Implementing SharePoint 2010 Site Governance and Lifecycle Management
Technical Case Study
Published: June 2011
The following content may no longer reflect Microsoft’s current position or infrastructure. This content should be viewed as reference documentation only, to inform IT business decisions within your own company or organization.
Microsoft IT developed and implemented SharePoint governance and site lifecycle management policies that address the full data lifecycle, from site provisioning to site decommissioning. The policies help reduce cost, improve performance, ensure information security standards compliance, and increase search relevance.
Technical Case Study, 799 KB, Microsoft Word file
Products & Technology
The SharePoint 2010 environment was growing at an exponential rate and MSIT lacked formal lifecycle management processes. The unchecked growth was costly for MSIT to manage and was negatively impacting the relevance of search results and making it more difficult for users to find content.
MSIT developed and implemented SharePoint governance and site lifecycle management policies to reduce cost, increase search relevance, and ensure that information standards are met.
Microsoft IT (MSIT) manages one of the largest implementations of Microsoft® SharePoint® 2010 in the world. With more than 36 terabytes of content in 250,000 site collections, SharePoint is the foundation of most collaboration at Microsoft.
In an effort to manage the growth of SharePoint at Microsoft in a secure and cost-effective way, MSIT developed and implemented SharePoint governance. The governance model includes a set of policies, roles, and responsibilities, and processes. SharePoint governance provides guidance on how to use SharePoint in limiting security threats and practicing document lifecycle management. Lifecycle management is a process-based approach to managing the content lifecycle, from creation of a site and initial storage of fresh content, to the time when it either becomes obsolete or is deleted.
Prior to implementing SharePoint governance, the SharePoint environment was growing at a rate of 1 terabyte every three months and MSIT lacked formal lifecycle management processes. SharePoint growth was costly for MSIT to manage and was negatively impacting the relevance of search results and making it more difficult for users to find content.
The rapid growth created multiple usability and performance issues for users. Many users had difficulty keeping track of all their sites. Users had self-service site provisioning but received little guidance about what type of site would best suit their needs. They also lacked centralized visibility to the sites they had already created. There were many orphaned team and personal sites, as well as inactive document and meeting workspaces.
Problems existed with team or project sites that were rendered inaccessible by a site owner leaving the organization with no rollover of site ownership. In addition, information security classification standards weren't being consistently and properly applied to content that was being added to libraries. Some users were unsure about the business risk and impacts for their particular content or they weren't aware of the classification of their library.
Implementing SharePoint Governance
The first step in developing a governance strategy was the creation of a governance committee, organized to include members that represented the following groups: Legal and Corporate Affairs (LCA), Records Management, Taxonomy, IT Operations, Information Workers (IW), and Information Security. The committee worked together to review the SharePoint information architectures and identified potential inefficiencies. From that review, the committee determined project goals and governance policies.
Manage SharePoint growth.
Reduce the number of unused site collections by 25 percent.
Achieve 100 percent compliance for site classifications.
Establish clear end-user ownership and accountability for at least 90 percent of site collections.
Site classification. Sites must assign and maintain site information classification, information security classification, and ownership. Team sites must have one full-time employee site owner and two administrators at all times.
Site lifecycle management of expired/abandoned sites. Sites expire one year after creation and must be renewed annually. Sites that have no activity over a period of six months are considered abandoned and are subject to decommission.
Site storage and quota management. Depending on the hosting environment, storage quota limits range from 2 gigabytes (GB) to 100 GB, depending on the type of sites and hosting options. SharePoint libraries and lists are not to exceed 5,000 items. Sites are backed up daily and recoverable up to 14 days.
Customization and server-side access. For most of the standard SharePoint-hosted services offerings, MSIT neither allows server-side access or server-side configuration changes by users, nor does it allow most third-party plug-ins, site customizations, new features, or additions.
MSIT uses site classification information to organize content and employ enforcement and maintenance tasks. All sites and subsites are now required to be classified and to have expiration dates. MSIT developed a customized self-service framework for SharePoint site owners and administrators to manage their SharePoint sites. This framework leverages many of the new features in SharePoint 2010.
All new sites are classified as part of the site creation and provisioning process. When creating a new site, users can select from a variety of hosting options that include personal, team collaboration, extranet, dogfood (beta), portal, and customized sites. Once users choose the right hosting solution for their needs, they fill out a form that defines audience reach and primary intended use, and also provides the selection of site templates.
To bring existing sites into classification compliance, users are prompted with an alert notice on any site where an action is required, as illustrated in Figure 1.
Figure 1. Action Alert Notification
My Site Collection Manager
The customized framework features a My Site Collection Manager that leverages FAST Search. My Site Collection Manager provides a view of the user's active SharePoint site collections, so that they can easily manage, classify, and delete unused sites. Updated daily, My Site Collection Manager also provides a history of the user's decommissioned sites.
Figure 2. My Site Collection Manager
Information Security Risk Classification
One of the responsibilities of a site collection owner is to ensure that all of the information contained in their SharePoint site is accurately categorized for business impact. To help users properly classify their sites as part of the site provisioning process, or in response to a site alert, MSIT has provided a set of questions to the user about the content that will be stored on their site. Based on the user's answers, the site is automatically classified for them according to the information security requirements for their content type. The information classification standards include:
Medium business impact (MBI). This information is usually labeled Confidential or MBI. Only specific groups of employees, or approved non-employees with a legitimate Microsoft business need, have access to MBI content. Unauthorized disclosure may cause serious material loss due to identity or brand damage, operational disruption, damage to Microsoft's reputation, or legal or regulatory liability.
Low business Impact (LBI). LBI information is not confidential and is generally intended for wide audiences under the non-disclosure agreement (NDA). Unauthorized disclosure could cause limited to no material loss.
As illustrated in Figure 3, upon classification, one of three graphics is affixed to the site. This visual identification helps site owners and users maintain awareness when adding documents to a site or library.
Figure 3. SharePoint site information security classification
While default site access is initially set to only the owners of the site, eventually sites do end up with broader permissions as site owners provide access to other users. Sites with broad permissions that contain PII or other sensitive information can run the risk of being in violation of corporate privacy and security policies. MSIT has an effort to educate and heighten awareness of PII and sensitive information and provide a method within SharePoint to classify and restrict access to sites containing various degrees of sensitive content. MSIT runs a weekly job that removes broad security group access to the sites that are classified as HBI or MBI. Site owners are notified that the broad security groups have been removed from their site, so that they can add the specific users that require access to the HBI and MBI content on their site.
Site Lifecycle Management for Abandoned or Expired Sites
Inactive and expired sites waste disk space and negatively impact search relevance. MSIT uses the functionality of the self-service framework to identify sites that were inactive or abandoned and created specific policies to enforce expiration dates on newly created sites. The site decommissioning process is used extensively as a recourse for any governance or policy site alert that goes unresolved after a determined period of time. Reducing the number of site collections to only those that are active helps MSIT to:
Govern their SharePoint hardware usage by minimizing the infrastructure footprint.
Reduce the size of the Search Index and improve relevancy of user search results.
Minimize downtime during server upgrades and patching.
Inactive or Abandoned SharePoint Sites Lifecycle Management
The self-service framework records site creation and last modified dates for each SharePoint site. A SharePoint site inactive for six months is considered abandoned, and processed for decommissioning.
By default, sites expire a year from the date of creation. Site expiration notices are displayed on expiring sites, prompting owners to extend expiration dates. Site administrators that do not take action prior to the site expiration date will have their sites locked, then ultimately deleted. Site users also will see similar alerts and will be able to notify site collection administrators.
Site Decommissioning Process
The process for decommissioning a site after it is flagged as abandoned starts with locking the site for a defined period of time. At Microsoft this period is four weeks. During that time, site owners can visit the site and respond to the alert action that caused the site to be locked. Site visitors have the opportunity to send a notification to the site collection owner that the site is locked and that they still require access to it. After four weeks, the site will be decommissioned and deleted from the environment, if it hasn't been unlocked by the site owner.
Quota Management and Site Storage
To facilitate accurate capacity planning and optimize performance, MSIT followed SharePoint best practices to create policies that enforce quotas, limit the size and number of items that can be in a site library, and place limits on the amount of connections and bandwidth that a site can use. Policies also were created that designate the frequency of site backups and the length of time data restores are available.
MSIT leveraged many SharePoint 2010 configuration features to impose limits, or quotas, on the size of SharePoint sites. This encourages users to be mindful of keeping only active and useful information on SharePoint sites. Quota templates define site collection size and storage availability, and are different for each hosting platform. Quotas range from 2 GB for a personal site, 5 or 10 GB for a portal, and up to 100 GB for a fee-based custom site. An automated email warning is mailed to the site administrators as the site's storage quota approaches. Site owners can either request more space, or clean up and archive their old content.
Site Library and List Management Governance
Large list queries and deletions can negatively impact other team sites using the SharePoint service due to the performance taxation on the servers. MSIT sets limits on list items through SharePoint 2010 configuration settings and provides users with guidance about organizing data with the appropriate columns for filtering in order to avoid a return of large lists. Office Server 2010 includes throttling functionality to limit access to views on libraries with more than 5,000 items. Throttling results in page time-outs for queries calling more than 5,000 items. Site owners and users are informed about restructuring their libraries, lists, and/or views to avoid receiving the page time-out error resulting from a large list result. MSIT provides a designated non-peak time for users who need to run large list queries.
File Size Limits
Team Sites and personal sites have a maximum file size upload limit of 100 megabytes (MB). Portal Sites have a maximum file size upload limit of 500 MB.
SharePoint Heavy Hitters Governance
Any account with more than 100,000 hits a day heavily impacts SharePoint performance. MSIT uses a script that parses log files to SQL Server® Reporting Services (SSRS) to identify SharePoint "Heavy Hitters." Any account is considered a Heavy Hitter when it meets one of the following criteria:
Accessing SharePoint more than 100,000 times per day
Three days with more than 50,000 hits per day
One day consuming 10 GB or more of memory
Three days consuming 5 GB of memory or more per day
Within one week of identification, the site owner will be contacted and asked to suspend any automation process on or from their site. If no response is received, the account owner is then blocked from accessing SharePoint until they respond to the request to suspend any automation.
Site Backup Maintenance and Restore Policies
MSIT performs a full data backup once every Sunday, followed by six daily differential backups. In the event that a restore is necessary, recovered data will reflect the state of the application at last successful backup. Three complete consecutive data backup sets are retained and rotated to provide MSIT the ability to support a 14-day recoverability service level agreement (SLA). One full backup is committed to tape each month and sent offsite for 90 days. MSIT cannot respond to requests that are outside of the data retention policies.
MSIT can only recover entire deleted sites or subsites from backup. Libraries, lists, and document content cannot be recovered through backup. SharePoint 2010 Service Pack 1 provides a user-accessible Recycle Bin for document content, libraries, and lists from which users can restore their deleted content.
Customization and Server-Side Access Policies
To prevent changes in the environment that might negatively impact other site collections, require additional resources for proper monitoring, or prevent future server upgrades, MSIT does not allow server-side access or configuration changes by users on most of the standard SharePoint hosted services offerings (utility environment). The utility environment only includes SharePoint Out-Of-Box (OOB) features. Only site-level customizations (web parts, basic page configurations, and other OOB components) are supported by MSIT. Server-side customizations are allowed only in custom portal solutions, and by using the new sandbox feature in SharePoint 2010. The sandbox solution allows site collection owners to deploy server-side code that pertains only to their site collection.
Reducing the number of unused site collections has made more efficient use of the resources that MSIT commits to SharePoint and IT Operations by ensuring that all of the data that MSIT must make available, redundant, and recoverable is current and valid. For example, one of MSIT's SharePoint implementations has more than 40,500 site collections. After analysis of the last modified dates as documented in the self-service framework, 10,000 sites were identified as inactive and decommissioned. Of the remaining sites, an additional 16,000 have been locked and are currently pending decommission.
For example, one of MSIT's SharePoint implementations has more than 40,500 site collections. After analysis of site expiration dates and out of compliance deadlines as documented in the self-service framework, 10,000 sites were identified as inactive and decommissioned. Of the remaining sites, an additional 16,000 have been locked and are currently pending decommission. MSIT is on track to clean up roughly 50 percent of the site collections in that single SharePoint farm. At an average of 5 GB per site, the reduction in disk space alone has been a significant savings. User performance has also been improved as searches are faster and the results are more relevant.
By enforcing quotas and reducing the amount of disk space consumed by inactive and abandoned sites, MSIT has been able to manage its rate of growth, freeing up the resources and the capacity for new SharePoint projects.
With the development of the self-service framework, users now are better able to manage their sites. Automating the process for classifying data against the information security classification standards and removing broad access to sites with HBI and MBI information has improved the security of the content as well as raised user awareness and encouraged their active participation in maintaining compliance.
With the successful implementation of SharePoint governance, MSIT has been better able to manage the growth of the SharePoint environment. Site lifecycle management has reduced the total number of sites and improved search results for users.
The self-service framework has provided a centralized interface that offers both the guidance and information required to help users follow SharePoint best practices when provisioning new sites and managing the lifecycle of their existing sites. Information security classification standards are being more consistently applied due to both user education and the classification guidance offered through the self-service framework.
For More Information
For more information about Microsoft products or services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Order Centre at (800) 933-4750. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information via the World Wide Web, go to:
© 2011 Microsoft Corporation. All rights reserved.
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, SharePoint, and SQL Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.