Presented at SharePointFest Seattle 2019 by Microsoft RD + MVP Christian Buckley (@buckleyplanet) and Sr. Product Manager at Microsoft, Mark Kashman (@mkashman).
There are many solutions that allow for collaboration with customers, partners, and virtual teams that stretch inside and outside of your organization, but which tools work the best in different scenarios?
In this session geared toward end users, we'll discuss how the latest Office 365 tools and solutions can be leveraged for different extranet scenarios, and help you to decide which of them best fit your specific needs. Solutions to be discussed include SharePoint, Teams, Yammer, OneDrive, Stream, and more.
10. A key insight from network science is the power of brokering,
the act of moving information from one group to another.
Network “brokers” make “sticky” information more fluid by
connecting to multiple networks and sharing information
across information silos and other networking barriers.
Network brokers (i.e. – connectors) have three advantages:
Breadth. They pull their information from diverse clusters.
Timing. While they may not be the first to hear information,
they are first to introduce information to another cluster.
Translation. They develop skills in translating one group’s
knowledge into another’s insight.
Combined, these three advantages give an individual an
overall vision advantage to see, create, and take advantage of
opportunities.
Why Being the Most Connected is a Vanity Metric, Forbes
11.
12. Why do I need
an extranet?
Exchange large volumes of data
Share product catalogs exclusively with
wholesalers or those "in the trade"
Collaborate with other companies on joint
development efforts
Jointly develop and use training programs
with other companies
Provide or access services provided by
one company to a group of other
companies, such as an online banking
application managed by one company on
behalf of affiliated banks
Share news of common interest
exclusively with partner companies
14. Sharing Drives
Productivity
Social interaction adds context and adds
metadata to your content
Metadata drives search, content and task
aggregation, and enables many of the new AI
and machine learning-based features within
Microsoft 365
All of these interactions expand intelligence
through the Microsoft Graph
…which enhances discovery
Productivity improves human interaction with
our systems and data, and provides that
“social fabric” to help our technology better
fit within our team and corporate culture
More productivity = more IP creation
15. Industry
Example:
Healthcare
For healthcare organizations, providing a
seamless environment to departments,
providers, manufacturers, and external
agencies is essential.
A great case study is the Canadian Agency for
Drugs and Technologies in Health, an
independent, not-for-profit organization
providing decision-makers with objective
evidence, analysis, and recommendations to
help them make informed decisions about the
optimal use of drugs and medical devices.
As with most healthcare organizations, CADTH
utilized a shared IT organization, so centralized
governance and administration is essential.
CADTH was regularly creating collaborative
workspaces as new organizations fell
underneath their umbrella, but needed an
extranet solution that would allow for user
delegation, centralized governance, and secure
authority from multiple sites.
16. Industry
Example:
Construction
& Engineering
For construction and engineering organizations,
it is important to efficiently manage their
collaboration efforts with sub-contractors,
associations, government bodies, and clients.
An example in the construction and
engineering sector is Associated Engineering,
an award-winning consulting firm providing
services in planning, engineering,
environmental science, and asset
management. With more than 900 staff across
21 locations in Canada, Associated Engineering
needed a secure and manageable solution for
collaborating and communicating with clients,
contractors, agencies, and other external
organizations, with some multi-year projects
including hundreds of participants.
Leveraging Microsoft's Azure AD B2B solution
and 3rd party tools, Associated Engineering
was able to deploy a flexible and automated
solution that provided a customized invitation
process for external partners, auto-provisioning
of Azure AD, and delegation of management to
business owners.
17. Industry
Example:
Non-Profits
For non-profits or registered charities, reducing
the costs of infrastructure hosting and ongoing
operational costs is key, while also allowing the
organization to quickly scale to add thousands
of users, sponsors, and partners to their
extranets.
An example is OntarioMD, a government-
funded not-for-profit organization responsible
for driving adoption of Electronic Medical
Record systems by 14000 physicians in the
province of Ontario. OntarioMD made the
decision to decommission their legacy platform
in an effort to reduce their infrastructure and
ongoing operational costs, and to move to a
cloud-based solution.
OntarioMD developed a responsive, visually
appealing extranet site that included physician
self-registration, an onboarding process that
validated new users using Azure multi-factor
authentication, and full auditing of all profile
updates and attempted login activity.
19. Create a folder in OneDrive and/or SharePoint
Online where you can request an external user
to upload files.
The external user will then receive an email
with the request link. Clicking on the link, they
can then choose their files, and upload them.
Once successfully completed, the original
requestor receives an email letting them know
the files were uploaded.
A single link can be used for multiple requests,
and the uploader is only able to view their
specific files.
Available in Q4 of 2019 on the current roadmap.
Audience heat mapRequest Files
20. When you're collaborating on a PowerPoint, you
often need opinions/input on a particular slide or
a particular section of slides. This is especially
challenging when co-authoring larger PowerPoint
decks.
Now you will have the ability to choose a specific
slide within a PowerPoint presentation and share
a link directly to the slide.
What this means is an external user can receive a
link to the presentation, when they click on the
presentation and login, they will be accelerated
right to the slide that needs their attention!
Available as of June of 2019 in the Web-only
version of PowerPoint.
Audience heat mapSharing PowerPoints with Context
21. A new reporting enhancement will be available in
SharePoint Online that will track all of the unique
permissions and sharing links setup on a particular
site collection.
This will provide you with a detailed summary of all
the active external sharing activities taking place in
a given site.
You will have the ability to export this report as a
CSV. file which will allow you to slice and dice the
data in your chosen reporting tool, whether that be
Power BI or Excel.
Audience heat mapSharePoint Reporting Enhancement
22. Previously, this has been an area that has caused some
confusion as there was direct sharing from SharePoint as
well as Azure B2B sharing, which is managed within
Azure Active Directory. Now they are one and the same.
When a document is shared to a user requiring them to
login, they will be created as a Guest User in the Azure
AD tenant.
This allows those users to gain access with the newly
released One Time Passcode (OTP) functionality that has
been part of Azure B2B since early 2019.
Audience heat mapAzure AD B2B Integrations with Sharing
23. Site admins can define how long a guest user
has access to site contents.
IT access policies are defined at the
organization level (i.e. All users will lose access
after 60 days).
Site Admin can extend access for users
expirations if additional time is permitted.
Audience heat mapExpiring External Access
24. External Sharing in SharePoint and OneDrive
Discussion on the latest SharePoint and OneDrive external sharing capabilities
with MVP Peter Carson (@carsonpeter), and Microsoft's Mark Kashman
(@mkashman) and Stephen Rice at the SharePoint Conference 2019.
https://youtu.be/0H0rowP7x-I
Video:
25.
26.
27. What is an Unstructured Extranet?
External sharing in Office 365 strongly supports ad-hoc collaboration
Sharing documents with a few to a few dozen external people
Secure Link sharing to sites, libraries, and documents
• Anyone with a link (Anonymous)
• People in your organization
• People with existing access
• Specific people
28. Invitation-only
Business owner knows who to invite
Direct invitation
Bulk import of external users
Private registration
Business owner knows someone who knows who to invite
Private registration link that is not easily guessed
Can be forwarded any number of times
May or may not want approvals on registration
May auto-approve based on email domains
Public registration
Anyone should be able to discover and register
Typically linked from a public website page
May or may not want approvals on registration
May auto-approve based on email domain
What is a Structured Extranet?
29. Structured Extranets and Azure B2B
Simple
• Partners are invited into your Azure AD
• Each partner user uses an existing Azure AD account or one that is easily
created during invitation acceptance
• Permissions can be managed through Azure AD groups
Secure
• All access is controlled through your Azure AD directory
• Partner users can be removed from your Azure AD and their access is
immediately revoked
• When the partner user leaves the partner organization, access is lost
automatically
Seamless
• Partner companies who need access do not need to have Azure AD
• Azure AD B2B collaboration provides a simple user sign-up experience for
these partners
30. External sharing is not scalable
Individual users need permission management to invite
Permissions become a mess, governance goes out the
window
Azure Ad B2B is not user-friendly
Azure portal is overwhelming
All-or-nothing delegation
No self-registration
No integration to other line-of-business systems
No integration to on-premises AD
Understand the Gaps
32. Azure Active Directory (Azure AD) business-to-
business (B2B) collaboration lets you securely share
your company's applications and services with guest
users from any other organization, while maintaining
control over your own corporate data.
Allows you to work safely and securely with external
partners, large or small, even if they don't have
Azure AD or an IT department.
A simple invitation and redemption process lets
partners use their own credentials to access your
company's resources.
Developers can use Azure AD business-to-business
APIs to customize the invitation process or write
applications like self-service sign-up portals.
https://docs.microsoft.com/en-us/azure/active-directory/b2b/what-is-b2b
Where to Start a ConversationWhat is Azure AD B2B?
33. • Partner users can be granted access to any part of your SharePoint
Online environment
• Considered external users by Microsoft
• No Office 365 subscription is required for the partner users
• Permissions in SharePoint Online can be applied to Azure AD groups
Where to Start a ConversationAzure AD B2B and Office 365
34. Where to Start a ConversationAzure AD B2B Onboarding Experiences
36. Enable organizations to build low-code, responsive websites
which allow external users to interact with the data stored in
the Common Data Service.
Using a simple, dedicated designer experience, makers can
create pixel-perfect websites which are custom branded and
allow users to interact with data stored in the Common Data
Service.
PowerApps Portals allow organizations to create websites
which can be shared with users external to their organization
either anonymously or through the login provider of their
choice like LinkedIn, Microsoft Account, other commercial
login providers.
You can also integrate enterprise login providers using a
variety of industry standard protocols like SAML2, OpenId
Connect and WS-Fed . Websites can also be created for
Employees who can connect using their corporate Azure
Active Directory account.
https://powerapps.microsoft.com/en-us/blog/introducing-powerapps-portals-powerful-
low-code-websites-for-external-users/
Where to Start a ConversationWhat are PowerApps Portals?
39. • There are also Microsoft partners that integrate with Azure AD B2B and
Office 365 to deliver more robust end user experiences, such as Extranet
User Manager (http://eum.co/spfest)
• Add groups and users directly from
the SharePoint Online site
• Permissions are automatically wired up in
the background by EUM Flow Connector
• Full administrative capabilities
• Add, Edit, Remove groups
• Add, Edit, Remove users
• Search, Add, Edit, Import users & groups
• Copy and share private link for registration
• Delegated access for business owners
Where to Start a ConversationExtranet Options: 3rd Party Solutions
49. 1. Who will be accessing the extranet?
2. Would you like to have a
self-registration option or
invitation-only?
3. How will your extranet users
authenticate into your extranet
application?
4. What interactions are your
external users going to have
with the extranet?
5. What applications will have to be
accessible through the extranet?
Questions To Ask:
50. • Upcoming webinars from EUM: https://www.extranetusermanager.com/spfest
• Use SharePoint Online as a business-to-business (B2B) extranet solution
https://docs.microsoft.com/en-us/sharepoint/create-b2b-extranet
• Create an external business-sharing site in SharePoint Online https://docs.microsoft.com/en-
us/sharepoint/create-external-business-sharing-site
• Linked: How Everything Is Connected to Everything Else and What It Means for Business, Science, and
Everyday Life http://amzn.to/2f32HME
• Six Degrees: The Science of a Connected Age http://amzn.to/2fz8UnJ
• Bursts: The Hidden Patterns Behind Everything We Do, from Your E-mail to Bloody Crusades
http://amzn.to/2f2Zqgo
• External Sharing in SharePoint and OneDrive https://youtu.be/0H0rowP7x-I
• Sharing is All About Control http://bit.ly/2ZjoyL2
• External Sharing Announcements from #SPC19 http://bit.ly/2P0WPe3
• The Ultimate Survival Guide for Charities eBook http://bit.ly/2zcNSDO
Audience heat mapResources
With all of this going on, we also work with other people. We have a peer with whom we are working on a project, or a joint presentation. We might have a direct report who contributes to our work, or someone outside of our team who regularly reviews and provides input on our work. And we all have a manager who may review, provide input, or leverage our content.
Leveraging the shared knowledge of this small network is fairly simple, regardless of the tools we use – or that they use. Because with a small network, we have a fairly good idea of the value each team member provides – and where to go for help with certain tasks, to find content, and so forth.
But what if you need knowledge beyond your simple network?
The idea of a single network, with all nodes connected to all other nodes, is a small-team concept – and simply does not translate to large organizations. And yet that is how we handicap ourselves in enterprise collaboration, assuming that as the network grows, with every node (person, document, artifact) connected to every other node, search will “just work” and social collaboration across this flattened, two-dimensional organizational concept will somehow make people more….well, collaborative.
According to Ron Burt at the University of Chicago Booth School of Business, your network is actually a set of clusters – not one giant network. Burt talks about clustering being one of the basic patterns within network science, and how we all naturally participate in cluster. Some clusters come from our roles and professional circles – communities of practice, like being a business analyst or a project manager, for example. Other clusters form around age, musical tastes, educational backgrounds, sports, and so forth. Information is created and travels around within the cluster, but much of that data never leaves the cluster.
But there are some individuals within each cluster who act as brokers between clusters. These are people who see value in sharing information outside of a cluster, and who bring new ideas into the cluster, or group, from other groups. There’s a great article by Forbes contributor Michael Simmons (Why Being the Most Connected is a Vanity Metric) in which he interviews Ron Burt, and provides some additional insights into how networks work.
To work like a network means that each of us acts like a broker, adding value to the clusters in which we participate – and then connecting data and people and ideas across clusters, translating each body of knowledge for those other networks.
Working like a network is not an empty platitude or marketing slogan. Working like a network is a collaboration imperative – which is why you’ll find it at the center of Microsoft’s collaboration strategy.
External sharing works when you’re sharing with just a few people, or co-authoring a single document. It also works best when you are the sole administrator of the sharing activity. Beyond these scenarios, you should consider using Azure AD B2B and 3rd party solutions, or consider the following workloads:
Don’t get pigeonholed into a single solution for every problem
Don’t recreate the wheel every time – if its good enough