Step 1: Plan to manage SharePoint Online by using the Administration Center

 Note    If this information doesn’t match what you’re seeing, you may be using Office 365 after the service upgrade. Try Manage site collections and global settings in the SharePoint admin center to find the information that applies to you.
Am I using Office 365 after the service upgrade?

This is the first article in the SharePoint Online planning guide for Office 365 for enterprises. This article discusses planning internal site collections for your organization and the features you may want to implement on site collections. This article also describes some of the considerations you need to think about before creating a public-facing website.

In this article

Who should read this article?

After your organization and its users subscribe to SharePoint Online for Microsoft Office 365 for enterprises, a URL is provided to the organization to manage its SharePoint Online implementation. The person who uses this URL to access the SharePoint Online Administration user interface is known as the SharePoint Online Administrator. If you have been assigned to this role or are planning to implement SharePoint Online you may find this document helpful. You may want to engage other people in your organization in planning your SharePoint Online deployment in order to make decisions about features, permissions, and the governance of sites and site collections.

Top of Page Top of Page

What is the job of the SharePoint Online Service Administrator?

The SharePoint Online Service Administrator can:

  • Create, delete, and restore site collections
  • Grant access to site collection administrators
  • Grant access to external users and support partners
  • Allocate and monitor site collection storage
  • Plan for multilingual sites
  • Set up user profiles and My Sites
  • Set up InfoPath Forms Services for the organization
  • Configure and manage managed metadata

Some of these tasks require some forethought and planning. This document is intended to help you with those plans.

Top of Page Top of Page

Plan for partner solutions

As you begin your planning, you should evaluate whether your organization has specific business needs that might require you to use third-party services or applications to customize SharePoint Online. For example, your organization might need to migrate a large volume of content or a large number of users to your SharePoint Online site. Or you might have business processes that require support for email-enabled lists. If you think that your organization might benefit from third-party services or applications, please explore the professional services and applications available from Microsoft partners on the Microsoft Office 365 Marketplace. You can use this marketplace to find experts that can help you deploy in the cloud or tailor Microsoft Office 365 for the needs of your business. It is a good idea to explore and research available third-party services and solutions at the beginning of your planning process.

Top of Page Top of Page

Plan to create and manage site collections

The SharePoint Online Administration Center gives you the ability to create and manage site collections in one location, but it's important to plan ahead to decide how you want to implement your site collections before you create them.

A site collection is a group of websites that have the same owner and share administration settings, such as permissions. When you create a site collection, a top-level site is automatically created in the site collection. You can then create one or more subsites below the top-level site.

Top-level sites and subsites allow for different levels of control over the features and settings for sites. By using this hierarchy you can allow users to have a main working site for an entire team, plus individual working sites and shared sites for side projects. You can create separate site collections for different divisions or for external websites. How you decide to separate site collections depends on the size of your organization and its business needs.

You might start by evaluating the type of sites and site collections your organization needs by considering the answers to the following questions.

Decide this: To help you do this:
What type of content will be stored on the sites? Determine groups in your organization that use similar content types or site templates. For more information about planning site templates, see Plan which site template to use for your site collection in this article.
How much storage do you need for each site collection? Evaluate how many site collections you may need or can have. You may be able to determine this number based on current file server usage or the type of content the site collection will host. For information about changing the storage on site collections, see Change site collection storage and resource usage quotas in SharePoint Online Help.
Are there divisions or groups that need to maintain separate data? Create separate site collections. For example, permissions you give users to human resource data will be different from those you allow to marketing collateral.
Will your organization have a public website? Choose a domain name and purchase it, or use the default domain name provided by Office 365. For more information, see Set up a public Website in SharePoint Online Help.
Do you need multi-language support? Choose the correct language when you create your site collection. For more information about planning sites that use multiple languages, see Plan for sites to use multiple languages later in this article.
Whether you want users to have their own My Site. Plan to implement My Sites. For more information about planning My Sites, see Plan for My Sites later in this article.
Whether you want to create and manage custom forms or incorporate them into workflows. Plan to implement InfoPath Forms Services. For more information, see Plan InfoPath Forms Services later in this article.
Whether to use managed metadata. Decide who will be responsible for setting up the terminology used in the organization. For more information about planning managed metadata, see Plan to use managed metadata later in this article.

Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how your organization cooperates to achieve business goals. These goals center on the governance of the software and the service you provide; the application governance and the custom solutions you provide; and the management of the content and information stored by users in those services. As you plan your site collections you should also build a plan for how to govern them.

When you think about how to structure and govern your site collections, consider the answers to these questions.

Consider this: To create this:
Does the structure of your site collections add to your organization's effectiveness? An effective site collection consists of groups of individuals and teams that share common goals.
Does the structure allow the information architecture to meet regulatory requirements, privacy needs, and security goals? A secure site that is open to those who need the information, but where information is blocked from those who should not see it.
What type of access will users need to the content? A permissions model that allows read access, write access, or both.
Do users from outside the company need to have access? Authorization for external users on only those site collections that need it. For more information about allowing external users access to your sites, see Share a site with external users in the SharePoint Online Help.
Who will be allowed to create and manage the sites in the site collection? A managed plan for sites that are well maintained.
What features and functionality will be enabled for users? Locations for specific actions and applications, such as sandbox solutions.
Will the content found in search results be relevant to those sharing the site collection? A site collection where the content is useful to those sharing the site.
How much customization will you allow? A solution that is manageable and easy to upgrade.

To help answer the questions above, continue to read the Planning Guides, and also read the SharePoint Online Help articles related to Permissions management. It’s important to understand what type of access you want to provide both internal and external users before starting to setting up your environment.

The SharePoint Online Administrator should collaborate with other individuals in the organization to answer these questions before setting up site collections and allowing sites to be created. The administrator has the ability to:

  • Create, delete, and restore site collections
  • Set quotas on site collections
  • Create a public site
  • Assign permissions to site collection administrators
  • Decide whether external users will be allowed access to site collections
  • Configure the other features mentioned in this article

Planning ahead can make a big difference in how well the implementation of your sites fares over time. For more considerations about planning sites and site collections, read Step 2: Plan sites and manage users in this guide.

Top of Page Top of Page

Plan which site template to use for your site collection

When you create a site collection or sites within a site collection, SharePoint provides you with the option of choosing a site template. A site template is pre-populated with lists, libraries, pages, and other elements or features that support the needs of an organization. When you create a new site collection or site by using a template you can start using the site right away or you can customize the site so that it meets the needs of your team, event, or your larger organization.

It’s important to think about how you want to use your sites before you create the site collection because each site will inherit the properties from the template you choose for your site collection. You may choose to have multiple site collections that use different site templates for different projects or purposes.

You can choose from the several templates when setting up sites in SharePoint Online. For a description of each template, see A preview of site templates in SharePoint Online Help.

More information about site templates is included in Step 2: Plan sites and manage users in this guide.

Top of Page Top of Page

Plan how much storage you allocate to site collections

When your organization purchases the SharePoint Online service, it is allocated a pool of storage based on the number of user licenses it purchased and the type of Office 365 plan it purchased. The total amount of storage is pooled so that you can determine how much storage to give to each site collection (minimum 50 MB).

When you assign storage to a new site collection, you will be able to see the total amount of storage allocated to your organization and how much of the total organization storage remains to be allocated to new site collections. After you set an amount of storage for a site collection you can always increase it later, if necessary.

Tools in SharePoint Online allow you to evaluate how much storage is being used by each site collection, and to be notified by an alert when a site collection is nearing its storage allocation limit.

If you notice that your organization is running low on remaining storage, there are three things you can do:

  • Reduce the amount of content on your SharePoint Online sites
  • Delete one or more site collections
  • Buy more storage from Microsoft or your provider

It’s important to monitor how much space is being used and to set guidelines and policies with your site collection administrators and site owners as to any file size limitations you might want to set in your organization.

For more information about setting storage limits and alerts, see Change site collection storage and resource usage quotas in the SharePoint Online Help.

Delete and restore site collections

The recycle bin allows the SharePoint Online Administrator to restore deleted site collections, as long as they have not been in the recycle bin longer than 30 days. After 30 days in the recycle bin, a site collection is automatically permanently deleted. The recycle bin gives you time to make sure that the site collection does not contain data your organization needs.

Top of Page Top of Page

Plan to allow external users access to your internal sites

SharePoint Online allows you to collaborate with users outside of your organization by giving them permission to access resources on internal sites. These users are called external users. To allow external users to access a site, you must first enable Manage Share by Email in the SharePoint Administration Center. By enabling this setting in the SharePoint Online Administration Center, the SharePoint Online Administrator gives every site collection administrator in the environment the option of enabling external sharing on their sites.

Then, site collection administrators can enable External user invitations for their collections, after which site owners and designers can invite external users to access their sites by sending an e-mail invitation. Users can log in to the site by using one of three methods: an email address that is associated with a Microsoft account, a Hotmail, Live, or MSN address, or a Microsoft Online Services ID (if their company has their own Microsoft Online Services subscription). The invitation expires after one use. Once an external user is a member or visitor on a site, that user can be added to any other site in any other site collection in the environment.

It is important to understand how this feature works, since it can be enabled and disabled at three different levels within the environment. Each location is meaningful depending upon whether users have already been granted access.

For more information about granting access to external users, see Share a site with external users in the SharePoint Online Help.

Top of Page Top of Page

Plan for sites to use multiple languages

The Multilingual User Interface (MUI) feature allows users to view sites or Web pages in a language other than the default set on the site or site collection. The MUI feature is not a translation tool; it just changes the display language for the default interface elements. The user interface of your site refers to the elements on your screen that you use to interact with SharePoint, such as the menus, the navigation items, and the recycle bin.

With the MUI feature, you can display the following user interface elements in different languages:

  • Site title and description
  • SharePoint default menus and actions
  • Default columns
  • Custom columns (list or site)
  • Navigation bar links
  • Managed metadata services

When MUI is implemented by a user, it changes the user interface for that user only, and it does not affect how the site is displayed to other users. Also, any site content (as opposed to user interface elements) that was created in the site’s default language will still be displayed in the default language.

MUI is enabled by default in the SharePoint Online Administration Center. However, if MUI is to be used on a site collection, then it needs to be enabled by the site collection administrator. You and your site owners need to decide in advance what default language to use for your site collection and sites, because once the language is specified it cannot be changed. After you create a site collection, it is important to verify that the locale and regional settings on the site are accurate. For example, when you create French sites, the locale will always be set to France even if you are located in Canada. Therefore, no matter what language you choose, it is a good idea to verify that both the regional and locale setting are accurate for your location.

You will also want to check that the site collections that are pre-created for you have accurate settings. These are sites collections such as My and ContentHub.

For more information about multilingual sites see Introduction to multilingual features in SharePoint Online Help.

Top of Page Top of Page

Plan a public-facing Website

As a SharePoint Online Administrator, you can create one public-facing Website that can be accessed by users outside of your organization to market your company, provide information about how to contact you, and allow customers or partners to find information about your products and services. When you set up the site, you are asked to provide a domain name, which is the URL that people will use to access your site. You can choose to use the default name, provided by Microsoft, or a custom name that your company owns.

Security   If you choose to use a custom domain name, the public site will use the HTTP protocol rather than HTTPS protocol. Data sent by using HTTP protocol is not encrypted, which may allow other users on the network to be able to view information sent to and from the site. All other SharePoint Online for Office 365 for enterprises sites use HTTPS protocol, including the public site when it is configured by using the default URL.

There are several considerations and steps to ensure that your domain will work with SharePoint Online:

  • You must own the domain name    Your organization must have purchased the domain name and it must be registered with a domain registrar.
  • The domain name must be unique to SharePoint Online    To prevent conflicts with internal e-mail servers, we recommend that you avoid using second-level domain names for SharePoint Online such as contoso.com. This follows the specifications outlined in Request for Comments (RFC) 1034, “Domain Names – Concepts and Facilities.” For example, your e-mail server could use the domain name contoso.com and your public SharePoint site could use www.contoso.com.
    To redirect users who might try to find your public site by typing http://contoso.com, you could set up a redirect with your domain registrar to redirect traffic to http://www.contoso.com.

     Note    Not all domain registrars offer redirection services.

  • Change the domain intent on the Office 365 domain administration page    When you sign up for services in Office 365, you will be able to specify the domain name(s) you want to use for the services you purchase. To use your own domain name with SharePoint Online, you need to specify in Office 365 that you intend to use the domain name with SharePoint Online rather than with another service. When you configure the public site in SharePoint Online, you will be able to pick the domain name you specified on the Office 365 administration page.
  • Add a CNAME record for the domain name    We recommend that you get the CNAME information of your public site in SharePoint Online and set up a CNAME record at the domain registrar before creating your website. This must be done before the site can be accessible to viewers. Registering the CNAME in advance will allow propagation to begin before you need the site to be live.

Learn more about setting up your public site and creating the CNAME record in the article Set up a public Website.

Top of Page Top of Page

Plan for user profiles

Before you personalize the sites and content within an organization, you should plan how your organization will use and manage user profiles. In SharePoint Online, information about users in an organization is stored in user profiles. SharePoint Online receives profile information from the Office 365 directory service during regularly scheduled one-way synchronization. Users can also edit their profiles manually, usually through their My Profile page.

User profiles identify connections among users such as common managers, workgroups, group membership, and sites. User profiles also contain information about user interests and help users locate subject matter experts for a particular area by using the People Search feature.

User profiles are more than merely groupings of imported and custom properties about users in an organization. The properties are also used to display information about the relationships of each user to other users in an organization. These relationships can encourage more efficient collaboration with colleagues and across teams. Profile subtypes can be used to create a different set of properties for a different set of users. For example, you can create a subtype that categorizes a user as either an intern or a full-time employee.

Top of Page Top of Page

Plan user profile properties

When planning user profiles, you have to determine the information about users that is needed. This information will be stored in user profile properties. The privacy and policy settings in an organization govern the type of profile information that a user can view. The owner of the information sets the privacy settings while the organization sets policy settings.

When you plan for user profiles, you should consider several factors:

  • Do the default properties meet your needs or do you need to create new ones? You need to determine which properties you will use for your core user profiles based on those that are relevant across the organization. The properties are important when finding users, creating audiences to use when targeting content, and establishing relationships between colleagues and workgroups.
  • What areas of your organization require different user profile subtypes? For example, do you need to create user profile subtypes for full-time employees, part-time employees, and interns?

Default user profile properties    SharePoint Online provides a set of default user profile properties. You should review these properties and the policies that apply to them before you decide which changes to make, which properties to keep or remove, and which additional properties to create. Some of these user profile properties can be indexed by People Search and some can be replicated to all site collections.

Additional profile properties    The default user profile properties can be supplemented with additional properties that track key information that is not otherwise available. These properties can, for example, be integers, strings, term sets, and so on. For example, you can create a profile property that is named “favorite hobby” and associate it with a term set named “hobbies” from the Managed Metadata Service. Users who update their profiles can then select one of the terms in the “hobbies” term set as the value for their favorite hobby. For more information about term sets and the Managed Metadata Service, see Plan to use managed metadata later in this article.

You should plan to add properties at the level of the User Profile Service or site collection depending on the business needs that you identified in earlier planning. Key business needs can often be addressed by creating new properties that associate users with important business processes. Search can then use these properties to find users, or personalization features can use the properties to target content to users. Properties do not have to be visible in public profiles or My Sites, and properties can be useful for search or personalization without being displayed in public profiles or My Sites.

To limit the scope of planning, focus on adding properties that enable key business needs or scenarios for each site collection. If a relevant property does not address specific scenarios, wait until a specific need is identified during regular operations instead of planning to add the property only because you think you might need it. It is possible that you might not have to add many new properties at all. However, it is worth considering in case you can uncover obvious needs.

Memberships and colleagues    Relationships among different users in an organization are displayed in the public profile page for each user. Relationships include site memberships (a global view of all memberships for each user) and colleagues. In SharePoint Online, user profiles contain information about users’ site memberships only if they belong to the default membership group for a site.

Colleagues can include each user's immediate associates such as one's manager, peers, and direct reports. Organizations that have key relationships that cross groups of users, managers or other users might want to add people to the Colleagues lists for certain groups.

For more information about managing user profiles, see Manage user profiles and Add, edit, or delete properties for a user profile or an organization profile.

Top of Page Top of Page

Plan user profile policies

Policies are sets of rules that administrators assign to users or groups of users. These rules enable administrators to specify the privacy settings that are associated with a particular profile property, thus policies determine what information users can see on each other’s profiles. Policies also enable administrators to set whether a user can override the default privacy settings.

To start planning policies, assess the current visibility of the information about users in the organization. Some information about individual users should remain private. Other information can and should be shared freely with other users to encourage collaboration. Policies that are less restrictive allow more users to view public profiles more frequently, which affects how often you must update user profiles. In organizations that have many users, frequent updating could affect performance and capacity planning.

SharePoint Online provides a set of configurable policies to help administrators make the appropriate information available to meet the needs of the organization. Organizations can also create and deploy custom policy features to meet specific needs. You should review collaboration needs across the organization before you develop a plan for implementing the best mix of policies.

The following questions can help you determine which policies are appropriate for your organization:

  • Which properties should be mandatory?    Some properties — such as account name, preferred name, work telephone number, department, title, and work e-mail address — are mandatory by default and cannot be overridden or changed by users. In most organizations, these properties are key ways to enable collaboration and develop relationships across the organization. SharePoint Online also uses many of them to enable other features, such as colleagues and audiences.
  • Which properties should be visible to everyone?    By default, some properties are visible to everyone, but sensitive information can be configured to have limited visibility. For example, a company that has many employees in the field might decide that mobile phone information is important for everyone to see. Other organizations might choose to keep all non-work telephone numbers private.
  • Which properties can be changed by users?    Some properties can be made available without requiring that users provide information or allow a certain action to be performed. For example, some users might not want automatic population of colleague lists. Other users might want to change the default visibility setting for a property.

When planning the policy setting for a property, consider the following factors:

Condition Disable the property Make the property optional Make the property required
The property is used by key user features. X
The property is associated with key business data for applications. X
The property is used when you create audiences. X
SharePoint Online administrators expect consistent and meaningful values for the property. X
The property will rarely be used. X

The property will distract from more important properties.

Note: You can change the display settings for properties to hide them from users viewing public profiles, the Edit Details page, or the My Colleagues Web Part.

X
You decide to provide default values for properties, but still want users to be able to remove the information, or if you want to enable each user to provide the relevant value for the property. X

When you plan the default visibility settings for an organization’s policies, consider the following factors:

Condition Action
You want to use the property in search so that users can be found by searches for the property.

Set the default access policy to Everyone.

Note: Properties that have more restrictive access will not be used by search.
The property is useful across workgroups and other divisions in your organization and does not contain sensitive information. Make the property visible to everyone.
The property is mostly useful for collaboration inside an immediate workgroup or with a specific group of individually selected colleagues. Make the property visible only to colleagues.
The property is of a private or sensitive nature.

Make the property visible only to the immediate manager, or in some cases, only the individual user.

Important: What is considered private information can vary from organization to organization, and even from region to region. If your organization has sites in numerous countries or regions, you should familiarize yourself with privacy laws and regulations in all of them.

For more information about managing user profile policies, see Manage user profiles.

Top of Page Top of Page

Plan for audiences and content targeting

Audiences are part of the User Profile service that enable organizations to target content to users based on their job or task. Audiences can be defined by one or a combination of the following items: membership in a distribution list or Windows security group, location in organizational reporting structure, or by public properties in user profiles. Content can also be targeted by using SharePoint groups to target content in Web Parts.

You should also consider that audience information is compiled on a schedule that is not controlled through SharePoint Online. This means that information may not always be current.

Play key audiences    When planning audiences during initial deployment, the goal should be to find the smallest possible set of key audiences based on the organization's content needs, the information architecture of the site and site collections, and the users who are associated with each site collection. We recommend following this process for planning audiences during initial site setup:

  1. Record the central purpose for each site collection and site.
  2. Determine the smallest number of audiences that can enable you to target content as needed.
  3. Record all existing SharePoint groups, and map them to your audience needs.
  4. Identify additional audiences that must be defined.
  5. Identify additional SharePoint groups that must be defined.

By the end of the audience planning process, you should have a list of audiences that meet the needs of the groups of users who are using each site collection.

Plan how to target content to audiences    In order to use audiences to target content, the SharePoint Online Administrator and site administrators must decide which site elements will be used in each site. The SharePoint Online Administrator and site administrators should work closely together to ensure that they are providing a consistent experience for audiences across sites and site collections.

Once defined, audiences can be used to target content in numerous ways. For example, for Microsoft Office 2010 client applications, the SharePoint Online Administrator can define the links that display in the SharePoint locations, and set the audiences that each link is visible to. On My Site Web sites, the SharePoint Online Administrator can set audiences for the My Site navigation links that appear on the top link bar. In an environment in which audiences are configured, site administrators can use Web Parts to target content by audience.

You can also target Office client application links, personalization site links (My Site navigation links), Trusted My Site host locations, and Web Parts.

For more information about managing audiences, see Manage audiences.

Top of Page Top of Page

Plan for social tagging

Social tagging takes the form of notes and tags in SharePoint Online. People can apply tags to documents and pages that they want to easily track, or that they think others might find interesting. Notes to other people can help encourage informal dialog, and enable people to easily connect.

Tags are organized in a “tag cloud” that appears on the Tags and Notes tab of a user’s My Profile page. The tags used most often appear larger than the rest of the tags. People can browse and filter the tags in different ways.

Tag cloud

Tags and notes also appear as activities on a user’s My Profile page and the activities appear in the other people’s Newsfeed pages. For more information about how tags and notes are used, as well as the benefits to using them, see Video: Use tags and notes to share information with colleagues or Use tags and notes to share information with colleagues.

Features that help safeguard personal and confidential information

Social tagging in SharePoint Online includes the following features that can help your users control the information that they share so that they don’t inadvertently share personal or confidential information.

  • Private tags A user who adds a tag to a Web page can indicate that the tag is private. Other people cannot see the fact that the tag was added to the Web page. Other people do not see the tag in the user’s tag cloud, unless the user who added the tag also applied the same tag to another Web page without making the tag private.
  • Ratings control The ratings control only displays the aggregate rating that an item has received. It does not display which users rated the item or what individual ratings were provided.
  • Security trimming Adding a tag, a note, or a rating to a Web page creates an activity. Before SharePoint Online displays an activity, it uses a component called the security trimmer to determine whether the current user has permission to view the Web page that the activity applies to. If the user is not permitted to view the Web page, SharePoint Online does not display the activity. You can update the security trimming settings based on the needs of your organization. For example, you can limit security trimming to check links to one or more sites that you specify. You can also turn off security trimming. For information and the steps to manage security trimming options, see Manage My Site settings.

How social tagging information is displayed

A user can see social tagging information in the following ways:

  • My Profile and My Newsfeed pages The content that appears on the My Profile and My Newsfeed pages is security trimmed according to the user who is viewing the page. Therefore, you can see all of the information on your own My Profile page. But when you look at your My Newsfeed page or someone else’s profile page, you see only the information that you have permission to view.
  • Following When you follow a tag, you are notified every time someone adds the tag to a Web page. These notifications are security trimmed. The fact that you are following a tag is public. When you make someone your colleague, you are notified every time the person adds a tag, a note, or a rating to a Web page.
  • Web pages When you add a tag or a note to a Web page, you can see the tags and notes that other users have added to the Web page. You can see all notes, but you can only see public tags.

Recommendations for social tagging

In addition to using the privacy and security features included in SharePoint Online, you should consider taking the following steps:

  • Educate users about which aspects of their social tagging activity are public and which are private.
  • Before deploying custom code, ensure that the information it presents will meet your organization’s privacy and security standards.
  • When the permissions that are required to access a Web site change, have the search service crawl the Web site again.

For information about managing social features including tagging, see Manage personal and social features or Enable or disable Social Tags and Note Boards for a user or group.

Top of Page Top of Page

Plan for My Sites

My Sites are personal sites that provide a rich set of social networking and collaboration features to each member of your organization. My Sites give users a central location where they can store, share, and track the information they care about. Each user can use a My Site to discover other users, areas of expertise, projects, and business relationships among them. Each user can view his or her My Site by clicking the corresponding user name in the top, right corner of any page and then clicking My Site.

My Sites enable users to easily share information about themselves and their work. This sharing of information encourages collaboration, builds and promotes expertise, and targets relevant content to the people who want to see it. You can customize content for each user in any organization, and enable administrators to set policies to protect privacy.

Although an organization can customize My Sites, by default they are organized into three distinct sections:

  • My Newsfeed    is the default page when a user accesses his or her My Site. This page displays a feed of recent activities related to a user's specified colleagues and interests. Users can customize their newsfeeds by adding or removing colleagues they are interested in, specifying interests, and configuring the kind of activities they want to follow, such as when a colleague tags information with a shared interest.
  • My Content    is a Web Part page that displays content a user has stored in the My Site. By default, the My Content page displays a left navigation pane with links to the user's document libraries and picture libraries. The Web Part page contains Shared Documents, Personal Documents, and Recent Blog Posts Web Parts. A user can customize the My Content page by adding or removing Web Parts in zones on the page.
  • My Profile    displays the user's profile page to other people in the organization where users can share their expertise, profile pictures and so on. Although the My Newsfeed and My Content pages are available only to the user, the My Profile page is what that user and other people in the organization see when they access the user's My Site.

To effectively plan for My Sites, you must determine the following:

  • The user profile information that you want to make available to users, as discussed earlier
  • The policies that will be applied for viewing user profile information in the public profile, also discussed earlier
  • The users who you want to have a My Site and the appropriate permissions for those users
  • The My Site features that you want to enable

The following sections discuss the steps that help you to plan for My Sites.

Top of Page Top of Page

Determine users and user permissions

In addition to planning which users in an organization will have a My Site, you must also plan which My Site features will be available to each user. Questions to consider include the following:

  • Who can create My Sites?
  • Who can create social tags and notes?
  • Who can add colleagues?

We recommend that you use security groups to manage permissions. The following table provides guidance for configuring permissions for social features:

Permission Guidance
Create Personal Site By default, all authenticated users can create a My Site Web site. Ensure that you want the default setting to apply to the organization. Alternatively, you can use one or more security groups to grant the Create Personal Site permission to a subset of users in an organization.
Use Social Features By default, all authenticated users can add ratings and social tags to documents, to other SharePoint Online items, and to other items, such as external Web pages and blog posts. Users can also leave impromptu notes on profile pages of a My Site Web site or any SharePoint Online page. Alternatively, you can use one or more security groups to grant the Use Social Features permission to a subset of users in an organization.
Use Personal Features By default, all authenticated users can edit their profiles, add or edit colleagues, and add or edit memberships. Alternatively, you can use one or more security groups to grant the Use Personal Features permission to a subset of users in an organization.

For more information about managing social features, see Manage personal and social features.

Plan My Site features

My Site features that require special consideration include the following:

  • Newsfeed    By default, the newsfeed feature is disabled. The feature must be enabled so that users can follow colleague activities on the newsfeed page of their My Sites. Users can only view activities in the newsfeed for which they have permission. When planning My Sites, you should consider the privacy implications of this feature and provide mitigations based on your requirements.
  • The tag and note tool    The tag and note tool can be turned on or off in the SharePoint Online Administration Center by using the Use Social Features permission. This setting applies to all users who have the Use Social Features permission. Users can also add tags or notes to content outside of SharePoint Online by using the bookmarklet tool.
  • The organization browser    The organization browser is enabled by default. Organization information is imported from the Office 365 directory service. End users need to have Microsoft Silverlight installed on their workstations to view the organization browser. You cannot disable the organization browser, but you can prevent users from seeing it by deleting the organization node from the Quick Launch, or by removing the Web Part from the page.

When planning My Sites, you must consider both the benefits and the impacts of using these features.

For more information about managing My Sites, see Manage My Site settings. Find more information about managing users and user permissions in Step 2: Plan sites and manage users and the Permissions management  articles in SharePoint Online Help.

Top of Page Top of Page

Plan InfoPath Forms Services

InfoPath Forms Services in Microsoft SharePoint Online enables forms to be rendered in the Web browser. It is available as an Enterprise feature of SharePoint Online. SharePoint Online Administrators configure settings for InfoPath Forms Services on the SharePoint Online Administration Center Home page.

All business processes involve gathering data of some kind, and the success of any business process relies on the quality and integrity of that data. By using InfoPath forms in your SharePoint solutions, you can ensure that only valid, good quality data is gathered. InfoPath 2010 achieves this by letting you standardize, customize, and optimize the process of gathering data without writing any code.

The following are some key features that InfoPath provides to ensure data integrity:

  • Custom data validation    ensures that users cannot submit forms that contain invalid data.
  • Customized layout    By using multiple views, you can simplify the form-filling experience by splitting forms into multiple pages or creating separate views that are optimized for specific users or tasks. Conditional formatting lets you optimize the form-filling experience. For example, you can show or hide fields in the form based on values entered by users.
  • Data connections    to other sources such as SharePoint lists or Web services let you pull supporting, contextual data into your forms.

 Note    InfoPath Forms Services accesses external data sources by using a delegated Windows identity. Consequently, external data sources must reside within the same site collection or be available to anonymous users. If this is not the case, authentication to the external data sources will fail.

Code is not required to implement the above features. However, you can write managed code by using Visual Studio Tools for Applications (VSTA) to add more advanced functionality to your forms.

Deploying forms

Publishing options for form library forms depend upon whether the form template contains managed code, the permissions of the form designer, and InfoPath Forms Services settings.

 Note    You must use Microsoft Office InfoPath 2010 to publish forms to SharePoint Online. You cannot publish form templates to SharePoint Online from InfoPath 2007 or earlier versions.

Publishing browser forms without code    Web browser forms that do not contain managed code can be published directly to SharePoint Online by any form designer with the Design permission level. Form designers publish form templates by using InfoPath Designer.

SharePoint Online Administrators can restrict the ability to publish browser forms to SharePoint Online by disabling the publishing of browser-enabled user form templates on the InfoPath Forms Services configuration options page in SharePoint Online Administration. This option applies to form library forms only, and enables organizations that want more centralized control of form templates to require administrator approval before publishing browser forms to SharePoint Online. This option does not prevent users from publishing Filler-only forms to SharePoint Online. These forms can only be filled out by using InfoPath Filler.

Publishing browser forms with code    Form designers can add managed code to their forms by using Visual Studio Tools for Applications (VSTA). VSTA is an optional installation component available in Setup for InfoPath 2010.

Site collection administrators can publish form templates that have code to form libraries as sandboxed solutions, if the Microsoft SharePoint Foundation Sandboxed Code Service is running on the site collection. This lets a form designer who is a site collection administrator publish forms without requiring SharePoint Online Administrator approval. The sandboxed solutions will run in an environment that has access to a subset of the server object model.

Form templates that contain code that requires full trust to execute cannot be published on SharePoint Online.

Filling out forms

After a form template has been published, users can start filling out forms that are based on that form template.

There are two main form-filling environments, the Web browser and InfoPath Filler. Any form can be filled out in InfoPath Filler. Only browser-enabled forms can be filled out in a Web browser.

SharePoint Online Administrators can disable rendering of forms in the Web browser by configuring settings on the InfoPath Forms Services configuration page. This applies only to user form templates that have been published to form libraries, and not to administrator-approved form templates or form templates published to lists. If rendering of Web browser forms is disabled, forms will open in InfoPath Filler if InfoPath is installed on the user's computer.

SharePoint list forms can be filled out offline by using SharePoint Workspace. Form library forms can be filled out offline by using InfoPath Filler.

InfoPath browser forms can also be hosted on Web pages by using the InfoPath Form Web Part.

For more information about configuring InfoPath Forms Services, see Configure InfoPath Forms Services.

Top of Page Top of Page

Plan to use Business Connectivity Services

There are times when not all the data you'll need or want to work with is stored in your SharePoint databases. Other external applications may contain information that is important for your business. Business Connectivity Services (BCS) was created to help you integrate these external systems into your SharePoint data flow as external lists. To SharePoint users, the data from these external systems appears on a web page for read and write use like any other list.

You can use Business Connectivity Services to bring data into your SharePoint Online site from the following source:

  • Microsoft Windows Communication Foundation web services (also known as WCF)

 Note    Drawing data from other external systems may require intermediary steps in the form of a custom code WCF web service. However, some companies publish WCFs for wider use.

Let's look at the steps in greater detail.

Creating a Target Application using the Secure Store Service

You must first create a Target Application because the implementation of BCS in SharePoint Online uses Secure Store technology. You can think of this step as creating a means by which you can map a group of accounts that SharePoint knows and trusts to an account the WCF Services, knows and trusts.

The primary purpose for creating a Secure Store connection is that the credentials used to access the external system will be different from the credentials used to access SharePoint Online. Secure Store bridges the two systems (SPO and the external system) by storing the appropriate username and password for the external system, and permitting members of a group designated in SharePoint Online to use the stored credentials. This will allow a given group of SharePoint Online users to access the data in the external system.

Secure Store also resolves potential double-hop issues with authentication, because, after you login, SharePoint Online would go to get information from the external data system on your behalf. Secure Store can eliminate the need for more complex forms of authentication.

 Note    A double-hop occurs when the user passes credentials to one computer and authenticates with them, but then needs to pull information from another computer where, in order to get access to the data, the user credentials would need to be passed and validated a second time. SharePoint Online can resolve this security issue by using the Secure Store to pass credentials to an external data system.

Top of Page Top of Page

Creating an External Content Type and an External List

You can use SharePoint Designer to create both the External Content Type and External List that you use to display the external data. You can think of the External Content Type as a connection to external data that is defined by the type of content you want to display. For instance, connecting to a WCF service requires a WCF External Content Type. When configuring this External Content Type, you will be able to define the kind of actions users can take against the data. For example: can they read and write, or just read?

After you configure the External Content Type, you can also use SharePoint Designer 2010 to create a list that displays the external data. Or you can create the External list inside of a SharePoint Online Team Site. This list exposes the data on your website for site users, who may then choose to create charts, or spreadsheets, in Microsoft Office Word or Excel using the list. This also means the External Data that you need can be displayed to the people who need to use it through SharePoint Online. For example, if your WCF External Content Type includes data on Customer Orders, BCS allows you to display that data on a secured site as a list. Site users could update the Customer Orders list on the SharePoint Online site from directly within the browser.

Top of Page Top of Page

External Content Type Permissions

When configuring permissions for the new External Content Type in SharePoint Online Administration, remember that at least one account or group must be granted Set Permissions rights. Without the ability to set permissions for users or groups, the BCS connection becomes unmanageable. This is because nobody is assigned access by default, and after you manually enter a user or group, the interface enforces early allocation of the Set Permissions right as a failsafe.

Usually, when first configuring permissions specific to External Content Types, the SharePoint Online Administrator or Groups specified to manage BCS will be given Set Permissions rights, or even all available rights. Available permissions are:

  • Edit
  • Execute
  • Selectable in Clients
  • Set Permissions

Of these, Edit is a permission that should be reserved and granted only to those users specifically chosen to manage BCS, or who have SharePoint Online Administrator-level access. Also be aware the Set Permissions right will allow the person granted that right, to grant the Edit right to others. Consider this as part of your security when planning the people who will have access to your BCS configuration.

Top of Page Top of Page

Plan to use the Secure Store Service

What is the purpose of the Secure Store Service? This SharePoint service makes access to external business application data easier. In order to understand why the Secure Store Service offers this benefit, it's important to understand that the username and password used to access external data stores may not be the same as the username and password used to access SharePoint Online. When a user accesses a SharePoint Online page that displays information from an external data system, SharePoint must make a separate request to retrieve information from the external data system. This must be made with credentials that are known to the external data system in order for the request for content to be successful. Only then can SharePoint display the information from the external data system on the page. The Secure Store Service stores the external data system credentials for this reason.

The Secure Store Service is designed to create a background mapping between a group of users in SharePoint, and a single user known to the external data system. When the Secure Store Service is properly configured, the following occurs:

  • A user authenticates through Internet Information Services (the web server technology underlying SharePoint technologies) to SharePoint Online via valid credentials.
  • Inside SharePoint Online, the Secure Store Service uses mapped credentials known to the external business application to render any necessary external data on the site for the authenticated user.

Another benefit of the Secure Store Service is that it eliminates authentication prompts for users. When users navigate to SharePoint Online pages that access external data systems, the Secure Store Service is active in the background, checking user rights and providing mapped credentials to the external data when appropriate. This allows users to access the required data without prompting them to enter usernames and passwords specific to the external application.

The Secure Store Service is used in tandem with Business Connectivity Services in SharePoint Online.

Top of Page Top of Page

Plan to use managed metadata

By using hierarchical collections of centrally managed terms (called term sets) as attributes for items in SharePoint sites you can improve the consistency of metadata on your content, and make it easier for users to discover content on sites. Term sets are created and managed through a feature called the Term Store Management Tool, which can be accessed from the SharePoint Online Administration Center, as well as from the Site Settings page.

The Term Store Management Tool is the tool that taxonomists, administrators, or other individuals who manage taxonomies can use to create, import, and manage term sets and the terms within them. The Term Store Management Tool displays all the global term sets and any local term sets available for the site collection from which you access the Term Store Management Tool.

To plan your strategy for using managed metadata, read Plan terms and term sets. To understand more about managed metadata in SharePoint Online, read Introduction to managed metadata.

Next article in this planning guide: Step 2: Plan sites and manage users

Main planning guide article: SharePoint Online planning guide for Office 365 for enterprises

Top of Page Top of Page

 
 
Applies to:
SharePoint Online for enterprises