notes in the key of e: how to make your extranet...
TRANSCRIPT
Notes in the Key of E: How to Make Your Extranet Sing
Guy Wiggins, Kelley Drye David Johnson, Bass Berry
Mark Thorogood, Perkins Coie
INFO2
August 18, 2014
Thank you for being here today
Mark Thorogood Director of Application Services Perkins Coie
• 900+ Lawyers
• 19 Offices in the US and Asia
• Listed in Fortune Magazine "100 Best Places to Work in America" for the past twelve years
Notables
• Enrollment • Share-ability • Collaboration features • Co-authoring • Databases / integrate with applications • Templates • Offline sync • Accountability and reporting (defensibility) • Occam’s Razor • Socialize
Database Description Number Ver. Author
Admin Document Title 32,767,241 1 THORM
Admin Document Title 32,767,349 1 THORM
Admin Document Title 32,767,457 1 WEINJ
Admin Document Title 32,767,565 2 THORM
Admin Document Title 32,767,673 1 THORM
Admin Document Title 32,767,781 1 BAROM
Admin Document Title 32,767,889 3 THORM
Legal Document Title 32,767,997 1 THORM
Legal Document Title 32,768,105 1 THORM
Legal Document Title 32,768,213 1 THORM
Legal Document Title 32,768,321 1 THORM
Admin Document Title 32,768,429 2 THORM
Admin Document Title 32,768,537 1 THORM
Admin Document Title 32,768,645 1 THORM
Admin Document Title 32,768,753 4 THORM
Admin Document Title 32,768,861 1 THORM
Admin Document Title 32,768,969 1 THORM
Admin Document Title 32,769,077 1 THORM
Admin Document Title 32,769,185 1 THORM
Browse Search
Recent Items
My Matters
Recent Searches
Favorites
· Browse/search· Drag and drop· Right click
Clicks matter!
Bridge between the Cloud
Summary
• Clouds can enable crowds
• Fit the system around the people
• Utility and usability • Constant change
c. 225 Attorneys D.C., Nashville, Memphis, Knoxville
21 in IT (Helpdesk, App Systems & Dev, Infrastructure, PM)
Overview
David Johnson Senior Business Analyst / PM Bass, Berry & Sims
Site Types:
• Benefits Plan Data Sites (Employee Benefits PG)
• Bidder (Manage RFP process for Clients)
• Board of Director (Corp & Healthcare PGs)
• Deal Rooms (M&A) (Multiple PGs)
• Litigation Collaboration (Litigation PG)
• Multi-Facility Corporate Contract Management (Corp & Healthcare PGs)
• Regulatory Audit (Healthcare PG)
Value Added Solutions – no cost passed to Clients • Each Site is Sponsored by Partner Atty usually with an Associate
or Paralegal at point. • Approval process – Partners over Biz. Dev. and Info. Tech.
Bass, Berry & Sims Extranets BBSX, BASS Extranets, BBSConnect
Journey to add business value
2013
HighQ Collaborate 3.2
2012
SharePoint 2010
2004
SharePoint 2003
2014 (Fall)
HighQ Collaborate 3.3
Lessons Learned
1. Assess (as best as possible) a value to investment/cost. • Use tools to help with the evaluation (e.g. matrix analysis)
• Research internal & client-side user needs (ask questions and take
notes). • Consider soft-costs like the quality of vendor support (peers
and ILTA forums) and support response times.
2. Value intuitive function • Is the tool easy on the eyes & pleasing to look at? • Navigation should require little to no instruction for Firm and
client-side users.
When a site’s complexity grows beyond actual need user interest wanes.
3. Communication & Security • Have a plan to keep your user list current.
• Quarterly user reports to Attorney Sponsors and Client Contacts have served us well.
SharePoint 2010
• Modular/Flexible • Robust • Industry Standard
• 3rd party integrations
• Custom dev friendly
• Admin intensive esp if on prem.
• Complex to unfamiliar audiences
• Increased demand for End user training and support
HighQ Collaborate Present • ISO & EU/US Safe Harbor Certified • Complaint with HIPAA regulations • 256bit encryption to & from servers • Works with all browsers & devices • Easy administration & delegation • SSO & DMS Integrations • Document versioning & DRM • iSheet/Lists w/dynamic views
• Calculations • Conditional views • Folder & File Metadata
• Self-service password support • Terms of Use (click-through)
Fall 2014 • Two-factor
authentication • Large file sharing • Date based alerts • Transfer between sites • Document automation • Work allocation
workflow • Increased use for
secure internal collaboration
325 Attorneys 6 Offices: NY, NJ, CT, IL, DC and LA
42 in IT (Helpdesk, App Systems & Dev, Infrastructure, PM, Lit Support)
Overview
Presenter:
Guy Wiggins Director of Practice Management, Kelley Drye & Warren LLP
My Role Director of Practice Management
• Support our Intranet and
Extranets
• Develop Custom Software
• Improve firm wide knowledge
management
• Manage Training
• Improve Information
Governance
My Staff
• SharePoint Administrator • SharePoint Analyst/Developer • Senior Software Engineer • Business Analyst • Trainer/Software Analyst – DC • Trainer/Software Analyst – NY
Extranet History Kelley Drye SharePoint Implementations
2008 SharePoint 2007
On-Premises
2014 Office 365/ SharePoint
On-line Cloud
2003 SharePoint 2003
On-Premises
• Pay just for what you need – Cloud technologies make it easy to scale up and scale down depending on demand for storage, bandwidth, processing etc.
• Flexible Pricing – pay just for what you use, and quickly increase or decrease usage with minimal involvement by the service provider.
• Agility – Cloud technologies allow companies to move quickly. No long procurement cycles – and new business ideas and services can be brought to market much more quickly.
• Improved Focus on business value – instead of maintaining current systems, your IT Department can spend more time solving new business problems.
• Mobility – being on the cloud means that that information is instantly available to all devices, from PC’s to laptops to tablets and iphones. Most Cloud services are also browser and OS agnostic
Cloud Value Proposition What makes moving to the Cloud compelling for a business?
Extranet Usage at Kelley Drye – 60 to 100 sites Typical number we support and build per year. More basic document sharing done via Accellion which is managed separately
Site Types - M&A Deal Rooms - Litigation rooms - Contract Review - Custom Databases
for Compliance
• Cost Effectiveness – could share with as many external users as necessary for no additional cost. No need to build our own servers.
• Leverage our existing SharePoint knowledge to shorten learning curve
• Strong document management features
• Customizable Platform with strong third party support
• Strong security features including built in including Digital Rights Management
• Mobile Ready Out of the Box (including 3rd party tools)
• Strong Reporting and Auditing
• Strategic value – Learning Office 365 would position us to better leverage
Microsoft Cloud Technologies down the road.
Key Requirements Not necessarily in this order
Because Office 365 was so new, we were willing to compromise on certain
features if they were on the roadmap for the future.
Strengths: • Incredible value – essentially free with
your EA agreement
• Huge amounts of storage
• Very flexible and customizable
• Rich BI, Workflow and other advanced
features
• Strong collaboration features including
Office Web Apps
• Powerful Search via FAST
• Strong Security features – including
encryption at rest
• Extensive 3rd Party Support
Strengths and Weaknesses Office 365/ SharePoint on-line
Weaknesses:
• Provisioning new sites is manual – not very scalable
• Auditing and Reporting Tools are currently weak (This should change in 2015 with new Compliance Center)
• Requires team with advanced SharePoint Skills to Support
• More complex than other dedicated tools to learn
• Setting up single sign on can be complex and costly
Defense in Depth is Essential
Physical controls, video surveillance, access control
Edge routers, firewalls, intrusion detection, vulnerability scanning
Access control and monitoring, anti-malware, patch and configuration management
Secure engineering (SDL), access control and monitoring, anti-malware
Account management, training and awareness, screening
Threat and vulnerability management, security monitoring, and response, access control and monitoring, file/data integrity, encryption
Physical Security
Network
Host
Application
Admin
Data
Independently verified to meet key standards – ISO 27001, SSAE 16, FISMA
Government Authority Cloud Service Provider Enterprise
responds to requests when legally required.
Microsoft will redirect the requesting entity, when law permits. - Microsoft will notify customers prior to disclosing data, when permitted.
- Microsoft will limit the disclosure to only the required information.
Microsoft Confidential—For Internal use Only
Microsoft Policy re 3rd Party Requests
Article 29 Working Party - collection of
data protection authorities in Europe
regulating world’s toughest privacy laws
EU Data Protection Authorities validate
Microsoft’s approach to privacy
Validation by EU Data Protection Authorities for Microsoft’s commercial commitments for DPA/EU Model Clauses. (covering Office 365, Azure, CRM Online, and Intune)
• Microsoft is the only provider to have received this
validation • Standard part of contracts as of July 1st
http://www.tgdaily.com/enterprise/100136-microsoft-gains-eu-security-approval
• Setting up initial access to SharePoint on-line can be very quick – but getting
Office 365 to work via Single Sign On is time consuming and takes planning and
testing
• Go with a cloud based single sign on authentication vendor, do not use ADFS.
(We used OneLogin) Besides supporting Office 365 they support hundreds of
other applications such as Chrome River with the list growing daily.
• Office 365 is a moving target. New features and changes are coming every week
so you have to be nimble.
• Lots of storage out of the box and more can be quickly purchased – very scalable
• Very powerful platform with many interesting possibilities – but basic document
rooms are easy to setup.
Lessons Learned Not necessarily in this order