publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/306297
ILTA WHITE PAPER: APRIL 2014 WWW.ILTANET.ORG 30 • Content management and intranets • Extranets and client portals • Basic document management • Workflow and process control • Enterprise search • Integrated authentication • Calendaring and collaboration In the past, the downsides of customizing SharePoint were significant and often locked organizations into the version of the product they customized. It is common to see law firms running SharePoint environments two and three versions back because they know an upgrade will likely break the customizations the firm now depends on. With SharePoint 2013, however, developers can leverage all out-of-the-box capabilities and deploy custom features without the risk. As with any new technology, there is a learning curve, but the benefits will outweigh the drawbacks often. THE OLD WAY: THE SOLUTIONS MODEL To understand why the new app model is so important, we must understand the solution model and how custom functionality has been built in previous versions. The most popular way to deploy custom code in SharePoint 2007 and 2010 is by leveraging full-trust solutions (called "full trust" because, once deployed, they have broad access to the internal workings of SharePoint). This makes them extremely powerful and easy to build. Even THE APP MODEL — BUILD ALONGSIDE, NOT ON, SHAREPOINT in SharePoint 2013, fully trusted solutions usually are the quickest way to deploy custom functionality to on-premise environments. (A full-trust solution cannot be used with SharePoint Online.) The full-trust approach has been in place for a long time, which means it is well-documented and understood. The approach also gives developers access to the most complete application programming interface (API). As great as this solution model approach sounds, it has a major flaw. The custom code runs directly on the SharePoint server. This presents challenges to administrators who need to keep the environment up and running efficiently. Fully trusted solutions extend the capabilities of the product on the SharePoint server, so when custom code misbehaves it can bring down the entire environment. The deployment of custom code can crash SharePoint, affecting hundreds or thousands of users. It is a classic case of custom code having too much access with administrators having too little control. Even with quality assurance (QA) processes in place, it is difficult to mitigate the risk fully because of how trusted solutions can respond to different environmental factors. Although full-trust solutions are sometimes quicker to deploy and appear cheaper to develop in the short run, they often lead to a higher overall total cost of ownership (TCO). The savings derived from customizing SharePoint in this way are less like true savings and more like technical debt. This debt