a. Don’t alter SharePoint master pages and basic structure of aspx pages.
b. Don’t modify default CSS file but user can attach new custom CSS and make changes accordingly.
c. Users can create html pages as special landing pages. Example for special drives.
d. Modification can perform at CSS file, not at source code.
e. Users can change design Theme, Color, Font style, Background etc.
Other SharePoint Development customization Recommendation:
a. Code Customization shall be done using Sandbox solutions.
b. Platform Don’t prefer to have Business Data Connection based solutions, however support will be provided on need basis.
c. Performance Point solutions are not supported.
d. Infopath forms can be used but KM team support will not be available for Customization and maintenance/migrations.
e. Default form size will not be changed.
f. List and Libraries shall not have more than 5000 records in single view. Alternatively, create logical folders in such a way that they don’t have more than 5000 records or split records int multiple Libraries/Lists.
g. A Typical page shall not have more than 5 connected web parts (SharePoint hard limit is 20 web parts) for example: List views, content editor, chart parts, picture gallery web parts, etc.
h. List shall not have more than 8 Lookup columns including people fields.
Access management Recommendations:
a. Permission are not broken beyond web level in any given solutions/pages. Preferrably use DLs for group permissions
b. Document Level permissions:
New group and subsite shall be created if only few users needs to have access to certain documents for a specific project. This group access enabled permission to those users in subsites and required documents can be uploaded to this subsite.
SharePoint 2013 Apps Recommendations:
a. Users are encouraged to create SharePoint 2013 Apps. Such apps shall be of Provider Hosted Apps type or SharePoint Hosted Apps. Users are required to develop and test these on their development environment. KM team will facilitate UAT environment for integration testing. KM team will push apps to productions.
b. Povider hosted Apps have accompanying website hosted by App provider. Team developing them will need to host such websites themselves and will be responsible for Infosec clearance for these sites.
c. Third party apps can be considered to be deployed to platform provided the requesting team has Infosec clearance on such apps and appropriate licensing controls have been put in place.