Identity and Access Management Framework Book

Like most kids, my own kids like to ride their bikes. They take their bikes around the neighborhood, to other kids' houses, to the park, just out for a spin. Those bikes are extremely useful. They save time, wear on the shoes, and of course they're fun. They get you from one place to another, just like my car gets me from the house to the store and back. So why wouldn't I just say to the kids, "Hey, the bikes serve essentially the same purpose as the car. So here's some money. Ride your bikes to the store, buy a few bags of groceries, and bring them all home. Don't forget to grab a couple of gallons of milk, too."

            That's stupid, you might say. A bike doesn't have a trunk, you observe. You're asking it to do too much, you'd add. On top of that, the bike isn't safe in all that traffic. Am I not asking too much of a bike? You betcha. The bike has its purpose, but you can't ask too much of it, or its operator. And yet this is what I see happening all the time with Microsoft Office Sharepoint Server.

            Sharepoint is a dandy collaboration tool, allowing individual corporate departments to quickly and easily put up sites for sharing content on a discrete basis. And there’s the rub: quickly and easily. Way too many organizations have little to nothing in the way of policies on who can create a site. There’s no governance. No best practices. It’s just a Microsoft tool, right? Yep, one that’s commonly used for publishing corporate content. This is why you end up with hundreds or even thousands of sites within a single enterprise, many with their own content management policies, if you can call them that, and if they even exist.

            Most companies don’t even properly provision MOSS users so as to control entitlements. Site creators are running their own show in way too many instances. Here, let me toss you into this group, so you can access my site. Pages, lists, files. There is often no standard for the metadata used for filtering searches. Which means the further down the food chain you go, the uglier it gets. If there are no best practices on who can make a site, there’s less of a chance you’ve got adequate rules on who can view that site.

            Site proliferation. Content proliferation (“We’ve been meaning to put all those files out where everbody on the team can find them.”). Lack of audit capabilities. No standards for governance.

            There are tools available within Sharepoint, but their use is not enforced, and there truly are no standards. And even if you use them, they’ll be used for Sharepoint alone. For the sake of efficiency and governance, wouldn’t you be better off integrating your corporate best practices, the same ones you (hopefully) use for the rest of the enterprise, for your Sharepoint environment? Provisioning, access management, and reporting will provide the biggest value and consistency when applied across the board. In "Lord of the Flies," all the kids on their little island, with no rules, start spearing each other. The civilizing influence of, well, civilization provides a standard of behavior that serves us well. When everybody does their own thing, you get innovation, which is great until that innovation creates holes. Get everybody on board with standards and best practices, so they can innovate safely.

            Keep letting your kids ride that bike, sure. Just make them wear a helmet, teach them the right way to ride, and keep an eye on where they’re going.