We sat down with three of our Microsoft MVPs Tobias Zimmergren, Erwin van Hunen, and Waldek Mastykarz to talk SharePoint. What followed was an intriguing conversation which formed the basis for this MVP blog series special. In this weeks installment, Tobias, Waldek and Erwin talk about consistently maintaining SharePoint applications.
Blog posts in this series:
- MVP Take: Deprecating features in SharePoint – are you prepared?
- MVP Take: How do organizations use and extend SharePoint?
- MVP Take: What are the consequences of extending SharePoint?
- MVP Take: Govern, manage and mitigate SharePoint application risks
- MVP Take: Where are your SharePoint applications?
- MVP Take: How do you consistently maintain SharePoint applications (this article)
Tobias Zimmergren is a 10 year Microsoft MVP and works as product Owner at Rencore. He plans, architects and develops software and distributed cloud systems.
Tobias: “Upgrade blockers like we talked about before are not particularly new in SharePoint, but our market research efforts have discovered potential security issues when extending SharePoint with applications. Through discussions with organizations, we found that there’s a lot of things happening outside the knowledge of IT and that’s not always bad, but sometimes, there is non-compliance to the organization standard. For example, libraries are being used that are not supported internally by the organization.
So, many organizations do not allow third-party libraries and there are usually policies within organizations about how you handle data. Now, even more so with the new GDPR, we have new risks.
Waldek Mastykarz is a 10 year Microsoft Office Development MVP and Product Owner at Rencore. He reinforces our product development and is also a member of the SharePoint PnP Core Team.
Waldek: “Yes, that’s a problem. It makes sense that as company you say: “we want to do everything in react and not in angular because of the employee skill-set”. It takes time and effort to educate people to do things either in angular and/or react.
So, if you choose one, you don’t want to do the other because if that person who builds a particular solution goes away, you have to maintain something that you don’t know the workings of. The skill set of the team must be considered.”
Erwin van Hunen is a 5 year Microsoft MVP, Microsoft Certified Master, and Microsoft Certified Solutions Master and works at Rencore. He is currently a Rencore product Owner and a core member of the SharePoint Patterns and Practices (PnP) team.
Erwin: “Good point! there are other components in play now that make applications more complex to maintain, especially external components in the cloud. I mean, the risk of running applications and not knowing what they’re doing.
In the old school SharePoint world, those risks existed too, but maybe they were not taken so seriously at the time because your service might not have been able to communicate with the outside world – not to mention firewalls, but in the cloud, it’s the internet. So, the risks haven’t changed but the focus has. and I think that’s a good thing.
Coming back to what was mentioned before, it might be tedious to generate a plan, but you have to keep telling yourself – your business is depending on App Security. You need to control applications and if the business is failing because you are not taking control, can you forgive yourself? You really want to keep track and take every governance and security protocol you can to minimize risk.”