The ease-of-use of the application has led to departments deploying it willy-nilly, often on the sly, for everything from mass knowledge management to ad-hoc SharePoint-based enterprise search.
Microsoft SharePoint Server 2007 is now the company’s fastest growing software in its history, said Wanda Yu, Microsoft Canada senior product manager. It has passed $1 billion (£646,000) in sales.
This spells trouble for IT managers, however, as they are the ones who have to deal with the potential fallout from unauthorised departmental implementations that aren't tied in to the company systems or compliance procedures, and that operate away from the CIO's watchful eye. "We've seen a lot of these from-the-bottom-up implementations," said Yu.
It's becoming more common, according to Strategic Counsel senior analyst Warren Shiau. "It's a bit of that self-discovery and delight thing. Now with some common sense this can be a good thing that saves money, time and effort. In the wrong hands - someone who doesn't use correct safety procedures, (uses inappropriate parts or makes inappropriate modifications), etc. - it's going to cause trouble somewhere down the line."
And how - SharePoint practice lead Jignesh Shah of the Toronto-based Microsoft partner Cyberplex has seen his share of it. "People go wild-there's no real governance, no processes in place," the Toronto SharePoint Users Group member said. "All these independent departments don't really talk to each other, and then you have the users going to the web, reading about these little things they can do and deciding for themselves how to use the platform."
So how best to deal with Microsoft SharePoint Server gone wild?
1) Use Microsoft tools. Microsoft SharePoint Server comes with tools to help IT managers keep tabs on the SharePoint-ing going on in their enterprise, according to Yu.
Admins can head online to find the Governance Resource Centre for SharePoint Server 2007.
Help is also available: complimentary deployment planning services are included in service agreements for the software.
2) Start over. Shah said that it's important to re-evaluate as soon as possible. Forming user groups from within and among the various departments will help figure out who needs SharePoint, what they need it for, and what kind of access they get. "Figure out what individual requirements are, and then create standardized documents that form a set taxonomy," he said.
"SharePoint itself isn't going to cause any problems. Just like the tool in my example doesn't cause any problems by itself. The key is setting up a process and adhering to the process," said Shiau. "Such as, 'This is the checklist for what we can use SharePoint for, this is the checklist for when we're going to set something up with SharePoint, this is where IT will check things out,' and so forth.'"
3) Use role-based access. You also have to determine who gets to look at what, and do what with which data. "Configuring security is important," said Shah. "The end users can't be creating whatever they want." Put in place role-based access controls that guide users only toward what they need for productivity purposes.
4) Practice damage control. One of the main reasons SharePoint has been so successful so quickly is its ease of use. Users could get crazy if their precious SharePoint powers are taken away, so it is up to the IT staff to show them that a more regimented use pattern helps everyone in the long run.
Said Shah: "It's easier to migrate their data to the right space if you show them the benefits of it. When they realize how much easier it is by doing it earlier, they shouldn't complain."
5) Keep an eye out. SharePoint deployments can get out of hand fast, so it is a good idea to keep a watchful eye on user behaviour and the amount of data being stuck into the system. "Get weekly, or even daily, reports," recommends Shah.
As Shiau said, it's fine to let people go wild - within the structure that the IT department sets and monitors. "As long as IT knows everything is happening according to the process, it's okay. This is actually the direction a lot of products are going in. Set-up and so on is becoming automated so that a defined user-friendly process is followed. Administrative rights for changing the process reside with IT so IT can be assured things go in as they're supposed to and when exceptions are made IT knows about it and approves them."