SharePoint is a web-based collaboration platform which is used by many organizations of any size to solve different business needs and improve productivity and engagement. SharePoint can refer to one or more Microsoft products or technologies including:
- SharePoint Online (part of Microsoft 365)– a cloud-based service (software as a service (SaaS) offering), hosted by Microsoft for businesses of all sizes. Instead of installing and deploying SharePoint Server on-premises, any business can subscribe to a Microsoft 365 plan or a standalone SharePoint Online service based on their needs. This removes the huge Capital Expenditure (CAPEX) costs that come with a traditional on-premises deployment. You pay per user, per month and you can scale up or down the service really quick, so all your costs are Operating Expenditure (OPEX). SharePoint Online could be accessed from everywhere on any device with internet connectivity. That makes it especially handy when you are traveling, are onsite at a customer or partner location, or just working from home/remotely.
- SharePoint Server – Organizations can deploy and manage SharePoint Server on-premises or with an Microsoft 365 subscription to take advantage of all the latest features. For SharePoint on-premises you are responsible for everything: infrastructure, hardware, software, maintenance and update. The main difference between SharePoint Online and SharePoint on-premises is that the data is hosted on an infrastructure that you need to manage virtual or physical servers, network, operating system. Nowadays SharePoint Server is used mainly by governments and strongly regulated financial institutions. A lot of them use it in some kind of a hybrid scenario along with Microsoft 365.
The table below shows the difference between the different types of SharePoint deployments. SharePoint on-premises can be on hosted in your own datacenter or IaaS environments such as Azure Virtual Machines. SharePoint Online is strictly Software as a service.
Some of these articles may be beneficial for you before you continue reading:
- SharePoint (and Intranet) Review – if you are new to SharePoint this is a must read. This article will give you a lot of details and background about SharePoint technology and a lot of ideas where SharePoint can fit in your business.
- SharePoint Look Book – SharePoint Look Book is an article where the base of how to change the looks and feel of SharePoint is covered. You will understand the basics of how to brand your SharePoint portal.
- SharePoint Home Site – Every organization has it own home page. Home page is the first impression that users get when they visit your organizational site. And as many people say: You have only one option to create a good impression and this option is your organization home page. In this article you will find some best tips for building your company home page.
- How to migrate to SharePoint Online – If you are already using SharePoint on-premises it is time to think about to migrate to SharePoint Online because it has a lot of advantages than on-premises. All the steps for successful migration can be found in this article.
You want to use SharePoint for document management, project management, intranet portals, and more. SharePoint is a web-based collaboration and document management platform that allows teams to store, organize, and share information and files.
The main benefits of using SharePoint:
Security in the cloud has always been an important topic, and even more nowadays. If you are wondering how secure your data is in the SharePoint Online service, just think of the size of the investments that Microsoft does on security. It’s no wonder that 75% of Fortune 500 companies choose Microsoft as a cloud service provider.
Apart from what Microsoft does to secure and protect your data, there are also a ton of features to help you ensure your data is secure and compliant as needed.
One of the most important things you can do to safeguard your data is to require multi-factor authentication for your identities in Microsoft 365 / SharePoint Online. This prevents credentials from being used without a second factor and mitigates the impact of compromised passwords which is very common nowadays. Most attacks come from phishing and compromised credentials. The second factor is something you have – your mobile device. Verification options are the Microsoft Authenticator app, a text message code or a phone call. When you roll out two-factor authentication, it’s a good practice to enforce it to the privileged accounts first e.g., Global Administrators, SharePoint administrators, etc. and then deploy to the whole organization. Microsoft’s MFA (Multi-factor authentication) solution is very intuitive and does not require special skills or additional trainings for your team.
Other things to consider about cloud security:
- Use Azure Active Directory device-based conditional access policies to block or limit access on unmanaged devices such as airport or hotel kiosks. You can block or limit access to SharePoint and OneDrive content from unmanaged devices. You can block or limit access for:
- All users in the organization or only some users or security groups.
- All sites in the organization or only some sites.
Blocking access helps provide security but comes at the cost of usability and productivity. When access is blocked, users will see the following error:
Limiting access allows users to remain productive while addressing the risk of accidental data loss on unmanaged devices. Even if you limit access for the unmanaged devices, users on managed devices will still maintain full access.
- Create policies to limit the session time (e.g., 8 hours).
Idle session sign-out is one of several policies you can use with SharePoint and OneDrive to balance security and user productivity and help keep your data safe irrespective of where users access the data from, what device they’re working on, and how secure their network connection is. When a user is inactive in SharePoint and OneDrive for the time period you specify, the following message appears:
Activity is monitored through the requests sent to SharePoint, such as mouse clicks on an interaction with an UI element like a button, list entry, or a link. Moving the mouse and just scrolling are not considered an activity.
- Implement location-based access. These simulate the access model of an on-premises deployment.
You can control access to SharePoint and OneDrive resources in Microsoft 365 based on defined network locations that you trust. This is also known as location-based policy.
To do this, you define a trusted network boundary by specifying one or more authorized IP address ranges that represent your local network, including the access through any VPN solutions you might have. Any user who attempts to access SharePoint and OneDrive from outside this network boundary (using web browser, desktop app, or mobile app on any device) will be blocked and see the following message:
*Note: Keep in mind that that location-based policies could impact external collaboration and access from third-party apps.
- Prevent accidental exposure of sensitive content.
Organizations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect this sensitive data and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn’t have it. This practice is called Data Loss Prevention (DLP).
In Microsoft Purview, you implement data loss prevention by defining and applying DLP policies. With a DLP policy, you can identify, monitor, and automatically protect sensitive items across:
- Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive
- Office applications such as Word, Excel, and PowerPoint
- Windows 10, Windows 11 and macOS (Catalina 10.15 and higher) endpoints
- non-Microsoft cloud apps
- on-premises file shares and on-premises SharePoint.
DLP detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analyzed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that DLP also uses machine learning algorithms and other methods to detect content that matches your DLP policies.
SharePoint easily integrates with other Microsoft technologies: Teams, Outlook, Power Platform (Power Apps, Power Automate, Power BI and Power Virtual Agent), OneDrive, Dynamics 365, Microsoft 365 Apps (Word, Excel and PowerPoint) etc. It creates a seamless digital experience and saves hours of productive time. Here are just a few examples of how:
- By syncing Outlook and SharePoint, employees can access their attachments and documents that live in SharePoint without a need to leave Outlook
- With OneDrive and SharePoint integration, users can work on documents locally while all changes will sync automatically to SharePoint online in nearly Realtime. It doesn’t matter if you left a work file on a home computer – your files are in sync and accessible from anywhere
- While working in MS Teams, you can add the SharePoint site tab directly into your MS Teams. This integration will help you access project documents and track activities while never have to leave MS Teams
- Co-authoring. With Office and OneDrive or SharePoint, multiple people can work together on a Word document, Excel spreadsheet, or PowerPoint presentation from different part of the world at the same time. When everyone is working at the same time, that’s called co-authoring. With versioning you can go couple of versions back if something goes wrong and restore the most accurate version of the file.
Power Platform is a suite of apps (Power Apps, Power BI, Power Virtual Agent, Power Automate and the new member of the family Power Pages), services, and connectors, that provides a rapid development environment to build low-code apps for your business needs. Using Power Apps, you can quickly build custom business apps that connect to your data stored either in the underlying data platform (Microsoft Dataverse) or in various online and on-premises data sources (such as SharePoint, Microsoft 365, Dynamics 365, SQL Server, and so on). Nowadays they are more than 600 connectors available that could be used by the end users to consume data from different sources.
A connector is a proxy or a wrapper around an API that allows the underlying service to talk to Microsoft Power Automate, Microsoft Power Apps, and Azure Logic Apps. It provides a way for users to connect their accounts and leverage a set of prebuilt actions and triggers to build their apps and workflows.
Microsoft‘s large ecosystem of software as a service (SaaS) connector enables you to connect apps, data, and devices in the cloud. Examples of popular connectors include Salesforce, Microsoft 365, Twitter, Dropbox, Google services, and more.
SharePoint is highly scalable and can be used in organizations with a few or in large enterprises with hundreds of thousands of employees. You get additional storage space for every additional license that you purchase.
You don’t have to worry about „huge“200 GB SQL databases like in the past. With SharePoint Online Microsoft supports site collections up to 25 TB.
The number of site collections you can have is the staggering 2 million, not counting the OneDrive sites (personal site collections).
Unlike many alternative Intranet products, you can enhance SharePoint to suit your own business requirements. Microsoft has plenty of supported customization types. It’s best that you work with a trusted partner when planning and implementing those, to ensure supportability in the future.
Different web parts, apps, and workflows can be added to the platform. Many don’t require any development and can be built by tech-savvy users. Those are part of the benefits that the integration between SharePoint and Power Platform provides.
Even nowadays some users consider working with SharePoint a burden. You can hear about slowness, steep learning curve etc. With flat site architecture, global Microsoft search and the modern experience, things have changed for the better.
In the past few years, SharePoint and especially SharePoint Online transformed immensely. The modern experience in Microsoft SharePoint is designed to be compelling, flexible, and more performant. It makes it easier for anyone to create beautiful, dynamic sites and pages that are mobile-ready, aligns with what users are used to on the web. The users no longer need to struggle with slow page load and unreasonable limits. SharePoint is now better integrated with other Microsoft 365 services such as Teams and Power Automate, making it an integral part of the digital workplace.
The main game changer is that the data on SharePoint could be accessed from anywhere, on any device, that is if your organization wants to allow it, of course.
Organizations and teams come in all different shapes and sizes, and team members can be local or spread across the globe. They can include vendors and contractors along with full-time employees. Initiatives and work can span enterprises, organizations, and small project teams.
SharePoint is designed to be a universal toolkit to give your team members integrated and flexible ways to work for their projects and tasks.
SharePoint is great for storing files in the cloud and making them accessible to a broad audience. And you can take advantage of robust file permission management, document process flows, retention policies, and more. Here are ways to work with SharePoint:
- Collaborate on files in document libraries, create pages, use a shared notebook, and use the integrated Microsoft 365 group to bring together conversations, calendars, and tasks.
- Spread ownership and permissions across a wider collection of people. If a document is important to the success of a project, put it in a SharePoint site rather than your personal OneDrive.
- Grant permissions on a site basis, instead of on individual documents. If people have access to the team site, then they have access to documents stored in the site. Permissions are inherited by default. Breaking permission inheritance is not a good idea.
- Create attractive and effective site pages to organize information, post news, provide contact information, and provide navigation to documents, media, and other types of information.
SharePoint offers a wide variety of options and tools to create Intranet sites for your organization. Moving your intranet to SharePoint in Microsoft 365 might be a good project on its own, particularly if you already have extensive intranet content.
With SharePoint, any user can create highly functional Intranet pages quickly without the need for writing code or other difficult customizations. These sites look great on any device or screen and provide deeply engaging experiences for your users.
If you’re currently using SharePoint Server for your Intranet, you’ll find SharePoint in Microsoft 365 to be much easier to work with. Responsive, dynamic pages are easy for anyone to create, and the need to involve IT to build your solutions is a lot less frequent.
With Microsoft 365 you get the evergreen version of the Microsoft 365 Apps, Windows 10 and best-in class security. Microsoft Teams lets your team stay organized and have conversations all in one place. Microsoft 365 apps like Word, Excel and PowerPoint help you and your team be creative and work together. Securely save your files in the cloud with OneDrive so you can get to them from anywhere. You can store any type of file including images, spreadsheets, presentations and more. Then share and work in real time with your coworkers, no matter if you are in the office or on the go. Keep organized and connected with the mobile apps on your devices. And stay productive from any browser with Office for the web. Work and collaborate from anywhere and on any device with Microsoft 365.
- You need data classifications
- Collaboration, internal and external is key
- Your processes can benefit from automation
- Security and compliance is of high importance
- You want a predictable cost model
For SharePoint Online there are no software or hardware requirements, you just need a browser.
As you plan your rollout, in addition to the technical planning considerations provided here, consider these questions:
- What are your high-level goals for rolling out SharePoint?
- What are the file storage and collaboration needs of your organization?
- How do you want to transition from your current tools to SharePoint Online?
- How important is migration of content as part of your rollout?
- How knowledgeable your IT team is in SharPoint Online? Would they need training?
What else you need to consider at the beginning?
- Migrate content
An important part of rolling out SharePoint is migrating content from your existing file storage solutions. The migration of content could be gradual if you plan to roll out SharePoint Online with a pilot group of users or teams.
- Network utilization
Various factors can impact the amount of network bandwidth used by SharePoint. For the best experience, we recommend that you assess this impact before you start your rollout.
- Change management
Rolling out SharePoint means new processes and procedures for the users in your organization. An important part of the rollout is making sure users are trained in the new ways of doing tasks as well as entirely new tasks that SharePoint enable.
They are two types of system requirements when talking SharePoint: hardware and software requirements. If you contact Microsoft Customer Support Services about a SharePoint Server deployment that does not meet the minimum hardware specifications described in this document, support will be limited until the system is upgraded to the minimum requirements. That’s why it is very important before you choose SharePoint on-premises to evaluate all the requirements. If you don’t want that headache, just opt for SharePoint Online where the hardware, servers, middleware, storage, networking and all that is the vendor (Microsoft)’s responsibility.
The values in the following table are minimum values for installations on servers that are running SharePoint Server in a multiple server farm installation.
Ensure the following before you proceed with deployment of SharePoint environment:
- For all installation scenarios:
- You have sufficient hard disk space for the base installation.
- You have sufficient hard disk space for diagnostics such as logging, debugging, creating memory dumps, and so on.
- For production environment
- You have additional free disk space for day-to-day operations.
- Maintain two times as much as free space as you have RAM
|Installation scenario||Deployment type and scale||Processor||RAM||Hard disk|
|Single server role that uses SQL Server||Development or evaluation installation with the minimum recommended services for development environments.||64-bit, 4 cores||16 GB||80 GB for system drive|
100 GB for second drive
|Single server role that uses SQL Server||Pilot or user acceptance test installation running all available services.||64-bit, 4 cores||24 GB||80 GB for system drive|
100 GB for second drive and additional drives
|SharePoint server in a multi-tier farm||Development or evaluation installation with a minimum number of services.||64-bit, 4 cores||12 GB||80 GB for system drive|
80 GB for second drive
|SharePoint server in a multi-tier farm||Pilot or user acceptance test installation running all available services.||64-bit, 4 cores||16 GB||80 GB for system drive|
80 GB for second drive and additional drives
SharePoint Server supports the following operating systems:
- Windows Server 2019 Standard or Datacenter
- Windows Server 2022 Standard or Datacenter
SharePoint Server Subscription Edition supports the following Windows Server installation options:
- Server with Desktop Experience
- Server Core
SharePoint Server Subscription Edition supports the following database versions:
- A Standard or Enterprise Edition of SQL Server for Windows that supports database compatibility level 150. This includes SQL Server 2019 Cumulative Update 5 (CU5) or later and any future version of SQL Server for Windows that supports database compatibility level 150.
- Microsoft Azure SQL Managed Instance (MI). This is only supported if your SharePoint Server farm is hosted in Microsoft Azure.
Security is one of the key concerns in all cloud applications nowadays.
Let’s see what kind of security settings we’ve got in SharePoint Online:
The tenant-wide settings override all the others, so you would want to make sure you set those up correctly before rolling out SharePoint in your organization.
There are a few tenant settings to pay attention to, however. Sharing settings are extremely important. If left to default, they can have uncontrolled sharing of information with everyone, even through anonymous links outside of yor organziation!
Only leave the default configuration if you want to have the loosest security in SharePoint Online. We don’t recommend doing so, of course. Try to configure the setting to match your company information security policy choosing from one of the following options:
- New and existing guests
- Existing guests
- Only people in your organization
Pay attention to More external sharing settings in SharePoint Admin center and adjust them accordingly to meet your business requirements:
Add users to the proper SharePoint group: Owners, Members or Visitors. Every SharePoint group has different permissions level that could be adjusted, when necessary, but by default Owners are having Full Control, Members can Edit and Visitors have Read permissions.
Permission inheritance is the default principal for all the content in your site – libraries, lists, documents. In some cases, you might need to share only a library or a document with a user, and not the entire site. That’s where we can break permission inheritance. This is not always recommended as it comes with some cons.
- MFA (multi-factor authentication). The first that you should implement as part of your Microsoft 365 security strategy. A few years back, we were only thinking about applying MFA to (at least) Global Admins, but really it should be applied on all accounts whenever possible.
- Security and Compliance. After securing SharePoint as an environment, we’d also like to secure the data hosted in SharePoint, right? Sensitivity labels, Retention labels and policies, Data Loss Prevention (DLP), Sensitivity info types. They should be planned thoughtfully and implemented carefully.
- Device Access Control. More options are available within the SharePoint Online Admin Center but if you want to configure the controls even more granular, you can do so through Azure Active Directory Conditional Access policies.
Here are some of the mistakes we’ve seen over the many years we were working with SharePoint.
Misunderstanding of permissions and creating a mess. Permissions in SharePoint should be planned accordingly so that it woulb be easily identifiable who has access to what when needed. The most mistakes we’ve seen fall into that category. People share randomly – files, folders, librraries, with groups, with people, through links… You should have a strategy and process for this. Use the Active Directory groups whenever possible, so that you can reuse them in other Microsoft 365 workloads.
This is the number one issue that we see after file share migrations. Nested folders tend to create confusing structures that are difficult to use and manage. This also conflicts with the SharePoint Online long filepath limits, so instead have a flat hierarchy and use metadata.
Always, always plan and budget for your users training. If they don’t receive one, it’s likely your SharePoint deployment will quickly become a mess you’d want to never have started. We at Impactory provide Training & Support for all kinds of organizations, regardless if we did your SharePoint project or not.
Here are the top 4 quick wins you can take away from this article:
- Don’t underestimate the complexity of SharePoint
- Don’t use the „I’ll fix that later“ approach when deploying SharePoint on-premises
- Don’t cut from your project budgets, especially on proper architecture, governance and training, it will be more expensive later to fix mistakes by outsourcing support or having your IT team overwhelmed
- Work with a trusted partner with proven expertise to get the best return on your investment
If you’ve reached this part, then you are already more informed on SharePoint than 80 % of the population. You probably already know what we do best. We at Impactory GmbH can help you analyze your requirements, find if SharePoint is the right fit for your organization, architect and implement your SharePoint Intranet. We also take do end-to-end Modern Workplace projects with Microsoft 365, so reach out to us to discuss your needs.
News from Impactory
Find out the latest from our company and stay up to date with everything worth knowing about our intelligent solutions and services from the multifaceted Microsoft Office world.
Your reliable, high-performance partner
We offer a wide range of consultancy services for the planning, introduction, and implementation of SharePoint, Microsoft 365, and hybrid applications. Benefit from our many years of experience in the industry.