SharePoint Designer Governance

I hear these and many similar comments and questions all the time in my SharePoint online Power User classes:

• “Oh, I can’t do that because my company won’t let us use SharePoint Designer.”
• “I’d like to create a workflow, but no one is allowed to use SharePoint Designer.”
• “How do I get my company to let me use SharePoint Designer?”

These questions and comments all relate to SharePoint governance.  SharePoint governance is a very important consideration for any SharePoint deployment, one that from myexperience a lot of organizations cut corners (or don’t even realize what they should be doing), to the detriment of their SharePoint deployment’s success.  SharePoint governance is a big subject; more than one blog post can cover.  Of all the subjects and classes we teach (from Citrix, Cisco, VMWare, to Microsoft SQLServer, WindowsServer, Exchange, etc.), there is only one product we have a dedicated class on Governance for:SharePoint.  I present this as evidence for the need for SharePoint governance, without which has led some people to call SharePoint a “virus”.  (Go Google or Bing “SharePoint” and “Virus” if you don’t believe me).

In this blog post, I’m going to discuss a specific SharePoint governance issue, that of SharePoint Designer.  What is SharePoint Designer? Why do I care? Who should have and use it and for what? Also, what can and should be in a governance plan to make best use of SharePoint Designer?

What is SharePoint Designer?

SharePoint Designer is a tool that developed out of Microsoft FrontPage (back when it was still an active product) that Microsoft eventually made free to anyone using SharePoint.  Due to the way that SharePoint stores files ina SQLServer database, most web development tools cannot work with SharePoint content so a SharePoint aware design tool is necessary.  Over time, Microsoft has added more and more functions into SharePoint Designer, so it is not just a web customization and design tool.  SharePoint Designer 2010 allows Site administrators to, among other things:

• Customize SharePoint pages, including applying cascading style sheets, add web part zones, remove or change formatting
• Customize and apply custom master pages to change page layouts
• Backup and restore sites (limited, should not be used as a true backup solution)
• Add DataView web parts to SharePoint pages (used to display external data content)
• Design SharePoint Workflows
• Create sites, lists, libraries and change site structure
• Configure security settings
• Create External Content Types using Business Connectivity Services

Many of the new features added to SharePoint Designer increase the potential audience for the tool.  It is a very useful tool that can make administration of sites (security, creating and managing lists and libraries) faster and easier.

Why do I care about SharePoint Designer governance?

SharePoint Designer is, however, a tool that can be dangerous if users do not know what they are doing.  The experience of SharePoint 2007 and SharePoint Designer 2007 showed that users can make sites difficult to use, waste time changing colors and look and feel, create inconsistent navigation, or even completely breaking pages and sites so that they cannot even load.  This resulted in alottrouble for other users, IT, helpdesks,and contributed to resistance and negative opinions of SharePoint some users gained.  Many organizations have since completely banned or restricted SharePoint Designer use to IT only.  The risk to this approach is losing the benefits that SharePoint Designer can provide to their organization.

Who should use SharePoint Designer and what should they be using it for?

Users who administer sites (create list and libraries, customize web parts on pages, set site security) or business users who already work with data or set business process rules could be beneficial users of SharePoint Designer.  The biggest risks with SharePoint Designer are those things related to customizing pages, not site administration, incorporating external data, creating and using lists and libraries.  Not allowing users to do these things with SharePoint Designer risks having SharePoint be treated as a web-based file server and project tracker that can take a lot of work in the Web UI to make useful.  By letter users build simple team or department workflows, display and incorporate data from external business systems, administer security and customize web parts quickly, they can build integrated solutions that users want to use, rather than SharePoint sites that are too “SharePointy”, as I’ve heard them described.  SharePoint sites that are too restricted to just storing list items and documents.

How can I gain the benefits and yet governing SharePoint Designer usage to minimize risk?

The discussion invariably leads to how to govern SharePoint Designer but still reap the benefits of using it.  Some organizations create teams of SharePoint Designer experts who handle requests from users for changes and features.  Some deploy SharePoint Designers to their site designers and site administrators in the company.  Banning SharePoint Designer is easy and safe and some administrators have been burned for allowing it.

Fortunately, Microsoft saw the problems (and likely experienced some of them first hand in their own deployments), and provided some governance tools for us:  At the site collection or web application levels, administrators can restrict what is allowed with SharePoint Designer.  You can prevent users from customizing pages from the site definition (but still allow web part customization), prevent master pages customization, and prevent users from changing site structure (but still allow creation, modification, and deletion of lists and libraries).  This allows an organization to deploy SharePoint Designer to approved users, but limit those users to the most useful and less dangerous capabilities (Administration of security and managing list and libraries, creating workflows, BCS External Content Types, advanced formatting of lists, etc).

No governance can work with just computer based tools.  Governance starts and ends with good, logical, and well-designed governance policies in place and communicated clearly to those people they govern.  A good governance policy for SharePoint Designer is one that identifies who can benefit from SharePoint Designer, establishes rules and guidelines for using it, and incorporates a training aspect to the policies.  You wouldn’t let an employee drive a corporate vehicle without some proof they can operate it successfully, so don’t give users SharePoint Designer without some procedure to validate they know your policies and the software.  I’ve seen organization build a computer based training program with videos and examples, then use SharePoint surveys to quiz the users, with a final test of sample site with tasks for the users to perform.  An approver then reviews the site and approves (possibly through a SharePoint workflow) the user to have SharePoint Designer installed for them.  Third party training certifications have also been used in the past to meet this requirement.  Don’t forget that governance policies will vary from site to site.  A site like an employee HR site used by everyone in the company, you may not let anyone outside IT use SharePoint Designer with it, but a project team site it may be highly appropriate for a project manager to use SharePoint Designer.

If you'd like more information about SharePoint Governance or SharePoint Designer, or want to train your team to use SharePoint Designer, check out our schedule of SharePoint classes.

Thank you!

Steven Randell Allen, Systems Engineer, 360training.com, powered by QuickStart