When looking to implement SharePoint Online for your organization, there can seem to be an endless number of decisions to be made. I have put together this cheat sheet as an aid to help in that planning effort, whether you are coming from a legacy SharePoint farm or network file share. This is not an all-inclusive planning list but should supply a good foundation for creating a concrete artifact out of the abstract concepts involved in a SharePoint Online site architecture plan.
Tenant Admin Level
If your organization is not already using Microsoft 365, prepare to perform a lot of feature evaluation and deployment planning before going live with any production workload. For this blog, we will assume your organization is using some aspect of M365, and I’ve commonly seen Exchange Online as many organizations’ first step towards the Microsoft cloud. I am also going to exclude Azure AD, which is a broad enough topic to fill its own blog!
M365 Admin Center
Tenant/Application Admins – Who are your global admins vs specific application admins? These accounts should always require Multi Factor Authentication.
M365 Group Management – M365 Groups try to bring a single membership concept that applies broadly across the M365 Cloud. By default, any M365 Group owner can create new M365 Groups. New M365 users do not always intend to create new M365 Groups, and it is not always clearly communicated in the UI when creating something is also creating a M365 Group.
- Restricting Creation – Until there has been enough training and awareness built among group owners, we recommend using PowerShell to restrict group creation to a specific security group.
Licensing – Microsoft licensing can be very confusing! You get what you pay for, so if you buy lower-level licensing expect a lot of manual/PowerShell scripting to meet administrative needs. Below is some initial summary guidance:
- O365 Enterprise v M365 Enterprise – The O365 license is the base suite of cloud productivity applications. M365 bundles in Windows 10 Enterprise, plus added mobility and security features, such as Intune
- E1,E3,E5 – The E1 gets you basic suite with cloud versions of Office apps, E3 adds retention and sensitivity features plus Office client applications (ProPlus), E5 unlocks the automatic detection and triggered actions on sensitive data.
- Azure AD Plans – Essential identity functions included in O365 plans, premium plans add automation to managing M365 groups and improved identity protection features.
External Sharing – Set the allowed levels of external sharing in SharePoint Online with granular options, like restricting to named domains.
External Sharing – Set the allowed levels of external sharing in OneDrive. This is tied to the SharePoint Online setting.
Client Sync – There is a client app that allows users to synchronize OneDrive and SharePoint Online content into their Windows Explorer UI, and work with files offline. Check out the Microsoft Doc to see a full list of what can be managed for OneDrive clients via Group Policy or Intune.
Guest Access – Set if guest (external) users can be invited to Microsoft Teams.
Policies and Role Permissions – There are a ton of granular options to limit what is allowed in Teams messages, meetings, and live events. You are also able to define what a Team Owner, Member, or Guest can do.
Primer on Key SharePoint Online Concepts
When it comes to planning out your SharePoint Online site architecture, it can be helpful to refresh on a few key SharePoint Online concepts:
- Home Site – There can only be one home site, and choosing a home site makes it easily accessible from the SharePoint Online mobile app.
- Hub Site – A hub site ties together several related sites, and a hub site’s theme and navigation are pushed down to any connected site collections. Hub sites are based off the Communication Site look and feel.
- Communication Site – Microsoft designed Communication sites to present visually appealing news, event info, and published work product. Creating a communication site does not also create an M365 Group.
- Team Site – Microsoft designed Team sites for groups of people to work together on active documents, assets, or other work outputs. Creating a Team site also creates an M365 Group. Creating a Microsoft Team will also create a connected SharePoint Team Site.
- Organization News – Any site collection can be designated as organization news. These sites are given extra visual weight when presented in news webparts and are promoted on the SharePoint Online Start Page.
- Organization Asset Libraries – Up to 30 document libraries can be tagged as organization asset libraries. These can only live in a single site collection. Content in these libraries is easily accessible to page editors throughout SharePoint Online, and document templates will show up in the Office client as organization templates.
- Subsites – With Hub sites, we no longer need to use subsites and having deeper site architecture. Where we used to create subsites, now we create new site collections and tie those into a Hub site.
Map It Out
I prefer to perform SharePoint Online site architecture visually, and I use either index cards and sticky notes, eventually making into a Visio diagram or Miro board. I have found having a concrete visual helps facilitate planning discussions, but this map can also be Word or Excel based, whatever makes the most sense! I will use index cards for site collections and Microsoft Teams, with sticky notes for lists, libraries, site pages, and channels.
A site collection is a container full of libraries, lists, and site pages. Each site collection can be configured with different admins, permissions, themes, external sharing, and more.
- Site Name – Pick something a user could sense the site’s purpose/contents by the name alone.
- Site URL – Shorthand for the site name, avoid special characters and spaces
- Site Purpose/Intent – Why does this site exist? What are people supposed to do here?
- Site Type – Home site, Hub site, Communication site, Team site
- Site Collection Admins – These admins can take ownership of anything in the site collection and have access to admin features and settings within the site collection.
- Site Owners (Full Control) – These owners will grow and support the site and handle managing access and content within the site collection.
- Site Members (Edit) – These members will edit and create content in the site.
- Site Visitors (Read) – This is the site’s audience, they come to consume content and information. I advocate for keeping the site visitors to everyone in the organization unless there is a specific reason to do otherwise.
- Internal Only? – Should this site and its contents be shared outside the organization?
- Retention/Sensitivity – Does anything in this site need to be kept for a certain time after a user deletes it? Are there documents that need protections even if they leave SharePoint Online?
- Parent Hub – If not a Hub site, what parent hub is the site connected to?
- Site Expiration – Will this site be evergreen, or does it have an expected end date?
Libraries hold documents, images, and other assets.
- Inherit Permissions? – Should there be a smaller group of people who can access/edit/manage these documents?
- Library Name – Pick something a user could sense the library’s contents by name alone.
- Purpose/Intent – Why does this library exist? What is supposed to go here?
- Metadata – Think of 2 or 3 categories that users could tag documents with. These are useful in views and search experiences.
- Content Growth – How many documents will be here in a year? 3 years?
- Versioning – SharePoint Online libraries have major versioning enabled by default. Does this library need draft and major versions?
- Retention/Sensitivity – Does anything in this library need to be kept for a certain time after a user deletes it? Are there documents that need protections even if they leave SharePoint Online? Are there a subset of documents which should only be seen by a named group?
Unlike libraries, lists only hold data. A list item can have attachments.
- Inherit Permissions? – Should there be a smaller group of people who can access/edit/manage these list items?
- List Name – Pick something a user could guess the list’s contents by name alone.
- Purpose/Intent – Why does this list exist? What are people supposed to do here?
Pages are the main way information is presented to users, especially in Hub or Communication sites.
- Page Editors – Who should be able to edit pages? How do we train our page editors?
- Page Metadata – I like to have at least one tag tying pages to a topic or business function, for improving search experiences.
- Tip – Create a couple of views for your page editors, which show them pages sorted by recent edits and pages with unpublished drafts.
There is a lot more to plan out when implementing M365, and that plan will change and evolve as an organization and its users change and evolve. This blog should arm you with the essentials to start the planning activity, but depending on your organization’s needs and requirements, there other considerations to incorporate into your planning. If you are struggling with your SharePoint Online site architecture plan, or you would like to review your plan with some seasoned professionals, contact us to schedule a time to review what you currently have.