Huge amount of content is being generated by organizations everyday and with cloud solutions, enterprise social collaboration as well as mobile access, new ways are being adopted by employees for information sharing. This is leading to continuous expansion of the ways of collaboration. Most organizations use Microsoft SharePoint as a corporate information hub with the content coming from external clients and partners as well as internal employees. This may result in risks entering the organization such as malware getting in to the enterprise, regulatory compliance issues cropping up as well as sensitive information getting exposed unintentionally. This makes it essential to secure the system properly so that you protect sensitive information from getting out. Here are some practices that help improve SharePoint security.
Assigning users to groups- This is a practice that should always be adopted. Through assignment to SharePoint groups, the capability of a particular user may be predicted without their security profile getting audited. While using Active Directory, hybrid should be used in conjunction and then SharePoint groups created. AD groups should then be assigned to the apt group.
Need-to-know assignments- People should only be assigned to sites where the access is mandatory. Only if somebody can demonstrate the need for accessing a site, then they must be assigned to a group which is associated with accessing the needed sites. In most scenarios, if the purpose behind a user’s presence in contributor groups cannot be justified, then they should not be allowed on the site in the first place.
Site inheritance should not be broken at object level- There can be a lot of frustration as well as confusion if permissions are broken at the object level. A user should be assigned to proper security group; then they must be left alone. If the list or library contains sensitive data then a child site must be created and accordingly group permissions assigned.
Refrain from assigning document level permissions as far as possible- Assignment of permissions at the very document level can turn out to be a maintenance nightmare. If the need arises, then additional sites or libraries must be created before breaking a list or library’s security. Permissions may be broken but it may turn out to be a fatal decision.
Monitoring content- You should monitor the content both on schedule as well as in real time by using automated processes that are rule-based, in a way that will provide protection to the information in a systematic way. The content must also be classified by the use of related metadata where metadata may be added by the authors but the controls of allowing user’s classification being overridden, is with the system.
Audits and scans- To check the level of compliance, ongoing audits must be performed as well as scheduled scans run regularly for SharePoint sites.
Risk evaluation- Risk must be evaluated according to the organization’s logic for providing multiple perspectives related to potential risk to data transport as well as delivery.
Measuring progress- Over time, progress must be measured so that priority is demonstrated, along with the triumphs of compliance initiatives; accordingly modifications should be made wherever necessary.
Prioritizing areas for improvement- Areas that need improvement must be prioritized and accordingly concerns as well as issues should be addressed. For that you should work in close association with content authors as well as stakeholders.
Linking compliance improvements- Compliance improvements must be linked to migration programs. For example, before migrating to SharePoint, scan data should be run on file shares. It should also be remembered that new initiatives need compliance.
Implementation of proper monitoring ensures that your information stays safe. However, the security problem is not simply a SharePoint-specific problem and may be said to be a universal problem for all content, no matter where it resides. But proper planning along with the correct technology may help you address this concern.
You can hire developers from top custom sharepoint development companies in India who can help you build your projects within allocated budget and time schedules.
We provide sharepoint application development services. If you would like to know more about the experience of our sharepoint 2010 development experts, please get in touch with Mindfire Solutions.
Need-to-know assignments- People should only be assigned to sites where the access is mandatory. Only if somebody can demonstrate the need for accessing a site, then they must be assigned to a group which is associated with accessing the needed sites. In most scenarios, if the purpose behind a user’s presence in contributor groups cannot be justified, then they should not be allowed on the site in the first place.
Site inheritance should not be broken at object level- There can be a lot of frustration as well as confusion if permissions are broken at the object level. A user should be assigned to proper security group; then they must be left alone. If the list or library contains sensitive data then a child site must be created and accordingly group permissions assigned.
Refrain from assigning document level permissions as far as possible- Assignment of permissions at the very document level can turn out to be a maintenance nightmare. If the need arises, then additional sites or libraries must be created before breaking a list or library’s security. Permissions may be broken but it may turn out to be a fatal decision.
Monitoring content- You should monitor the content both on schedule as well as in real time by using automated processes that are rule-based, in a way that will provide protection to the information in a systematic way. The content must also be classified by the use of related metadata where metadata may be added by the authors but the controls of allowing user’s classification being overridden, is with the system.
Audits and scans- To check the level of compliance, ongoing audits must be performed as well as scheduled scans run regularly for SharePoint sites.
Risk evaluation- Risk must be evaluated according to the organization’s logic for providing multiple perspectives related to potential risk to data transport as well as delivery.
Measuring progress- Over time, progress must be measured so that priority is demonstrated, along with the triumphs of compliance initiatives; accordingly modifications should be made wherever necessary.
Prioritizing areas for improvement- Areas that need improvement must be prioritized and accordingly concerns as well as issues should be addressed. For that you should work in close association with content authors as well as stakeholders.
Linking compliance improvements- Compliance improvements must be linked to migration programs. For example, before migrating to SharePoint, scan data should be run on file shares. It should also be remembered that new initiatives need compliance.
Implementation of proper monitoring ensures that your information stays safe. However, the security problem is not simply a SharePoint-specific problem and may be said to be a universal problem for all content, no matter where it resides. But proper planning along with the correct technology may help you address this concern.
You can hire developers from top custom sharepoint development companies in India who can help you build your projects within allocated budget and time schedules.
We provide sharepoint application development services. If you would like to know more about the experience of our sharepoint 2010 development experts, please get in touch with Mindfire Solutions.
No comments:
Post a Comment