Information Management Policies and Complex Workflows

One of the key Enterprise Content Management (ECM) features provided by Microsoft in SharePoint Server is the Information Management Policy feature.  These policies can be used to establish multi-stage retention policies, but the scheduled nature of this feature opens it up for so much more. 

Note:  If you are not familiar with the information management policies and would like a general overview, see Plan for information management policy in SharePoint Server 2013.

For our purposes, I chose to leverage these features to support the multi-stage activity which supports scheduling each stage, defining an action to execute, and a recurrence schedule if applicable.  Using these retention schedules, we can execute scheduled activities to support business processes such as content retention, disposition, or to build a contract management solution.

Scheduling a Stage Date

The ability to schedule the start of the stage is both simple, and powerful.  You simply select one of the document’s date fields, which can be either a system field such as Created or Modified or can be a custom field as in the example below.

20170913-1.png

Action

Next, we focus on the action to take within this stage.  The configuration comes with the following actions:

  • Move to Recycle Bin:  Moves to the recycle bin for orderly removal
  • Permanent Delete:  Bypasses recycle bin and is immediately deleted
  • Transfer to another location:  Move to another site such as an archival or records site
  • Start a workflow:  Start a workflow that is associated with the content type
  • Skip to next stage:  Move directly to the next stage
  • Declare record:  Declare the item as a record in the system (in place records management)
  • Delete previous drafts:  Cleanup previous draft, minor version copies
  • Delete all previous versions:  Cleanup all previous versions

While these actions can be helpful, this is where most people start hitting the brakes.  If you have an important legal agreement or contract, you probably don’t want to just delete it or move it to a recycle bin when it is scheduled to expire.  You probably want somebody to review it and make sure it is actually no longer needed or does not need to be renewed.  For those that are familiar with the power of workflows the “Start a Workflow” action sounds great until you click that list and see an empty list of available workflows.  This is the single biggest hurdle for most people, and the point where many turn back.  Do not worry, we will come back to this shortly. 

Retention

The recurrence settings are also straight forward allowing you to repeat a stage based on a number of days, months, or years as the image below illustrates. 

20170913-2.png

Complex Workflow!

As I mentioned earlier, the “Start a workflow” action list is blank by default.  This is where our ability to implement complex workflows comes to the rescue.  These workflows can be developed using SharePoint Designer, Visual Studio, or our preferred tool Nintex Workflow.  The trick is that whatever path we choose, we need to be able to associate the workflow with the specific content type(s) for it to be available in the list of workflows within the “Start a workflow” action. 

To create a workflow that can be associated with a content type in SharePoint Server, navigate through Site Actions menu, select Nintex Workflow (2013/2016), and then Create Reusable Workflow Template as illustrated below.

20170913-3.png

We then define our workflow name, description, and associate it with a content type.

20170913-4.png

Here is an example of a Contract Review workflow we created for demo purposes.

20170913-5.png

Once our workflow is saved, we can now visit the Site Content Type Information page (Site Settings-> Site content types -> select our content type) and click the Workflow settings action under settings.

20170913-6.png

Next, we can select our workflow template and provide a unique name for the process.  For workflows that are triggered by the Info Mgt Policies, you can set the start options to enable “Allow this workflow to be manually started” and disable the new and edit options. 

20170913-7.png

Now that the workflow is associated with the content type, we can configure our Retention Policy.  From the Site Content Type Information page, select the Information management policy settings action. 

20170913-8.png

Select the “Enable Retention” option to enable the retention options and then click the “Add a retention stage” action to load the stage configuration form. 

20170913-9.png

The retention stage configuration form options were explained previously.  Define an appropriate stage schedule based on a date comparison with a date field.  The comparison can be based on days, months, or years. 

20170913-10.png

Next, select the “Start a workflow” option from the Action list and select the workflow you previously configured for the given content type. 

If applicable, configure an appropriate recurrence schedule. 

Then, click the Ok button to save your changes and continue. 

If needed, you can configure multiple stages.  For this example, you can see for the given contract content type, there is an initial stage for review.  After it progresses through the “review” stage, the second stage was configured to have a contract disposition workflow one year after expiration if the contract was not renewed as illustrated in the image below. 

20170913-11.png

Once the changes are fully saved, the document will be reviewed based on the internal process schedule and the workflow initiated. 

Single versus Multiple Stages (Multiple Workflows)

While it is possible to design and implement a single workflow that can handle the logic from the individual stages, there are some advantages to breaking the workflows down into the individual workflows for each stage.  It certainly makes the workflow easier to manage within the designer, but it also gives you more granular tracking for executions leading to clearer insights and reporting without having to build in a lot of extra actions within the workflow to break out and report on the individual stages.  Ultimately, the requirements can be fulfilled either way, but we find it easier to maintain and support with individual workflows for each stage.

 
calltoaction-general.png

Need assistance with retention and disposition workflows?

Overcoming Upload & Approval Challenges with Records Management

When we first embarked on the journey of creating Record Center, we knew there were several major pain points in the lifecycle of records management that we wanted to address. Creating a platform that would ease the burden on record managers and record approvers was one of our top priorities, and the challenges of content ingress and record approval were some of the main issues we wanted to address. 

To understand the pain of loading and approving content into a records management solution is to realize that content comes from a seemingly endless number of sources. Those sources could include other business systems or raw scans of physical documents, and could comprise any type of document an organization handles—contracts, invoices, employment agreements, non-disclosure agreements, tax documents, etc. Each of those unique document types could very well contain different metadata, different required fields, or different document formats further complicating the notion of a centralized ingress and approval process. 

Upload Content (Ingress) 

Record Center’s model of “Document Types” allows for an organization to define criteria for each type of record to be loaded into the system. Each of these document types contains its own distinct metadata requirements, approval requirements, retention plans, and disposition processes. This model allows for all records—regardless of their type—to be submitted to the same central Pending Records library, using the same process, while still ensuring that a unified record submission and approval flow may be used. 

Required Fields 

Critical to being able to easily and accurately find records is the notion of applying metadata to records. Record Center’s unique in-line preview mode allows a user submitting a record to easily see their document alongside the document’s required and optional metadata fields. This view allows them to quickly determine what fields must be completed for a given document type, and if necessary, navigate through the document in question to determine the values of those required fields. 

Approval Models 

Document Approvers and Record Managers are frequently faced with the challenge of having to approve large quantities of records. To cope with these challenges, Record Center offers several features integral to streamlining this otherwise time-consuming process. 

Unique Document Type Approvers

Each unique document type may contain its own distinct record approvers, allowing for a first stage approval by a user belonging to that document’s work center or area of expertise. This process helps to ensure that misclassified records or those with incorrect metadata are caught before entering the Record Manager’s approval queue. 

Inline Document Preview

Utilizing inline preview, a document approver and/or Record Manager can easily review a document alongside its metadata to ensure the metadata entered is accurate, and all required fields have been completed. 

Approve and View Next

As a document approver or Record Manager moves through their approval queue, they would historically have to open the document to be approved, approve that document, close it, open the next document, approve that, close it, and so on. To streamline this click-heavy process, Record Center contains a “Approve and View Next” feature, which allows the user to review, approve and open the next document in their queue with a single click. 

Bulk Approval

In the case of a bulk import where a record’s data has already been validated, Record Center includes a bulk approval option that allows a document approver or Record Manager to select multiple records at once and approve them all with a single click. 

Auto Approval

In some cases, an organization may wish to automatically approve records. The likely scenario for this is when a records management team is small, and perhaps the same people would do the content ingress as well as the approval. In this scenario, records can be configured to automatically approve after they’ve been pending approval for a set amount of time. 

 

About Record Center 

Record Center is your turnkey solution for enterprise-class record management. An extension of Microsoft SharePoint, Record Center arms your users and record managers with a feature-packed, intuitive solution to manage the entire life-cycle of your records. Configure, Approve and Search for records faster and easier than ever with Record Center. 

 
calltoaction-recordcenter.jpg

Interested in learning more about Record Center?

Planning for Hybrid Integration with O365

This article is a continuation of Planning for Hybrid Cloud Deployments.

Working through provisioning of a new Office 365 tenant doesn’t take much effort. The real effort is in the planning of the key components of your O365 tenancy. In this blog series, we are going to cover the important items to take into consideration when planning your O365 tenancy, particularly when it comes to hybrid environments. We will briefly cover hybrid O365 scenarios and what components to be aware of. Late in the series, I will dive a bit deeper into specific hybrid scenarios. As usual, along the way I will be sure to highlight the lessons learned and pitfalls to be aware of.

In most cases, it’s safe to say that organizations will not need more than one O365 tenant. There are some special cases where this is a requirement. This article will not cover multi-tenant O365 scenarios. If multiple O365 tenants are required, there will need to be some additional planning around domains, synchronizing users into multiple tenancies, and the impact on other O365 services. The TechNet article found here covers the pros and cons of single and multiple tenant O365 deployments.

The first step in planning your O365 deployment is to perform some discovery around your current IT infrastructure and enterprise applications. For example, you will want to identify all on-premises applications such as Exchange, SharePoint, and Skype for Business that may have integration points into some of the other O365 services. These integration points could potentially have an impact on the deployment of your O365 tenant. Pay special attention to the authentication approach that is selected for users. User authentication is one of those early planning decision items that needs to consider some of the integration points with other on-premises applications mentioned above. Take inventory and make sure that if you are integrating your on-premises environment with O365 that you meet the O365 requirements for each of the following:

  • Active Directory
  • Network architecture and DNS domains
  • Mail routing
  • Authentication solutions
  • Mail archiving and compliance
  • Network bandwidth
  • Certificates
  • Hardware and software for Azure AD Connect and possibly ADFS deployment
  • Mail archiving and compliance

Here is a great O365 deployment checklist which adds much more detail to the inventory which should be taken of the current environment. The table in the checklist includes inventory tasks and overall questions that should be discussed prior to your organization’s deployment. This is particularly true with organizations who want to leverage on-premises investments in a hybrid scenario.

Organizations who want to continue to leverage their existing on-premises technologies and leverage O365 will require hybrid configuration. One of the single most important decisions to be made early with any hybrid configuration is around identity model authentication. Will users be required to enter their credentials when using any of the O365 services when they are connected to the internal network? Unfortunately, there isn’t a universal answer to this question. The answer to this question depends on your organizational requirements will dictate which Azure AD sign-in option that is chosen.

O365 sign-in options

Choosing an identity model is the foundation for your organization’s O365 implementation. Azure AD is the underpinning directory service used by Office 365 to provide access to services. An Azure AD tenant is attached to a single Office 365 tenant. Here are a couple questions that should be asked when planning your O365 identity implementation:

  1. Will existing users be migrated into Azure AD?
  2. If the organization is currently using Active Directory on-premises will users be synced using Azure AD Connect?
  3. Will new users be created directly in O365 or created in the local AD and synced to O365?
  4. What kind of sign-in experience do we want for users accessing O365 services?
  5. Is single sign on (SSO) required when authenticating to O365 services?

Identity Models

Below is a list of the different identity models that are available for configuration using Azure AD connect. Seamless SSO can be used with the password synchronization and pass-through authentication options below. Seamless SSO automatically signs users in when they are using corporate devices connected to your internal corporate network.

Password synchronization

Hashes of user passwords are synchronized from on-premises AD to Azure AD. Passwords are never sent or stored in Azure AD in clear text. Users accessing Azure AD resources (O365 services) will be able to use their corporate account to access these services.

Pass-through authentication (PTA)

User passwords are not stored in Azure AD in any form. This model uses an agent that is installed on an on-premises domain-joined machine. The agent performs all the heavy lifting and does not require any inbound ports to be open to the internet. You can enable seamless SSO on corporate domain-joined machines on the corporate network.

Federated SSO with Active Directory Federation Services (ADFS)

This option requires ADFS infrastructure for more complex environments with multiple domains authenticating to Azure AD. Users accessing O365 services from the corporate network will not have to enter passwords when switching between applications.

Each identity model has its own benefits and limitations. Pass-through authentication is somewhat of a new capability which provides organizations who do not want to store user passwords in the cloud an option. I am not going to cover how PTA works in-depth but a quick search on your favorite search engine will return some great resources and documentation.

If an organization already has invested in an ADFS infrastructure, federated SSO with ADFS is the way to go. The other two options do not require any additional, potentially redundant infrastructure. Azure AD

Connect can be installed on a domain-joined server in your current on-premises environment. Once the installation has completed the Azure AD Connect tool can be used to configure seamless SSO and user sign-in authentication. Azure AD Connect is also used to connect to Azure AD and synchronize on-premises AD directories.

Once users begin synchronizing to Azure AD and the authentication option has been chosen, the next big planning item is identifying what hybrid capabilities your organization would like to use. For example, a common question that should be asked is: “What applications will be kept and used on-premises and which workloads and applications will be migrated to the cloud?” This blog series will focus on the hybrid SharePoint capabilities with O365 and the questions and decisions that need to be made around the hybrid implementation. In the next article in this series we will dive into the different hybrid deployment options for SharePoint 2013/2016 on-premises. Such topics as authentication topology, hybrid taxonomy, hybrid auditing, and cloud hybrid sites and search.

If you are interested in deploying a hybrid system, but do not know where to start, engage B&R's Architects to help provide a detailed analysis and design supporting your deployment requirements.

 
calltoaction-dps.png

Let us help you develop a design that meets your needs

Getting More from Your Microsoft Cloud Hosting

Why Use a Microsoft Cloud Solution Provider (CSP) Such as B&R?

Using a Microsoft Cloud Solution Provider (CSP) can help you get the most out of your cloud hosting experience. More and more, Microsoft is making an effort to drive customers to partners that have the title of ‘Cloud Solution Provider’, or CSP for short. The CSP program is a relatively new (two years old) component of the overall Microsoft partner program that allows partners such as B&R Business Solutions to provide licenses and a variety of services to customers through one of two models:

Direct

The partner has a direct relationship with Microsoft and procures the licenses the customer needs directly from Microsoft and then acts as a trusted adviser for the customer. In this role, the partner provisions any services and licenses needed, bills the customer for the licenses (and any other services bundled with them), monitors the services the customer is using, and provides support for the customer.

Indirect

The partner acts as a reseller and account management is handed off to a distributor who has the relationship with Microsoft. With this approach, the partner is able to leverage the resources of the distributor to provision the licenses and services, and the distributor bills the customer and provides the support and monitoring services.

When B&R became a CSP, we elected to go with the direct model. This means that customers that use B&R can be sure that B&R stays engaged and has the provisioning, support, and billing capabilities that are up to Microsoft standards in-house. Additionally, you can be sure that you are working directly with B&R employees, and not a distributor – ensuring that we build a relationship directly between our customers and our team members.

Let’s break down the benefits of using a Microsoft CSP a bit further:

Savings

If you are purchasing your Office 365 licenses or Azure subscription directly through the office365.com or Azure.com web sites, you are paying the list to Microsoft for the services. With the CSP program, B&R is able to provide discounts on your licenses and consumption that are not available through the ‘web direct’ programs.

Better Terms

When you sign up with B&R for your licenses or Azure consumption, you can pay on NET terms. Additionally, there are no early termination fees for the removal or Office 365 licenses (unlike when you go web direct and you are charged a fee for removing a license prior to its renewal date).

Simplicity

While you may just decide to use B&R for your O365 & Azure subscriptions, if you use B&R for managed services or project-based consulting services, everything appears on one invoice. No more chasing down multiple vendors – you have one place to go for everything and

B&R has a variety of bundles that can further simplify things (and save you money) – check out http://www.bandrsolutions.com/managed-services.

Support

It can be frustrating trying to get the right individuals to support your organization during critical times. With the CSP program, B&R is your trusted partner – and your first line of support to help get you back up and running. The talented team at B&R will work with your on any issues you are experiencing and if needed, B&R has access to ‘Signature Cloud Support’ – which provides a higher level of support to Microsoft CSP partners – and in turn means quick time to resolution and access to excellent Microsoft resources.

Expertise

B&R has been working with Office 365 along with the Azure platform & infrastructure services for many years, and has one of the most talented teams anywhere (the team includes 2 current MVPs and 2 former MVPs). If you want to implement Office 365 and Azure right – the first time – then it makes sense to partner with the best, and that’s exactly what you will get with the B&R Team.

As a CSP, B&R Business Solution is going to ensure that your organization gets the best possible support and works with some of the most experienced individuals in the industry – all while being rewarded with a simplified approach and cost savings.

Interested in the CSP program? Looking to save money? Want to provide your organization with a higher level of support? Then contact B&R Business Solutions today – we can start by taking a look at your current (or proposed) cloud spend and immediately let you know how the CSP program can save you money and make recommendations based on our experience. There’s no charge for this assessment, and we’re confident you will be glad you reached out!

 
calltoaction-msp.png

Worry-free Managed Services with Predictable Pricing

Extending Internal Business Solutions to Azure

As cloud technologies continue to evolve and mature, there is an exciting opportunity that we are seeing more frequently; leveraging Azure’s Platform Services to build and deliver secure business applications for internal company use. While this is a natural progression for organizations already adopting cloud services and technologies like Office 365, we are now seeing this model adopted by companies still primarily running traditional on-premises data centers and applications. There are a lot of advantages to this approach so in this post we will attempt to make the case for taking your first steps toward cloud services used for supporting your internal business solutions.

The key points we will cover in this post are

  • Infinite capacity
  • Consumption based pricing
  • Redundancy immediately available
  • Enhanced insights to further optimize costs

Infinite Capacity

One of the core premises of the cloud services is infinite capacity, and it should not be discounted. From the early days of development, through initial launch, to the long-term use there is no need to worry about having enough capacity on hand to satisfy the application. There is no fear of having to add additional capacity to your Virtual Machine hosts and SANs. Over the years, I cannot count the number of projects that have been delayed because operational capacity issues. These issues are eliminated completely. Likewise, as your app needs to scale out it can do so easily without having to rework anything.

Consumption Based Pricing

Another core premise of cloud services is paying for only what you use. When moving your business solutions from the Virtual Machine (VM) hosted model, to one implementing Azure Platform Services leveraging services like Azure Storage, Web Apps, and Functions we start to see the cost to run our solutions is minimized. We only pay for the processing cycles our solution uses, there is no longer a need to pay for the idle time between requests. Also, unlike traditional on-premises solutions we do not need to budget for the total available disk space (or worse the raw disk space of an underlying disk array), but only what you consume this month. This offers a cost-effective way to approach capacity planning and also encourages good data cleansing and archiving habits.

Redundancy Immediately Available

For those who do not work for a Fortune 500 company with access to geographically distributed data centers and real-time redundancy, you will be pleased to find that you have immediate access to services across data centers with intelligent services to handle synchronization and failover. While redundancy can come at higher utilization costs, the costs are still very reasonable and should be significantly lower than adding the capabilities to your local data centers.

Enhanced Insights to Further Optimize the Costs

If all of this wasn’t enticing enough, there are tools offered from Microsoft and ISVs that can provide rich operational metrics to show where your compute and storage costs are, and how they can be optimized to save money. This allows you to maximize your investment, and continue to leverage the tool while keeping costs under control. We typically look to do a quarterly review with the customer subscriptions we manage to ensure that services and the consumption are optimized for their goals and budgets.

Closing

If you have not already started to look at how you can integrate cloud services into your application development, now is the time. If your organization has an active MSDN subscription, it normally comes with a $150 per month credit to get you started. In our experience that can easily handle dev instances for several projects.

If you are interested, but do not know where to start, engage B&R's Architects to help provide a detailed analysis and roadmap matching your application needs to the appropriate Azure Platform Services and estimate the associated operational costs.

 
calltoaction-paas.png

Need help planning for Azure?