SharePoint 2010: Microsoft SharePoint Online: An Overview for Enterprise IT Professionals

  • Article

SharePoint Online makes all the collaboration, content sharing and communication capabilities of SharePoint available through the cloud.

Excerpted from “Microsoft SharePoint Online: An Overview for Enterprise IT Professionals,” published by Microsoft Corp.

Microsoft SharePoint Product Management Group

The success of any enterprise relies in part on systems and processes that facilitate communication and collaboration. Corporate intranets are an integral part of doing business in large organizations. They support around-the-clock collaboration across physical and temporal boundaries, and enable new communication channels with partners, suppliers and customers.

Microsoft SharePoint technologies have played a huge role in advancing communication and collaboration. Thousands of organizations around the world use SharePoint 2010 products to share corporate information, implement document management and workflows, publish reports, and perform other vital tasks.

Now another powerful technology augments SharePoint 2010: Microsoft SharePoint Online. SharePoint Online, part of the Microsoft Office 365 suite for online productivity solutions, provides a platform for large organizations to enhance and extend the functionality of existing “on-premises” SharePoint deployments using cloud-based services. SharePoint Online provides a single, integrated location where people can:

  • Collaborate with team members and external parties
  • Find organizational resources
  • Look up corporate information
  • Glean business insights for better-informed decisions

While there are differences between managing the “on-premises” and cloud-based versions of SharePoint, IT professionals can easily use their existing skills in the SharePoint Online environment. Its intuitive interface simplifies tasks such as creating portals and collaboration sites, setting up users and establishing permissions, implementing powerful search tools, and building business process and forms workflows.

SharePoint Online—a Brief Overview

SharePoint Online requires minimal extra cost and overhead because there’s no need to physically deploy any software on-site, and because Microsoft assumes much of the operational burden of managing the IT infrastructure. As a cloud-based service, organizations simply subscribe to SharePoint Online. It’s available in two versions, both offered through flexible user subscription licenses that include access to either the entire Office 365 suite or to individual services:

  • SharePoint Online Standard is hosted in a multitenant environment on shared hardware in Microsoft datacenters and is designed for companies of any size.
  • SharePoint Online Dedicated is designed for companies with at least 5,000 users. It provides enterprise-scale features, such as dedicated hosting and hardware, a fully customizable environment and the ability to deploy full-trust code.

With either version, Microsoft handles the management of certain core IT infrastructure functions, including management of the server hardware, the Windows Server layer and the SharePoint Online farm. Because SharePoint Online is hosted by Microsoft in redundant, geographically dispersed datacenters, it benefits from mission-critical availability and reliability. It’s also governed by the same security policies and protocols that are used for vital enterprise applications.

SharePoint Online can serve a wide range of enterprise use cases. For example, organizations could extend an existing intranet to remote locations, such as branch or retail outlets. Other use cases include creating an external Web site for events or limited-time projects, or sites that provide partners or suppliers with carefully controlled access to corporate information, such as product specifications or inventory supplies. With SharePoint Online, organizations can create the most common and useful kinds of sites. These include:

  • My Sites: Individuals use these sites to manage, protect and share personal documents and information, and to follow their colleagues’ activities.
  • Team Sites: These are used to keep teams synchronized and to manage important projects. Teams can use these sites for tasks such as storing common documents and meeting notes, tracking key milestones and schedules, establishing project delivery schedules, and enabling real-time communications between colleagues.
  • Intranet Sites: Sites that deliver company news and information, and to keep employees up-to-date with the latest company news and information. Organizations can use them to share information with mobile or remote employees, find people and important documents, share ideas and seek input in discussion forums, and provide access to information about important corporate processes, policies, training, and reporting.
  • Public-Facing Internet Sites: These can be created for special tasks and activities, such as events or time-limited activities like marketing promotion, or used to provide catalogs of features or functionality for products. The sites can be populated with enterprise content, but minimize or eliminate direct access to the corporate network from outside the firewall.

This variety of possible use cases and sites demonstrates how SharePoint Online is ideal for hybrid enterprise intranet deployments. It lets organizations selectively create, distribute and provide access to information and workloads, while tightly controlling access to data that resides behind firewalls in on-premises SharePoint implementations, or in other line-of-business systems.

Deploying and Managing SharePoint Online

Microsoft designed SharePoint Online for fast setup, configuration and management, through an intuitive interface for users and administrators. This section provides an overview of the system requirements and essential deployment considerations, and discusses how to use the SharePoint Online administration console to manage users and sites.

Here’s a list of the system requirements and software required to access SharePoint Online and other Microsoft Online Services:

Operating Systems:

  • Windows 7
  • Windows Vista SP2
  • Windows XP SP3 with remote procedure call (RPC) over HTTP patch
  • Windows Home Edition (supported, but will not support federated identity)
  • Windows Server 2008
  • Apple Mac OS X 10.4 (Tiger), 10.5 (Leopard) and 10.6 (Snow Leopard)

System Software:

  • Microsoft .NET Framework 2.0, 3.0, 3.4, 4
  • Java client 1.4.2 (for Mac OS X)
  • Office clients: Microsoft Office 2010 or Office 2007 SP2
  • Office 2008 for Mac, and Microsoft Entourage 2008 Web Services Edition
  • Office 2011 for Mac, and Microsoft Outlook 2011 for Mac
  • .NET Framework 2.0
  • Microsoft Lync Client 2010

Client Applications

Microsoft Online Services Connector

Browser Software

  • Microsoft Online Portal
  • Internet Explorer 7, Internet Explorer 8 or Internet Explorer 9
  • Outlook Web App (includes a light version that supports a reduced set of features across almost any browser       
  • Firefox 3.0 or later
  • Safari 3 or later on Mac OS X 10.5
  • Google Chrome 3 and later versions
  • Opera

Essential Deployment Considerations

Once an organization decides to use SharePoint Online, there are several essential deployment factors to consider. At a high level, IT professionals should:

  • Carefully evaluate what content to move from an existing system, whether it’s an on-premises SharePoint implementation or some other IT system. Consider the value of moving older content, storage quotas, what content should be available to external parties, and blocked file types such as *.exe, *.vbs, *.com and *.chm that you can’t move to SharePoint Online.
  • Consider the benefits of rolling out the SharePoint Online service in stages.
  • Evaluate Internet bandwidth.
  • Establish test environments that will match the production environment.
  • Define a meta-data strategy before importing content or allowing new content.
  • Generate a map for the main Web site and sub-sites.
  • Consider how users will find content.
  • Plan for an administration delegation hierarchy.
  • Review custom code policies and submit high-level designs if using SharePoint Online Dedicated.

SharePoint Online Administration

The SharePoint Online administration console is a clear, easy-to-understand interface that administrators use to manage site collections and user profiles, establish parameters for using Microsoft InfoPath forms, and access the Term Store Management Tool. The administration console provides a single location from which administrators can manage all of the Web sites and pages created in SharePoint Online.

Depending on the size of an organization and the volume of content, it can be useful to create sub-sites, because SharePoint Online can support hundreds or even thousands of sites. You can organize sites and sub-sites in any number of ways, including by department or team, by functional purpose, by content, by customer or project, or by permission levels or sensitivity.

Top-level sites and sub-sites, including team sites and intranet sites, allow for different levels of control over features and settings. Using this hierarchy, administrators can allow users to have a main working site for an entire team, plus individual working sites and shared sites for side projects. Additionally, you can create separate site collections for different divisions or for external Web sites. How you separate site collections depends on the size of your organization and your business needs.

Administrators can designate individuals as site collection owners, and as site-level owners. This capability allows IT departments to create hierarchies of control over sites so that daily management of specific tasks can be delegated to the most appropriate departments or individuals.

Large organizations can also use SharePoint Online to set up Web sites—including sites with separate domain names. To retain control over the number of sites created and the bandwidth that they consume, administrators can establish site-creation policies and can conduct regular scans to see what sites are used and which can be removed due to lack of use.

Managing Users

When planning a SharePoint Online deployment, it’s important to determine what information is needed for users. This information will be stored in user profile properties and should reflect the privacy and policy settings of the organization. User properties are important because they’re used to find users, create audiences to use when targeting content, and establish relationships between colleagues and workgroups.

SharePoint Online provides a set of default user profile properties. Administrators should review these properties and the policies that apply to them before they decide which properties to keep or remove and which additional properties to create. Some user profile properties can be indexed by People Search, and some can be replicated to all site collections.

The default user profile properties can be supplemented with additional properties—such as term sets and strings—that establish key information not otherwise available. For example, a profile property could be named “favorite hobby” or “specialty,” and then associated with the term set “hobbies” or “specialties” from the Managed Metadata Service. Users who update their profiles can then select a term in the term set as a value for their profile. This information can be used in the People Search feature to quickly find colleagues with shared interests or specific subject matter expertise.

Establishing Permissions and Security Groups

In SharePoint Online, permission levels are collections of permissions that allow users to perform a set of related tasks. For example, the Read permission level includes the View Items, Open Items, View Pages and View Versions permissions, all of which are needed to view pages, documents and items in SharePoint Online. Permissions can be included in more than one permission level. Permissions can be inherited, so it’s important to examine what permissions are being granted to users and groups of users.

It’s a good idea to avoid assigning permissions directly to individual users, because it makes it difficult to track and manage who has access to sites. Instead, assign permissions to groups, and then assign individual users to the appropriate groups. A group is a set of users that’s defined at the site-collection level for easy management of permissions.

After creating a user account, an administrator might assign the account to one or many security groups. A security group is usually a collection of employees grouped together based on their roles in the organization. Typically, all the people in a group perform the same or similar kinds of tasks, such as “Human Resources” employees. People in this group would have security permissions to view and work with information that’s not available to other people in the organization. It’s recommended that administrators perform scheduled scans of content to make sure that the structure of assignments covers all the different ways that users employ SharePoint.

Importing Users into SharePoint Online

SharePoint Online receives user profile information in one of two ways: through identities established during initial setup of Microsoft Online Services, or through synchronization with an organization’s on-premises Active Directory service.

Office 365 Directory Service

In the Microsoft Online Services method, the organization’s Office 365 directory service provides regularly scheduled one-way synchronization of user information. Users can also edit their profiles manually, usually through their My Profile page. User profiles are helpful for identifying connections among users, such as common managers, workgroups, group membership and sites. User profiles also contain information about user interests, and help users locate subject-matter experts for a particular area by using the People Search feature.

Active Directory Synchronization

Organizations with existing Active Directory instances can use the directory service to set up users in SharePoint Online. This is accomplished through Active Directory Federation Services (ADFS), a Microsoft solution for building federated identity management solutions that extend an organization’s existing Active Directory deployment. Active Directory synchronization requires administrative privileges for both SharePoint Online and for the Active Directory instance behind the firewall.

ADFS uses single sign-on (SSO) technologies to authenticate a user to multiple related Web applications, including the full Office 365 suite, over the life of a single online session. ADFS accomplishes this by securely sharing digital identity and entitlement rights, or “claims,” across security and enterprise boundaries. While ADFS allows user profiles to be migrated and synchronized with SharePoint Online, Active Directory information only goes in one direction—from the on-premises deployment to SharePoint Online. This ensures that user information in SharePoint Online reflects the most current data behind the firewall, while protecting the network.

Logging In

Note that SharePoint Online does not require a separate sign-in client application—users log in through a browser interface. After user profiles are imported, users access SharePoint Online with either their Active Directory login or their Windows Live ID credentials.

Ongoing User Management

Daily management of users in SharePoint Online is straightforward. The administration console allows you to grant or deny access to the service by selecting or deleting users. Administrators can also grant administrative rights to additional users, designate specific users as site collection owners, or set permissions and license levels for standard or remote users.

Adding External Users

SharePoint Online also lets organizations collaborate with users outside of the organization by giving them permission to access resources on internal sites. This capability is primarily intended to simplify document and information sharing, and does not fulfill typical enterprise requirements for a full extranet solution.

To allow these external users to access a SharePoint Online site, an administrator must enable the Manage Share by Email feature in the SharePoint Administration Center. Doing so gives every site collection administrator in the environment the option to enable external sharing on their sites. Site collection administrators can then enable external user invitations for their collections, after which site owners and designers can send an e-mail invitation to external users to access their sites. It’s a good idea to perform regular scans and security checks to hide or delete unused or old sites, and to ensure that no individuals have unauthorized access to a site.

Only external users with a valid Windows Live ID user name and password—or Microsoft Online Services ID—can access the site, and the invitation expires after one use. Once an external user is a member or visitor on a site, that user can be added to any other site in any other site collection in the environment.

Business Solutions

SharePoint Online includes a wealth of features that allow organizations to deploy and use applications, tools, and solutions that bolster communications and collaboration among users, and enhance business processes.

There’s also a rich set of tools and solutions that are available for immediate use. These include blogs, wikis and discussion forums; calendars; content tagging; Visio diagrams; and the ability to edit Microsoft Access databases.

SharePoint Online provides an intuitive administration console where IT pros can create sites, provision users and support customized work on sites and business solutions. It’s not designed to replace on-premises SharePoint deployments. Instead, it gives IT professionals a rich platform for responding to business needs with minimal cost and IT resources. It also provides an excellent opportunity for organizations to test the viability of cloud-based computing for essential business operations and to plan for the interaction of on-premises and online processes.

As with all Office 365 offerings, the IT administrators stay in control. IT teams administer the setup, customization and access to SharePoint Online. They can also delegate authority for specific tasks through Role-Based Access Controls, or RBACs. Additionally, Microsoft works with a select set of vendors that specialize in managing and creating custom solutions for SharePoint Online implementations. With SharePoint Online, IT professionals have a low-risk, low-cost cloud service to significantly enhance business operations.

Download the full guide here.

Additional Resources

Microsoft has developed additional resources for IT professionals considering SharePoint:

SharePoint Online Partners

Microsoft is working with a select group of partners that are skilled in managing and developing custom solutions for SharePoint Online. Go here to access the current list.

SharePoint Online: In-Depth Information

Use these links for more information about SharePoint Online and the Office 365 suite:

Office 365—Introduction and sign-up.

How to Buy Office 365—Learn the differences between buying direct from Microsoft or through partners, and download a PDF comparing Online Services offerings.

SharePoint Online—An overview for enterprises.

SharePoint Online Developer Resource Center—Provides access to a variety of resources, including planning guides, blogs, end-user help and articles for developers.

SharePoint Online Administration—Provides SharePoint Online for Office 365 administration and planning information for IT pros.

SharePoint Online Planning Guide—Detailed planning and deployment guidance.

Infrastructure Planning and Design Guides for Online Services—This TechNet site is a good first stop when planning to use SharePoint Online.

Plan for Your Office 365 Transition—A brief overview with links to in-depth resources.

Office 365 Community Site—General information and discussions.