Cyber security is about data loss prevention, detection and response. Service delivery includes ensuring the protection and managing the integrity of content through its lifecycle. This is cross platform, and cross industry, so in relation to whether you are using SharePoint on / off premise, or SharePoint is at the centre of an estate of multiple technologies, cyber security concerns all of these. These requirements directly relate to a technology current and future state – according to Gartner (and covered in my last keynote):
- By 2016 Biometric sensors will be featured in 40% of smartphones shipped to end users.
- By 2017 one-third of consumers in emerging markets will have never owned a windows device.
- By 2018 more than 50% of users will use a tablet or smartphone first for all online activities.
- By 2020 40% of enterprises will specify Wi-Fi as the default connection for non-mobile devices.
With the match of evolving technologies related to the above points, such as Internet of Things (IOT), Content Analytics, Hybrid Cloud Computing, Big Data, In Memory Database Management and more about to become widespread; how to provide integrity, protection, and governance to data becomes more important. We all work with data, utilising physical and digital technology in our daily lives. We use countless methods to create and use data, and assume that the accessed data has security maintained. In providing measures, providers of secure access to data provide measures to ensure legitimate access. Consequences resulting from unauthorised access to data could include:
- Time, effort and monetary resources to correct.
- Damage, deletion and compromise.
- Damage to reputation.
From a global perspective there are security challenges in the ‘digital developed’ versus ‘digital developing’ world. For the developed world, users’ access information through a digital framework; internet services provisioned over high level Wi-Fi and 3G/4G networks. But, in the developing world, there some 950 million people still without the means to connect to these networks. Security provision is not a one-fits-all. Additional global challenges are ‘Freedom of Speech’, ‘Country A Trust Country B Trusts Country C’ and the ‘Political Will’.
From a company perspective, the primary objective is to ensure the management of security; enforcing breach policies and governance is vitally important to ensure their data integrity. The challenge is that the company workplace is changing, and so is the physical infrastructure. Whilst physical and digital technology has become increasingly sophisticated, like dongles, passwords, data encryption, the task is convincing staff – from senior manages to entry level employees that they need to become more security accountable, becomes harder due to their emotions about security and privacy.
From a personal perspective, security intertwines with privacy. Advances in technology threatens privacy, reducing the amount of control over data. Privacy affects technology use. The challenge is the space in which this takes place in the digital world, which is completely online through the use of the internet, which never corrects and never forgets.
In summary, humans adopt any cyber security imperative. Technology is neutral. This means work must be done in the governance, training, and management of data to protect integrity and at the same time provide detection and contingency against loss. Opportunities include:
- Proactive security reporting
- Automated content filtering
- Protection of content via search engines
- Child Protection, for example, Extremist content removal
- Security Automation – for example, E-mail Scanning
Compliance Importance
Service delivery includes the protection and the integrity of content created. Like security, compliance is cross platform, cross industry. It does not matter whether you are simply using SharePoint, or using multiple platforms to service content into SharePoint.
Compliance concerns:
- Monitoring, isolation, automated operations, secure network and encrypted data.
- Security best practice, and the customer controls.
- DPL, audit and retention, eDiscovery and Data spillage.
- Standards such as ISO 27001, FISMA, HIPAA BAA, EU Model Clauses, and the CSA.
Note – this article is geared to looking at SharePoint on-premise. Office 365 is pretty much covered on encryption technologies. There is a wealth of information concerning this and more the Microsoft Office 365 article on this link: Data Encryption Technologies in Office 365. Also, there is also a huge amount of information available in its Trust Centre. There is a specific section concerning compliance on this link: Continuous Compliance in Office 365
Encryption is a solution against Data Breaches
Data Breaches are not simply relegated to external infringement of data by those who should not have access. This is an ongoing problem, and regulators are ramping up audits and confirming standards to ensure companies are taking heed. Some data breaches can occur for any of the following reasons:
- Data copied and taken off premises
- Downloading information then emailing the data unprotected to external parties
- Saving content to a folder which is publicly available online
- Provisioning of production data in test or development systems
Protecting against data breaches therefore must consider the data at the location where it is saved. Encryption of the data is without doubt the highest level of protection the data can get to prevent that data being subject to a data breach. However, the human culture of how they handle security matters is also extremely important.
SharePoint Data Security
When data ends up in SharePoint, the content is stored in SQL (at rest), except in the case of RBS (Remote Blob Storage). The data in SQL is ‘unstructured’, meaning, that it is not ‘easy’ to simply dive in and set security on specific bits of data. The data is also ‘unknown’, meaning that it is not also ‘easy’ to identify what data relates to what area and in what context – and even if you could, securing that would be a difficult in the extreme.
SharePoint, ‘Out-Of-The-Box’, provides access controls only to protect the data based on the role of the user. These access controls include:
- Permissions access to the data
- Auditing controls, stamping of data, lock down.
However, there are data encryption components provided ‘Out of the Box’ for SharePoint. Data could be read in a number of ways (described below). And again, confusion reigns from people trying to get to grips with the options. Some people even confuse authentication with encryption. I have even heard a client state that surely provisioning SSL will provide encryption. That client had to be informed that SSL only secures the network connection to the link where the data can be accessed (that is, Data in Transit, NOT Data at Rest). It does not protect the data from being ‘read’ at its source. Anyone unsure of this should check out this article Do you need SSL?
Compounded is the challenge humans the culture they apply to security – it is not simply a ‘one hat fits all’. From people I have spoken to and worked with on this topic, it is generally stated that users are simply not taking enough security measures to protect the data. Yes, one could very easily apply role permissions to ensure that individuals cannot read, write, or even upload. Provision of auditing tools to alert individuals of unwanted access is possible. Locking down of data so that the data cannot be modified or downloaded is possible. However, those solutions is not on the same plain as the protection (encryption) of the data where it is stored. For example, if a disk holding data was subject to attack / access from those who should not be able to read the data at source, then surely that is an out of compliance and classed as security risk. Indeed, taking a SQL SharePoint content database off a disk, and then applying that content database into another web application in another farm is relatively easy. Even if that operation takes place unless under strict and controlled circumstances (note that in some cases a challenge to implement, especially when working with multiple technical teams like a separated team for SQL, Windows, SharePoint, etc.) the mere fact that the data is in a read-able form when transmitted could be still construed as a data compliance issue.
The solution is looking at the data within SQL; that requires ‘security hardening’ and encryption solve these challenges.
Implementing encryption for Data at Rest starring SQL
As pointed out, SharePoint data resides in SQL. That is the point where encryption should be brought into play. Microsoft recognised this way back with the implementation of SQL 2008 and provided two technologies to protect ‘data at rest’ meeting various compliance standards. Thankfully, the architecture is in place to provide, since SQL provides the ability to have the data encrypted, using the following technologies:
- EKM – Extensible Key Management
- TDE – Transparent Data Encryption
Details of these technologies are available here:
Understanding Transparent Data Encryption (TDE)
Switching on encryption is not just a ‘fire and forget’ action. A number of tasks must be completed beforehand in order to deliver the service:
- The environment must be modelled first; for example, identifying the number of users, size of documents, underlying infrastructure, specific technical roles and skill set.
- Disaster Recovery environment and enabled technologies. Check the infrastructure applied to the SharePoint farm concerning DR. Check whether RBS is in use which will impact on how encryption is to be applied – note that TDE does not apply to content in a file stream because that content is not encrypted in SQL so additional encryption methods would have to be applied.
- Key management – who is responsible for managing the key – is it the SharePoint team? The SQL team? The Security team?
- Advise your corporate security team including any stakeholders of the impact of encryption. There is a technical as well as business impact. The technical side is a degradation of overall performance. From investigations I’ve been advised this could be up to 2% overall. On the business side is an impact on support, particularly from SQL and Security, since they have an extra accountability to the management of the encryption. Note also, that you should test this thoroughly in a isolated test environment and against DR and run DR tests.
- Apply Encryption at Rest for SQL, and for this, TDE must be implemented. Remember, TDE is used to prevent the restoration or attachment of databases into another SQL instance. This means that a master key needs setup, the database requires configuration, and the encryption password (stored in the certificate) must be backed up. Then, all must be tested (i.e. backup, restore – which should fail – then restore again along with the key – which should work).
- Ensure connections to SQL are encrypted. This means protection from those attempting to use tools to get at the data. This means forcing encryption settings to enabled for the SQL server and applying the certificate.
- Prevent other machines accessing the SQL instance (i.e. attempting to connect a different farm, or a machine outside of the ‘allowed server authentication list’ to a SQL instance being protected), you would setup isolation rules by configuring the firewall on the relevant servers themselves.
Note – doing this by yourself in a company with multiple teams looking after the infrastructure is unwise. You should seek aid from your SQL teams, as well as advice from Server teams.
To get detailed information on how to technically deliver encryption for SQL as well as isolation, step by step, check out the excellent article on this link:
Securing SharePoint: Harden SQL Server in SharePoint Environments
Conclusion
A key aspect of Data Compliance is the protection of data. Companies use data compliance to protect data, provide policies, processes and systems, and this stretches to governments and individuals. This is cross platform, and cross technology.
In Sharepoint, in order to meet data compliancy challenges and provide solutions through service delivery, there must be understanding that there is encryption tools available to data where that data resides. Encryption is the keyword here, since through this article I have explained how data can be securely stored and protected from unwarranted access.
SQL provides encryption and key management tools so that the data becomes unreadable to anyone except those who should have access to that data, using key management to automatically convert data back to its original, readable form. There are additional opportunities available to harden the SQL platform so that there is isolation and authenticated access.
The implementation of encryption though, whilst relatively easy from a technical viewpoint, provides many challenges to overcome in implementation. Security awareness, and identifying shortfalls in the surrounding infrastructure is vital, along with the marrying up of the roadmap of SharePoint. Implementing future technologies down the line will have an impact on encryption, so ensuring that you continually review encryption usage and change management is necessary.
Merry Christmas Everyone!
As the seasonal period quickly approaches, the discussions concerning what happens to supporting SharePoint over the holiday either approaches, or has been covered, or even assumed. The Christmas period is of course where your SharePoint sponsors are more likely to show a little more concern than normal about how their SharePoint platforms are going to be monitored over the period.
So then, lets remind ourselves of the holiday period in question – basically, the days that will relate to anyone, is the week of Christmas starting from the 23rd through to the 28th. There are two days pretty much important to us guys in the UK over the seasonal period, especially in Scotland – Christmas Day and New Years day. Then there is Boxing day when it’s likely that you would be relaxing in front of the telly, or sledging, or skiing – using that day to wind down after the Christmas day madness. Then there’s the two days after boxing day, the 26th and the 27th, where relaxation, relief and playing with the various presents, and getting stuck in to food 🙂
So that means that over the period you are likely to do over those two days, probably a combination of one or more of the following not be in the Office, switch off the mobile, inform people you are not available?
So chances are, that on the days in question, you will be chilling out, and possibly even like me having a choice Mince pie, a Glass of port (or more – like Rum)…
But this is not about what you will be doing over those periods away from the office. It is about how you are going to support SharePoint, isn’t it?
First, let’s consider the available types of support:
- On Premise SharePoint Support / IT Support combined / Outsourced
- Off-Premise Office 365 Microsoft provisioned Support
- Third party product support
-
Throwing caution to the wind
My dad once said to me when I was a lot younger that in order for Santa Claus to know what present I would like, that I should write a letter, and throw it into the wind when it was blowing north, so that the letter would reach the north pole.
Of course, by doing that I eventually realized that the letter would not get there, unless my dad without me seeing ran like the clappers to retrieve the letter once I threw it out of the window.
Clearly, I was throwing caution to the wind, assuming things would happen – luckily for me, most of the times when I did throw that letter, things would work out – but only because there was a contingency – my dad, running like the clappers.
This relates in a way to the lack of responsibility those charged with SharePoint management judge the level of the support needed to ensure the availability of SharePoint services over an important period, like Christmas! There is not enough preparation carried out preceding the Christmas period by some organizations, to ensure that there is adequate coverage of SharePoint support. In some organizations, instead, there is a laissez faire approach, by simply throwing caution to the wind. Or, worse still, their IT support departments will not think to include SharePoint as system that should be monitored, and instead not including those with basic knowledge of SharePoint on the support desk.
Take this real scenario which happened a while back. Fictional company used though, however, if their now SharePoint support individuals are reading this article, they will definitely remember this event!
Five days leading up to Christmas day. Fabrikam has an IT Support department, and a number of individuals who are tasked solely with looking after SharePoint, called ‘SharePoint Admins’. These SharePoint Admins look after the platform solely, there are no monitoring systems in place except for the server monitoring systems (alarm bells ringing already – no pun intended). A member of IT Support asks what the SharePoint Administrators will be doing on Christmas day.
“We won’t be around, that’s for sure…” … “SharePoint looks after itself” – pipped the SharePoint Administrators. “We will just take a peek at midday to make sure all is well”.
IT Support reports this discussion to the IT Support Manager. The IT Support Manager waves his arm saying ‘that’s not a problem, we have IT Support people on the desk who know a little of SharePoint, nothing can really go wrong’.
Over the next 4 days, no more is mentioned as the company ‘winds down’. On the 23rd of December, the CEO puts a Christmas message to the communication team who then puts the message in an announcement list on the Fabrikam SharePoint Extranet.
Christmas Day. At 9.30am that day, the CEO of the company, with his family in the Seychelles, decides to show a friend the message that was put on the SharePoint Portal on the 23rd. When attempting to display the announcement, the web page displays an error. Concerned, he raises a call into IT Support. IT Support try to get hold of the SharePoint Administrator, who has switched off his mobile because he is at the top of the hill where he lives, sledging. The CEO asks whether there is anyone else who can help, but IT Support have no knowledge of anyone and neither do they have any other contact number for the SharePoint Administrator.
The SharePoint Administrator calls in at midday to find chaos. The CEO is fuming because he has no idea whether anyone saw the announcement, and even if they tried saw the error which was embarrassing. IT Support have stated to the CEO that they do not know how to fix the problem, which is embarrassing. And, guess what, the SharePoint Administrator, who fixes the issue in minutes finds that the rest of his day is spent building confidence with the CEO and IT Support – he is embarrassed.
That SharePoint Admin threw caution to the wind. And in doing so, assumed the following:
1: No one will care whether SharePoint is available or not
2: The SharePoint Admins does not care whether SharePoint is available or not
3: The SharePoint Admins assumed that the problem will ‘fix itself’
4: The SharePoint Admins assumed that they will eventually be told or will find out themselves that there is a problem, and that no one will moan when they do, or how long it takes to correct the problem.
5: That if a problem occurs where SharePoint is not available that there is no financial impact or otherwise
-
Preparing for Christmas
You must prepare your SharePoint environment to be supported over the Christmas period. This is just like preparing for Christmas itself. Doing things like putting up a Christmas tree, carefully putting up decorations without falling off ladders, writing Christmas cards, posting them, wrapping presents (carefully) without getting the sellotape stuck on the wrong part of the wrapping paper and making a mess. You put effort into doing all of that because you want to make others comfortable and yourself prepared. Therefore, there is no difference when it comes to SharePoint support.
There are a nine things you could put in place, so that you can ensure that SharePoint is supported over the Christmas period:
- Make it clear the days when there will be SharePoint cover over the period. When on holiday, for example, ensure that there are phone contacts and that is communicated to IT Support and your SharePoint sponsor.
- Ensure that the contact details have a backup. One number is not enough. Consider adding on the home phone number or the number of the place you will be staying / visiting on the key days. Reasons for this could be bad mobile coverage, or you could be travelling
- Ensure that there is a remote method of you accessing the SharePoint environment. Most organisations using on-premise SharePoint have a method whereby individuals can log in over the Internet using say a Citrix / VPN / Xen Desktop etc. connection.
- Ensure that a member of the IT Support team is aware of any resolutions that can be used for ‘possible issues’. For example, one issue could be that in order to quickly reset an application pool for a SharePoint site to go into IIS on a relevant server, etc.
- Ensure that there is a list of the infrastructure, and details of any specific login information.
- Based on point (3) above, try to log into the SharePoint environment at least once a day to quickly check the status of the environment.
- Ensure that relevant third party information concerning their levels of support is listed and the details made known to IT Support.
- Provision monitoring systems for IT support which includes the status of key services to the SharePoint platform (on-premise).
- Provision monitoring services which includes the status of services for Office 365 Tenants
-
On-Premise and Off-Premise Support are that different
At a very basic level, the provision of support for SharePoint over a Christmas could be divided two segments – the SharePoint ‘supporter’ – the associated services ‘supporter’.
For on-premise SharePoint, the levels of support are:
1: The SharePoint ‘supporter’. The person(s) responsible for managing the products provided in SharePoint services.
2: The Associated services ‘supporter’. The person(s) responsible for providing support for the infrastructure and associated services.
The interesting aspect of Off-Premise (e.g. Office 365) Support is that there is in effect, also two levels:
1: The SharePoint ‘supporter’. The person(s) responsible for managing the products provided in the Office 365 tenant – e.g. SharePoint Team Sites and relevant products in those sites.
2: The Associated services ‘supporter’. The person(s) responsible for providing support for the Office 365 tenant.
Both of these, on-premise and Office 365 have monitoring tools. Both have the priorities and service delivery of support defined to SLAs, which is communicated to the person responsible for managing the products provided. This information is then cascaded in an understandable form to the client.
There is a huge amount of monitoring tools available to on-premise SharePoint support (default and third party provisioned), which I will not go into (and there are a huge number of articles that describe them). SharePoint Online now has a good amount of services and tools for monitoring. The Office 365 Admin app for which allows those responsible for supporting Office 365 to connect to their organization’s Office 365 service status on the go. The app enables them to view service health information and maintenance status updates from their mobile device. You can also filter information by service subscriptions and configure app data refresh intervals.
To get the app, go here:
https://www.microsoft.com/en-us/store/apps/office-365-admin/9wzdncrdtbmj
Office 365 also has the Office Message Centre. The Message Centre is located in the Microsoft Online Portal. The Message Centre is the central hub for communicating with you about Office 365. And in there you will find the topics including those in the Admin Task Newsletter, messages on new feature releases, and other important information. The Office Message Centre also links with the Office365 Admin app, so you can have messages concerning the state of services sent direct to your mobile device.
More information about the Office Message Centre: http://blogs.office.com/b/office365tech/default.aspx
There are also methods of logging transactional data through code. Microsoft is releasing the Office 365 Management Activity API which allows visibility of all user and admin transactions within Office365 covering activity logs. These logs would include information like tenant, service, action, object, user location, IP Address and more.
More information about the Office 365 Management Activity API: https://blogs.office.com/2015/04/21/announcing-the-new-office-365-management-activity-api-for-security-and-compliance-monitoring/
Additionally, for those who have access to Microsoft System Centre Operations Manager, there are of course services available to monitor SharePoint on-premise, and to monitor Office 365. For those who have not done this before, or need to get further information, I wrote a blog ‘Office 365 Monitoring using System Centre Operations Manager’ located here:
http://blogs.msdn.com/b/mvpawardprogram/archive/2015/07/08/office365-monitoring-using-system-centre-operations-manager.aspx
-
Conclusion
I hope by reading this article you have understood the importance of providing adequate and understandable SharePoint support over the Christmas period. The ability for you as a SharePoint ‘supporter’ to be forewarned of issues so that at the very least clients can be informed is vital. For on-premise, the ability to be contacted, or the ability provided to IT support to be able to deal with common issues, provides a service which in the eyes of the SharePoint sponsor is ‘good’. So I do hope that you are able to take points from this article and apply them to your SharePoint support cover proposals….
I’d like to finish up by wishing you and yours a wonderful holiday season!
Look through the job advertisements for any online job site or computer journal for an indicator of what most organizations seems to regard as a key attribute of SharePoint support staff. The need, desire, and hunt for technical knowledge seems to jump out at you from the pages. I have seen advertisements for SharePoint members that reads like a list of SharePoint third party products and affiliated integrated Microsoft products. The closest match of the candidate to that list is the first step towards being interviewed.
Indeed, even Microsoft seems to lay great store by this. Microsoft provides a range of qualifications which can be pursued. These qualifications become a marketable commodity; a SharePoint support person whose technical competence is measured by a Microsoft endorsed certificate commands a higher salary and is in greater demand than one whose ability is not so endorsed. In fact, an entire market is already in operational to provide Microsoft recognised training courses, with a range of quality, pace and price to suit most pockets.
This makes me suspicious about the training courses just mentioned. Of course, they create some kind of measure of a support person’s technical knowledge, and that is a useful aid for an organisation seeking to employ a proven SharePoint support individual. However, a Microsoft certificate is rarely a true indicator of real knowledge. It is an indicator of the individual to get through the relevant training programme. Additionally, the knowledge learnt is transient. In six months, Microsoft will probably have another version of the relevant product. In two years, the product may well look and operate very differently to when the original course was taken. Nevertheless, the certificate will still be valid even if what it is being measured against is no longer valid.
With certification programmes, SharePoint software producing companies have nothing to lose, and so very much to gain. They can sell training courses, appoint recognised trainers. They can ride on the back of the hype the qualification brings in its wake. They can reduce their support burden by encouraging customers to pay to be able to do their own support.
Even so, organizations generally face issues in finding the right level of technical support for their products. SharePoint could be considered to be different in the mix of Microsoft products because SharePoint is a platform. That means more interaction from support level to the business, not just solving technical issues. The support the business is after from a SharePoint perspective goes beyond into the land of solving business challenges. Questions like the following are normal directed to SharePoint support:
- I need to provide a method of people to collaborate in a single location
- I need to store and manage my content
- I have trouble understanding how to do something
- Can you fix the issue I have
But what exactly makes up a great SharePoint support person. Is it simply technical? Definitely not. This article attempts to answer the fundamental questions concerning how to determine what constitutes a ‘super-duper’ SharePoint support person. To do that, I am going to break the article into seven points. Each point relates to an attribute that a SharePoint support member should have. I have also tried to keep this article version agnostic. I will not be going into any particular version of SharePoint, or product.
So, let’s kick off with a basic statement. SharePoint Service Delivery is about capability. The solution being provided to users must be capable of fulfilling their requirements. At the same time, the relevant solution needs to be supported by individuals who will be able to provide help and aid to those using the relevant solution. Therefore, it goes without saying that the skills of those who need to support users’ needs to go beyond just technical aspects of the solution being provided.
A 2013 Gartner report called “ITs Aspirations Require Addressing Current Realities” described a disturbing trend:
“CIOs have consistently reported a lack of skills as the single biggest factor limiting IT’s successes”.
The report goes on to say:
“One in four CIOs believe that the IT labor market is ‘working’.”
That can mean at least two things. First, that those being recruited to provide support are not skilled enough. Secondly, that the recruitment process in identifying the right person to provide support is not working. And, the key to organisations having the right people is based on their capability to provide support services.
In addition, the constantly changing face of technology as it expands and morphs will lead people to become continuously productive as explained in this article:
http://www.businessinsider.com/next-generation-of-tools-make-us-constantly-productive-2013-9
This will therefore impact on how support is provided, particularly for those products which are in the centre of collaborative tools. In order for SharePoint to be capable of providing a support service to the user base, the user base needs to be adequately supported. The environment in which SharePoint can be employed, for example, on-premise in an organization, off-premise through Office 365, and on any mobile device, being smartphone, tablet, etc. means that the environments in which SharePoint support could be employed is also varied:
- Telephone Call Centres. SharePoint support is provided in an environment where the call is likely to be solved over the telephone, or escalated to another tier in the support organization.
- SharePoint Support provided by the parent organization. Typically for on-premise, though for a hybrid support is provided by the same SharePoint Support provision.
- It Support provided by third party. An third party SharePoint support provision is on-contract to an organization to provide a level of support.
- Through an Internet Service Provider. The Internet Service Provider provides the platform and also the support required for users to collaborate within the platform provided. Generally, those users then provide, or are automatically ‘set’, to have administrators who provide a first level of support.
Irrespective of the environment (which may in fact be a combination of the above), SharePoint support persons require particular attributes to ensure that a SharePoint service can be effectively provided.
1: They can do multiple roles
As a member of SharePoint Support, part of the job is to support end users and troubleshoot various types of tasks. However, their tasks involve much more than simply resolving a problem. They must be able to listen to a user, gather information from that user, diagnose and resolve the problem (or escalate the problem to a senior technician or system administrator), and properly document the resolution of the problem in the manner dictated by company policy.
A SharePoint Support team member is expected to fulfil a number of roles in the support environment. A good SharePoint Support team member must possess both technical skills and non-technical skills, such as interpersonal skills that are necessary for building rapport with the user to better troubleshoot and resolve the user issues. Some of the primary roles of the SharePoint Support team member include:
- A public face for the company – in most cases, the only human point of contact
- A knowledgeable resource who is familiar with the product and able to perform hardware and software installation tasks and system monitoring and maintenance
- A source of information, because even if you do not know the answer, you know where to get the answer or to redirect the end user
- An effective communicator, because customers are not calling to be sociable – many of them are distressed or upset, and you will need to manage the interaction effectively
- A good trouble-shooter who is able to quickly diagnose the issue by performing specific tasks
2: They get back to basics
As stated in the section “1: Carry multiple roles”, a SharePoint support persons job is to provide end user support in a At a high level, the SharePoint support person should be prepared to perform the following tasks:
- Perform general troubleshooting of SharePoint and integrated applications and solutions that will be used with SharePoint
- Provide customer service, including listening to the customer, defining and solving the problem, and educating the user on how to avoid the problem in the future.
- Install, configure, and upgrade packages and solutions.
- Monitor and maintain the SharePoint platform
- Document calls and close them or escalate them as required by company policy and time limits set by Service Level Agreements (SLAs).
Note that whilst the above appear to be technical, the key is to support the customer. The mission statement simply means ‘Quickly Resolve the Problem’:
- If a SharePoint solution is unavailable, service restoration is the first priority
- Incidents, problems and known errors must be clearly distinguishable from one another
- Service levels are governed by an SLA
- Customer interact with the SharePoint support for the resolution of problems
- Electronic self-help does not make human representatives obsolete
Within IT Support, there would generally be a support model. This covers, problem, service management and IT helpdesk support. Without going into any detail concerning how the IT Support model operates, the key is to understand that it is the duty of any member of SharePoint support is to provide a service understood by their customer. Therefore, for every issue to be resolved SharePoint support persons must get back to basics with every customer (and non-customer).
Here is a scenario:
Fabrikam is a coffee research company with offices in London and New York. They have a SharePoint installation which is supported by a SharePoint dedicated team. Fabrikam, at the start of setting up the SharePoint support model was aware of the time difference, and elected to have SharePoint support provisions in both time zones, but managed by IT Support. All calls would be logged centrally so that all IT Support teams and SharePoint support teams could see the work being carried out in New York and London.
The above scenario is a simple reminder that in order to have adequate support you need to understand the working time zones of the users. There is little point of proving that all your users are supported if your SharePoint support team is asleep when customers using your SharePoint provision need support on the other side of the planet. However, the above example is general. Let’s take the example back to specifically why it is important that each member of your SharePoint support team takes things back to basics. I have a large lawn to mow at my house. I use a lawnmower provided by a company in my nearest town. That lawnmower always breaks down, and generally, it’s my fault. Either I hit a stone, try to cut grass that’s far too long that plugs up the grass scoop, and more besides. I am getting better at working with that lawnmower, and that’s because the guys who supplied the lawnmower, who seem to fix things faster than you can say ‘Jack Robertson’, will always pass on a good bit of information when it is fixed, will always ask ‘what was you doing before the problem started’, and will always give demonstrations of using parts of the lawnmower which I didn’t think existed.
So, why is that important? Well, imagine that you are new to SharePoint. You need to upload a document, but cannot remember how to do that. You call your SharePoint support member. The SharePoint support member responds with something like this:
‘You dolt. It is easy to upload that file. Just click the New Document link. Why bother me with that’ – mutter… mutter…
In terms of even a relationship with SharePoint support that response guarantees service delivery ‘epic fail’.
Good SharePoint support persons get back to basics. They ask what the user was trying to do. They give step by step information on how to upload documents. They inform the user that there are places where the user can go to get more information. They state alternatives to using the New Document link in a document library. They empathise with the user (more on that later).
This does not mean that when the user calls SharePoint support that they have to wait while SharePoint support scrolls through a list of possible solutions or navigates around a decision tree, especially if the payoff does not appear to come quickly.
The reason why it is so important to go back to basics, is simply not because you want to teach SharePoint 101 basic stuff to SharePoint people. It is because the comfort factor of those calling SharePoint support increases. If that increases, they become more confident. If they become more confident, they learn, and want to learn. If this is not done, you will start seeing users ‘switch off’ from using SharePoint support. Or even worse, they will inform other users not to contact SharePoint support and will use other methods of finding out how to do things. Or even worse than that, they will stop using SharePoint all together!
3: They turn customers into enthusiastic customers
Imagine you set up a SharePoint support service. You may find that many customer simply will not call that support service. Some will not call because they do not know about SharePoint support. Some may even complain about SharePoint when it does not do what they expect it to do, but they will not call because of their experiences with any other customer service, whether it is a airline, telephone company, car park fining, cinema ticket purchasing, etc.
A successful SharePoint support service has enthusiastic customers. There are so many ways in which SharePoint support team members can make customers enthusiastic customers. First, let me describe what it is that defines an enthusiastic customer.
Humans are forever needing to find easier ways to get things done. They love shortcuts. This is because at work humans are doing multiple things and making multiple decisions. And because they are doing multiple things, when they are shown how to increase the speed (and productivity) of certain things in their daily tasks, they will become more enthusiastic. This goes with any software application, or any business process they work in. The key however, is to not get technical, don’t use jargon. Speak in their language. Here is a scenario.
Scenario: Telling something to a customer that helps them associated to the problem at hand. User tries Search for the first time in SharePoint and whilst they understand how to use the interface, you ask how they carry out searches without using SharePoint. Customer states that they have used the Explorer to search for files using Windows 7. You state that by using the search option “Search in Windows Explorer” in Enterprise Search that the user is able to ‘connect’ Windows Explorer Search to SharePoint search.
The result is a customer who has learned something new, and passes this onto other customers.
4: They are prepared to take the blame
Scenario: Customer calls into SharePoint support stating that they were working on a document which they had ‘checked-out’ from SharePoint, then something happened on their computer forcing the application to crash, and now they could not re-open the document because it was already checked out. The customer tried various ways of attempting to open the document, but had given up and called SharePoint support. By the time they did, they were angry, frustrated, and even more frustrated when they found that they had to wait for over an hour before anyone called back.
The point here is that first SharePoint support takes the blame. Irrespective of the problem, whether the user is at fault, whether SharePoint is at fault, the key is not to identify who or what is at fault in the first instance. The key is to get the customer to calm down, and to understand that you are the face of SharePoint and that you will resolve the issue one way or another.
To relate to this, another scenario is where a customer, in a restaurant, states that the service provided has not been to their approval. The restaurant manager, instead of apologising and stating they will seek to address the issue, says the customer is wrong to state the service is at fault, and instead states that the customer should not have come to their restaurant in the first place. Clearly this is the wrong move, because the customer can then easily state to others that the service was bad and no one took any attention to sort out the problem.
5: They are prepared to say the things they don’t want to say
When someone complains, its easy to get caught up emotionally in the situation. This is particularly when the very thing you are supporting is the thing that the customer is complaining about.
Scenario. A customer calls stating that their document library displays an error every time they attempt to upload a document. The customer is quite frustrated and says that SharePoint is “rubbish”.
As a SharePoint support individual does not immediately become furious and state ‘How dare you say that?! I have never had a complaint from anyone else!’. Instead, they say ‘That’s terrible, please tell me what happened so I can make sure it never happens again’.
6: They create a career path
SharePoint support individuals will require technical abilities; however, that does not mean they come from a technical background. Organisations choosing SharePoint support individuals would be looking for the appropriate personal skills to deal with the users. That is because the users come first.
Training is another area to consider. Check out this article here: https://serviceautomation.online/articles-2/training/
There is something that I think all SharePoint support persons should be aware of. And it is a certification called MCDST. MCDST stands for Microsoft Certified Desktop Support Technician. I did this when I was running a IT Support department, and needed to ensure that all my technicians did that course and the exam. I also did the same course and exam.
For more information on MCDST, check out this link:
http://www.microsoft.com/es-es/learning/certification/mcdst.aspx#tab3
The reason why I did the course was twofold. Firstly, to understand the issues concerned with providing support for the current operating system. Secondly, to understand the implications of providing a service to end-users. And do not be deterred by the fact that the course covers operating systems. A key element of the course is understanding customer service and what it means to be in support.
7: They put themselves in the customers shoes
SharePoint support people understand their user expectation. This ‘expectation’ is rational, reviewable and realistic. Rational because support can understand how the user uses SharePoint, and therefore, is able to estimate the needs of their users with a degree of accuracy. For example, if the usage patterns of SharePoint appear to be heavy on a Thursday, but Friday is quiet – but Monday is difficult because that’s is when all the queries come in regarding any issues on Thursday, then SharePoint support can glean that carrying out maintenance on a Thursday, and testing on a Friday is best.
Conclusion
Relentless pursuit of technical acclaim distracts so much from the attributes we really want in our SharePoint support staff. If SharePoint support individuals only ever dealt with SharePoint technical issues and the servers SharePoint runs on, then technical ability is all we could ever reasonably ask of them. But they do not – they deal with people. This is particularly in the wake of support being provided through Office 365, where there is far less emphasis on technical ability on working with the SharePoint server side, but an increased awareness required on integrated products like Office, Exchange, Lync. Irrespective of the knowledge required to provide support, SharePoint support must be dedicated to maintaining continued, hour by hour productivity through user support. Therefore, what is needed is people and methods that increase or maintain user productivity. User productivity is not just an “I’ve got a bug in this SharePoint site” issue. It is a “Help me to know how I go about producing the output I need using SharePoint” issue. The first query requires technical ability. The second query requires technical knowledge coupled with an ability to convey that knowledge in terms the user can understand and believe in.
Therefore, to back up the 7 ways of identifying a super-duper SharePoint support person, there are the 7 attributes as follows:
- Patience – to be able to listen to a user describe a situation
- Thoroughness – to give the user confidence in their ability to solve the problem and to ensure that the job is done
- Enthusiasm – to enjoy the job and stay motivated
- Responsibility and Empathy – to be able to take on the burden of a task, and to be able to put oneself in the users position
- Technical knowledge – to have acquired the sort of knowledge the job requires
- Communicative ability – to be able to use language well enough to convey confidence
- Works well under pressure – to be able to remain positive
