Although SharePoint has evolved into a first-rate platform for information sharing and collaboration among users, departments, and teams within an organization, much of what makes SharePoint so valuable is the ability to share information with people outside your company--partners, customers, vendors and so forth. Of course, opening up your collaborative environment to entities outside your enterprise opens a Pandora's Box of security and compliance issues as well as presenting a tremendous amount of headaches for your IT department. For example, how do you easily control who can access what information and for how long? And how do you quickly provide that access when IT departments are already taxed to the max. To answer some of these questions, I recently talked with Nigel Simmons, Vice President of Product Management for Epok, a company that develops access management solutions.
"Back in 2005, a lot of the talk coming out of the post 9/11 era was that that there was a large information-sharing problem within government," Simmons said. "There was a big push into the information-sharing space, and Epok invested a fair amount into creating an underlying technology that would allow, for example, federal information to be shared with states and local governments." With the release of the 2007 versions of SharePoint, Epok could see that using SharePoint for extranets was going to be big and came up with a product based on this underlying technology and that integrated closely with SharePoint. The product, Epok Edition for Microsoft SharePoint, lets companies manage extranet access, while improving information security and compliance.
"Today's extranets are not your grandparents' extranet," said Simmons. "Extranets used to be a large number of potential customers or suppliers looking at a fairly well-crafted, perhaps slow-moving website, where information was added or updated in a fairly methodical and process-controlled way. But once you get SharePoint in the mix, you're moving at business speed. You've got business users controlling content and access and trying to address business relationships, so the extranet has demands that go beyond what extranets have been in the past."
According to Simmons, the development of Epok Edition for Microsoft SharePoint, was driven by three compelling requirements:
1. How do you provide secure and compliant access to an extranet?
2. How do you serve the need for business agility? Businesses depend on the ability to operate quickly. For example, you're company is going to bid on a project and you need some partners to bid with us. So you want to set up a SharePoint site and go after that business, without waiting for IT to provision user accounts or control groups or create websites.
3. How do you provide for collaboration on an enterprise scale--not just across a single SharePoint site but across site collections and SharePoint farms? And how do you make sure you have the right tools to monitor and control access and provide the right visibility for what's happening across that information collection?
Epok Edition for SharePoint meets these requirements by operating in a business context. Rather than treating users as individuals and trying to assign permissions to individuals, the product addresses the business user or logical group that you're working with. This allows you to set up terms and conditions for that user group. When a user enters the extranet site, he or she would immediately see the type of information they can access as well as the obligations they need to follow for using that information.
What makes the solution even more intriguing, is that IT departments can authorize SharePoint site administrators to provision extranet users, reducing the number of provisioning requests IT has to handle. Plus extranet users can be given authorization to nominate other users for site access without involving IT.
Forward-thinking companies are using SharePoint for their extranets to maximize their business relationships. Epok's SharePoint add on helps them maintain their agility, while allowing secure and compliant information access--with little additional work for overburdened IT departments.