So what are the mission-critical components of an acceptable foundation for a hybrid scenario for SharePoint 2013 on-premises computing, and Office 365? Paolo Pialorsi presents 6 of these in a webcast recorded at Microsoft’s TechEd Europe 2014 event, which was held in October, 2014 (the title of Pialorsi’s presentation is Overview of Microsoft SharePoint 2013 and Office 365 Hybrid Scenarios):
- “Directory Federation via ADFS and Azure AD Sync
- “Internet routable AD domains”
- “SSL certificates and secured communication channels”
- “Good bandwidth and Internet connectivity”
- “Office 365 Enterprise Subscriptions”
- “SharePoint Server 2013 Enterprise on-premises
The fifth and sixth components are obvious. The fourth requires further definition as “good” means different things to different people. For graphics intensive computing (working with dashboards, Power BI, Power Query, etc), high speed broadband data connectivity (at speeds faster than 3M per second download) should be in place. But for normal web page viewing, speeds below 1M per second should suffice.
The third component must be supplemented. Anyone following the 2014 tech industry news will likely be familiar with the security problems detected in the OpenSSL data communications standard. Neither Office 365, nor SharePoint Server 2013 (or Windows Server, SQL Server, etc) made use of the standard, but third party applications may have made use of this standard, and, therefore, should be closely reviewed to ensure any security issues have been corrected.
More broadly speaking, a plan must be created for users to implement as to precisely how data (corporate, personal, third party, etc) is to be handled in a hybrid computing scenario to buttress the third component of Pialorsi’s list with secure procedures. So this third component should be recognized as, perhaps, even more “mission-critical” than any of the others.
Of course, it will not be possible to enforce a set of security procedures without the first and second components of the list. So care must be exercised to ensure ADFS and Azure AD Sync have not only been correctly implemented, but are also, themselves, secure.
Pialorsi includes a few limitations on the scope of what can be done with the hybrid scenario he presents. These include the following:
- “Office 365 + DirSync does not support multi-forest environments”
- “Some Service Applications cannot be shared” – “User Profile Service” “Managed Metadata Service” “Word Automation Services” “Workflow Services”
©2014, Ira Michael Blonder & Rehmani Consulting, Inc. All Rights Reserved