Microsoft SharePoint popularity comes with issues

On top of that, the SharePoint Designer development tool is not integrated with Visual Studio Team System, which provides an application development workflow and feedback loop.

In addition, SharePoint lacks good access control integration, which is a critical issue when the server begins to take on sensitive data. SharePoint maintains groups in its own database and does not synchronize with Active Directory. While internal users can tap their Windows log-ons to access SharePoint, authentication for external users will require separate tools. And SharePoint access from a Web browser is handled differently than from Office applications such as Word and Excel.

Third-party identity management tools for provisioning, authorization and auditing also will be add-ons that will impact overall deployment costs.

"Everything would be fine if you were not trying to hook up SharePoint with your identity management tools," said Gerry Gebel, vice president and services director in Burton's identity and privacy group. "SharePoint is going to be a critical application and granular access controls will be a necessity and Microsoft's tools are insufficient for all usage scenarios."

Users are trying to work through the issues with integrating SharePoint, but it is a process.

"The goal is to treat SharePoint like any other application," says Tim Callahan, CISO at People's United Bank, which has been involved in an identity management project for the past year. "We want to put SharePoint into our full monitoring process but we are not there yet."

Gebel said the perfect SharePoint environment from an access control perspective is a single department with all its users in one Active Directory domain, but unfortunately that configuration won't support an enterprise rollout.

On the positive side, Gebel said Microsoft is hinting at many changes in the future through Office upgrades, Windows 7, Identity Lifecycle Manager 2.0 and claims-based authentication via CardSpace. Details, however, are scarce.

On top of all that, Roth said IT needs to figure out definitions and policies around SharePoint implementations, including how to drive users to the system, how to govern usage, how to define service levels and how to design the system.

Roth says governance is a critical factor in determining SharePoint success. That includes combining people, policies and processes to determine who can do what, when and how.

All that will minimize confusion, establish goals and help resolve conflicts, he said.

"The real challenge from an enterprise point of view is to make sure you have all that functionality available to users so they can help themselves but also have balance so you can centrally manage," says Roth said.

He doesn't claim it is easy, but said, "Microsoft makes some of this more difficult than it should be."