Abstract


New releases of SharePoint used to involve only one key decision: when do we upgrade? With SharePoint 2013, however, organizations have to decide not only when to upgrade, but where: Will your organization be best served by a 100 percent on-premises SharePoint, a 100 percent cloud deployment, or a hybrid of the two? This TechNet Wiki will help you make the right choice for your organization. It details the key criteria to consider, from security concerns to business intelligence needs. Then it explores a number of real-world business scenarios to show how your organization’s history with SharePoint and its current and future business needs will affect your choice of on-premises SharePoint, Office 365, or a hybrid deployment.

Introduction


For years, work was done primarily on premises — you went to an office where you had a desk, a single computer and a telephone that was cabled to the wall. Organizations relied on on-premises client installations of Microsoft Office (Word, Excel, PowerPoint and so on), as well as server installations of Exchange, Lync and SharePoint. With each new release, enterprises had to answer only one question: when should we upgrade? Today, work is very different. Work is now done not only at your desk but also in meeting rooms, coffee shops, airports and at home. The phone by your desk has given way to the cordless phone in your hand, the cell phone in your car and then the smart phone in your pocket. The computer at your desk has been supplemented by the notebook in your lap and then the tablet in your hand. Users need access to the same data from these mobile devices, no matter where they are, as they have while tethered to their desks.

In 2012, Microsoft broke important ground in supporting today’s mobile workforce with a new “Cloud First” promise: that it will deliver infrastructure software and applications as a cloud service either first or simultaneously with the release of the on-premises version of its key products. Microsoft’s Wave 15 suite of products, which includes SharePoint 2013 and Office 365, follows the path of that Cloud First promise. 

With cloud offerings now on an equal or even preferred footing compared to on-premises solutions, organizations now have to answer a much more complex question than simply when to upgrade to a new release. Now they must decide whether to stay 100 percent on premises, move completely to the cloud, or adopt a hybrid environment that includes some of each.

To help you find the right option for your organization, this white paper explores the key benefits and drawbacks of on-premises, cloud and hybrid installations, and then details a number of real-world business scenarios and proposes the best option for each.

Microsoft’s shift to the cloud



The next-generation collaboration and communications platforms 
Throughout 2012, Microsoft conducted a staged introduction of their next-generation collaboration and communications platforms, SharePoint 2013, Office 365 and Yammer:

  • SharePoint 2013 - SharePoint 2013 introduced a simplified user experience, enterprise social features that will transform the user experience and a new app development model that is cloud ready. You can purchase SharePoint in the cloud as a standalone offering or as part of an Office 365 suite. 
  • Office 365 - Microsoft had already pivoted away from its traditional view of Office — running dedicated server services in a service peer model — towards a more cloud-friendly approach called Business Productivity Online Suite (BPOS). With BPOS, Microsoft began acting as a service, running an instance of SharePoint, Exchange or Lync for enterprises on the web. Office 365 shifted this approach further. Office 365 is software as a service (SaaS)—enterprises sign up to receive all of those services in a multi-tenet, pay-as-you-go model in most cases. Shared for efficiencies, Office 365 enables organizations to sync with other businesses and to deliver Office applications directly through web browsers. 
  • Yammer - Last, in June 2012, Microsoft announced that it was purchasing enterprise social pioneer Yammer for $1.2 billion. With Yammer, employees can create groups to collaborate on projects and share and edit documents. The service can be accessed through the web, desktop, and mobile devices based on a user’s internet domain. 

By offering these solutions in the cloud, Microsoft enables users to access information from anywhere, on any supported device. You simply go to a web page and provide some credentials, and then you have access.

Weighing your options


Overview


Adoption of new Microsoft releases used to be fairly straightforward. For example, Microsoft released SharePoint 2010 and Office 2010 in May 2010, and many enterprises were ready to upgrade, if not completely upgraded, by the end of that calendar year. 
Enterprise adoption of the Wave 15 suite of products, however, may be more involved, because enterprises have to choose not only when to upgrade, but where: 
  • Stay with a traditional on-premises implementation 
  • Move completely to the cloud 
  • Adopt some blend of those services (a hybrid model) 

Each option has its pros and cons. The key factors to consider are listed in Table 1 and discussed in detail below.



 

On-premises

 

Cloud

 

Hybrid

Security

Pro

Con

Pro

Scalability

Con

Pro

Pro

Remote access

Con

Pro

Pro

Operations

Con

Pro

Con

Out-of-the-box integrated features

Con

Pro

Pro

Customization

Pro

Con

Pro

Business intelligence

Pro

Con

Pro

Table 1. Factors to consider when weighing your implementation options

Security 


The number one question in the adoption of cloud-based SharePoint is security, and indeed Table 1 lists it as a “con” for the cloud option. However, it is debatable whether the cloud is any less secure than on-premises implementations of SharePoint. While an internal datacenter may offer no obvious access to outside users, it is also far less likely for datacenters to have the level of active monitoring, intrusion detection and firewall security that most cloud-based implementations of SharePoint — especially Office 365 — can offer. If you ever go to one of these facilities, you will find that physical security of the servers, networking and storage is a serious business, often including many security and resiliency measures that the average datacenter does not have.

The security concerns are not so much about the data on the servers (data at rest) as about the data on all the unmanaged devices (data in flight). As users begin to access corporate data on personal devices, such as personal computers and smartphones, the risks increase. In a traditional on-premises deployment, access to corporate data can be limited to the corporate network or VPN, along with corporate-managed devices with the expected level of anti-virus and security patches. In a cloud deployment, however, any device with a supported browser could provide access to corporate data with simply a username and password.

Only the hybrid approach can offer the best of both worlds in terms of security. In a hybrid deployment, separate information domains can be established to secure access to sensitive information while providing ready access to less sensitive information. It is also important to note that with the additional deployment of an information rights management (IRM) solution, data can be secured on any platform and from any device; however, this adds to the complexity of managing and maintaining the solution.

No matter which type of deployment you choose, it is critical to have good data governance and information management policies. These are the keys to safeguarding data, not just the platform that it sits on.


Scalability


Scalability involves multiple dimensions. The most obvious are the number of users you can support and the amount of data that you store. The first implementation of Office 365 had significant constraints on the volume of data that could be used inside site collections or SharePoint tenants. However, almost all of these restrictions have been removed in more recent releases.

A lesser considered aspect of scalability is the amount of user activity you can handle. For example, special events, such as the publishing of the company annual report or an important company announcement by the CEO, can cause a sudden spike in user activity. Office 365 can automatically adjust to this increase in user activity while maintaining application performance, and then scale back down when activity levels return to normal.

An on-premises solution can certainly provide a similar level of scalability — but at significantly increased expense. The organization will need to make a substantial investment in physical resources (servers, memory and storage), as well as in skilled administrators to set up, configure and manage the solution. The Office 365 service already makes this investment to benefit all subscribers of the service.

A hybrid deployment can also offer these benefits by utilizing the scalable architecture of the cloud-based service for specialized workloads and information. “Bursting” to the cloud is an effective way to manage available resources and keep performance at optimum levels for both the on-premises components and cloud-based ones. For example, the company home intranet page might contain a link to the CEO video address hosted in Azure Media Services using the new SharePoint video portal site template.


Remote access 


Many organizations today need to access information hosted in SharePoint not only from traditional desktops, but also from browsers, smartphones and mobile tablets anywhere in the world. Providing access to internal data typically requires solutions such as VPNs, key fobs, access code or physical connections. These architectures require significant investment to set up and maintain, and all of them can inhibit the usability of enterprise data in on-premises deployments. 

Providing access is far simpler if the information lives in the cloud. Once configured, any device with a supported browser can access the information once the user has been authenticated. Authentication can be based on a user name and password, or on two-factor authentication if required. Native options for deleting company information on personal devices are also provided.

With a hybrid model, an organization can use the cloud to enable easy remote access to information that must be accessed from outside of the organization or shared with business partners, and thereby avoid the expenses associated with enabling remote access to that information if it were hosted on premises.

Operations 


A clear benefit of the cloud option is reduced cost of operations. Microsoft is responsible for hosting and maintaining SharePoint Online, and does so very well. Through the Yammer acquisition, Microsoft has adopted a pattern of continuous improvement, so bugs and new features are continuously slipstreamed into the product. Microsoft also takes ownership for common service requests, backup, recovery and uptime — many things that an over-strapped IT manager is hard-pressed to deliver in a way that meets today’s demanding service level agreements (SLAs).


On-premises deployments, in contrast, require a lot of work to maintain. Security patches, hot fixes, cumulative updates and service packs must all be monitored, tested and scheduled for implementation. The effort required for performing these actions on even one farm can be enormous and magnified when there are multiple farms deployed, such as a farms for enterprise collaboration, Project Server and Team Foundation server.

Hybrid deployments require this work as well, because the administrator must maintain the on-premises components to keep pace with the cloud-based ones. In addition, hybrid deployments also suffer from the complexity of setting up and configuring all of the components (directory synchronization, directory federation, DNS, etc.) for making a hybrid deployment work. These components must be monitored and maintained to ensure that users have continuity of service. Highly available and recoverable topologies must be in place for these components to continue to function in the event of a failure.


Out-of-the-box integrated features 


Microsoft’s Office 365 tools arrive fully integrated. Features such as site mailboxes allow for easy information sharing between Exchange messaging and SharePoint team sites. User experience across all of the suites is similarly integrated into one unified menu allowing for easy access to user profiles, SharePoint content and messaging. Microsoft’s investment in continuous data protection and e-discovery allow for the seamless querying and retrieval of information to respond to cases and subpoenas across both Exchange and SharePoint intrinsically.

On-premises implementations of Exchange and SharePoint can offer similar functionality but not without significant engineering and integration work. These implementation might also be managed by separate teams with separate business objectives — for example, the messaging team might determine that Exchange 2010 provides all of the functionality that users require, whereas the collaboration team may want to use SharePoint 2013 for the enhanced search capabilities. Some of the integrated features would not be supported in this model and functionally would be limited.

The hybrid model does not offer much for improving integration but would allow for quicker deployment of certain features when the business demands them. For example, if your organization wants to use the site mailbox feature, SharePoint sites in the cloud could leverage Exchange Online for this type of integration while all other enterprise mailboxes continue to be hosted on premises.

Customization


SharePoint is a highly customizable system, and as a result, an endless number of custom web parts, forms, workflows, services and other solutions have grown up in the SharePoint 2010 ecosystem. On-premises installations of SharePoint allow for the broadest range of possible customizations: solutions can be customized using SharePoint Designer, JavaScript, the client-side object model (CSOM), or the service-side object model (SSOM). SSOM can run in either Sandbox mode or full-trust mode, which is especially useful when integrating with other line-of-business (LOB) systems, such as ERP and CRM systems.

In fact, for the past 10 years, most custom-built SharePoint solutions customization have been built using full-trust mode. But in the cloud, enterprises no longer have access to full-trust code, so for organizations with a history of SharePoint customization, code-based customization around their key information assets can present a stumbling block for migration to Office 365. Moreover, the integrated LOB systems are vital to day-to-day operations and therefore cannot simply be moved to the cloud in the same way that content can.
Moreover, although such custom SharePoint development has been a good approach for properly skilled developers, it also introduces important risks. In particular, custom solutions, if not properly built, degrade the stability of the whole environment, and custom code can be challenging to test, hard to support, and difficult to prepare for upgrades.

SharePoint 2013 brings an important change to customization that makes the cloud option more appealing. Although traditional customization APIs, web parts and server-side code are still supported, Microsoft has created a new API to support running application code on remote servers. As a result, the actual application footprint on SharePoint itself is tiny — basically, to “install” an app, you merely register an XML file to a custom library to tell SharePoint where the application “lives.” This is similar, for example, to Facebook apps: if you add Farmville to your Facebook page, the Farmville app isn’t coming from a Facebook server; it is running on Zynga’s servers and tied in at the browser with client-based integration code for a seamless user experience.

Moving apps outside SharePoint gives organizations the flexibility to move SharePoint to the cloud without having to change the core application server, and gives developers the flexibility to create applications using their preferred platforms and languages. Moreover, Microsoft established an online app store where developers can post purchasable or free versions of their applications, and enabling organizations to establish an internal catalog of approved, registered applications. Both SharePoint Online and on-premises SharePoint can use the marketplace and app model to perform “safe” customization of the SharePoint environment.

A hybrid model offers middle ground: your legacy customization can continue to run in the on-premises portion of the hybrid model while you also take advantage of the benefits of SharePoint Online.

Business intelligence


Getting data into SharePoint is easy. But just having data is not enough; organizations need to transform data in actionable business intelligence (BI). Visualizations help users understand what data means. For example, an Excel spreadsheet can have a lot of data in it, but it may not be at all obvious what the data is telling you. Graphic elements like charts and dashboards can help make the business value of the data clear.

Microsoft offers a broad range of solutions for BI and data visualization for on-premises SharePoint. These include Excel Services, PowerPivot, SQL Server Reporting Services (SSRS), PerformancePoint dashboards and custom solutions. However, these solutions can require additional licensing and offer only limited functionality. Moreover, they require specialized skills to use, which results in a long backlog of enhancement requests for IT and frustrated users. Third-party tools can make on-premises data visualization easier.

Microsoft is aware of the importance of business intelligence customizations for today’s enterprises and is readying the next generation of their BI solutions. Power BI for Office provides a gateway to allow access to most LOB data sources from an Office 365-hosted PowerPivot data dashboard. More BI-based third-party apps are likely to be available soon for enabling data visualizations in Office 365.

Summary 


Choosing the right option for your organization requires careful consideration. Over the past 12 months, we’ve seen an increasing number of enterprises making their decisions and moving forward.

One interesting development is that the idea of hybrid SharePoint in 2013 is shifting into something very different from what was originally forecast for hybrid usage. Several years ago, many enterprises that planned for a hybrid implementation of SharePoint tended to divide the hybrid roles of SharePoint into information domains — a single department would move its hosting of SharePoint into the cloud, while other departments would remain on premises because of custom code complexities, need for access to LOB data or information security reasons.

However, a variety of business scenarios have emerged with the introduction of Office 365 and with Service Pack 1 for SharePoint, which offers greater flexibility for how services are assembled.

Migration options



Once you make the decision about where to go, you will need to determine how to move your legacy content and assets to your new on-premises, cloud or hybrid environment. Migrating content manually can be tedious, time-consuming and error-prone, and often results in sub-standard application of policies concerning appropriate metadata tagging and other data integrity or compliance rules. Writing custom tools can mitigate these risks, but it can be expensive, and it requires specialized knowledge of the programming interfaces for both SharePoint and the source application. Hybrid migrations provide special challenges, since they have the additional burden of migrating content to multiple target environments.


 

Conclusion


Choosing the right path forward for your organization requires a careful examination of the pros and cons of on-premises SharePoint, Office 365 and hybrid deployments, as well as the business requirements specific to your organization’s current situation and future plans.