Hello, Im currently working on developing an extranet. Does anybody have any key learnings that they can share with me? I’m currently trying to create a disclaimer and house rules, any suggestions or useful sites for further info would be great.
What “type” of extranet are you looking at? Meaning:
n ‘application’ extranet intended to provide secured access to application data and/or functionality or,
Strictly a file-centric collaboration zone to exchange files/documents with stakeholders (customers/partners)
Thanks for your question Lorne. It’s a site where our partners can share documents and to exchange ideas within a community forum.
In that case, the biggest learning I could share from my previous extranet projects (I’ve done both kinds) would be around the criticality of both segregation (content, conversations, etc.) and security (everything from where/how to host to MFA, to external device management and things like AV, AM, IP, and so on) and, if you’re looking at dealing with more than a dozen or so partner organizations and 40 to maybe 50 external users (tops) the need for some type of automation to be able to push signup/provisioning/de-provisioning and ongoing user management downstream to the partners. Taking that burden on your organization’s shoulders in a wholly or even moderate way proves to be unpleasantly demanding surprisingly quickly. And, also based on some scars from personal experience, it really IS better to have that in place from the start rather than try to crowbar it in after a period of time.
Obviously, if you’re pushing as much of the responsibility for ‘admin’ downstream, you’re going to want to develop the governance for your partner organizations around who can have that admin role for them, how they get it and change that person(s) when required, permissions, and how/when you do some sort of ongoing audits.
You also need to figure out your publishing model to get the content from your internal network zone to wherever you’re hosting the extranet (DMZ, public cloud, co-lo, etc.) and how you de-publish it which obviously necessitates some type of tagging/metadata identification, review/approval flow, and, depending on the type and potential sensitivity of the content going across this zone, you may also want to consider digital signatures and encryption/DRM as well.
Hope that helps somewhat.
Thanks for your response, that’s a great help. As I work on this I may be back in touch for some more knowledge sharing.
Have a great day