SharePoint Security Impacts From Snowden and Wikileaks Breaches

 

Editor’s note: Contributor Mike Fleck is Co-founder of CipherPoint Software, Inc. Follow him @mfleckca

2013-08-27-SharePointSecurityImpact-01.pngThe biggest security story that we’ll see this year is the Snowden – NSA – PRISM leak. The biggest security story in the past couple of years prior to PRISM has clearly been Wikileaks. Common threads obviously run through these breaches, starting with the use of SharePoint by both organizations and the attackers in both cases compromising the confidentiality of information therein. The UK newspaper The Register reported a few weeks ago that the Snowden breach involved information obtained out of SharePoint servers. There are so many different angles to these security breaches, and they are so important, that we’ll address them in a series of blog posts over the next few weeks. Topics for these blogs include:

1)   The increasing importance of security controls that aim to keep system administrators honest or from mistakenly putting the organization at risk. While both Snowden and Wikileaks involved national intelligence agencies and the DoD, the threat from insiders and system administrators is a universal one. Every year, we see numerous stories about insiders from a myriad of different companies and industries walking off with sensitive or valuable data or just accidently making information publically accessible. This article describes the insider threat (posted and available here), and will discuss challenges to securing IT systems against insiders that are common to many organizations and IT platform

2)   It is well documented at this point that some leaked Wikileaks data came from SharePoint sites. NSA has also very recently admitted that data relating to the PRISM breach was obtained from SharePoint servers. It is now clear that the Edward Snowden a) was a system administrator, b) had system administrator privileges across a variety of systems, and c) did not have “need to know” for the information that was stolen and subsequently leaked, and d) obtained much of the information that he’s now leaking from a SharePoint server. This article describes specific challenges relating to securing information in collaboration platforms against system administrators, with specific focus on premise SharePoint sites. To many in the SharePoint world,  “SharePoint security” is synonymous with “SharePoint permissions” and the Snowden breach is a great example of how permissions are a single point of failure and do not (in and of themselves) equate to a proper security architecture.

3)   Solving the SharePoint insider threat issue. Protecting data in SharePoint requires the right mix of security controls, and the right architectural approach. Data encryption and access controls at the application layer are critical.

4)   In defense of SharePoint…Both the Snowden and Wikileaks breaches involved SharePoint. This doesn’t mean, however, that SharePoint is inherently flawed from a security standpoint. It does mean that a defense in depth approach needs to be taken with SharePoint, as with any other IT platform. This blog will explore what a rigorous defense in depth security architecture for SharePoint looks like. The key takeaway…SharePoint farms can be adequately secured to store even the most sensitive data, from a multitude of threats, including privileged insiders.

5)   Security of data in cloud services has been a big issue since cloud first emerged. From the perspective of the PRISM program, and the data collected, both enterprises and consumers using or planning to use cloud services have to be seriously concerned about their data in cloud services. You have to approach cloud services at this point by assuming that your data is being looked at by third parties, including cloud systems administrators, and by governmental agencies. This article will look at cloud data privacy and security issues in light of these developments.

6)   If you accept that cloud data is at great risk, you have a number of different ways to approach securing the data. Data encryption is the primary security tool to employ, and there are big and important choices to be made, including where to insert the encryption (on a client, in a proxy, in a SaaS service, or on the cloud computing infrastructure itself), and how and by whom your encryption keys and encryption routines are managed. This article will explore encryption implementation issues related to securing cloud data.

A final thought, and we believe an important one. This is not solely a SharePoint security issue. This is a gross generalization, but most IT platforms, and particularly collaboration-oriented platforms, are challenged to adequately secure against rogue systems administrators and insiders. The solution to securing SharePoint and other IT platforms against insiders will always boil down to careful application of security controls, including ones that are native to the platform, and 3rd party controls that further lock down the platform and data.

An analogy we use: if your house gets broken into, but you like the house, keep the house and buy a security system. People love SharePoint for the collaboration efficiencies the platform brings to the enterprise. Add to SharePoint the right set of administrative and technical security controls, and you’ve got a winning combination. It is possible to use the SharePoint platform for use cases involving highly sensitive data!

XSL in SharePoint

 

A few months ago, Dustin Miller, Heather Solomon and I completed our workshop series, "Customized Branding Solutions with CSS and XSL". During the third session, I recorded some "Hot Tips" as Dustin was delivering his sessions on Enhancements with XSL: Advanced Grouping. I thougt you might find the tips helpful.

  • Ignore SharePoint when sketching out a solution.
  • Create a central library of XSL and CSS snippets at the top of the site collectionfor easy access from any site.
  • Break XSL into separate templates for much easier management
  • Load common files to the top level site collection so that all subsites have access to the snippets.

I like a lot of the ideas that Dustin showed in the workshop. I’ll be expanding on those here in the near future, so if you want to get your hands a little dirty, watch and follow along as I learn to hack my way through the weeds of XSL and CSS in SharePoint.

Tools for SharePoint User Experience (UX) Design: Paper Prototyping


You may also be interested in: fpweb.net


 

Editor’s note: Contributor Adrian England is the Senior User Experience Designer at Creative Sharepoint. Follow him @ade_england

Introduction

Following on from the previous article in this series scamping, the topic for this article is the Paper Prototype.

What is Paper Prototyping?

A paper prototype, like a scamp, is a low-tech way of quickly visualising an idea, or in this case, an area of functionality that would either be difficult to explain or would require investigation for proving a concept.

In essence, a paper prototype is a scamp with interactive functionality, which can be quickly created, tweaked and thrown away if not required.

The example below is an expanding list showing how the finished prototype will be used.

2013-08-27-SharePointPrototyping-01.jpg

What you will need

  • Cutting mat
  • Scalpel
  • Metal ruler
  • Glue (optional)
  • Marker pens
  • Medium weight card (around 200gsm)

Step 1

Draw a Scamp of the functionality area in its static state (on page load with no interaction).

2013-08-27-SharePointPrototyping-02.jpg

Step 2

Using the scalpel, metal ruler and cutting mat cut a line in the scamp along the top of the interaction area. This hole should be a little larger than the thickness of the card that is being used.

2013-08-27-SharePointPrototyping-03.jpg

Step 3

Next a scamp needs to be drawn for the interaction item, in this case this is the expanded list item.

Once drawn, the interaction item should be cut out so that the main body area is slightly narrower than the hole which was cut in Step 2 whilst leaving a bar at the top (this will allow the item to stop at the correct place).

2013-08-27-SharePointPrototyping-04.jpg

Step 4

Flip the two pieces of card over and feed the interaction item created in Step 3 into the hole created in Step 2.

2013-08-27-SharePointPrototyping-05.jpg

Step 5

Flip the paper prototype back over and have a play.

2013-08-27-SharePointPrototyping-06.jpg

Other Uses

Paper prototypes can be used to illustrate a vast range of functionality, the only limitation really is your creativity.

The process outlined above is only a very basic paper prototype; be creative and think up new ways of being able to demonstrate functionality.

Rolls of paper can be used to allow large areas of content to be scrolled through, long horizontal pieces of card can be good for demonstrating image carousels, tinted acetate or tracing paper can be used to replicate a modal window popping up…the possibilities are endless.

SharePoint vs. Yammer for Microblogging


You may also be interested in: O’Reilly – SharePoint 2010 at Work


 

Editor’s note: Contributor Chris Clark is the Marketing Manager for Creative Sharepoint. Follow him @chrisclark005

Introduction

In a recent blog I compared SharePoint vs. Yammer for Document Collaboration. Here I will look at the microblogging capabilities of each product.

SharePoint vs. Yammer Comparison Chart

The following chart provides a comparison of SharePoint and Yammer features at a glance. For more details, and to see screenshots of SharePoint and Yammer, click on the feature set headings.

Yammer

SharePoint 2013

Posting
Announcements Yes No
Updates Yes Yes
Files Upload and share Share only
Polls Yes No
Praise Yes No
Events Yes No
Tagging
@mentions Yes Yes
#tags / Topics All users Author only
Following
People Yes Yes
Conversations Yes Yes
#tags / Topics Yes Yes
Files Yes Yes
Groups / Sites Yes Yes
Liking and Replying
Liking Yes Yes
Replying Yes Yes
Sharing
Via Group or Site Yes No
Via Private Message Yes No
Via Link No Yes
Content Preview
Microsoft Office Files Yes Yes, with thumbnail
PDFs Yes, with thumbnail No
Images Yes, with thumbnail Yes, with thumbnail
Videos Yes, with thumbnail Yes, with thumbnail
Internal Pages Yes, with thumbnail No
External Pages No, thumbnail only No
Security
Lock Conversation No Yes
Delete Conversation Yes Yes
Keyword Monitoring Yes No
Other
Embeddable Feed Yes No
Applications iOS, Android, Windows Phone, Windows 8 iOS, Windows Phone, Windows 8
Hide Conversations Yes No
Follow Up No Yes
Bookmarks Yes No
Friendly URLs No, only remove URL Yes, and remove URL

 

Posting in SharePoint vs. Yammer

Yammer’s ‘Publisher’ tool allows users to share updates, upload and share documents, post polls, praise others, post events and make announcements (administrators only).

2013-08-26-SharePointYammerMicroblogging-01.png

SharePoint’s ‘Newsfeed’ has less functionality. Users can hyperlink to content elsewhere (like surveys or events), but the Newsfeed itself is not very interactive.

2013-08-26-SharePointYammerMicroblogging-02.png

Back to table

Tagging in SharePoint vs. Yammer

Yammer allows posts to be directed at specific users with @mentions and associated with specific ‘Topics’ (both with type-ahead). Once posted, anyone can add a new Topic to a post.

2013-08-26-SharePointYammerMicroblogging-03.png

SharePoint also allows @mentions and uses #tags in place of Topics (both with type-ahead). However, #tags can only be associated to the post by the author ahead of publishing.

2013-08-26-SharePointYammerMicroblogging-04.png

Back to table

Following in SharePoint vs. Yammer

Yammer users are able to follow specific people, conversations, topics, files and groups to get updates.

2013-08-26-SharePointYammerMicroblogging-05.png

Likewise, SharePoint users are able to follow specific people, conversations, #tags, files and sites.

2013-08-26-SharePointYammerMicroblogging-06.png

Back to table

Liking and Replying in SharePoint vs. Yammer

Yammer users are able to flag up useful content by ‘Liking’ it and engage in conversations by replying.

2013-08-26-SharePointYammerMicroblogging-07.png

Likewise, SharePoint users are able to Like content and reply to conversations.

2013-08-26-SharePointYammerMicroblogging-08.png

Back to table

Sharing in SharePoint vs. Yammer

Yammer allows conversations to be shared to other Groups or to individual inboxes via Private Message.

2013-08-26-SharePointYammerMicroblogging-09.png

SharePoint allows conversations to be shared across sites, but only via a hyperlink to the original post.

2013-08-26-SharePointYammerMicroblogging-10.png

Back to table

Content Preview in SharePoint vs. Yammer

Yammer allows a range of content (Office Files, PDFs, rich media and web pages) to be shared (with a thumbnail) and previewed within feeds.

2013-08-26-SharePointYammerMicroblogging-11.png

SharePoint only provides thumbnails and preview for Office files and rich media within Newsfeeds. Pages and PDFs are shared only as hyperlinks.

2013-08-26-SharePointYammerMicroblogging-12.png

Back to table

Security in SharePoint vs. Yammer

Yammer allows authors and administrators to delete conversations, removing them from feeds. It also allows administrators to monitor specific keywords that may indicate misuse.

2013-08-26-SharePointYammerMicroblogging-13.png

SharePoint also allows authors and administrators to delete conversations. Additionally, conversations can be ‘Locked’, leaving them in place but disabling further activity.

2013-08-26-SharePointYammerMicroblogging-14.png

Back to table

Other features in SharePoint vs. Yammer

Yammer has a range of additional features:

  • Embeddable feeds allow conversations to be integrated into other Line of Business Applications (note there are several third party apps and an API available also)
  • Mobile apps are available for all major mobile platforms
  • ‘Hide’ allows users to remove conversations from their personal view of feeds
  • ‘Bookmarks’ allow users to follow specific conversations directly from their profile

2013-08-26-SharePointYammerMicroblogging-15.png

SharePoint also has additional features:

  • Apps are available for iOS, Windows Phone and Windows 8
  • ‘Follow Up’ allows users to create a personal task from a conversation, which will be stored on their MySite
  • Users are able to create ‘Friendly URLs’ for the hyperlinks they paste into newsfeeds

2013-08-26-SharePointYammerMicroblogging-16.png

Back to table

Conclusion

The addition of the Newsfeed in SharePoint 2013 is the most significant addition of social functionality the product has seen. It is well integrated into the platform and provides the simple user experience that employees will expect from consumer products.

However, it does lack many of the ‘Posting’ features found on Yammer (such as polls, praise and events) which make the newsfeed a highly interactive centre for activity, rather than a signpost to content elsewhere. Microsoft’s roadmap will no doubt involve bringing this experience to SharePoint.

SharePoint: Software Cost Reductions in a Team Site


You may also be interested in: Simple SharePoint Migration Tool – Content Matrix by Metalogix


 

Editor’s note: Contributor Ellen van Aken is an experienced intranet adoption manager. Follow her @EllenvanAken

In the series of “Do More With SharePoint-Examples” this time I will explain a process where a Survey saved our IT-department lots of time and effort. Technically/functionally it is one of the most simple, but from a change management perspective, and because the idea is easy to transfer to other organizations, I thought I’d share.

What was the problem?

Many employees had rather expensive Software X on their PC, and local IT wanted to reduce the licensing costs in their country by providing alternatives. There was a simple alternative to the software on every PC, or people could request a free open-source version with functionalities comparable to Software X.

Usually these projects were done by emailing back and forth with all users of the software, but with about 100 local users of this software, that was promising to be quite messy2013-08-25-SoftwareCost-01.gif.

From a priority point of view, this project did not generate a lot of financial benefits, but since this was a regular action at IT (and worldwide) the project received a high score for “re-usability” and extra “intangibles” points because we wanted IT to become more familiar with the functionalities of SharePoint. It also scored well in “Required time investment” because it was easy to set up.

What is the solution?

We created a Survey in a dedicated subsite of the IT-Team Site, with 2 questions:

2013-08-25-SoftwareCost-02.gif

Upon clicking “Finish”, respondents arrived at a Thank You page, with information about the next steps.

IT sent an email with explanation to all users of Software X with the link to the survey. They set an Alert to keep track of responses.

What are the benefits?

First of all, no emails had to be received, opened, scored and filed. Every answer was in the survey, as well as the total number of responses.

Next to that, there was immediate visibility of the outcome. From the moment the replies started to come in it was clear that 30% of the population did not use the software at all, and that about 40% of the users were willing to try an alternative. That was such a good result that there was no need to challenge those people who really wanted to work with Software X. (Which was just as well, because some employees were upset or even angry when they received the email2013-08-25-SoftwareCost-03.gif)

2013-08-25-SoftwareCost-04.gif
The Graphical Summary gives a quick overview of results

Software X was removed from about 70% of PC’s and some open-source packages installed.

The local IT-manager was so enthusiastic about the ease and speed of this solution, that he decided they would repeat this yearly with Software X, would repeat this with other expensive licenses, and he shared his success with his international colleagues.

We showed them how to set up a survey themselves, how to lead people to a ”Thank You page” and how to export the results after each project for archiving.

Well, you and I know how SharePoint can facilitate data collection in this way, of course, but for my IT-colleagues it was a welcome new learning!

Top 5 UX (User Experience) Articles of the week – Week 10

 

Editor’s note: Contributor Marcy Kellar is a SharePoint Strategist and User Experience Designer. Follow her @marcykellar

2013-06-20-TopUX-Part02-01.pngLast summer, Marcy Kellar began a weekly series of her top picks of UX articles for that week. Marcy is going to pick up the series again so we’ve gone back to publish her original articles.

Here are the top 5 UX articles on branding this week:

1 – Complete Beginner’s Guide to Information Architecture

Information architects are more than just designers, visionaries, or project managers. Information architects must draw inspiration for perfecting their craft from a number of different departments. Typically, they will start as designers, or working alongside designers. At some level, the technical requirements of a sites design enter into their realm of interest and responsibility as well.

Marcy Kellar: Information Architecture is an important part of the User Experience. This is a useful article for those interested in Information Architecture or just beginning. It covers who is an Information Architect, what they do and what tools they use.

2 – Direct Your Audience To Important Content Through Visual Hierarchy

Every website communicates information through design. Some of the information will be very important and some not so much. Your audience won’t know which is which at a glance unless you provide cues for them by creating a visual hierarchy in your design elements.

Marcy Kellar: The visual layout of content can direct users to important content. This article provides helpful tips on creating visual cues so that users can find important content. The author uses his own blog as an example. The article doesn’t do the best job using relevant pictures but the content is still good.

3 – 40+ Creative and Best Landing Page Designs

Landing Page Designs – First thing you land on at what time you click on a advisement link is clearly your landing page. Landing page can make or break the image of website. If your landing page is high-quality and creative sufficient then only the visitor will stay for a while or will come back to visit once more.

Marcy Kellar:One of the best habits to get into as a designer is looking for inspiration. There are many places to look for design inspiration. I liked this collection because there were many design elements that were relevant to an internal SharePoint site.

4 – What the Heck Is CSS Specificity?

CSS specificity is a topic that many new front end coders avoid for as long as possible. It sounds complicated, there are all of these rules, you might even have to do some math! How lame is that? Ultimately, you can only avoid it for so long.

Marcy Kellar: CSS specificity is a useful technique in SharePoint branding and UI customization. I use this technique consistently when branding SharePoint. This article provides an overview of CSS specificity and provides several examples of how to use it.

5 – 9 Valuable CSS Tricks for Responsive Design

CSS also known as Cascading Style Sheets is now an integral part of web development as it allows developers to alter the elements in any web page, which were once impossible. If you know the correct source codes, you can easily make changes in text spacing, underline links and a lot of other stuff, which was non-changeable earlier.

Marcy Kellar: Responsive designing is growing in popularity with each passing day. This article provides tips related to CSS in responsive design. It’s worth a bookmark even if you aren’t working on responsive design now.

How to Use Power Query for Excel to Query a SharePoint 2013 List


You may also be interested in: Documentation Toolkit for SharePoint


 

Editor’s note: Contributor Alexandru Dionisie is an Internet Professional and Technical Writer. Follow him @AlexDionisie

If you want to extract all the data from a SharePoint List to an Excel workbook, an easy solution is to use Export to Excel. SharePoint allows you to export a Web Query which downloads that lists data into a spreadsheet.

Besides that, there is another way to extract data from SharePoint without the need to open a web browser and access the SharePoint site. It’s called Power Query for Excel and it’s designed to help by easing data import from a variety of sources. It allows us to model the data in different ways, like filtering and grouping before we import it into Excel. The Export to Excel feature allows us to do that, after we insert the data into the spreadsheet.

In this article I will use both methods to extract data from a SharePoint List and I will let you see the differences (some of them) between Export to Excel and Power Query.

Export to Excel

From the LIST tab click on the Export to Excel button.

2013-08-11-SharePointPowerQueryExcel-01.png

When we run the Web Query, Excel asks us for permissions, in order to connect to an external data source.

Here we must click on Enable.

2013-08-11-SharePointPowerQueryExcel-02.png

After allowing Excel to connect to SharePoint, all the data from the list is downloaded into a spreadsheet.

2013-08-11-SharePointPowerQueryExcel-03.png

Microsoft Power Query for Excel

According to Microsoft:

 – Power Query provides an intuitive and consistent experience for discovering, combining, and refining data across a wide variety of sources including relational, structured and semi-structured, OData, Web, Hadoop, Azure Marketplace, and more. Power Query also provides you with the ability to search for public data from sources such as Wikipedia.

Download Link | Power Query

From the POWER QUERY tab, click on From Other Sources and then choose From SharePoint List.

2013-08-11-SharePointPowerQueryExcel-04.png

Next, we must specify the URL to our SharePoint site.

2013-08-11-SharePointPowerQueryExcel-05.png

One important step is about the authentication to the SharePoint site.

Here we can connect:

  • Anonymous;
  • Using Windows credentials;
  • Using MOS ID.

2013-08-11-SharePointPowerQueryExcel-06.png

Because I have my Office 365 account connected to Office 2013, in the MOS ID section I just click on Sign In and I am automatically signed in.

2013-08-11-SharePointPowerQueryExcel-07.png

In the below image we can see that the data is downloaded (101 KB when I took the screenshot).

2013-08-11-SharePointPowerQueryExcel-08.png

In the Query Editor we can see the data from our SharePoint List.

Here we can:

  • apply a filter;
  • sort the data;
  • hide the formula bar;
  • etc.

2013-08-11-SharePointPowerQueryExcel-09.png

2013-08-11-SharePointPowerQueryExcel-10.png

2013-08-11-SharePointPowerQueryExcel-11.png

To download the data from the SharePoint List, click on the Done button.

Now, in Excel we have the SharePoint data from the list.

On the right side we can see a settings pane.

In this pane we can:

  1. see the last update time and we can force a new data refresh;
  2. enable or disable the data downloading into the spreadsheet;
  3. load the data into PowerPivot.

2013-08-11-SharePointPowerQueryExcel-12.png

Using the Load to Data Model option, the downloaded data is sent to PowerPivot and from there we can do some more advanced “stuff”, like:

  • create relations between this table and another one in order to create a PivotTable from multiple sources;
  • output a variety of visual data to your Excel worksheet.
    • PivotTable;
    • PivotChart;
    • Chart and Table;
    • Four Charts;
    • Flattened PivotTable;
    • etc.
  • use DAX (Data Analysis Expressions) to to create measures (an upgraded version of Excel formulas);
  • publish dashboards to SharePoint;
  • etc.

2013-08-11-SharePointPowerQueryExcel-13.png

Account Information

At one of the above steps, Excel asked us to connect to the SharePoint site.

The POWER QUERY offers us the option that allows us to change the account or to delete the stored connection data.

From the POWER QUERY tab click on Data Source Settings.

2013-08-11-SharePointPowerQueryExcel-14.png

If we click on Edit Credential, for the selected site, all we can do is sign out and sign in with another account.

2013-08-11-SharePointPowerQueryExcel-15.png

In order to delete a site and its stored credentials, click on the desired site and then click on the Delete option.

2013-08-11-SharePointPowerQueryExcel-16.png

We have to confirm the deletion, by clicking on the Delete option.

2013-08-11-SharePointPowerQueryExcel-17.png

Now, the selected site was deleted along with the credentials.

2013-08-11-SharePointPowerQueryExcel-18.png

Display SharePoint Blogs on a SharePoint Online Homepage


You may also be interested in: fpweb.net


 

Editor’s note: Contributor Chris Clark is the Marketing Manager for Creative Sharepoint. Follow him @chrisclark005

If you’re using SharePoint Online (as part of Office 365) for internal SharePoint sites, you may choose to create an internal SharePoint blog.

In most cases your blog site will not be the homepage for users, however, you may choose to surface your latest internal blogs (alongside news etc.) on your homepage.

Ordinarily you might use the RSS Viewer web part to surface the RSS feed of a blog. It is important to note that there are technical differences between surfacing external and internal blog feeds via the RSS Viewer web part.

Whilst it is possible to set up external blog RSS feeds (e.g. BBC) on your SharePoint Online sites, it is not possible to do so with internal blog RSS feeds (see the table below).

​SharePoint Online SharePoint On-Premise
External Blog RSS Feeds​ Out-the-box​ ​Out-the-box
​Internal Blog RSS Feeds With configuration​ Not possible

If you do try, you will get the following error message:

2013-08-09-DisplaySharePointBlog-01.png

“An unexpected error occurred processing your request. Check the logs for details and correct the problem.”

Thankfully there are other ways to surface internal blogs on your SharePoint Online sites. In this blog I will take you through one alternative, using the Content Query web part, to provide this functionality (as seen below).

2013-08-09-DisplaySharePointBlog-02.png

In order to do this we must do the following:

1. Activate the SharePoint Server Publishing Infrastructure site collection feature
2. Add the Content Query web part
3. Add new columns to the blog posts list
4. Configure the Content Query web part

Activate the SharePoint Server Publishing Infrastructure site collection feature

The SharePoint Server Publishing Infrastructure site collection feature must be activated on the site that we want to display the Content Query web part on, so in this case our intranet site.

In order to activate this feature, click on the settings cog in the top-right and select Site Settings.

Then, under the Site Collection Administration heading select Site collection features.

Finally, scroll down to SharePoint Server Publishing Infrastructure and select Activate. If the feature is already active, progress to step two.

2013-08-09-DisplaySharePointBlog-03.png

Add the Content Query web part

Now that we have enabled the SharePoint Server Publishing Infrastructure feature we have some additional web parts available, one of those being the Content Query web part.

To add the web part, click on the settings cog in the top-right and select Edit page.

Select the zone you would like to add the web part to (in this example we will use the top zone) and click Web Part under the insert tab in the ribbon.

Under the Content Rollup category you will find the Content Query web part. Select this and then click add.

2013-08-09-DisplaySharePointBlog-04.png

Now that we have the web part on the page we need to point it to our blog content. Click Edit Web Part and under the Query section, select Show items from the following list and click Browse.

Using the drilldown find your blog site and select the Posts list within it, then click OK. Now click OK to finish editing the web part and Save the page to leave editing mode.

The web part should now be displaying the titles of your recent blog posts (if you have created any).

2013-08-09-DisplaySharePointBlog-05.png

In the next two steps we will take this basic display and add a summary and associated image to each of the blogs.

Add new columns to the blog Posts list

We need to add the following 2 columns to our blog Posts list:

  • Summary: to display a brief introduction for each blog
  • Featured Image: to display a relevant image for each bog

From your blog site homepage, click Manage posts. Within the posts lists, click List Settings under the List tab in the ribbon. Under the Columns heading click Create column.

For our first column, we will use the Column name Summary and the column type Single line of text. Select Yes for Require that this column contains information and lower the Maximum number of characters to 100. Click OK to add the column, then click Create column again.

For our second column, we will use the Column name Featured Image and the column type Hyperlink or Picture. Select Yes for Require that this column contains information and select Picture for Format URL as. Click OK to add the column.

Before we configure the Content Query web part to display our blogs we will need to add some Featured Images. I would recommend using images in a 50×50 pixel format. For this example, I will use 3 icons which can be downloaded here.

To add your images, click on the settings cog in the top-right and select Site contents and then click on the Photos app. Once you have uploaded your images to this folder you will need to copy the images URLs. You can do this by clicking the ellipsis (…) on the image and copying the URL from the modal.

2013-08-09-DisplaySharePointBlog-06.png

Then navigate back to your Posts list. Edit the relevant blog post and paste the image URL into the Featured Image field.

Once you have populated your blog posts with summaries and featured images you are ready to configure the Content Query web part.

Configure the Content Query web part

To configure the Content Query web part to display our blog summaries and featured images we must navigate back to the intranet homepage (or wherever you have chosen to place your Content Queryweb part).

Click on the settings cog in the top-right corner and select Edit page. Edit the web part and configure the following settings:

  • Under Presentation:
    • Check Limit the number of items to display and set the Item limit to 3
    • Leave the Group style as Default and the Item style as Image on left
    • Set the Image field to Featured Image
    • Leave the Title field as Title [Custom Columns];
    • Set the Description field to Summary
  • Under Appearance
    • Set the Title field to Latest Blogs (or whatever you would like to call the web part)

Finally click OK to finish editing the web part and Save the page to leave editing mode.

Your web part should now display links to your latest 3 blogs, complete with a summary and featured image as seen below.

2013-08-09-DisplaySharePointBlog-07.png

In my next blog we will explore how to filter the blogs displayed in two ways:

  • If the blog is Featured (as chosen by the content author), or
  • If the blog has a 4 star or more rating on average (as chosen by the content readers)

SharePoint: A Program Management Office…in a Team Site


You may also be interested in: Simple SharePoint Migration Tool – Content Matrix by Metalogix


 

Editor’s note: Contributor Ellen van Aken is an experienced intranet adoption manager. Follow her @EllenvanAken

As promised in my last post I will elaborate some more on the “PMO Team Site”.

When do you use this configuration?

We have used this for every large program with many individual projects. It can be global (such as actions from the yearly Employee Satisfaction survey), business-wide (e.g. increase the profitability of a business unit), or local ( like improving efficiency of a production location) project, with the following characteristics:

  • a set of projects (generally > 10)
  • where all results and revenues are reported together
  • there is a Program Manager for the complete set of projects
  • each individual project is managed by a different project manager
  • to be finished in roughly the same timeframe

What were the issues?

The risk of a set of projects, managed in different ways, is that the Program Manager has to chase everyone for updates, will receive these updates in various formats, and needs to spend a lot of time turning these diverse bits of information into one proper report. While the official reporting is done once a month, management is always asking the Program Manager “how things are going”, which means the Program Manager has to know the status on a daily basis. And this may cause some stress…

What are the benefits of this setup?

Every project manager updates his or her projects in the Team Site in one list. This enables uniform reporting and automated aggregations.

There is no document editing involved, so no issues with check-in/check-out or overwriting changes.

The Program Manager can spend time on analysis, progress and solving issues, rather than on collecting and aggregating data.

The online reporting also allows for many different permanent slices-and-dices (views) and real-time graphs of progress, making the need for official progress reports even less.

The priority of these configuration projects is generally very high:

  • Many people save lots of time by having one place to go for the project’s progress
  • These projects are generally very much aligned with business priorities
  • External partners can have access to the Team Site and online meetings, so they spend less time and money on travel

How is the TS set up?

  • The backbone of the site is an issue list or custom list, with “versioning” on. Versions are useful to store monthly updates, but also to see the progress of the project over time.
  • Every project is one line item.
  • The “Assigned To” is the project manager. She or he edits their own item(s) on a regular basis.
  • We use many different metadata columns depending on the project, e.g. country, department, business unit, workstream, project type, etc.
  • The fields that are updated most often are on top, allowing the project managers to edit with as little scrolling as possible.

     

    2013-08-07-SharePointProramManagement-01.gif
    Frequently edited items (highlighted) are on top of the edit form

  • We prefer choice fields over lookup fields. The project’s metadata are known and do not change during the project, so we do not need to make it easy to add options; and choice fields in the list reduce the risk of someone accidentally adding, deleting or editing an option.
  • Project managers have no ”delete” permissions to avoid accidents.
  • “Traffic lights” give a quick overview of progress and pain points.
  • We create many views to slice and dice the information.
  • In most cases, making all projects visible to all project managers is beneficial and stimulates discussion and a healthy sense of competition. In some cases we filter all views on “Assigned To”= [Me]. This is the case when layoffs, reorganizations, acquisitions, divestitures or other major business critical outcomes are expected. In those cases, the Program Manager will set personal views. (Most people do not know how to create personal views or do not want to take the time, so this is quite safe)

     

    2013-08-07-SharePointProramManagement-02.gif
    Overview of all projects, sorted by Due Date.

Using traffic lights

Everybody always loves traffic lights as status indicators, which makes it easy to see “the good and the bad” at a glance. We have used 3 ways to create them:

  1. Texts (Green, Yellow, Orange, Red), with a description of what these terms mean. This is very basic, but often works well. It is also the most simple and stable solution.
  2. Uploading coloured icons and asking people to add the appropriate link.
  3. Using a calculated field to color code. This is a more sophisticated way, but not always necessary. I do not have much experience with it.

     

    2013-08-07-SharePointProramManagement-03.gif
    2 ways to work with Stoplights, 1. Text, or 2. Picture

Some interesting views and graphs

  • Projects not modified in 30 days or more. This view is helpful for the Program Manager to chase the project manager for updates
  • Red and Orange projects. This view shows the projects that need management attention.
  • Projects grouped by Phase, by Workstream, by Country etc. These views all help the Program Manager decide where to take action and where to find success stories and good practices.
  • Views with sums on the realized savings or revenues.
  • Gantt Chart
  • My Projects
  • Graph of projects by Phase. This shows progress of the complete PMO and is very useful for Management. (See also my Telesales example)

     

    2013-08-07-SharePointProramManagement-04.gif
    From left to right: Start of Program, During Program, and End of Program.

Are you also managing programs and individual projects in Team Sites? Please let me know!

Top 5 UX (User Experience) Articles of the week – Week 9

 

Editor’s note: Contributor Marcy Kellar is a SharePoint Strategist and User Experience Designer. Follow her @marcykellar

2013-06-20-TopUX-Part02-01.pngLast summer, Marcy Kellar began a weekly series of her top picks of UX articles for that week. Marcy is going to pick up the series again so we’ve gone back to publish her original articles.

Here are the top 5 UX articles on branding this week:

1 – The Psychologist’s View of UX Design

You may have heard this story about an elephant: A king brings six men into a dark building. They cannot see anything. The king says to them, "I have bought this animal from the wild lands to the East. It is called an elephant." "What is an elephant?" the men ask.

Marcy Kellar: My background in psychology and life science appreciates the truth in this article on UX Design. I’ve been following the author, Dr Susan Weinschenk since her book, "Neuro Web Design: What Makes Them Click?" This article provides important points about users and why they do what they do. If you are concerned about adoption, this article is worth the read.

2 – How To Get People To Do Stuff: #1 — Use Nouns Instead Of Verbs

This blog post is the first of a new series called "How To Get People To Do Stuff". It will feature nuggets from the book I am writing by the same name due out in March of 2013. I’m also starting a new format of doing video blogs.

Marcy Kellar: The brain lady Dr Susan Weinschenk brings us another good one. This is the first article in a series I recommend reading if you are implementing SharePoint and devising a communication and adoption strategy. The wording of your communication matters.

3 – iPad User Experience Guidelines

Apple’s Human Interface Guidelines for the iPad outline how to create user interfaces optimized for the iPad device. According to Apple, the best iPad applications: downplay application UI so that the focus is on content; present content in beautiful, often realistic ways; and take full advantage of device capabilities to enable enhanced interaction.

Marcy Kellar:This is a comprehensive summary list of design considerations specific for the iPad. Most of these bullets also apply to other tablets.

4 – How Sans-Serif Typeface Styles Affect Readability

by anthony on 09/27/12 at 7:24 am Almost everywhere you look on the web, there’s a sans-serif typeface. Sans-serif typefaces have long been the standard for on-screen text due to their increased readability for low screen resolutions. But new research shows that not all sans-serif typefaces have equal readability.

Marcy Kellar: As SharePoint implementations reach multiscreen platforms and with it becoming easier to use unique fonts in web design, it’s important to consider the differences in sans-serif fonts ad understand the readability of them.

5 – Module Tabs in Web Design: Best Practices and Solutions

Digital today is a world of unprecedented complexity, which is a big opportunity. This research, sponsored by Google, shows different ways Americans use multiple screens.

A module tab is a design pattern where content is separated into different panes, and each pane is viewable one at a time. The user requests content to be displayed by clicking (or in some instances hovering over) the content’s corresponding tab control.

Marcy Kellar: Module tabs are used commonly in SharePoint designs to display several web parts while taking up less real estate. The type and use of content is important to consider when determining if this design pattern is an appropriate solution. This article provides an overview of the design pattern and best practices for use.