Your SharePoint Investment: Don’t Leave It to Chance

Scott Gracyalny smallBy Scott Gracyalny
Managing Director, Software Services




If your organization is like most, you probably have at least one installation of SharePoint. Chances are, it’s running your intranet, or maybe a document sharing system. Maybe users love it. Maybe they don’t. Perhaps you could be getting a better return on your investment. If your organization is like most, you have no way of knowing.

We know this, because you told us. According to the results of a just-released Protiviti survey, 95 percent of companies that use SharePoint say it is an important collaboration and communication tool for them. They even give it a high level of importance (7.4 on a 10-point scale). And yet, 90 percent said they don’t have a formal way of tracking how employees use SharePoint (user adoption). Half rated user adoption as only fair or inadequate.

These numbers point to a lack of a cohesive, constructive SharePoint adoption and governance strategy. The reasons are varied, but may stem from the fact that, more often than not, SharePoint enters the organization as a point solution – either direct from IT, or by the request of a department with a specific use in mind.

From there, the road to enterprisewide adoption is typically a winding path, with additional applications being added from the bottom up as users learn of, and request, expanded functionality. Most commonly, SharePoint evolves from a content storage tool, to a tool for business intelligence using all that newly accessible data, before moving on to more complex and mature collaborative workflows.

This evolution doesn’t have to be left to chance – and it appears, you agree. More than two-thirds (69 percent) said additional training would improve user adoption.

A clear strategy can make a big difference. By tying SharePoint use to specific business goals and working with users to develop and adopt processes utilizing SharePoint’s untapped potential, companies can get much more from their SharePoint investment.

We’ve seen clients put SharePoint to work in a variety of critical processes, including automating contracting and sales, and to facilitate risk and compliance workflows. Workflow capabilities are native to SharePoint, but often require third-party assistance to configure properly.

Of course, as with any proposed change, change management is key. Users need to be engaged early in the planning process to ensure that any new processes will truly enhance their experience and not just create more work.

For every organization that has made the investment in SharePoint, I recommend taking a hard look at how to maximize it. In fact, I think this should be a number one SharePoint priority. Complementary third-party products can also be leveraged to enhance or extend SharePoint functionality. Most organizations would be surprised by how much value SharePoint can deliver with sustained attention to the issues above.

Improving SharePoint Adoption With the Right Analytics

Mike SteadmanBy Mike Steadman, Managing Director
SharePoint Consulting




To date, more than 100 million licenses of SharePoint have been sold. Companies recognize the potential of this powerful content management platform to save time, speed up processes and enhance collaboration on an enterprise level. Yet, according to a recent Protiviti white paper, less than a third deploy the platform across their entire company.

Why such poor adoption? The white paper cites data from a recent AIIM survey, according to which the biggest ongoing business challenge with SharePoint is lack of expertise in how to maximize SharePoint usefulness. Nearly half of those polled said so.

Yet lack of expertise is only half the story – lack of insight into how the platform is currently used by employees is the other. To look behind the curtain of suboptimal adoption, SharePoint managers must turn to analytics. Analytics provide tangible data that not only reveals where things fail but empowers organizations to set goals for their portal usage and track business objectives.

Analytics can answer questions such as:

  • How/when employees are failing to access the proper content
  • How/when employees are abandoning various tasks
  • How successful employees are in searching and finding the content they need
  • How engaged employees are in the portal experience
  • How well employees are collaborating inside the portal

To help its user base, SharePoint does provide some built-in analytics. In our experience, however, most users find the included reports limiting, inconvenient and bulky. The built-in analytics function also does not track usage, abandonment and content interactions, or provide comparative reporting.

To get these features and more, companies often turn to third-party analytics solutions. The most popular analytics products for SharePoint come from Google, HarePoint, Webtrends, and Intlock. All four work with SharePoint 2007, 2010, 2013, and SharePoint Online, and each has its own advantages, limitations and learning curves. To help you choose the product that’s right for you, we review the pros and cons below.

Google Analytics

PROs: Because it’s easy to use – and free – Google Analytics is the logical first choice for organizations seeking better SharePoint insights. It is continuously growing and adding functionality, and its active user base can provide answers to most questions. Some of its features include in-page analytics, tracking engagement, ability to create and track goals, multiple user access, comparison reports for specific metric or characteristic, and multiple data display modes (charts, graphs, etc.)

CONs: Google Analytics is a general web analytics tool and not unique to SharePoint, so it cannot track data that is stored only in SharePoint. Many SharePoint users are unwilling to accept Google Analytics’ terms of storing their data on Google servers. A limitation for some companies might be the need to manage all analytics accounts through a Google account, and the need for a javascript browser. Finally, in our experience, to get the most from this free resource, companies will need at least one dedicated in-house Google Analytics expert.


PROs: HarePoint is a reasonably priced option that works with SharePoint-only data and provides fully integrated reports that can be filtered by Microsoft attributes, such as Active Directory accounts, SharePoint documents, libraries, users, and more. It is easy to install, without adding code to portal pages. Customers can share reports and dashboards across the organization for increased productivity.

CONs: The interface, filtering and comparative data tools are cumbersome and visually unappealing and, unlike Google Analytics, HarePoint requires substantial technical skill to master. It lacks some basic useful features, such as the ability to set goals and track goal conversions, pivot data, and track social events (likes and shares). It also does not provide search reports for landing pages.

Intlock’s Cardiolog

PROs: Like HarePoint, Cardiolog is fully-integrated into SharePoint. Unlike HarePoint, however, the user interface is easy to use and comes with over 100 preconfigured reports. What’s more, users can setup custom dashboards for any site, list or library, share reports via email or the web, and create ad hoc reports based on the data collected in the Analysis Center. Cardiolog can be local- or cloud-based, and comes with robust social media-tracking capabilities. It also tracks document downloads, video player interactions, form submission, and more.

CONs: Cardiolog’s impressive features will cost you: It is the second most costly SharePoint analytics tool after Webtrends. It comes with a maintenance plan at 20 percent of the initial cost. The number of system users (those who can create reports and have administrative rights) is limited. The regular version allows 5 users, and the enterprise version allows up to 25.

Webtrends OnDemand

PROs: Webtrends is built for SharePoint, with a code designed specifically to collect SharePoint data. It provides heat maps for pages, which work much better than Google’s In-Page Analytics. Webtrends also lets users create custom views of data on the fly for instant insights. It has useful navigation and path analysis reports that show how users move through the site up to 20 clicks deep and can be filtered by department and SharePoint groups.

CONs: Webtrends is priced on the high end for initial cost and maintenance, with a dynamic pricing model that considers both usage and features. It has a steeper learning curve than the rest of the solutions. Webtrends offers plenty of documentation, but new users will likely need additional training and exposure before mastering the program and its powerful reports.

Whichever analytics solution you decide to go with, the insights will help your organization uncover SharePoint problems users may be experiencing and then guide you towards usage and performance improvements, leading to wider adoption of SharePoint and maximizing its benefits across the enterprise.

For other ways to improve SharePoint adoption, download Protiviti’s white paper, “Communication, Training, Engagement – The Keys to Sustainable User Adoption of SharePoint.”

Assessing SharePoint Security: Are You Due for a Check-up?

James EnsmingerAntonio Maio (2)By James Ensminger and Antonio Maio,
Protiviti’s SharePoint practice



Microsoft’s SharePoint enterprise content management platform is everywhere. An estimated 80 percent of the Fortune 500 use it in one form or another. Yet, in our experience, only about one-third of companies have a SharePoint security plan in place.

A secure SharePoint environment is certainly possible and not too difficult to achieve. This was the focus of Protiviti’s May 27th webinar, Conducting a SharePoint Audit and Resolving Challenges. Hundreds of executives and practitioners participated in the free live presentation, which is available in archive at the link above.

The best way to manage SharePoint security is by establishing some good governance up front and understanding how the business intends to use the environment. However, this doesn’t mean security issue won’t arise over time as the platform grows organically within the organization. After a couple of years of SharePoint use, an IT manager realizes one day, “Wow, we have ten terabytes of information in SharePoint, but we don’t really know how everybody’s using it, and we don’t have security policies around it.”

Many organizations turn to us at this point.

Restoring security to the SharePoint environment starts with a SharePoint assessment. This reivew helps provide an understanding of how users are utilizing the system, and allows companies to understand the risks involved so they can manage them accordingly.

Often, IT departments are tempted to delegate ownership of SharePoint sites to the individual business units. Without a governance or security plan in place, those business units will tend to use the sites in whatever way makes sense to them. This could lead to a number of risk factors and security issues. Some of the most common are as follows:

  • A lack of roles and responsibilities over SharePoint sites and information.
  • Poor information architecture. Without rules for metadata – labels that allow companies to classify information for security and retrieval – sensitive information can be lost or exposed.
  • Site proliferation. Business units will create sites, use them for a while and abandon them. Or they might create a site that doesn’t get used at all. These sites may contain sensitive information, and it’s easy to lose track of it when the sites are forgotten.
  • Poor permissions management. In SharePoint, access to information is given by granting permissions. When that’s delegated down to business units without defined security and controls, it is hard to keep track of who has access to information and who has access to sensitive information.

It is important, therefore, to conduct an assessment both at the business units that are using SharePoint, to help evaluate the risks and controls within these units, and on an enterprise level, since, in many cases, SharePoint is centrally managed. Conducting an assessment on both of these levels will bring to the surface both systemic and subsidiary issues and risks.

There are a various monitoring solutions that will check to see who has access to what information and what sites exist out there, and report back up the chain of command. Data Loss Prevention (DLP) tools can scan for things like credit card numbers, Social Security numbers, and other specifically defined “sensitive” information. Finally, encryption tools can ensure that data – both inside and outside SharePoint – is readable only by the people who have been approved for access. What tools to implement and in what capacity is the kind of information organizations can attain following a SharePoint assessment.

Once an organization has conducted an assessment and identified risks, it should develop security policies and controls and then train employees rigorously to ensure that the rules will be adhered to, and enforced, over time.

For more information and specific recommendations about SharePoint security, watch the webinar, and/or download our free white paper, Maximizing Opportunities in the SharePoint Environment: Conducting Assessments and Resolving Challenges.