Home » SharePoint 2013 » Security Considerations for Deploying Customized SharePoint Server 2013

Security Considerations for Deploying Customized SharePoint Server 2013

This is the second of two posts to this blog on the second video tutorial in our series on SP13-303 SharePoint 2013: Development Course, titled “The 3 Main Deployment Options”. This set of video tutorials is authored by Yaroslav Pentsarskyy, a SharePoint MVP, subject matter expert and author of Rapid SharePoint 2013 Collaboration Solution Development and Deployment, which is available for purchase through Amazon.com.

In our first post on this topic we noted three major drawbacks to choosing a deployment solution for custom SharePoint 2013 sites, and/or features or components. Simply put, customizing the content of SharePoint 2013 must be repeated across any/all servers to ensure the same user experience if a load balancing system is in place, or should redundancy become operational. Second, There is no version control system component to a content development method of deploying SharePoint 2013 customizations. Finally, developing custom content may break the underlying SharePoint Server 2013 infrastructure, thereby making it impossible for automatic updates to be applied.

So Farm Solutions and Apps present better opportunities for successful deployment of custom solutions. But security concerns weigh on each of these options. Choosing to deploy SharePoint 2013 customizations as a Farm Solution may make sense, but it is important to understand only SharePoint administrators will be able to implement Farm Solutions. If customizations require further development, then administrators will have to participate in the process, which may not be acceptable. As well, if customizations are deployed as Farm Solutions, then security settings, on a site collection by site collection basis, may impede the distribution process. Finally, Farm Solutions are made up of sets of DLLs; therefore, they will not work for SharePoint Online.

Apps provide the “highest level of isolation”, as Yaroslav points out in this video tutorial. So an App deployment method will work for sites isolated from other sites across a farm. As well, Apps can be implemented for SharePoint Online. Signed Apps also include a version control feature. Finally, once an App is successfully built, then there will be no risk to the underlying SharePoint Server 2013, or SharePoint Online platform.

But as we noted in the first post of this set, Apps can only run processes written with JavaScript. Dot Net code will not work. Further, picking and choosing permissions for App users will not work. Yaroslav reports “it’s all or nothing”.

Ira Michael Blonder

© Rehmani Consulting, Inc. & Ira Michael Blonder, 2013 All Rights Reserved