SharePoint Gone Wild: When Governance Lacks Appropriateness

Post Date: 01/16/2012
feature image
In my last post on when governance lacks quality, I discussed why content quality is important and why the lack thereof can bring many negative issues to an organization. Today’s topic, content appropriateness, also introduces challenges – in my discussions with our customers, I hear the same key problems over and over: User profile photos – the number one issue I hear about is when organizations leverage user profiles and enable users to upload photos themselves. Due to the fact that there is no approval process, you end up with people re-using their Facebook and Twitter profile pictures, some of which are not appropriate for work. Some employees simply do not understand the difference between a public social network and an internal work-based social network. User profile properties – along the same lines as photos, often user profile properties are misused. This usually boils down to organizations not being mature enough to integrate line-of-business systems to obtain the data and allow users to update it themselves. The most common issue here I see is “Job Title” being an open-text field and people getting very creative with it. Sorry, but I doubt “World Conqueror” is your job title. This leads to users not trusting information on profiles, and subsequently, slow adoption of social technology. My Site uploads – another social media challenge that often doesn’t get the focus it deserves is around enabling personal My Sites, which gives each user its own site collection. Often, the quotas have not been discussed with the governance committee and no guidelines have been written. Users think this is much like their personal share drives and store content within Microsoft® SharePoint®2010 that shouldn’t be there due to the costs of storing data in SharePoint (and therefore Microsoft® SQL Server® databases) compared to file shares. Personal music collections, photo galleries, etc. are often very common examples of inappropriate content for a My Site. Incorrect uploads – along the same lines as uploading inappropriate content into My Sites, the other common issue is uploading content that shouldn’t be in SharePoint. Typically, this happens where there is verbal agreement on when certain content should be stored in another system outside of SharePoint, but poorly communicated and not enforced. This typically is when a certain document type, such as financial data, should be uploaded into a records management system like EMC Documentum rather than stored in SharePoint. Often this adds confusion for users and also annoys other departments who own these third-party systems. Incorrect managed metadata terms – you will have noticed in SharePoint 2010 the two buttons in the top right of the ribbon on every page. The first main one you’ll notice is the Tags & Notes, once clicked it opens up a My Tags dialog window. This allows users to add their own tags – in a folksonomy approach – to the item. There is no approval process for users creating new tags, which leads to a lot of duplication of terms similar in nature as well as the addition of inappropriate terms. Social note board comments – the second tab in the Tags & Notes dialog window allows users to add a comment to a note board for that particular page or any list item. There is no approval process for these comments and no real way of notifying users that there are new comments. This leads to a common issue where people add comments to documents that may offend people’s efforts on their own content. Our customers have come up with ways of leveraging SharePoint out of the box to try and mitigate this. Five of these include: File type blocking at web application level – this functionality, only available with SharePoint 2010 on-premise, allows you to block particular files from being uploaded into SharePoint altogether. It will mean if you have special cases where that file type is allowed, your information architecture will get a little complicated and have that site isolated in its own web application. Disabling folksonomy – there is functionality in SharePoint to prevent users from being able to create their own tags and only use tags that already exist in the term store, which acts as a taxonomy. This does require resources to come up with the taxonomy in the first place – it simply disallows users to create their own taxonomy. Disabling user profile property changes – SharePoint allows you to control whether or not users can directly change each individual user profile property. Out of the box there are quite a few open properties, so it is worth adding as part of your governance discussions what should be allowed to be changed. Disabling user profile photo uploads – the user profile photo is a user profile property, but of type image. You can prevent this from being modified. Customers we talk to have built custom applications that are managed by the back office team, for example the security department who print the smart cards with the photo of the employee on it will put the same photo into the user profile for that user. Tags & Notes – if companies are really uncomfortable with social note board and tags, the button can be removed from the ribbon in the user interface by modifying the master page. Often what I have found with customers is they want tags but not the note board, and this is not easily achievable as it is in the same dialog window. The social aspect of SharePoint definitely raises the biggest concerns around inappropriate content, but it is important to remember that any content in list or libraries should also be monitored and constrained within the acceptable criteria previously established by the organization. In my next post, I’ll share some head-scratching stories around the next business driver for governance, restrictions, next week. ​

Subscribe to our blog