean and practical approach that provides SharePoint professionals with an option eliminates the legacy dependencies that occur when moving existing workloads to the cloud.

As you can see, hybrid SharePoint has many meanings. For one admin, it might mean embracing Office 365 as a way to collaborate with external users or trading partners. For another, it could mean offloading critical workloads to better support a mobile workforce. Yet, the one overriding observation that we can take from all of this is that for many the hybrid cloud is considered a halfway step to the cloud.


If BLOB Externalization Is Right for Office 365 Then Why Not for My Growing SharePoint Environment?

It’s no secret that third party BLOB externalization solutions have provided tremendous value to organizations with growing SharePoint environments. The capability first appeared in SharePoint 2007 as BLOB Storage (EBS) and later in SharePoint 2010 as Remote BLOB Storage (RBS).

The value of RBS/EBS has always been clear. Removing BLOBs from the SharePoint database increases file access performance, allows for scalability in a cost effective manner, reduces storage costs and improves backup performance. Despite the clear value of BLOB externalization guidance on whether to use RBS/EBS varies wildly depending who was dispensing the advice, many SharePoint MVPs, consultants and even some Microsoft employees aggressively recommended against using BLOB externalization. Yes, there have been supporters of BLOB externalization including Microsoft’s own Bill Baer. However, guidance on whether to use RBS/EBS has been, at best, chock-full of contradictions.

Microsoft recently disclosed the inner workings of Fort Knox, a project that aims to bring increased security to Office 365 through the use of heavy encryption. Fort Knox is being described as RBS-like as it externalizes and stores file shreds across multiple Azure blob storage containers while encrypting each shred with AES 256 bit encryption. Yes, this isn’t RBS in its purest form but rather a custom, one-off BLOB externalization capability developed by the Microsoft product team for Office 365. Regardless, the Fort Knox project is BLOB externalization. Ironically this capability has been available from third party RBS providers since the introduction of SharePoint 2010 and even earlier leveraging EBS with SharePoint 2007.

The process of removing a BLOB from a SharePoint content database creates an opportunity to perform certain functions such as encrypting BLOBs, thus allowing a higher level of protection in transit and at rest. Encryption of files is only possible when externalizing BLOBs for SharePoint Content Databases. Yes, Transparent Data Encryption (TDE) is a possibility but requires that the entire database be encrypted. TDE is not without its caveats including the potential for performance degradation.

It may be time to revisit whether BLOB externalization is right for your growing, more secure SharePoint environment. Heavy encryption of externalized content is just another feather in the cap of BLOB externalization. Unofficially the BLOB externalization capability used by Office 365 is employed to provide more than just encryption of files at rest. Consider the massive size of Office 365 farms and you have to assume that scalability, backup, and high availability are all challenges for such a massive deployment of SharePoint. So you have to ask yourself, if BLOB externalization is the right answer for Office 365 shouldn’t it also be right for my growing SharePoint environment?


Content in Motion

We are living in a new era of collaboration.  The way we work and share information has changed dramatically over the past decade.  Much of the change in collaboration is being driven by the availability of highly accessible, low cost cloud based collaboration solutions.  Gone are the days of IT-mandated collaboration and content management systems that were often rigid, created information silos and didn’t meet needs of the user.

The shadow IT movement is proof that I.T. mandated systems failed to hit the mark.  A recent report from Skyhigh Networks stated that “The average organization uses 174 distinct collaboration services (e.g. Cisco WebEx, Evernote, etc.) followed by 61 file sharing services (e.g. Dropbox, Google Drive, etc.) …”

To put it plainly, users are demanding the freedom to choose the solution that best fits their needs.  In fact, there is a trend emerging where IT departments are now supporting users’ decisions to have the freedom to choose in an effort to bring use of unsanctioned solutions out of the shadows.  One thing is for certain, across every organization content is constantly moving between users, platforms and devices.  No one organization will standardize on a single ECM, collaboration, or file sync and share platform.  As a result, content will always be in motion.

With all of this user freedom one has to wonder how IT provides the necessary controls over a broad collection of collaboration platforms. Balancing user freedom with IT control will be a major challenge for most organizations. Consider that each collaboration platform deployment will require assistance with a whole host of activities. These include the initial deployment and migration of content along with auditing user activity, managing internal and external access to content, backup and item level recovery, archiving and protection from the risk of exposing sensitive content.  In many cases the out-of-the-box tooling provided by the collaboration platform only provide a partial solution.

Historically IT departments have sought out point solutions or developed custom solutions to provide support for all aspects of managing collaboration platforms.  Such an approach worked well with one or two primary collaboration platforms but will fall short as user freedom results in investment in a broader set of solutions.  With IT on the hook to provide oversight, management and control, it leaves you wondering where they will turn for a consolidated solution for managing an organizations entire portfolio of collaboration and content management investments.