As a consultant there are times where I am slightly disconnected from the “Corporate World”, which is honestly part of the draw. As consultants technology is the great enabler for providing clients with software & services in order to help them realize their business goals. So as a consultant we tend to gravitate towards both trends & solutions that help us provide more value in a shorter amount of time. Demonstrating value is what helps us to build relationships which in turn often times leads to repeat business – rinse, lather, repeat. However, in the Corporate World life is filled with words like standards, policies, approved lists, governance, compliance, legal, etc.
I have recently resumed working for one of my favorite clients at a large Insurance company in our area, which entails the usual badge, laptop, parking pass in order to comply with the contractual agreement between my company and theirs. One of the interesting points to note is that in order for me to perform development work, I actually need to use their equipment to access their environment. This is a rather large SharePoint business application that I had previously built which is a combination of code (all client side) and configuration with SharePoint 2013 workflows. During my previous engagement I had actually been given local administrative rights on my machine which allowed me to load software like Visual Studio Code in order to perform my job.
Fast forward to this engagement, I’m without Administrative Rights on my machine and my two text editors of choice are Notepad or SharePoint Designer. I walk down to their Tech Express counter to see about having them install Visual Studio Code on my machine and they empathize but explain that their new policies prohibit the installation of any software that hasn’t already been packaged by their Engineering group. When I inquire about that process it basically entailed a multi-step review by Legal, Compliance, Software Engineering, etc. Typical turnaround time is a couple of weeks which likely isn’t helpful when the work needs to be done in the next week or so. I thank the Tech and proceed back to my desk where I submit a request for Administrative Rights on my machine thinking at least if I can get that, I’ll load the software myself and be done with the work hopefully before their security group catches on.
My request is routed to a governance approver who expresses concerns at both my status as a non-employee but also my request (setup developer laptop is my vague request). We speak more about it and I learn that not only is the technician correct about the software process but he also proceeds to inform me about the extra attention that is placed on Open Source software. He explains that the EULA agreements can be confusing and sometimes publishers make distinctions between personal & corporate use which can have implications on who owns the intellectual property. We talk about the way development is going with open source technology such as NodeJS, Bower, Gulp, and installing Node packages to help streamline development and I’m met with the realities of Corporate IT. The main priority for Corporate organizations is to protect the company – functions like Legal, Human Resources, and event Information Technology have the initial marching orders to protect the company. Just because development trends are moving towards open source technology – big corporations are afraid of this from a support & licensing perspective. From a security perspective they also do not like things such as local web servers and folks having persistent administrative rights to load the newest packages from Github onto their machines.
So where am I going with all this? So for today’s SharePoint Development there area really a few choices:
1) Configuration with mostly out of the box functionality and perhaps customization using SharePoint Designer. (workflows, maybe a little jQuery here and there)
3) Visual Studio (heavy) development – either server side code, sandbox solutions, Add-in model, or maybe even client side development since it does support that as well. 🙂
What I see as an interesting problem which will impacts both SharePoint as well as Web Developers in these large organizations is the trend towards NodeJS, Gulp, Yeoman, and whatever other Node modules/apps become popular. Loading these into the global scope can require administrative rights which is often times not given out. Furthermore to make it more difficult, you’re not just asking to have Visual Studio Professional loaded on your machine. With just Visual Studio, Enterprises can provide temporary admin rights or use policies to allow you to just run Visual Studio as an Administrator. There’s also the very clear licensing agreement between Microsoft & “Large Corporation”.
But the there is the argument that we are talking about “web development” and not really SharePoint development which I agree to. But if you think about it – web development is kind of that grey area because from what I have seen, most large organizations treat their external websites much differently than their corporate Intranets. The Internet site represents the company, the brand, & services both customers & potential candidates alike. Many times agencies are brought in to help with these from the design perspective and/or development resources are brought on to “build it”. In those situations the developers likely fall into the same category as me – the consultant types which bring our own equipment with no barrier to entry. SharePoint is on the corporate intranet, inside the firewall, maybe sometimes in O365. Microsoft touts the #’s of organization’s in the Cloud but for me most of my main clients are on-premises.
I’m not saying that I am against the new “SharePoint Framework” what I’m saying is, I think there’s going to be a market to cater to (being large enterprises) where perhaps there’s a less automated way – or better yet a more contained set of tooling for those developers. To scoff and say that large enterprises need to work towards embracing the way things are going is difficult as well. Going back to my earlier point, most of those departments (HR, Legal, IT, etc) are there to protect the company.
I don’t have the perfect solution but I can tell you that I’m curious to see how this unfolds.