MVP Take: Govern, manage and mitigate SharePoint application risks

3 min read
Blog header Image

We sat down with three of our Microsoft MVPs Tobias Zimmergren, Erwin van Hunen, and Waldek Mastykarz to talk SharePoint. What followed was an intriguing conversation which formed the basis for this MVP blog series special. In this weeks installment, Tobias and Waldek talk about governing, managing and mitigating SharePoint application risks.

Blog posts in this series:

Tobias Zimmergren is a 10 year Microsoft MVP and works as product Owner at Rencore. He plans, architects and develops software and distributed cloud systems.

Tobias: “You can mitigate SharePoint application risk in various ways, and a good application governance plan is really important and should consist of the following:

  • An inventory of how and where all applications are being used
  • How applications are being linked
  • An analysis of the contents of every single application
  • A tight grip on general practice

You should plan how you implement applications, train users, power users and citizen developers. I recently had a discussion with someone in the community about citizen development and the summary, after pointing out both advantages and disadvantages, was that citizen development isn’t a bad thing – it’s a very good thing because it can help you increase the return of investment (ROI) from your SharePoint. But a lot of time, you don’t know what’s being modified, what’s being changed, what scripts and third-party libraries are being used. This is where the risk comes in but being aware and mitigating these risks is the key to extending SharePoint safely.

So, your plan for mitigation should be the following:

  • Discover what is in your SharePoint environment
  • Plan for application governance
  • Plan for training

We have talked about our training – 15 years is a very long time. As a consultant, every day is training. It’s very important to understand the risk but also the possibilities you have going forward and extending SharePoint effectively and securely.”

Guiding hands will help you deploy SharePoint solutions to production safely.

Free Risk Assessment

Waldek Mastykarz is a 10 year Microsoft Office Development MVP and Product Owner at Rencore. He reinforces our product development and is also a member of the SharePoint PnP Core Team

Waldek: ” So, to summarize, you would train users to become more aware of the things that they are about to change so they can make a correct judgement on what to change – not just how to make a change.”

Tobias: “Yes. I would never say avoid extending SharePoint or don’t be a citizen developer. Most organizations are benefiting a lot from having people outside of IT who can quickly go in and change a list or add a web part. It needs to be this way because one of the great things about SharePoint is the extendable capabilities. It’s important to understand the consequences of a poorly governed SharePoint environment where users fail to comply with industry standards.”

Free Risk Assessment

Rencore’s Risk Assessment will help you discover application activity in your SharePoint environment and highlight the requirement’s needed for application longevity. Furthermore, it detects real production security issues and builds a risk report based on your data. Learn about quick wins for application security, governance and mitigation when extending SharePoint. Try our Risk Assessment for free today.

Free Risk Assessment

Lee Sellen

Lee is the Senior Digital Marketing Manager at Rencore. He writes about a broad array of topics ranging from corporate, solution and product news to high-level SharePoint and Office 365 governance, modernization and risk topics. Lee is in charge of Rencore's research and reports unit aiming to gain new insights into how users work with SharePoint and Office 365. A passionate writer in all areas, he also covers Rencore events, webinars and other online activities.