Security Management Strategies for the CIOAccess "Three steps for securing SharePoint"
This article is part of the July/August 2012 issue of Establishing an effective internal security pen testing methodology
SharePoint 2010 is easily one of Microsoft’s most complex products, and the task of securing SharePoint can be overwhelming. Even so, there are some relatively simple steps you can perform that will go a long way toward improving the overall security of your SharePoint deployment and ensuring the sensitive data it contains is protected. Step 1: Limit permissions One of the most common SharePoint security problems is users receiving excessive permissions. The principle of least privileges should be used any time a user is being granted access to SharePoint. Unfortunately, users are often given excessive permissions, either because it is easier for an administrator to assign blanket permissions over granular permissions, or because the administrator does not truly understand the SharePoint permissions model. To give you a more concrete example, imagine a specific user needs to be able to manage a large group of sites, sub-sites, lists, and libraries. In that type of situation, the easy thing to do would be to make the user a site collection administrator. ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
Learn pen testing best practices and how to build an internal pen testing team.
-
Securing SharePoint: SharePoint security best practices
by Marcia Savage, Editor
SharePoint has become ubiquitous in the enterprise, but organizations can overlook security. Learn SharePoint security best practices in this article.
-
Talk of cyberwarfare threats heats up with Flame malware
by Robert Westervelt, News Director
Experts say malware toolkit isn’t unique, but warn of cyberweapons falling into the wrong hands.
-
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
-
-
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
New techniques are emerging to help organizations analyze security data and improve security defenses.
-
Three steps for securing SharePoint
by Brien M. Posey, Contributor
Restricting user permissions, server hardening and dedicated service accounts are critical.
-
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
-
Columns
-
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
Mobile systems have a lot of moving parts, but securing them is as simple as practicing software security.
-
Cyberspace protection requires government collaboration with industry
by Riley Repko, Contributor
Government and private sector collaboration is critical to surviving in cybespace.
-
LinkedIn password leak: Lessons to be learned from LinkedIn breach
by Marcia Savage, Editor
Breach at the professional networking site highlights password practices, storage procedures.
-
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...