SlideShare a Scribd company logo

Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to Ignore

Download as PPTX, PDF
Christian Buckley
Christian Buckley

Redmond Magazine webinar presented on July 9, 2014 on the topic of SharePoint security and governance, with the help of Shaun Nichols (@sharepointgiant), Lead Solutions Engineer at Metalogix.

Technology
1 of 29
Securing SharePoint: 5 SharePoint Security Essentials You Cannot Afford to Ignore CHRISTIAN BUCKLEY SHAREPOINT MVP & CHIEF EVANGELIST SHAUN NICHOLS LEAD SOLUTIONS ENGINEER
Christian Buckley Chief Evangelist & SharePoint MVP Metalogix www.buckleyplanet.com @buckleyplanet cbuck@metalogix.com
Shaun Nichols Lead Solutions Engineer Metalogix www.metalogix.com @SharePointGiant snichols@metalogix.com
For over a decade, Metalogix has developed the industry’s best and most trusted management tools for SharePoint, Exchange, and Office 365, backed by our live 24x7 support. Over 14,000 clients rely on Metalogix tools every minute of every day to monitor, migrate, store, synchronize, archive, secure, and backup their collaboration platforms. We are committed to your Success with SharePoint!
SharePoint Growth & Evolution SharePoint Releases Metadata Content
Readiness o How important is governance in your organization/company today? o Do you know who is getting access to what information? o Do you store any financial or legal records in SharePoint? o Do you know who can access or has accessed it? o Do you have compliance regulations that you have to adhere to? o If there was a security breach, who would be held responsible? o Do you regularly run audits on usage, security, content, or permissions? o Do you have an IS department that is asking for reports? o How do you respond to compliance requirements for Audits? o What does the process look like today?
What is Governance?
A 2012 CIO survey by Gartner shows an increasing push in collaboration, analytics, and cloud computing. They predict that by 2016, 20% of CIOs in regulated industries will lose their jobs for failing to implement the discipline of information governance successfully.
Technical Governance Means…  Logins work  Data is secure  System performs well  Metadata applied  End users can quickly find their content  Storage is optimized  Content lifecycles in place, regularly reviewed  Legal and regulatory requirements being met
Corporate IT SharePoint Content Strategies Priorities Budgets Customers Facilities Hardware Software Assurance Test Support Ownership Permissions Roles Storage Architecture Retention Auditing Reporting Permissions Ownership Requirements Retention Search Decommission
Survey says…. 36% of SharePoint users are breaching security policies (CMSWire) Only 18% of enterprises use technical controls to prevent access to sensitive information. Most — 73 percent — rely on written policies or informal understandings with their workforce (CMSWire) 60% of organizations have yet to bring SharePoint into line with existing data compliance policies. (AIIM) Two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place (Emedia) A survey revealed that 79% of respondents stored sensitive or confidential information on their SharePoint platform (CMSWire)
What are the 5 most common SharePoint security concerns?
1. Failure to define (and communicate) policies and procedures.  Start with non-technical elements  Develop a Security Policy  Implement a training plan for end users  Develop a strategy for ensuring users know what content is confidential 34% of IT administrators said that they'd "sneaked a peek" at documents they weren't authorized to view, including employee details and salary information (DarkReading)
2. Failure to implement any kind of permissions best practices.  Apply permissions using Least Privileged principles  Don’t give users Direct Access  Embrace SharePoint Groups and/or Active Directory Groups  Ensure Appropriate Use of the Authenticated Users Group  Clean up Orphan Users  Use Broken Inheritance Responsibly  Revoke permissions quickly
3. Failure to regularly audit access to content and sites.  Are we adhering to Compliance or Governance requirements?  Who has been accessing specific content?  How often are specific sites being accessed?  What features of SharePoint are being used?  Are we managing the volume of log data?
4. Failure to monitor changes to security settings.  SharePoint security changes over time  Ensure users are continuing to adhere to security policies  Prevent users from causing havoc  We need to plan how we will stay on top of changes
5. Failure to empower users and admins with the right permissions.  Find your responsible business content owners  Enable and Equip them to manage access to their content  Ensure management access is limited to those with appropriate permissions  Segment your administration responsibilities – Power Users, business owners
Everyone wants an easy button
Apply the Top 5 Security Essentials using ControlPoint  Easily make changes to or revoke permissions across any scope – even between farms  Audit Permissions to ensure only the right people have access  Meet compliance and governance requirements with regular scheduled reports  Monitor what users are doing – receive Alerts for unexpected security changes  Permissions Management wizard for the casual user
ControlPoint demo
Permissions Reporting Auditing Compliance ControlPoint: Security and Compliance BenefitsObjectives • Policy driven security and permissions across SharePoint farms • Seamless extension to out-of-the-box security administration • Increased compliance insight and transparency • Mitigate risk of data loss due unauthorized access to content • Provide audit trails of content access • Provide automation of governance policies
Best Practices  Make governance a priority  Look at your systems holistically (a business view), regardless of where the servers sit  Clarify and document your permissions, information architecture, templates, content types, taxonomy -- and ownership of each  First define what policies, procedures, and metrics are needed to manage your environment, and then look at what is possible across your various tools and platforms
Thank you! www.buckleyplanet.com @buckleyplanet cbuck@metalogix.com 30 Day Trial of ControlPoint www.metalogix.com/controlpoint

Recommended

SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]Imperva
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safeALI ANWAR, OCP®
 
Thread Legal and Microsoft 365 Security
Thread Legal and Microsoft 365 SecurityThread Legal and Microsoft 365 Security
Thread Legal and Microsoft 365 SecurityThread Legal
 
UBA 5.0 Data Sheet (September 2016)
UBA 5.0 Data Sheet (September 2016)UBA 5.0 Data Sheet (September 2016)
UBA 5.0 Data Sheet (September 2016)Samantha Pierre
 
Universal Search for Legal Enterprises
Universal Search for Legal EnterprisesUniversal Search for Legal Enterprises
Universal Search for Legal EnterprisesAdhereSolutions
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 

Recommended

SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]Imperva
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safeALI ANWAR, OCP®
 
Thread Legal and Microsoft 365 Security
Thread Legal and Microsoft 365 SecurityThread Legal and Microsoft 365 Security
Thread Legal and Microsoft 365 SecurityThread Legal
 
UBA 5.0 Data Sheet (September 2016)
UBA 5.0 Data Sheet (September 2016)UBA 5.0 Data Sheet (September 2016)
UBA 5.0 Data Sheet (September 2016)Samantha Pierre
 
Universal Search for Legal Enterprises
Universal Search for Legal EnterprisesUniversal Search for Legal Enterprises
Universal Search for Legal EnterprisesAdhereSolutions
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Microsoft Österreich
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveDavid J Rosenthal
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Brochure forcepoint dlp_en
Brochure forcepoint dlp_enBrochure forcepoint dlp_en
Brochure forcepoint dlp_enSeenee Permal, CISA, CISM
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
Emma Aubert | Information Protection
Emma Aubert | Information ProtectionEmma Aubert | Information Protection
Emma Aubert | Information ProtectionMicrosoft Österreich
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksEmmanuel Oshogwe Akpeokhai
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Symantec Data Insight
Symantec Data InsightSymantec Data Insight
Symantec Data InsightSymantec
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classificationDavid De Vos
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013AntonioMaio2
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 

More Related Content

What's hot

Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Microsoft Österreich
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveDavid J Rosenthal
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ
 
Emma Aubert | Information Protection
Emma Aubert | Information ProtectionEmma Aubert | Information Protection
Emma Aubert | Information ProtectionMicrosoft Österreich
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksEmmanuel Oshogwe Akpeokhai
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Symantec Data Insight
Symantec Data InsightSymantec Data Insight
Symantec Data InsightSymantec
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classificationDavid De Vos
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 

What's hot (20)

Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDrive
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Brochure forcepoint dlp_en
Brochure forcepoint dlp_enBrochure forcepoint dlp_en
Brochure forcepoint dlp_en
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware an
 
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
NetIQ Directory & Resource Administrator Helps Kindred Healthcare Achieve Com...
 
Emma Aubert | Information Protection
Emma Aubert | Information ProtectionEmma Aubert | Information Protection
Emma Aubert | Information Protection
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External Attacks
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production Environments
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 
Symantec Data Insight
Symantec Data InsightSymantec Data Insight
Symantec Data Insight
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPR
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
 

Viewers also liked

Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013AntonioMaio2
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Michael Noel
 
SharePoint Security A to Z
SharePoint Security A to ZSharePoint Security A to Z
SharePoint Security A to ZSteve Goldberg
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...Michael Noel
 
AUSPC 2013 - Understanding the Five Layers of SharePoint Security
AUSPC 2013 - Understanding the Five Layers of SharePoint SecurityAUSPC 2013 - Understanding the Five Layers of SharePoint Security
AUSPC 2013 - Understanding the Five Layers of SharePoint SecurityMichael Noel
 
SharePoint Security: Through the Looking Glass
SharePoint Security: Through the Looking GlassSharePoint Security: Through the Looking Glass
SharePoint Security: Through the Looking GlassDavid J Pileggi Jr
 

Viewers also liked (7)

Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
 
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
Security for SharePoint in an Insecure World - SharePoint Connections Amsterd...
 
SharePoint Security A to Z
SharePoint Security A to ZSharePoint Security A to Z
SharePoint Security A to Z
 
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
SEASPC 2011 - SharePoint Security in an Insecure World: Understanding the Fiv...
 
AUSPC 2013 - Understanding the Five Layers of SharePoint Security
AUSPC 2013 - Understanding the Five Layers of SharePoint SecurityAUSPC 2013 - Understanding the Five Layers of SharePoint Security
AUSPC 2013 - Understanding the Five Layers of SharePoint Security
 
SharePoint Security: Through the Looking Glass
SharePoint Security: Through the Looking GlassSharePoint Security: Through the Looking Glass
SharePoint Security: Through the Looking Glass
 

Similar to Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to Ignore

Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Christian Buckley
 
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMAIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMnicarcher
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarConcept Searching, Inc
 
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and Online
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and OnlineOut-of-the-Box Compliance and Auditing, SP2013 On-prem and Online
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and OnlineChristian Buckley
 
SharePoint 2010 Governance
SharePoint 2010 GovernanceSharePoint 2010 Governance
SharePoint 2010 GovernanceChris Riley ☁
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfLERNER Consulting
 
Improving Performance, Efficiency and Information Governance Control of Share...
Improving Performance, Efficiency and Information Governance Control of Share...Improving Performance, Efficiency and Information Governance Control of Share...
Improving Performance, Efficiency and Information Governance Control of Share...Bishop Technologies
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxInfosectrain3
 
Why Use Add ins with SharePoint and SharePoint Online? Webinar
Why Use Add ins with SharePoint and SharePoint Online? WebinarWhy Use Add ins with SharePoint and SharePoint Online? Webinar
Why Use Add ins with SharePoint and SharePoint Online? WebinarConcept Searching, Inc
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint GovernanceImperva
 
Use of the COBIT Security Baseline
Use of the COBIT Security BaselineUse of the COBIT Security Baseline
Use of the COBIT Security BaselineBarry Caplin
 
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...Concept Searching, Inc
 
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...Nikki Chapple
 
Enterprise content management (in short)
Enterprise content management (in short)Enterprise content management (in short)
Enterprise content management (in short)Anatoliy Arkhipov
 
How to implement share point 2010
How to implement share point 2010How to implement share point 2010
How to implement share point 2010Bob Larrivee
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore
 
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleEcm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleChristopher Wynder
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.pptKhalilIdhman
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarConcept Searching, Inc
 

Similar to Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to Ignore (20)

Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
 
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMAIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
 
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and Online
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and OnlineOut-of-the-Box Compliance and Auditing, SP2013 On-prem and Online
Out-of-the-Box Compliance and Auditing, SP2013 On-prem and Online
 
SharePoint 2010 Governance
SharePoint 2010 GovernanceSharePoint 2010 Governance
SharePoint 2010 Governance
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask Yourself
 
Improving Performance, Efficiency and Information Governance Control of Share...
Improving Performance, Efficiency and Information Governance Control of Share...Improving Performance, Efficiency and Information Governance Control of Share...
Improving Performance, Efficiency and Information Governance Control of Share...
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptx
 
Why Use Add ins with SharePoint and SharePoint Online? Webinar
Why Use Add ins with SharePoint and SharePoint Online? WebinarWhy Use Add ins with SharePoint and SharePoint Online? Webinar
Why Use Add ins with SharePoint and SharePoint Online? Webinar
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit Center
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance
 
Use of the COBIT Security Baseline
Use of the COBIT Security BaselineUse of the COBIT Security Baseline
Use of the COBIT Security Baseline
 
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...
Eliminating End User Tagging – Minimizing Organizational Risk and Improving B...
 
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...
 
Enterprise content management (in short)
Enterprise content management (in short)Enterprise content management (in short)
Enterprise content management (in short)
 
How to implement share point 2010
How to implement share point 2010How to implement share point 2010
How to implement share point 2010
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
 
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleEcm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sample
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
 

More from Christian Buckley

M365 Productivity Tips "Melee in Minneapolis"
M365 Productivity Tips "Melee in Minneapolis"M365 Productivity Tips "Melee in Minneapolis"
M365 Productivity Tips "Melee in Minneapolis"Christian Buckley
 
10 Essentials for Effective Teams Governance
10 Essentials for Effective Teams Governance10 Essentials for Effective Teams Governance
10 Essentials for Effective Teams GovernanceChristian Buckley
 
Understanding the Culture of Collaboration in your Organization
Understanding the Culture of Collaboration in your OrganizationUnderstanding the Culture of Collaboration in your Organization
Understanding the Culture of Collaboration in your OrganizationChristian Buckley
 
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...Christian Buckley
 
20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity TipsChristian Buckley
 
How to Leverage the Channel to Build Your Business
How to Leverage the Channel to Build Your BusinessHow to Leverage the Channel to Build Your Business
How to Leverage the Channel to Build Your BusinessChristian Buckley
 
How Organizations Can Prepare for Microsoft Viva
How Organizations Can Prepare for Microsoft VivaHow Organizations Can Prepare for Microsoft Viva
How Organizations Can Prepare for Microsoft VivaChristian Buckley
 
20 Need-to-Know Microsoft Teams Productivity Tips
20 Need-to-Know Microsoft Teams Productivity Tips20 Need-to-Know Microsoft Teams Productivity Tips
20 Need-to-Know Microsoft Teams Productivity TipsChristian Buckley
 
Do I Use Planner, Project Online, or Azure DevOps?
Do I Use Planner, Project Online, or Azure DevOps?Do I Use Planner, Project Online, or Azure DevOps?
Do I Use Planner, Project Online, or Azure DevOps?Christian Buckley
 
20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity TipsChristian Buckley
 
20 M365 Productivity Tips That You've Probably Never Used (But Should)
20 M365 Productivity Tips That You've Probably Never Used (But Should)20 M365 Productivity Tips That You've Probably Never Used (But Should)
20 M365 Productivity Tips That You've Probably Never Used (But Should)Christian Buckley
 
Microsoft 365 Productivity Tips "December Dust-Up"
Microsoft 365 Productivity Tips "December Dust-Up"Microsoft 365 Productivity Tips "December Dust-Up"
Microsoft 365 Productivity Tips "December Dust-Up"Christian Buckley
 
Microsoft 365 Productivity Tips "November Nexus"
Microsoft 365 Productivity Tips "November Nexus"Microsoft 365 Productivity Tips "November Nexus"
Microsoft 365 Productivity Tips "November Nexus"Christian Buckley
 
Microsoft 365 Productivity Tips "October Ousting"
Microsoft 365 Productivity Tips "October Ousting"Microsoft 365 Productivity Tips "October Ousting"
Microsoft 365 Productivity Tips "October Ousting"Christian Buckley
 
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)Christian Buckley
 
Ordering the Chaos: Combatting Teams and SharePoint Content Sprawl
Ordering the Chaos: Combatting Teams and SharePoint Content SprawlOrdering the Chaos: Combatting Teams and SharePoint Content Sprawl
Ordering the Chaos: Combatting Teams and SharePoint Content SprawlChristian Buckley
 
Building a More Diverse Workforce in the Partner Channel
Building a More Diverse Workforce in the Partner ChannelBuilding a More Diverse Workforce in the Partner Channel
Building a More Diverse Workforce in the Partner ChannelChristian Buckley
 
Microsoft 365 Productivity Tips "June Jam"
Microsoft 365 Productivity Tips "June Jam"Microsoft 365 Productivity Tips "June Jam"
Microsoft 365 Productivity Tips "June Jam"Christian Buckley
 
20 More Tips to Improve Productivity with Microsoft Teams
20 More Tips to Improve Productivity with Microsoft Teams20 More Tips to Improve Productivity with Microsoft Teams
20 More Tips to Improve Productivity with Microsoft TeamsChristian Buckley
 
20 Microsoft 365 Tips You've Probably Never Used (But Should)
20 Microsoft 365 Tips You've Probably Never Used (But Should)20 Microsoft 365 Tips You've Probably Never Used (But Should)
20 Microsoft 365 Tips You've Probably Never Used (But Should)Christian Buckley
 

More from Christian Buckley (20)

M365 Productivity Tips "Melee in Minneapolis"
M365 Productivity Tips "Melee in Minneapolis"M365 Productivity Tips "Melee in Minneapolis"
M365 Productivity Tips "Melee in Minneapolis"
 
10 Essentials for Effective Teams Governance
10 Essentials for Effective Teams Governance10 Essentials for Effective Teams Governance
10 Essentials for Effective Teams Governance
 
Understanding the Culture of Collaboration in your Organization
Understanding the Culture of Collaboration in your OrganizationUnderstanding the Culture of Collaboration in your Organization
Understanding the Culture of Collaboration in your Organization
 
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...
20 Microsoft Teams Productivity Tips that You've Probably Never Used (But Sho...
 
20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips
 
How to Leverage the Channel to Build Your Business
How to Leverage the Channel to Build Your BusinessHow to Leverage the Channel to Build Your Business
How to Leverage the Channel to Build Your Business
 
How Organizations Can Prepare for Microsoft Viva
How Organizations Can Prepare for Microsoft VivaHow Organizations Can Prepare for Microsoft Viva
How Organizations Can Prepare for Microsoft Viva
 
20 Need-to-Know Microsoft Teams Productivity Tips
20 Need-to-Know Microsoft Teams Productivity Tips20 Need-to-Know Microsoft Teams Productivity Tips
20 Need-to-Know Microsoft Teams Productivity Tips
 
Do I Use Planner, Project Online, or Azure DevOps?
Do I Use Planner, Project Online, or Azure DevOps?Do I Use Planner, Project Online, or Azure DevOps?
Do I Use Planner, Project Online, or Azure DevOps?
 
20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips20 Microsoft 365 Productivity Tips
20 Microsoft 365 Productivity Tips
 
20 M365 Productivity Tips That You've Probably Never Used (But Should)
20 M365 Productivity Tips That You've Probably Never Used (But Should)20 M365 Productivity Tips That You've Probably Never Used (But Should)
20 M365 Productivity Tips That You've Probably Never Used (But Should)
 
Microsoft 365 Productivity Tips "December Dust-Up"
Microsoft 365 Productivity Tips "December Dust-Up"Microsoft 365 Productivity Tips "December Dust-Up"
Microsoft 365 Productivity Tips "December Dust-Up"
 
Microsoft 365 Productivity Tips "November Nexus"
Microsoft 365 Productivity Tips "November Nexus"Microsoft 365 Productivity Tips "November Nexus"
Microsoft 365 Productivity Tips "November Nexus"
 
Microsoft 365 Productivity Tips "October Ousting"
Microsoft 365 Productivity Tips "October Ousting"Microsoft 365 Productivity Tips "October Ousting"
Microsoft 365 Productivity Tips "October Ousting"
 
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)
20 Microsoft 365 Productivity Tips That You've Probably Never Used (But Should)
 
Ordering the Chaos: Combatting Teams and SharePoint Content Sprawl
Ordering the Chaos: Combatting Teams and SharePoint Content SprawlOrdering the Chaos: Combatting Teams and SharePoint Content Sprawl
Ordering the Chaos: Combatting Teams and SharePoint Content Sprawl
 
Building a More Diverse Workforce in the Partner Channel
Building a More Diverse Workforce in the Partner ChannelBuilding a More Diverse Workforce in the Partner Channel
Building a More Diverse Workforce in the Partner Channel
 
Microsoft 365 Productivity Tips "June Jam"
Microsoft 365 Productivity Tips "June Jam"Microsoft 365 Productivity Tips "June Jam"
Microsoft 365 Productivity Tips "June Jam"
 
20 More Tips to Improve Productivity with Microsoft Teams
20 More Tips to Improve Productivity with Microsoft Teams20 More Tips to Improve Productivity with Microsoft Teams
20 More Tips to Improve Productivity with Microsoft Teams
 
20 Microsoft 365 Tips You've Probably Never Used (But Should)
20 Microsoft 365 Tips You've Probably Never Used (But Should)20 Microsoft 365 Tips You've Probably Never Used (But Should)
20 Microsoft 365 Tips You've Probably Never Used (But Should)
 

Recently uploaded

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to Ignore

  • 1. Securing SharePoint: 5 SharePoint Security Essentials You Cannot Afford to Ignore CHRISTIAN BUCKLEY SHAREPOINT MVP & CHIEF EVANGELIST SHAUN NICHOLS LEAD SOLUTIONS ENGINEER
  • 2. Christian Buckley Chief Evangelist & SharePoint MVP Metalogix www.buckleyplanet.com @buckleyplanet cbuck@metalogix.com
  • 3. Shaun Nichols Lead Solutions Engineer Metalogix www.metalogix.com @SharePointGiant snichols@metalogix.com
  • 4. For over a decade, Metalogix has developed the industry’s best and most trusted management tools for SharePoint, Exchange, and Office 365, backed by our live 24x7 support. Over 14,000 clients rely on Metalogix tools every minute of every day to monitor, migrate, store, synchronize, archive, secure, and backup their collaboration platforms. We are committed to your Success with SharePoint!
  • 5. SharePoint Growth & Evolution SharePoint Releases Metadata Content
  • 6.
  • 7. Readiness o How important is governance in your organization/company today? o Do you know who is getting access to what information? o Do you store any financial or legal records in SharePoint? o Do you know who can access or has accessed it? o Do you have compliance regulations that you have to adhere to? o If there was a security breach, who would be held responsible? o Do you regularly run audits on usage, security, content, or permissions? o Do you have an IS department that is asking for reports? o How do you respond to compliance requirements for Audits? o What does the process look like today?
  • 9.
  • 10.
  • 11.
  • 12. A 2012 CIO survey by Gartner shows an increasing push in collaboration, analytics, and cloud computing. They predict that by 2016, 20% of CIOs in regulated industries will lose their jobs for failing to implement the discipline of information governance successfully.
  • 13. Technical Governance Means…  Logins work  Data is secure  System performs well  Metadata applied  End users can quickly find their content  Storage is optimized  Content lifecycles in place, regularly reviewed  Legal and regulatory requirements being met
  • 14. Corporate IT SharePoint Content Strategies Priorities Budgets Customers Facilities Hardware Software Assurance Test Support Ownership Permissions Roles Storage Architecture Retention Auditing Reporting Permissions Ownership Requirements Retention Search Decommission
  • 15. Survey says…. 36% of SharePoint users are breaching security policies (CMSWire) Only 18% of enterprises use technical controls to prevent access to sensitive information. Most — 73 percent — rely on written policies or informal understandings with their workforce (CMSWire) 60% of organizations have yet to bring SharePoint into line with existing data compliance policies. (AIIM) Two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place (Emedia) A survey revealed that 79% of respondents stored sensitive or confidential information on their SharePoint platform (CMSWire)
  • 16. What are the 5 most common SharePoint security concerns?
  • 17. 1. Failure to define (and communicate) policies and procedures.  Start with non-technical elements  Develop a Security Policy  Implement a training plan for end users  Develop a strategy for ensuring users know what content is confidential 34% of IT administrators said that they'd "sneaked a peek" at documents they weren't authorized to view, including employee details and salary information (DarkReading)
  • 18. 2. Failure to implement any kind of permissions best practices.  Apply permissions using Least Privileged principles  Don’t give users Direct Access  Embrace SharePoint Groups and/or Active Directory Groups  Ensure Appropriate Use of the Authenticated Users Group  Clean up Orphan Users  Use Broken Inheritance Responsibly  Revoke permissions quickly
  • 19. 3. Failure to regularly audit access to content and sites.  Are we adhering to Compliance or Governance requirements?  Who has been accessing specific content?  How often are specific sites being accessed?  What features of SharePoint are being used?  Are we managing the volume of log data?
  • 20. 4. Failure to monitor changes to security settings.  SharePoint security changes over time  Ensure users are continuing to adhere to security policies  Prevent users from causing havoc  We need to plan how we will stay on top of changes
  • 21. 5. Failure to empower users and admins with the right permissions.  Find your responsible business content owners  Enable and Equip them to manage access to their content  Ensure management access is limited to those with appropriate permissions  Segment your administration responsibilities – Power Users, business owners
  • 23. Apply the Top 5 Security Essentials using ControlPoint  Easily make changes to or revoke permissions across any scope – even between farms  Audit Permissions to ensure only the right people have access  Meet compliance and governance requirements with regular scheduled reports  Monitor what users are doing – receive Alerts for unexpected security changes  Permissions Management wizard for the casual user
  • 25.
  • 26.
  • 27. Permissions Reporting Auditing Compliance ControlPoint: Security and Compliance BenefitsObjectives • Policy driven security and permissions across SharePoint farms • Seamless extension to out-of-the-box security administration • Increased compliance insight and transparency • Mitigate risk of data loss due unauthorized access to content • Provide audit trails of content access • Provide automation of governance policies
  • 28. Best Practices  Make governance a priority  Look at your systems holistically (a business view), regardless of where the servers sit  Clarify and document your permissions, information architecture, templates, content types, taxonomy -- and ownership of each  First define what policies, procedures, and metrics are needed to manage your environment, and then look at what is possible across your various tools and platforms
  • 29. Thank you! www.buckleyplanet.com @buckleyplanet cbuck@metalogix.com 30 Day Trial of ControlPoint www.metalogix.com/controlpoint

Editor's Notes

  1. Demo – Permissions Report Highlight how someone gets permissions Show users with Direct Permissions Show Cleanup User Permissions Show Authenticated Users Orphan User Revoke Permissions From pervious slide – show tagging sites to show confidential, etc
  2. Demo Audit log report Site or Site Collection features Talk about archiving the audit log
  3. Demo CP alerts for permissions changes - Receive alerts when changes are made CP policies - Prevent users from causing havoc
  4. Cleanup permissions – like users with direct permissions
  5. Presentation Title