CM010 | Content Management – Frame It! (Part 2): Content Types

So back in the sixth instalment of this series (CM006|Content Management - SharePoint Lego ) I touched briefly on the concept of Content Types in SharePoint, but I didn’t really go into the black magic that makes them go vroom on a tenant level. That’s what this instalment is about.

(my apologies to the Paklid community)

To summarize: in part 6, I said that Content Types help us “templatize” the way we work with documents that fit into the same category. I used the example of a company needing to standardize / systematize meeting documents to make them easier to store, secure, and track for contractual / compliance purposes. For this example, I said we would need to track metadata for:

• Department
• Meeting Type
• Meeting Date
• Document Type
• Internal / External attendees (maybe?)

I said we’d need to create a “Meetings” content type to pull together all the document properties (taxonomy) we wanted to track into a single manageable entity. I believe I used this graphic to illustrate:

Content Types are magic, I tell you

Once we’d bundled all the necessary metadata columns into our Meetings content type and published it, that content type would become available to any site in our tenant that chose to use it. This meant that whenever a site owner needed a new library to store meeting-related documentation, they would simply create a new library, connect it to the Meetings content type, and go on with their lives. All required metadata columns would automatically be applied, ensuring consistency across the enterprise, and making the auditors oh so very happy. Heck, they might even smile.

If Compliance is happy, I'm happy

Another cool thing is that once a document is uploaded into our content type-managed meeting library, the metadata used to classify that document will travel with it, meaning if / when the document is moved around in future (e.g. departmental shuffles or automated archiving), the assigned classification tags remain in place and you don’t have to re-tag anything on the other side.

Well, unless you really, really want to. You do you, boo.

Used correctly to their full awesomeness, you can use your Content Types to further drive enterprise-wide compliance with features like:

Document Templates

Struggling to get users to stop using templates from 20 years ago? Attach the latest template directly to your content type. And when Marketing changes it for the 5th time in 4 years, simply switch out on the parent Content Type and sit back while the templates on all the connected libraries update on their own. Easy peasy.

Information Management

Creating and managing content types from a centralised parent hub (like SharePoint’s builtin Content Type Hub) allows you to set up and enforce enterprise-wide rules that automate the stuff you hate, and then some. For instance:

Retention Policies

There will almost certainly be areas in your tenant that require more granular, precise retention and disposition management, but pretty much all the content on your tenant will require SOME degree of retention management to be set up. Centrally managed Content Types offer you the opportunity to set up those basic retention rules right on day one and save yourself untold annoyance a year or three down the line.

Audit Logs

In retail, there’s a saying: where it moves, you lose. Documentation is no different. If there is any risk that losing a specific subset of documents could lead to you or the company having a super crappy not at all good day, you’d be wise to make sure you know when those documents change or move or go POOF into the ether. That’s where content type audit logs come in.

When implementing a centrally managed content type, you have the option to specify under which actions for that content type will be captured in the audit log (e.g. move, copy, edit, delete, or restore). So in the rather unlucky circumstance that some gremlin tries to cause havoc in your content store after midnight, all the evidence you need (who, when, how, and where) will be waiting for you in your logs.

Barcodes

You know how your health insurance company or your life insurance provider emails you a PDF form to complete and there’s a barcode at the top (or bottom?) That’s used to automatically match your completed form (digital or hard copy) back to the original request on your name in the case management system. Sure, it’s not exactly the kind of function every company on the planet could benefit from, but it certainly is handy when you need it. Enabling barcodes on a content type allows us to either require users to manually attach a barcode to the document when it’s first created, or to automatically generate barcodes for documents on the fly. And of course, that barcode data will form part of that document’s identifiable properties going forward. Cool, huh?

Compliance Management

This post is already a hundred pages long and tenant-level compliance management really does deserve a series of its own, so I’ll try to summarize. As you know, brevity is not exactly my forte, but I have to pretend to try and you have to pretend to believe me.

All Microsoft 365 tenants come with a built-in Compliance Manager. As in, a centralised toolset that allows you to manage compliance across the entire tenant, even between apps and toolsets. In short, this toolset allows you to stuff like:

• Pre-define content properties and characteristics your organisation would consider worth tracking;
• Label content that is considered tracking-worthy based on those pre-defined properties and characteristics;
• Create policies that automatically maintain and manage content based on properties and labels assigned;
• Create alerts and / or automated actions that fire when specific content and / or behaviours are identified;
• Declare specific content as records based on pre-determined properties and characteristics;
• Query, identify, and hold content where eDiscovery cases are opened;
• Create automated maintenance schedules for tasks such as document retention, disposition, etc; and
• A whole lot more.

The super cool thing here is that a properly architected and implemented Content Framework, based on properly thought-out Site Columns and Content Types, makes the configuration for all this awesomeness so much smoother than it might have been.

For example: I might decide to create a data leakage prevention rule that prevents users from downloading documents that contain PII data. Or I might decide to prevent users from attaching those documents to emails. If those documents have been uploaded into a properly “frameworked” library (yes, it is a word, I just made it up), those properties and flags will already be attached to the document, so setting up the rule would be a far simpler task.

What about Syntex / SharePoint Premium?

Oh my sweet summer child. You didn’t really think the great AI gods in the cloud were going to let you out of an honest day's work that easily, did you?

Please don’t misunderstand me – AI has the power to completely change the face of content management, security, and compliance in the next few years. But you can’t expect to just click a button and put your feet up. AI needs something to work from – it needs to be taught and trained based on known content models and frameworks, so it can more accurately identify the nuance and context that makes content management such a pain in the tush. That means you can't just expect it to automaagically do everything right first time - you need to provide a starting point - a foundation or framework your AI toolset can reference and build on going forward. Once the framework makes sense and the AI tools are trained, by all means, pour yourself a margarita. Just don’t go spilling drinks all over the place before you’ve done your bit.

In the next instalment, I’ll do a practical, step-by-step walk-through of the Content Framework creation process. Until then, be nice to the wait staff, and don’t forget to tip.