Securing Your SharePoint Environment

Many companies do not realize the full extent of their SharePoint environment. You will often find sensitive financial data and employee information stored in your SharePoint environment. How can you secure this sensitive data without impacting user's ability to use the system? Here are 5 basic tips that you can use.

  1. Train your SharePoint power-users - This is probably the most critical part of the plan. The power-users often control the access to the data in their area. Impress upon them the responsibility that they carry.
  2. Secure your SQL Server - All of your SharePoint data is stored within SQL Server and this is your second point of defense. Make sure that you have up-to-date on your server. It is also important to ensure that your SQL Server is behind a Firewall that is blocking all non-essential ports. You can also consider using a non-standard port for your SharePoint-to-SQL traffic.
  3. Harden your Web Servers - Your SharePoint Web Servers are your next line of defense. This is what users are actually accessing when they go to SharePoint. Ensure you have up-to-date anti-virus and that the servers operate behind a firewall with all non-essential ports blocked. Consider using secure (Https) communication for sites that have sensitive data.
  4. Protect Access to your Servers - Many companies have now moved to a virtual environment, but who has access to that virtual environment? Though it is not as common to see tapes for Backups and retention, it is still just as critical to protect your backups as well. The statement is still true that if you have physical access, you have access to the data. Protecting your servers is as critical as selecting a strong username and password.
  5. Perform Occasional Audits of your Data - Whether you use software like AvePoint or you perform the scans yourself, it is important that you are aware of what is in your environment. You can use Web Analytics to see what the top searches are and what type of data your users are accessing.

Securing your SharePoint environment is critical and these are just a few of the many ways that you can do so. More information can be found from Microsoft or by clicking here. Regardless of how you chose to do so, remember that you are only as strong as your weakest link.

Get Started