Presented at SharePointFest Seattle 2019 by Microsoft RD + MVP Christian Buckley (@buckleyplanet) and Sr. Product Manager at Microsoft, Mark Kashman (@mkashman). There are many solutions that allow for collaboration with customers, partners, and virtual teams that stretch inside and outside of your organization, but which tools work the best in different scenarios? In this session geared toward end users, we'll discuss how the latest Office 365 tools and solutions can be leveraged for different extranet scenarios, and help you to decide which of them best fit your specific needs. Solutions to be discussed include SharePoint, Teams, Yammer, OneDrive, Stream, and more.

1. Options for Building
a Modern Extranet
Christian Buckley
& Mark Kashman

2. Christian Buckley
Microsoft RD & MVP
CollabTalk LLC
@buckleyplanet
Mark Kashman
Sr. Product Manager
Microsoft
@mkashman

4. Take the Survey!
External Sharing Survey for #SPFestSea

5. Why share?

7. http://observer.com/2015/08/the-no-1-predictor-of-career-success-according-to-network-science/

8. http://observer.com/2015/08/the-no-1-predictor-of-career-success-according-to-network-science/

9. http://observer.com/2015/08/the-no-1-predictor-of-career-success-according-to-network-science/

10. A key insight from network science is the power of brokering,
the act of moving information from one group to another.
Network “brokers” make “sticky” information more fluid by
connecting to multiple networks and sharing information
across information silos and other networking barriers.
Network brokers (i.e. – connectors) have three advantages:
 Breadth. They pull their information from diverse clusters.
 Timing. While they may not be the first to hear information,
they are first to introduce information to another cluster.
 Translation. They develop skills in translating one group’s
knowledge into another’s insight.
Combined, these three advantages give an individual an
overall vision advantage to see, create, and take advantage of
opportunities.
Why Being the Most Connected is a Vanity Metric, Forbes

12. Why do I need
an extranet?
 Exchange large volumes of data
 Share product catalogs exclusively with
wholesalers or those "in the trade"
 Collaborate with other companies on joint
development efforts
 Jointly develop and use training programs
with other companies
 Provide or access services provided by
one company to a group of other
companies, such as an online banking
application managed by one company on
behalf of affiliated banks
 Share news of common interest
exclusively with partner companies

13. Networking
is a Human
Behavior

14. Sharing Drives
Productivity
 Social interaction adds context and adds
metadata to your content
 Metadata drives search, content and task
aggregation, and enables many of the new AI
and machine learning-based features within
Microsoft 365
 All of these interactions expand intelligence
through the Microsoft Graph
 …which enhances discovery
 Productivity improves human interaction with
our systems and data, and provides that
“social fabric” to help our technology better
fit within our team and corporate culture
 More productivity = more IP creation

15. Industry
Example:
Healthcare
 For healthcare organizations, providing a
seamless environment to departments,
providers, manufacturers, and external
agencies is essential.
 A great case study is the Canadian Agency for
Drugs and Technologies in Health, an
independent, not-for-profit organization
providing decision-makers with objective
evidence, analysis, and recommendations to
help them make informed decisions about the
optimal use of drugs and medical devices.
 As with most healthcare organizations, CADTH
utilized a shared IT organization, so centralized
governance and administration is essential.
CADTH was regularly creating collaborative
workspaces as new organizations fell
underneath their umbrella, but needed an
extranet solution that would allow for user
delegation, centralized governance, and secure
authority from multiple sites.

16. Industry
Example:
Construction
& Engineering
 For construction and engineering organizations,
it is important to efficiently manage their
collaboration efforts with sub-contractors,
associations, government bodies, and clients.
 An example in the construction and
engineering sector is Associated Engineering,
an award-winning consulting firm providing
services in planning, engineering,
environmental science, and asset
management. With more than 900 staff across
21 locations in Canada, Associated Engineering
needed a secure and manageable solution for
collaborating and communicating with clients,
contractors, agencies, and other external
organizations, with some multi-year projects
including hundreds of participants.
 Leveraging Microsoft's Azure AD B2B solution
and 3rd party tools, Associated Engineering
was able to deploy a flexible and automated
solution that provided a customized invitation
process for external partners, auto-provisioning
of Azure AD, and delegation of management to
business owners.

17. Industry
Example:
Non-Profits
 For non-profits or registered charities, reducing
the costs of infrastructure hosting and ongoing
operational costs is key, while also allowing the
organization to quickly scale to add thousands
of users, sponsors, and partners to their
extranets.
 An example is OntarioMD, a government-
funded not-for-profit organization responsible
for driving adoption of Electronic Medical
Record systems by 14000 physicians in the
province of Ontario. OntarioMD made the
decision to decommission their legacy platform
in an effort to reduce their infrastructure and
ongoing operational costs, and to move to a
cloud-based solution.
 OntarioMD developed a responsive, visually
appealing extranet site that included physician
self-registration, an onboarding process that
validated new users using Azure multi-factor
authentication, and full auditing of all profile
updates and attempted login activity.

18. New Features that
Support Extranet
Activities

19.  Create a folder in OneDrive and/or SharePoint
Online where you can request an external user
to upload files.
 The external user will then receive an email
with the request link. Clicking on the link, they
can then choose their files, and upload them.
Once successfully completed, the original
requestor receives an email letting them know
the files were uploaded.
 A single link can be used for multiple requests,
and the uploader is only able to view their
specific files.
 Available in Q4 of 2019 on the current roadmap.
Audience heat mapRequest Files

20.  When you're collaborating on a PowerPoint, you
often need opinions/input on a particular slide or
a particular section of slides. This is especially
challenging when co-authoring larger PowerPoint
decks.
 Now you will have the ability to choose a specific
slide within a PowerPoint presentation and share
a link directly to the slide.
 What this means is an external user can receive a
link to the presentation, when they click on the
presentation and login, they will be accelerated
right to the slide that needs their attention!
 Available as of June of 2019 in the Web-only
version of PowerPoint.
Audience heat mapSharing PowerPoints with Context

21.  A new reporting enhancement will be available in
SharePoint Online that will track all of the unique
permissions and sharing links setup on a particular
site collection.
 This will provide you with a detailed summary of all
the active external sharing activities taking place in
a given site.
 You will have the ability to export this report as a
CSV. file which will allow you to slice and dice the
data in your chosen reporting tool, whether that be
Power BI or Excel.
Audience heat mapSharePoint Reporting Enhancement

22.  Previously, this has been an area that has caused some
confusion as there was direct sharing from SharePoint as
well as Azure B2B sharing, which is managed within
Azure Active Directory. Now they are one and the same.
 When a document is shared to a user requiring them to
login, they will be created as a Guest User in the Azure
AD tenant.
 This allows those users to gain access with the newly
released One Time Passcode (OTP) functionality that has
been part of Azure B2B since early 2019.
Audience heat mapAzure AD B2B Integrations with Sharing

23.  Site admins can define how long a guest user
has access to site contents.
 IT access policies are defined at the
organization level (i.e. All users will lose access
after 60 days).
 Site Admin can extend access for users
expirations if additional time is permitted.
Audience heat mapExpiring External Access

24. External Sharing in SharePoint and OneDrive
Discussion on the latest SharePoint and OneDrive external sharing capabilities
with MVP Peter Carson (@carsonpeter), and Microsoft's Mark Kashman
(@mkashman) and Stephen Rice at the SharePoint Conference 2019.
https://youtu.be/0H0rowP7x-I
Video:

27. What is an Unstructured Extranet?
 External sharing in Office 365 strongly supports ad-hoc collaboration
 Sharing documents with a few to a few dozen external people
 Secure Link sharing to sites, libraries, and documents
• Anyone with a link (Anonymous)
• People in your organization
• People with existing access
• Specific people

28.  Invitation-only
 Business owner knows who to invite
 Direct invitation
 Bulk import of external users
 Private registration
 Business owner knows someone who knows who to invite
 Private registration link that is not easily guessed
 Can be forwarded any number of times
 May or may not want approvals on registration
 May auto-approve based on email domains
 Public registration
 Anyone should be able to discover and register
 Typically linked from a public website page
 May or may not want approvals on registration
 May auto-approve based on email domain
What is a Structured Extranet?

29. Structured Extranets and Azure B2B
 Simple
• Partners are invited into your Azure AD
• Each partner user uses an existing Azure AD account or one that is easily
created during invitation acceptance
• Permissions can be managed through Azure AD groups
 Secure
• All access is controlled through your Azure AD directory
• Partner users can be removed from your Azure AD and their access is
immediately revoked
• When the partner user leaves the partner organization, access is lost
automatically
 Seamless
• Partner companies who need access do not need to have Azure AD
• Azure AD B2B collaboration provides a simple user sign-up experience for
these partners

30.  External sharing is not scalable
 Individual users need permission management to invite
 Permissions become a mess, governance goes out the
window
 Azure Ad B2B is not user-friendly
 Azure portal is overwhelming
 All-or-nothing delegation
 No self-registration
 No integration to other line-of-business systems
 No integration to on-premises AD
Understand the Gaps

31. Extranet
Options:
Azure AD B2B

32. Azure Active Directory (Azure AD) business-to-
business (B2B) collaboration lets you securely share
your company's applications and services with guest
users from any other organization, while maintaining
control over your own corporate data.
Allows you to work safely and securely with external
partners, large or small, even if they don't have
Azure AD or an IT department.
A simple invitation and redemption process lets
partners use their own credentials to access your
company's resources.
Developers can use Azure AD business-to-business
APIs to customize the invitation process or write
applications like self-service sign-up portals.
https://docs.microsoft.com/en-us/azure/active-directory/b2b/what-is-b2b
Where to Start a ConversationWhat is Azure AD B2B?

33. • Partner users can be granted access to any part of your SharePoint
Online environment
• Considered external users by Microsoft
• No Office 365 subscription is required for the partner users
• Permissions in SharePoint Online can be applied to Azure AD groups
Where to Start a ConversationAzure AD B2B and Office 365

34. Where to Start a ConversationAzure AD B2B Onboarding Experiences

35. Options:
PowerApps
Portals

36. Enable organizations to build low-code, responsive websites
which allow external users to interact with the data stored in
the Common Data Service.
Using a simple, dedicated designer experience, makers can
create pixel-perfect websites which are custom branded and
allow users to interact with data stored in the Common Data
Service.
PowerApps Portals allow organizations to create websites
which can be shared with users external to their organization
either anonymously or through the login provider of their
choice like LinkedIn, Microsoft Account, other commercial
login providers.
You can also integrate enterprise login providers using a
variety of industry standard protocols like SAML2, OpenId
Connect and WS-Fed . Websites can also be created for
Employees who can connect using their corporate Azure
Active Directory account.
https://powerapps.microsoft.com/en-us/blog/introducing-powerapps-portals-powerful-
low-code-websites-for-external-users/
Where to Start a ConversationWhat are PowerApps Portals?

37. Options:
3rd Party
Solutions

38. Options: 3rd
Party Solutions

39. • There are also Microsoft partners that integrate with Azure AD B2B and
Office 365 to deliver more robust end user experiences, such as Extranet
User Manager (http://eum.co/spfest)
• Add groups and users directly from
the SharePoint Online site
• Permissions are automatically wired up in
the background by EUM Flow Connector
• Full administrative capabilities
• Add, Edit, Remove groups
• Add, Edit, Remove users
• Search, Add, Edit, Import users & groups
• Copy and share private link for registration
• Delegated access for business owners
Where to Start a ConversationExtranet Options: 3rd Party Solutions

40. What tool should you use, and when?

42. Where to Start a Conversation
Outlook
SharePoint
& OneDrive
Where to start a conversation

43. Outlook
Inner Loop
SharePoint
& OneDrive
Where to Start a ConversationWhere to start a conversation

44. Outlook
Outer LoopInner Loop
SharePoint
& OneDrive
Where to Start a ConversationWhere to start a conversation

45. Outlook
The Open Loop
Outer LoopInner Loop
SharePoint
& OneDrive
Where to Start a ConversationWhere to start a conversation

46. Audience heat map
More
Internal
Users
More
External
Users
More Task-Focused
More Initiative-Focused
SharePoint
Yammer
OneDrive
Teams
PowerApps
Portals
Audience Served

47. Simple Complex
IT Managed
End User Managed
SharePoint
Yammer
OneDrive
Teams
PowerApps
Portals
Audience heat mapManagement Overhead

48. Unstructured Structured
Process-Focused
Ad Hoc
SharePoint
Yammer
OneDrive
Teams
PowerApps
Portals
Audience heat mapCollaboration Focus

49. 1. Who will be accessing the extranet?
2. Would you like to have a
self-registration option or
invitation-only?
3. How will your extranet users
authenticate into your extranet
application?
4. What interactions are your
external users going to have
with the extranet?
5. What applications will have to be
accessible through the extranet?
Questions To Ask:

50. • Upcoming webinars from EUM: https://www.extranetusermanager.com/spfest
• Use SharePoint Online as a business-to-business (B2B) extranet solution
https://docs.microsoft.com/en-us/sharepoint/create-b2b-extranet
• Create an external business-sharing site in SharePoint Online https://docs.microsoft.com/en-
us/sharepoint/create-external-business-sharing-site
• Linked: How Everything Is Connected to Everything Else and What It Means for Business, Science, and
Everyday Life http://amzn.to/2f32HME
• Six Degrees: The Science of a Connected Age http://amzn.to/2fz8UnJ
• Bursts: The Hidden Patterns Behind Everything We Do, from Your E-mail to Bloody Crusades
http://amzn.to/2f2Zqgo
• External Sharing in SharePoint and OneDrive https://youtu.be/0H0rowP7x-I
• Sharing is All About Control http://bit.ly/2ZjoyL2
• External Sharing Announcements from #SPC19 http://bit.ly/2P0WPe3
• The Ultimate Survival Guide for Charities eBook http://bit.ly/2zcNSDO
Audience heat mapResources

51. @buckleyplanet
Thank you very much!
@mkashman