While we have previously noted that many companies look to SharePoint to manage content, it is also clear that many companies are using a mixture of online and on-premise SharePoint environments. While cloud computing is well rooted now, there is still concern about keeping sensitive data in the cloud. The result is that many are now using hybrid SharePoint environments, which require rigorous governance.

SharePoint as Hybrid Environment

There is also anecdotal evidence that enterprises will continue to use hybrid environments until they are sure about data security. The result is a workspace where business applications will be spread across on-premise and cloud environments, which by their nature require a strong IT governance model.

A recent white paper by Chris Beckett, an information systems architect and SharePoint specialist, entitled "A Governance Guide for Hybrid SharePoint Migrations" looks at content migration policies and governance for those that are considering the hybrid route.

Beckett argues that while cloud services are maturing rapidly, backed by vendors like Microsoft Amazon and Google, companies will spend at least some time using hybrid environments.

Not least among the reasons for doing so is the ability to manage the risk involved in moving complex enterprise applications to cloud-based services. Enterprises that decide to use hybrid environments will most likely undertake almost continuous migration activities for the short term.

Enterprises in the Cloud

Citing industry surveys, Beckett says that most organizations expect to have 60% - 70% of their business applications in the cloud within the next five years. It’s probably not necessary to list the reasons why but just to be sure, they include:

  • Reduced cost: Major reduction in capital investment
  • Increased business agility: Lowered costs mitigate the risk of bad IT investment decisions
  • Better use of internal talent: Enabling the use of IT people in other business critical areas rather than administration
  • Increased mobility: Enabling data access from anywhere.

However, cloud services are not a “cure all” as restraints around security, space restrictions and compliance requirements will prevent full data and application migrations.

While some of these risks may be resolved over the coming years, others may not. One way or the other, Beckett says, full migrations will take a number of years during which enterprises will have to manage hybrid environments.

Cloud Computing Service Models

So what do we understand by hybrid deployments? According to Beckett there are a number of elements that need to be understood:

  • Infrastructure as a Service (IaaS): Enables companies to contract the basic network, server processor and storage, but does not include business applications.
  • Platform as a Service (PaaS): Provides tools for building and deploying applications that commonly run under various defined roles. They include Azure, Salesforce AppExchange and Google Apps.
  • Software as a Service (SaaS): Supports fully managed business applications that users can rent. Examples include Office 365, SharePoint Online or Lync.

SharePoint Hybrid Deployments

Hybrid SharePoint deployments are made up of two things:

  • On-premises environments: SharePoint environments that are deployed, owned and managed internally by an enterprise.
  • Hosted SharePoint: A SharePoint environment provided by a cloud services provider.

One of the features of the SaaS model is that it is well suited for multi-tenancy deployments. Multi-tenancy is the ability to provide a separate place for individual “tenants” on the same cloud, which mean each customer receives configurations, settings, content and access partitioned according to his or her needs.

It can reduce the infrastructure, maintenance and administration costs a cloud service provider will incur in supporting many customers. When SharePoint released SharePoint 2010 it provided support for multi-tenancy, paving the way for Office 365 and SharePoint Online, which as a result can be offered at very low prices.

Benefits of Hybrid Deployments

Interestingly, in the case of cloud services, Beckett says, it has been the SMB market that has been pushing development, largely as a result of the fact that they can’t afford the capital costs or management resources required to run something like SharePoint.

Some of these SMBs have the advantage of having started in the cloud and never had to deal with the headache of migration. They are also less likely to be subject to the compliance issues that large enterprises have to manage.

However, there are advantages to hybrid deployments that are not available to pure, cloud based deployments:

  • Phased migration: Selective transition of workloads depending on the abilities and capacity of the cloud in question.
  • On-demand provisioning: Possibility of scaling up capacity on demand without having to allocate capital costs.
  • User access security: Security is often a concern related to mixing Intranet and Internet-facing sites in the same environment. Hybrid environments allow workloads to be separated by access requirement.
  • Customizations: With an on-premise element, it is still possible to customize SharePoint, where as with cloud-based deployments it is not.
  • Application integration: Some SharePoint workloads may require tight integration with equipment or enterprise applications that cannot be easily accomplished in a cloud-based environment.
  • Compliance: While cloud providers are still struggling with compliance and geographies, with an on-premises component, compliance-sensitive data can be kept on site.

Risks of Hybrid Deployments

But in IT and data, there’s no such thing as a risk free deployment. Leaving aside the fact that there will be extra costs associated with maintaining two environments, there are other risks that need to be considered:

  • Compliance: There are a whole list of reasons why compliance poses a problem, including geographical location, storage requirements and conditions. For compliance reasons alone it may not be feasible.
  • Service provider reliability: Always a risk in the current economic climate is the possibility that your service provider may be gone overnight. What about business continuity in these circumstances. And if users report performance issues?
  • Security: Will your enterprise be happy storing information in a place it doesn’t own and what about compliance standards?
  • Information access: What about mobile workers -- can your service provider enable access from remote devices?
  • Migration costs: There will be costs involved in moving content and applications to the cloud, both initially and on a recurring basis.

Governance Considerations

Governance, Beckett says, is the combination of process, policy and people to ensure an organization meets its objectives. However, if you get it right, governance can take the risk out of migration projects.

In terms of SharePoint governance, Beckett has identified the following as some of the key issues around governance:

  • Project Governance: Ensuring new project requests are aligned with business objectives. Project governance will also include policies and standards of how projects are chartered and executed.
  • Data Governance: Ensuring the integrity, security and quality of enterprise data and ensuring it is formally managed. Includes issues like findability and searchability.
  • IT Assurance: Responsible for managing risks related to technology infrastructure and communications.

He says that while none of these are specific to SharePoint, they all need to be considered when introducing new technologies into an organization.

Migration Strategy and Planning

Like any major IT project, the first thing that enterprises need to do before migration is to outline a clear vision and well-defined scope for the project. This will involve assessing the impact of the migration across the enterprise.

This will also involve working out a step by step process that the enterprise will follow to arrive at the desired point. Most migrations, Beckett says, can be broken down into a portfolio of small sub-projects and phased migrations that incrementally migrate content. This is an effective way to manage.

Information Architecture and Management

Both information architecture and management will be impacted heavily by this kind of migration:

  • Information architecture: In the case of SharePoint this includes both the structure where content is stored and dynamic navigation supported by search.
  • Information management: Concerns the lifecycle, access and use of content and is often rules driven by policies that define elements such as rights, certification and retention policies.

Service Level Agreements

Service level agreements (SLA) are important for enterprises in that they outline the capacity and capabilities provided through technology and associated support resources.

It identifies the key aspect of commitments that relate to IT and a measurement of policies and procedures in relation to SharePoint administration.

The SLA is generally associated with a commitment to “uptime,” but it should, according to Beckett, be more than that and include a comprehensive outline of service commitments that include:

  • Provisioning: How new services are provisioned including how quickly new capacity can be added and when that capacity can be used.
  • Availability: What is the expected uptime, when will maintenance be carried out and what services may be impacted?
  • Security: What measures are in place to protect data and date security, and what policies are in place to provide data recovery?
  • Supported capabilities: What software capabilities are supported?
  • Supported customizations: What customizations are supported with specific customization scenarios in SharePoint Designer, or solutions deployed as sandboxed solutions?
  • Acceptable use: Any acceptable use policies related to how users are to use the system.
  • Compliance: What compliance standards are available and supported in your hybrid environments?
  • Support services: Define the channels of support available to users, methods of access, and service desk and support line hours of operation.

SharePoint Hybrids

Beckett concludes that while complicated to initiate, hybrid SharePoint environments are a practical way for organizations to transition to the benefits of cloud-based computing while mitigating the technical risks to their organizations.

Because of the way the cloud is developing and the way cloud service providers are developing increasingly mature offerings, it is unlikely that in the medium term, many enterprises will be able to jump to the cloud straight away.

In the intervening period, there will be hybrid environments that will compel organizations to maintain their on-premise deployments while moving data selectively.

There is a lot more in this paper that is well worth looking at for those that are either interested, or are forced to use hybrid SharePoint environments.