How to secure a SharePoint environment
Five lines of defence you need to secure your Microsoft SharePoint environment
The increasing use of Microsoft SharePoint to store sensitive business data and extend access and collaboration to partners, customers and suppliers has outpaced native SharePoint security capabilities.
More and more organisations are storing and accessing sensitive, regulated information through this platform. To improve business security, organisations must invest in organising, managing and protecting these valuable assets.
By implementing the five lines of defence outlined in this article, you will be able to overcome operational challenges and protect your SharePoint deployments against both internal and external threats.
Challenge 1: Ensure access rights remain aligned with business needs
“Unstructured data now accounts for more than 90% of the digital universe.” – IDC 2011
SharePoint security gap
Without an aggregated, centralised system to view rights information, SharePoint permissions for each site collection must first be extracted to an Excel spreadsheet and then combined by hand to analyse. And that analysis must be done manually within Excel or exported – yet again – to a third-party analytics platform.
Action
Aggregate permissions across the entire SharePoint deployment and automate the review process to keep rights aligned with business needs.
The advantage
- Understand who has access to what data or, conversely, what data any given user or group can access, and how that access was assigned or inherited.
- Simplify the process of identifying where excessive access rights have been granted, if there are dormant users, and who owns each item and document.
- Help administrators and data owners establish a baseline snapshot of access rights and conduct rights reviews.
View more resources for Microsoft SharePoint
- Securing SharePoint: SharePoint security best practices
- Examining SharePoint 2010 and Outlook 2010 synchronization gotchas
- Open source tools level SharePoint 2010 collaboration playing field
- SharePoint integration considerations for every Exchange organization
- How To Use Workflows In SharePoint
- The Five Pillars of SharePoint Governance
- Avoiding the Complexity of SharePoint Deployments
- The Dell | Microsoft SharePoint 2010 Solution
Challenge 2: Address compliance mandates
“60% of organisations have yet to bring SharePoint into line with existing data compliance policies.” – AIIM 2011
SharePoint security gap
Native SharePoint activity monitoring lacks an intuitive, easy-to-use interface for reporting and analytics. Without a third-party solution, businesses must first decode SharePoint’s internal representation of log data before they can access meaningful information.
Action
Use enterprise-class technology that combines permissions and activity details to automate compliance reporting.
The advantage
- Generate compliance reports on time and tailored to each recipient’s needs.
- Drill down, filter and organise data.
- Enrich native data with relevant information, such as type of data, department and data owner.
Challenge 3: Respond to suspicious activity in real time
“96% of breaches were avoidable through simple or intermediate controls.” – Verizon Data Breach Report 2011
SharePoint security gap
Native SharePoint activity auditing does not provide the ability to automatically analyse access activity and respond with an alert or block.
Action
Use a policy framework to build rules across SharePoint’s web, file and database components to identify suspicious behaviour and complement native access controls.
The advantage
- Monitor, control and respond to suspicious activity in real time.
- Balance the need for trust and openness with security concerns.
Challenge 4: Protect web applications from attack
“31% of organisations are using SharePoint for externally facing websites, and another 47% are planning to do so.” – Forrester Research, Inc. 2011
SharePoint security gap
Native SharePoint does not include web application firewall protection.
Action
Deploy a proven web application firewall (WAF) technology.
The advantage
- Provide a powerful defence against common attacks, such as SQL injection and cross-site scripting.
- Streamline and automate regulatory compliance.
- Mitigate data risk.
Challenge 5: Take control when migrating data
“SharePoint 2010 deployments grew fivefold in the past six months.” – Global 360 2011
SharePoint security gap
SharePoint enforces access controls for files using access control lists (ACLs). What makes native permissions challenging, however, is that SharePoint lacks an automated way to ensure that ACLs remain aligned with business needs.
Action
Identify where excessive access rights have been granted, and use file activity monitoring to locate stale data that can be archived or deleted.
The advantage
- Keep rights aligned with business needs.
- Free up storage space and reduce the amount of data that must be actively managed.
Rob Rachwald is director of security strategy at Imperva.
Preventing identity theft in a data breach
In this e-guide, we will explore the links between ransomware attacks, data breaches and identity theft. First, Nicholas Fearn investigates the phenomenon of the double extortion attack, and shares some insider advice on how to stop them, while we'll explore the top five ways data backups can protect against ransomware in the first place.
