Epok recently did a survey to validate the rapid growth and widespread use of Sharepoint among a broad variety of users.

Here is what we found:

• Nearly 80% of our respondents have Sharepoint deployments
• More than 50% of Sharepoint deployments have more than 100 users, while close to 25% of deployments are comprised of anywhere between 1000 to 5000 users.
• We expect to see these numbers continue to grow as 62% of Sharepoint have set up or plan to set up extranets to collaborate with others outside of their business
• 30% are in the research stage trying to determine if they will use a Sharepoint extranet
• Authentication, security and compliance were among the largest concerns for users.

The survey results validate that Sharepoint is evolving into a valuable platform for information sharing and collaboration among small business and enterprises. We’ve found that the capabilities of Sharepoint are extending beyond traditional boarders and allowing for sharing with partners, customers and vendors. This extension is opening the door to many security and compliance issues. Epok Edition for Microsoft Sharepoint lets users control the process and provides a means of securely controlling collaboration and access to documents on MOSS.

The results of our survey were collected while we were on the road at Sharepoint conferences from Boston, MA to Santa Clara, CA and online. Respondents ranged from technology companies including RMI to government agencies such as the Arkansas Department of Human Services.

Respondents of the survey were entered into a drawing for a chance to win a free Apple iPod Touch. The winner is Sonny Sablan from Silicon Valley Power.

This is a very interesting article - Implementing a Brand in a SharePoint Server 2007 Publishing Site. As we all know, branding of a MOSS site isn’t as easy as it might be. Branding is, of course, the changing of the SharePoint “skin” or “chrome” to make it look a lot less like SharePoint and more like, well, more like a “real website”(!?!). No? Okay, okay, SharePoint is clearly a “real website” technology, but it is hard to figure out how to, say, add a logo in the upper left corner of each page.

Andrew Connell, well-known MVP, helps up to understand all the choices and strategies on branding a SharePoint site (or a bunch of them for that matter). As more and more people use SharePoint for intranet usage, more and more are considering it for extranets and for “internet” sites, public viewable. In such a use-case, branding is required, and this article helps to make some of what’s required a little clearer. Recommended.

Extranets mean different things to different people.  As I have said before, we’re firmly in the camp of envisioning extranets as far more than just a captive portal with hosted identities.

We do think of extranets as business-to-business kinds of creatures as well, not just a business hosting its customers in various customer service portals. It’s best to think of these new generation extranets as more like electronic data interchange (EDI) type networks, where each party has it’s own hub for the interaction with other hubs - only it’s people touching web based apps and information, not just data nuggets flying around.

There are two primary models we’d like to examine. Lets talk about the two models and how they are different. Epok has always thought of our solution (the management of secure sharepoint extranets) as being a distributed, peer-to-peer mechanism. If we have many organizations, each having it’s own Epok server acting as an extranet gateway or hub, then we have what’s best termed a multi-lateral extranet.

A multi-lateral extranet might be a federation or it might contain several federations. Each federation might be for different business purposes (or aligned by line-of-business), indicating a separation of information and audiences.  The key differentiation is that each organization shows up with the same type of software handling the relationships between the parties. This is clearly an area where standards will eventually be important.  For now though, the need to have public standards is premature. (Although, standards like SAML 2.x are intended to play in this kind of space - we use SAML 2.x in our software).

In a multi-lateral extranet, each party is responsible for creating and maintaining the relationships with it’s extranet partners, and ensuring the security of the connection. Additionally, if an organization needs to cancel an extranet relationship with a partner, the cancellation can be done without affecting other existing partnerships.

But without some kind of existing market pull, extranets need to form quickly, and not demand that each partner in the ‘net adopts a particular package to handle it. So, strong central players, those that want to develop an extranet need to use the second model of extranet - the hub-and-spoke model.

Hub-and-spoke is where a piece of extranet management software like Epok’s server can handle multiple partners as if they were a multi-lateral network. So, a spoke is really a “virtual” partner, a means of separating out all the information for a specific partner and, among other things, allowing an admin from the partner to manage the identities of that partner. (This would be the spoke.) The hub-and-spoke can be done inexpensively, and it a great starter step towards what may be in the future a full multi-lateral extranet. Basically, you’ll host all the extranet managers on behalf of your partners.

In either case, it moves the nominal definition of extranets well beyond a mere captive portal.

On behalf of The Authority Net blog and Epok, we sat down with Mohd Amin, Chairman of the International Multilateral Partnership Against Cyber Terrorism. Also known as IMPACT. This organization represents the first global public-private initiative against cyber-terrorism. We talked to Amin about the mission of IMPACT and the organization’s unique requirement to securely share information across a global network of government ministries, private sector organizations, and educational institutions.

Interested in what he has to say?  Listen to the interview here:

Microsoft SharePoint is often a great online solution for businesses who want to share confidential information and collaborate with clients. The way the software tool is set up, however, requires that each of a businesses’ clients must be added to the company Active Directory (AD) and, therefore, managed by their internal IT department.

Companies of all sizes would likely find this a prohibitive restriction, given the fact it burdens their IT department and potentially exposes their server and company information.

Working with Epok, Padgett, Stratemann & Co., L.L.P. (PS&Co.), one of the largest locally owned CPA and business advisory firms in Texas, has found a way collaborate with clients without overburdening their systems or staff.

PS&Co. wanted to share their financial and business advice with their clients and had standardized on Microsoft SharePoint 2007 as the collaboration platform to facilitate that. Because of the sensitive nature of their advice and counsel, they still needed a unique SharePoint site for each client in order to insure security and privacy.

With only one additional server and minimal cost, Epok helped PS&Co. add that layer of security and privacy and allowed them to create a collaborative environment without stressing resources. Now the company and others like it can support their external client users without having to add them to the internal AD. They can segregate a client’s users in a separate directory implemented in SQL Server, mitigating the risk of inadvertent access to other corporate assets and can delegate the management of these users out to a trusted manager at the client organization.

Additionally, as financial and other sensitive information is shared, terms and conditions governing the information usage is presented for acknowledgement.  All access and all authorizations are visible to both security and management personnel, allowing PS&Co. to enforce policy and compliance requirements. 

Microsoft SharePoint is arguably one of the company’s most popular enterprise software offerings and is growing at a fast clip. That growth comes with the changes in the way companies share information among employees who are located, frankly, anywhere. 

Your co-worker may be across town, across the nation or even across the globe, so SharePoint becomes the easiest way to post files for group collaboration. With that need for greater collaboration comes the need for greater access control, but SharePoint Server 2007 has gaps in this area.

For example, SharePoint doesn’t allow users outside the SharePoint domain to create, edit and save documents directly into SharePoint. This can be a problem, particularly if an active and vital team member or partner does not reside in the same domain.

Rather than losing the opportunity for those people to collaborate or to risk security of the collaboration tool, Epok has updated Epok Edition for SharePoint and now offers version 2.4 to extend user authentication to a company’s partners.

Now, any Office user in any domain can create, edit and save documents into SharePoint as long as they have the needed access rights.  That’s what the modern workplace needs to ensure that employees can take advantage of extranets completely and that companies can take advantage of the skills and expertise of professionals who reside anywhere.

Other features that make SharePoint more secure include a reporting system that can show such facts as who has access to a document and when the document expires, and Epok can automatically enforce those expiration data on a user’s access to certain documents while maintaining the user’s overall access rights.

For more information about features of the Epok Edition for SharePoint version 2.4, read this recent Network World article. 

Epok (and The Authority Net) would like to invite all our visitors to take part in a survey designed to validate the rapid growth and widespread use of Sharepoint among a broad variety of users. Additionally, we will use the results to facilitate discussion around the security of sharing extranets.

Participants of this survey will be entered to win a FREE Apple iPod Touch. Winners of the iPod Touch will also be announced on the blog.

Results will be released here on The Authority Net Blog!
Click the link below to participate:

SharePoint Survey: Enter to Win FREE! Apple iPodTouch

Thank you for participating!

Oftentimes, portals are confused with extranets. By some definitions, extranets are nothing more than portals used by people outside of your organization that are protected by identity management systems. In the case of MOSS 2007, people view it as a simple(!) content management system used to arrange information for people outside of the organization. In many businesses, that is the sum-total of the extranet vision.

We’ve been thinking about extranets for a long time and we’d beg to differ. Extranets, to us, are more than just a protected portal for the use of customers. We’ve thought hard about this, and our definition is more in line with a full-up federation than a protected portal.

A federation is a collection of authorities that agree to share certain things amongst themselves - in the extranet example it is not just resources (like applications and documents) but also identity information, or at least “claims” of identity information.

As such, the management of linkages (relationships) of your identities to my information (and perhaps vice versa), becomes the basis for us being members of a federation. But federation implies two key ideas that are not present in a simple protected portal. First, I want you to manage your identities. (and I want you to let me manage mine.) Second, I want to use real contracts to manage our business trust when we talk about access to digital resources. I’d add a third item as well, but both of us understand content management of our resources pretty well as it is.

So what does this imply?

Well, for starters, we need to adopt a means by which we agree to trust each other in a business sense at the IT level. A bolstered NDA might be enough. (Bolstered in the sense that we’ll both agree to follow best practices when it comes to managing our identity life-cycle.) But we build a simple trust between us saying, “we’ll trust each other as long as our NDA is in place.” It would be nice to use a tool to manage this, as well as to handle some certs that could encrypt our traffic “vpn-like.”

But of course, I’m not about to give your people unfettered access to everything. But a tool that provides us (both of us) a way to describe and manage the access we intend (and nothing more) would be very useful as well. Finally, I don’t know about you, but I have compliance issues to think about, so, I’d like the tool to track my people’s access to your stuff as well as track what stuff of mine that your people get ahold of.

Now if we extend this simple vision to all my partners, and you do you yours as well, we start to see a pattern of power, a scale-free model that allows us each to manage our extranet relationships very directly (and preferably all in the same app server(s)). That’s an extranet. There is no central trust hub (other than certificate authorities) and we are each responsible for we use of our partners resources and they in turn are responsible for what they use of ours.

Now what models can we support in the shorter term, before our partners see the value of this extranet vision? Are there smaller steps we can take?

The title seems like a non-sequitor, no? Well, not exactly, because our friend MOSS can be used for all sorts of things not just collaboration! (It’s like the sign I have, “Beer: It’s not just for breakfast anymore!”)

So HOWTO: How Document Collaboration works at Microsoft is very handy to get a glimpse at how they do it at Microsoft. It talks about a huge documentation effort at Microsoft and how it was handled using by dogfooding SharePoint and Groove and Word and who knows, probably Windows Server 2008 and Hyper-V as well.

What remains, of course, is how you would handle such an effort when some of the users were not part of one company, and were linked by an extranet. That’s exactly what Epok provides. Pretty handy, no?

SharePoint Magazine has a great new posting from a series of articles written by Jeremy Thake, a consultant from Australia. It points out, in Leveraging the SharePoint Platform (Part 3), that SharePoint can be a very large, complicated undertaking, and that MOSS is a much more than a mere piece of intranet software.

Describing lots of the sharper bits of managing a MOSS facility, it moves over Governance, the Microsoft checklists, operational issues as the MOSS facility becomes more integral to the business, and other deployment related issues/problems/challenges/potholes/disasters. Take a peek, very worthwhile.