Governance features (SharePoint Server 2010)
Applies to: SharePoint Server 2010
Microsoft SharePoint Server 2010 includes features that an organization can use to help govern a SharePoint Server 2010 IT service, an enterprise's information management, or an enterprise’s information architecture. Links to related articles can help you plan and use each feature.
Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how an organization's business divisions and IT teams cooperate to achieve business goals. For information, see Governance overview (SharePoint Server 2010).
The Sandbox Solution framework provides a mechanism for executing user-provided code outside of the IIS worker process. The Sandbox Solution framework should not be used as a mechanism for enforcing security boundaries when executing user code. Sandbox Solutions are not supported as a security boundary with user code, especially code of unknown origin. We advise against executing Sandbox Solutions of unknown origins.
In this article:
Managing SharePoint installation in an enterprise
IT service features
Information architecture features
Managing SharePoint installation in an enterprise
Because SharePoint deployments are managed at the farm level, a single SharePoint deployment has no information about other SharePoint deployments that might exist in the same enterprise. Administrators need this information to manage and control all deployments in the enterprise. For example, administrators need to know whether a deployment was configured according to organizational requirements, or how many unauthorized deployments exist in the enterprise. Microsoft SharePoint 2010 Products provides the following ways to lock down, track, and even block random installations of SharePoint Server
The following Group Policy object disables the installation of SharePoint Server and related products:
HKLM\Software\Policies\Microsoft\Shared Tools\Web Server Extensions\14.0\ SharePoint\DWORD DisableInstall
To block installation, set DWORD DisableInstall=00000001.
When this registry key is set, users who try to install SharePoint Server receive the following error message: SharePoint installation is blocked in your organization. Please contact your network administrator for more details.
An Active Directory Domain Services (AD DS) Marker identifies the SharePoint servers in an organization. By default, the marker contains the URL for the topology service application.
For more information about setting the group policy object and the AD DS marker, see Track or block SharePoint Server 2010 installations.
IT service features
A SharePoint service is an IT service that offers hosted sites and portals based on SharePoint Server. An IT service can include the following components:
Sites and portals at a scope, such as site collection, Web application, or server farm
Backup and restoration
Support for customizations
Services levels that are based on speed or availability
This section describes features in SharePoint Server 2010 that are useful in maintaining and governing a SharePoint Server service.
Site templates are a set of customizations that are applied to a site definition. By using a site template, a SharePoint Server service can promote consistent branding, site structure, and layout in the sites that users create. You can create customized site templates for provisioning sites and use them instead of the templates that are included in SharePoint Server as part of a SharePoint Server service.
A quota specifies limits to the amount of storage that a site collection can use. This process prevents users from adding content when the limit is reached. For more information, see Plan quota management (SharePoint Server 2010).
Locks prevent users from either adding content to a site collection or using the site collection. For example, you can lock a site that violates a usage policy or exceeds a quota. For more information, see Lock or unlock site collections (SharePoint Server 2010).
Workflows are programs that implement business processes for users of a SharePoint Server site. They are associated with items in the site, such as documents, forms, or list items. Workflows have many applications as part of an IT service. For example, you can use a workflow to provision a new site, track a support issue, or take action when a site collection's quota is exceeded. For more information, see Plan workflows (SharePoint Server 2010).
A feature, which is a container for various defined extensions for SharePoint Server 2010 and SharePoint Foundation 2010, is composed of a set of XML files that are deployed to Web servers. You can deploy a feature as a part of a site definition or a solution package, and you can individually activate a feature.
A site administrator can transform a SharePoint site's functionality by toggling a feature on or off in the user interface. Features make it easier to activate or deactivate functionality in the course of a deployment, and help administrators to easily transform the template or definition of a site. Features can be hidden, which prevents site users from manually deactivating them.
When you implement new site functionality as features, you make it easier for administrators to control sites and enforce a governance plan. A technique named feature stapling enables you to attach a feature to all new instances of sites that use a given site definition without modifying the site definition. This lets you control the features that users of your service can access. For more information, see Using Features(http://go.microsoft.com/fwlink/p/?LinkID=183450.
Self-service site creation
You can enable users to create their own site collections by using the Self-Service Site Creation feature. A key decision in governing self-service site creation is to determine the level of service that supports self-service site creation. By default, this permission is enabled in SharePoint Server 2010 for all authenticated users.
For more information, see Turn on or turn off self-service site creation (SharePoint Server 2010).
Web application permissions and policies
Permissions for a Web application are comprehensive settings that apply to all users and groups for all site collections within a Web application. You can control user actions by enabling or disabling the associated permission on the Web application. For example, if you do not want users to be able to add pages to a Web site, you can disable the Add and Customize Pages permission that is one of the site-related permissions. After you disable a specific permission for a Web application, the permission cannot be granted to any user of a site on the Web application. You can control access to a specific URL or zone. You can also specify the level of access that you want for anonymous users. For more information, see Manage permissions for a Web application (SharePoint Server 2010).
Permission policies provide a centralized way to configure and manage a set of permissions that applies to only a subset of users or groups in a Web application. For example, you might want to create a permission policy level for users of a site collection who will be allowed to add items to a list, edit items in a list, delete items from a list, open a list, view items, view lists, or view pages. However, you might want to prevent the same users from creating or deleting lists, which would require the Manage Lists permission. For more information, see Manage permission policies for a Web application (SharePoint Server 2010).
You can manage how Microsoft SharePoint Designer 2010 is used in an organization at either the Web application level or the site collection level. You can control the following types of access to SharePoint Designer 2010:
Enable or disable SharePoint Designer 2010 use for an entire application or site collection.
If you want to ensure that all designers and owners within a specific site collection can use SharePoint Designer 2010, enable this setting at the site collection level.
Enable or disable the ability to detach pages from the site definition.
If you want to preserve the branding for all sites in a site collection, you should not allow users to make changes that would result in detaching the page from the site definition.
Enable or disable master pages and page layouts in SharePoint Designer 2010.
If you do not want users to see the master pages and page layouts for a site, you should disable this setting.
Enable or disable the site URL structure and its contents.
If you do not want users to view and edit any file on the site, you should disable this setting.
A sandbox is a restricted execution environment that enables programs to access only certain resources, and that keeps problems that occur in the sandbox from affecting the rest of the server environment. Solutions that you deploy in a sandbox are called sandboxed solutions. Code Access Security (CAS) limits the operations that these solutions can perform.
A member of the Farm Administrators group must implement the sandboxed environment before any sandboxed solutions can be uploaded. Site collection administrators can upload and activate sandboxed solutions. If the solution does not contain an assembly, a user who has full control at the root of the site collection can also activate the solution.
You can increase isolation by using remote load balancing and by running the sandboxing service on only specific servers. In a production environment, we recommend that you use remote load balancing and dedicate a separate server to running sandboxed solutions. Only members of the Farm Administrators group can block sandboxed solutions, configure load balancing, and reset exceeded quotas.
For more information, see Plan sandboxed solutions (SharePoint Server 2010).
Site collection auto-deletion
Automatic deletion helps to control the number of unused Web sites on a server without requiring any administrative intervention and without any backup mechanism. By default, site confirmation is automatically enabled. Automatic site deletion can be set at the server and server farm level or at the Web application level.
Policies for user profiles and My Sites
Policies are sets of rules that administrators of the User Profile service assign to users or groups. These rules enable administrators to specify user profile properties that control both the site content that users can see and how users can interact with that content.
By default, most user profile properties are visible to everyone, but sensitive information can be configured to have limited visibility. Policies that are less restrictive allow more users to view public profiles more frequently, which affects how often you must update user profiles and compile audiences. In organizations that have many users, frequent updating could affect performance and capacity planning. For more information, see About property policies in the "Plan user profiles" article.
By default, all authenticated users can create a My Site. We recommend that you use security groups to manage permissions for My Sites. My Sites features store or use personally identifiable information. Before you deploy My Sites, make sure that you have planned how to control the behavior of these features — or turn off the features — to help protect the security of this information.
By default, all authenticated users can add ratings and social tags to documents, to other SharePoint Server items, and to other items, such as external Web pages and blog posts. Users can also leave impromptu notes on profile pages of a My Site or any SharePoint Server page. You can use one or more security groups to grant the Use Social Features permission to a subset of users in an organization.
By default, all authenticated users can edit their profiles, add or edit colleagues, and add or edit memberships. You can use one or more security groups to grant the User Personal Features permission to a subset of users in an organization.
Although e-mail analysis can be enabled for all users in Outlook or just for specific groups by using group policy, users can opt out of this feature. If e-mail analysis is disabled for all users, individual users can still opt in.
Information management in SharePoint Server 2010 comprises organizing, retrieving, acquiring, and maintaining information.
This section describes SharePoint Server 2010 features that are useful for managing documents, records, and digital assets, and for planning eDiscovery.
Document management controls the lifecycle of documents in an organization — how they are created, reviewed, and published, and how they are ultimately disposed of or retained. It includes policies that implement auditing, document retention, labeling, and barcodes (to ensure that printed content can be correlated with corresponding electronic versions). Policies can be implemented to help an organization comply with legally mandated requirements, such as the need to retain records. For more information, see Information management policy planning (SharePoint Server 2010).
An organization that uses the Microsoft Office system client applications and SharePoint Server 2010 can enforce policies both on the server and in the client applications.
The content approval process gives site members who have approver permissions control of the publication of content. An owner of a document library can enable content approval for a document library or Web pages library and can optionally associate a workflow with the library to run the approval process.
Use content approval to formalize and control the process of making content available to an audience. For example, an enterprise that publishes content might require a legal review and approval before publishing the content.
For more information, see Versioning, content approval, and check-out planning (SharePoint Server 2010).
Versioning is the method by which successive iterations of a document are numbered and saved in SharePoint Server. As a governance tool, versioning prevents users with read permissions from viewing drafts of documents.
For more information, see Versioning, content approval, and check-out planning (SharePoint Server 2010).
Records management is the process by which an organization determines the types of information that should be considered records, how records should be managed while they are active, and for how long each type of record should be retained. Records management includes the performance of records-related tasks such as disposing of expired records, or locating and protecting records that are related to external events such as lawsuits.
Records management enables you to do the following:
Use a records archive to manage records or manage records in-place.
Create workflows to move documents to a records archive.
Determine whether you will manage e-mail within SharePoint Server or within an e-mail application.
Determine how to translate social content such as blogs, wikis, or My Sites into records.
For more information, see Records management planning (SharePoint Server 2010).
Digital asset library
The digital asset library feature in SharePoint Server 2010 provides a specialized repository for storing and managing digital assets, for example, images, audio files, or video files. A centralized repository for managing digital assets enables an organization to exert tighter control over brand-sensitive content, and helps to ensure that only approved assets for products are made available to the appropriate users. For more information, see Versioning, content approval, and check-out planning (SharePoint Server 2010).
Electronic discovery, or eDiscovery, is the process of locating and producing electronic information to support events such as litigation, audits, or investigations. If you use Microsoft SharePoint Server 2010 to manage any electronic information, you should consider eDiscovery when you plan your SharePoint Server solution. Auditing, expiration policies, and search considerations should be part of your planning process, which should be completed before the need to use eDiscovery arises.
We recommend that you enable the auditing policy in all site collections that contain active document libraries. You should also consider implementing an expiration policy to delete documents automatically when they are no longer needed. For more information, see Planning for eDiscovery (SharePoint Server 2010).
Information management policies
An information management policy is a set of rules for a type of content, or for a location where content is stored. Each rule in a policy is a policy feature. For example, an information management policy feature could specify how long a type of content should be retained, or it could provide document auditing. Information management policies enable you to control who can access organizational information, what they can do with it, and how long the information should be retained. You can associate a policy with a list, document library, or content type.
When you configure an information management policy, you can optionally write a policy statement that is displayed in Microsoft Office 2010 client programs to inform document authors about the policies that are enforced on a document. This is a recommended best practice.
SharePoint Server 2010 includes the following information management policy features:
The Auditing policy feature logs events and operations that are performed on documents and list items. You can configure Auditing to log events such as editing documents, viewing them, or changing a document's permissions level.
The Expiration policy feature helps dispose of content in a consistent way that can be tracked and managed. For example, the policy can delete a document, or define a workflow task to have SharePoint Server route the document for permission to destroy it.
The Labeling policy feature specifies a label to associate with a type of document or list item. Labels are searchable text areas that SharePoint Server generates based on metadata properties and formatting that you specify.
The Barcode policy feature enables you to track a physical copy of a document. You create a unique identifier value for a document and then insert a barcode image of that value in the document. By default, barcodes are compliant with the common Code 39 standard (ANSI/AIM BC1-1995, Code 39), and you can use the object model of the policies to plug in other barcode providers.
Information management policy reports help you monitor how consistently your organization uses policies. Because information management policies are often implemented to help an organization comply with regulations, frequent monitoring of policy usage can help you ensure that an organization is compliant. For more general information about information management policies, see Information management policy planning (SharePoint Server 2010).
Information architecture features
Information architecture in SharePoint Server 2010 is the organization of information in an enterprise — its documents, lists, Web sites, and Web pages — to maximize the information's usability and manageability.
A portal Web site's information architecture determines how the information in that site — its subsites, Web pages, documents, lists, and data — is organized and presented. An enterprise can increase the return on its portal investment by creating a governance body that develops and enforces information architecture standards and policies. A well-governed architecture makes information in the enterprise easy to find, share, and use.
This section describes SharePoint Server 2010 features that govern the usage of an enterprise's information architecture.
Content types enable enterprises to organize, manage, and handle content in a consistent way. They define the attributes of a type of list item, document, or folder. Each content type can specify metadata properties to associate with items of its type, available workflows, templates, and information management policies. Use content types to encourage consistent information management policies, metadata requirements, and other policies. To govern content types, consider associating event receivers and workflows with the forms that are used to modify the content types.
For more information, see Content type and workflow planning (SharePoint Server 2010).
Site Content and Structure page
The Site Content and Structure page in the top-level site of a site collection manages the content and structure of a SharePoint site collection. Because site navigation in SharePoint Server is based by default on the hierarchy of sites and subsites, this feature can also be used to configure site navigation. When porting a Web site to SharePoint Server 2010, you can use the Site Content and Structure page to restructure the site to match your enterprise's needs.
Information rights management
Information Rights Management (IRM) enables content creators to control and protect their documents. The contents of documents that use IRM are encrypted and supplied with an issuance license that imposes restrictions on users.
SharePoint Server 2010 supports IRM for documents that are stored in document libraries. File formats of documents that can use IRM in SharePoint Server 2010 include the following:
Word Open XML
Excel Open XML
PowerPoint Open XML
To add other file types, an administrator must install protectors — programs that control the encryption and decryption of documents that use rights management — for each new type of file.
Blocked file types
You can restrict files from being uploaded or downloaded to a server by basing the restriction on their file name extension. For example, you can block files that have the .exe extension, because such files can be run on a client computer and may contain malicious software.
By default, many file types are blocked, including file types treated as executable by Windows Explorer. For a complete list of the default blocked file types, see Manage blocked file types (SharePoint Server 2010).
Web content management (publishing sites)
In most content deployment scenarios, the source site collection, from which content is being deployed, is in a server farm that is separate from the destination site collection. Typically, the destination server farm (the "production" farm) has stricter security to minimize the actions that can be performed in the production environment. It is not expected that authoring will be done on the production server, because changes to content on the production server might be overwritten by a content deployment job. In most content deployment scenarios, the source server farm and the production server farm are in independent AD DS domains. For information about content deployment topologies, see Design content deployment topology (SharePoint Server 2010).
Content deployment is a one-way process: content is deployed from a source site collection to a destination site collection. The content deployment feature does not support synchronization from source to destination and back again. Creating new content or changing existing content on the destination site collection can cause content deployment jobs to fail. Because of this, you should consider restricting permissions on the destination site collection so that users cannot make changes directly to content that is stored within that site collection.
Permissions to content on the destination server farm will usually differ from permissions to content on the source server farm. In many publishing solutions, the destination server farm authenticates users by using a different AD DS domain than the one used in an authoring or staging environment, and there might not be a trust relationship between the two domains. For more information, see Content deployment overview (SharePoint Server 2010).
Taxonomy and managed metadata
Managed metadata is a hierarchical collection of centrally managed terms that you can define and then use as attributes for items in Microsoft SharePoint Server 2010. A user's role determines how the user can work with managed metadata.
Users can see only global term sets and term sets that are local to the user's site collection. Local term sets are created within the context of a site collection. Global term sets are created outside the context of a site collection. If there are term sets that some users should be unable to view, assign these term sets to separate groups. For more information, see Plan to share terminology and content types (SharePoint Server 2010).
An organization’s governance policies can affect how you design managed metadata services and connections. For example, a formal process for managing terms and term sets will affect how you set connection parameters. If every document that is created must have a certain set of attributes, you will probably want to have a content type hub in at least one service. Familiarize yourself with an organization’s governance plan before you determine the managed metadata services and connections. For more information, see Managed metadata service application overview (SharePoint Server 2010).