SlideShare a Scribd company logo

Best practices for Security and Governance in SharePoint 2013

Download as PPTX, PDF
A
AntonioMaio2

Best practices for Security and Governance in Microsoft SharePoint 2013

Technology
1 of 29
Antonio Maio Protiviti, Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Best Practices for Security and Governance in SharePoint 2013 Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. About Protiviti INDIA (3) Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE® 1000 and Global 500 companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half International Inc. (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index. • 2,500+ professionals • 1,000+ clients • 70+ offices • Over 20 countries in the Americas, Europe and Asia-Pacific Protiviti is one of the fastest growing consulting firms worldwide. Our revenues have increased from US $15 million in 2002, to US $423.8 million in 2011.
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Goal Inform and Educate on Key SharePoint Security Features Illustrate the Importance of Establishing Strong Governance
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What do we know about Security and Governance? • Security is critical in government and military deployments • It’s a critical consideration in business • Requires good planning • Requires good awareness of SharePoint capabilities • Requires knowledge of what SharePoint cannot do • Yet… Security and Governance are still often an after thought for many deployments
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What Drives our Information Security Needs? • Information Security comes down to 2 or 3 drivers – Protecting Your Investments (intellectual property, digital assets, competitive advantage…) – Reducing Your Liability (avoid compliance violations, fines/sanctions, reputation issues…) – Public Safety or Mission Success (protect classified information, mission plans, reputation issues…) – Public Health (health records, health insurance, insurance fraud/theft…)
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What Drives our Information Security Needs? • How does this affect us as SharePoint people? – How We Deploy SharePoint – Control Access – Assign Roles – Establish Repeatable/Predictable Process – Regulatory Compliance Standards – Auditing & Reporting Obligations
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Governance Ignorance is not always bliss… it’s problematic! … Why?
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Governance • Governance means setting out the structures, people, policies, procedures and controls implemented to manage information and support an organization's immediate and future requirements: – Regulatory – Legal – Risk – Administrative – Environmental – Operational
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Governance and SharePoint • SharePoint as a platform which offers services to your organization’s users • Governance for the SharePoint platform means: • Managing existing services in a predictable way • Deploying new services in a predictable way • Providing a clear set of guidelines for usage and administration • Achieve Strong Governance for SharePoint: 1. Develop a Governance Plan • Cross functional - Identifies ownership for business and technical teams • Regulatory, risk, legal, admin, environmental, organizational Needs 2. Establish a Governance Team • Include stakeholders from across the organization
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Define Information Architecture/Structures (Includes Metadata Taxonomy) Confidential Developing a SharePoint Governance Plan - Key Areas to Focus Define Security Controls/Groups, Permissions and Roles for Assigning Permissions Define Roles, Responsibilities, Authority Determine Training Needs; Plan to Educate User Community Define Rules for Site Creation, Management, Decommissioning
SharePoint Security
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. SharePoint Deployment • Plan your Deployments and Necessary User Accounts • Use Least Privileged Accounts • Review SharePoint deployment guide before you install • SharePoint is a web application built on top of SQL Server – Best practice: to use specific user accounts for specific purposes with least privileges • Benefits: Separation of Concerns – Multiple points of redundancy – Targeted auditing of account usage – Minimize the risk of compromised accounts
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Deployment User Accounts • Use 3 Different Deployment Accounts (at minimum) SQL Server Service Account Setup User Account SharePoint Farm Account Assign to MSSQLSERVER and SQLSERVERAGENT services when installing SQL Server (ex. domainSQL_service) Used to install SharePoint, run Product Config Wizard, install patches/update Used to run the SharePoint farm; not just for database access (ex. domainsp_farm_user) No special domain permissions - given required rights in SQL Server during SQL setup Login with this when running setup (ex. domainsp_setup_user) After Product Config Wizard run, prompted to provide the Database Access Account – this is the all powerful farm account Must be local admin on each server in SharePoint farm (except SQL Server if its different box) Given ownership of Config database - also configures several SharePoint services (ex. timer service) to use this as its identity Before starting SharePoint setup, assign the securityadmin and dbcreator roles in SQL
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Deployment User Accounts • Use 3 Different Deployment Accounts (at minimum) SQL Server Service Account Setup User Account SharePoint Farm Account • Should all be AD domain accounts (user accounts) • Do not use personal admin account, especially for Setup User Account • Configure central email account for all managed accounts
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Authentication • Determine that users are who they say they are (via login) • Configured on each web app • Multiple authentication methods per web app • SharePoint 2010 Options • Classic Mode Authentication (Integrated Auth, NTLM, Kerberos) • Claims Based Authentication • Forms Based Authentication available - through Claims Based Auth. – UI configuration options only available in UI upon web app creation – To convert non-claims based web app to claims will require PowerShell • SharePoint 2013 Options • Claims Based Authentication - default • Classic Mode Deprecated - Configuration UI has been removed (Only configurable through PowerShell)
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Authorization • Determine if users have access to specific information objects and which level of access are they granted • Accomplished through Permissions in SharePoint • Allow you to secure any information object or container • Apply to items, documents, folders, lists, libraries, sites • Do not apply to individual column field values • Assigning Permissions Includes • The information object or container in question • The user, group or claim that is granted access • The permission level we are granting as part of that access
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permission Examples: Users and Groups • Finance AD Group has Full Control on Library A • ProjectXContractor SP Group has Read access on site B • Antonio.Maio AD user has Contribute access on Document C User or Group (also called a ‘Principle’) Permission Level (collection of permissions) Information Object (item or container)
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permission Examples: Claims • Remember: Claims are trusted attributes about a user • May assign a Claim as part of a permission to an object or container (like a user or group) • ‘SecurityClearance=Secret’ has Full Control access on Document X • ‘ITARCleared=True’ has Read access on Library Y • ‘EmploymentStatus=FTE’ has Contribute access on Site Z
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Inherited Permission Model • Hierarchical permission model • Permissions are inherited from level above • Can break inheritance and apply unique permissions • Manual process • Permissive Model SharePoint Farm Web Application Site Collection Site Collection Site Site Library List Document Web Application Item Site Document Document Item Demo Members SharePoint Group Edit Demo Owners SharePoint Group Full Control Demo Visitors SharePoint Group Read Finance Team Domain Group Edit Senior Mgmt Domain Group Full Control Research Team Domain Group Full Control Senior Mgmt Domain Group Full Control Research Team Domain Group Full Control Senior Mgmt Domain Group Full Control Antonio.Maio Domain User Full Control
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permissions and Security Scopes • Every time permission inheritance is broken a new security scope is created • Security Scope is made of up principles: • Domain users/groups • SharePoint users/groups • Claims • Be aware of “Limited Access” • Limitations • Security Scopes (50K per list) • Size of Scope (5K per scope) Microsoft SharePoint Boundaries and Limits: http://technet.microsoft.com/en-us/library/cc262787.aspx
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Architecture and Metadata • Information Architecture – The structural design of your information sharing environment • Organization and Storage • Identification • Retention • Business sensitivity and confidentiality • … • Metadata can provide important insight into what type of information you have in SharePoint • Recommended: Use Metadata to Classify information and Identify its Sensitivity
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Standardized Metadata
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Standardized Metadata • Implement Standardized Metadata Fields across libraries/lists • Library or List Level • Site Column Level • Managed Metadata Service (across Site Collection or Farm) • Ensure users are adding metadata when adding/editing information (mandatory fields) • Be aware of situations where SharePoint doesn’t request metadata (multi-file upload, explorer view) • Keep it Simple: Limit sensitivity classification to 3 or 4 labels – Public, Confidential, Restricted, Highly Restricted – Low Business Impact, Moderate Business Impact, High Business Impact – Unclassified, Confidential, Secret, Top Secret • Educate, Educate, Educate: What does each label mean/impact?
© 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Recap • Develop a SharePoint Governance Plan with Key Stakeholders • Ignorance is not bliss… it’s problematic! • Understand the type of information you have • Develop an information architecture • Understand the risks to that information: accidental, insider and external threats • Use Metadata to identify sensitivity • Educate end users on significance of sensitivities – make them part of the solution • Deploying SharePoint with Appropriate Least Privileged Accounts • Determine your Authentication and Authorization Needs • Understand how permissions work • Plan for how permissions are given and managed • Understand SharePoint Security Features • Others: Web App Policies, Anonymous Users, Information Rights Management, Privileged Users , Event Auditing
Antonio Maio Protiviti, Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Thank You! Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2

Recommended

Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedAntonioMaio2
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedAntonioMaio2
 
SharePoint 2013 governance model
SharePoint 2013 governance modelSharePoint 2013 governance model
SharePoint 2013 governance modelYash Goley
 
SPSRI - Sharing the Point in an A/D World
SPSRI - Sharing the Point in an A/D WorldSPSRI - Sharing the Point in an A/D World
SPSRI - Sharing the Point in an A/D WorldJared Matfess
 

Recommended

Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedAntonioMaio2
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedAntonioMaio2
 
SharePoint 2013 governance model
SharePoint 2013 governance modelSharePoint 2013 governance model
SharePoint 2013 governance modelYash Goley
 
SPSRI - Sharing the Point in an A/D World
SPSRI - Sharing the Point in an A/D WorldSPSRI - Sharing the Point in an A/D World
SPSRI - Sharing the Point in an A/D WorldJared Matfess
 
SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365NCCOMMS
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsAlexander Meijers
 
Best Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information ArchitectureBest Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information ArchitectureJoel Oleson
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
 
Share Point online
Share Point onlineShare Point online
Share Point onlineKhwezi Flatela
 
Managesp 160805190411
Managesp 160805190411Managesp 160805190411
Managesp 160805190411Danielle Jennings
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsSecuring SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsDrew Madelung
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Securing the SharePoint Platform
Securing the SharePoint PlatformSecuring the SharePoint Platform
Securing the SharePoint PlatformBert Johnson
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
What’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattleWhat’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattleDrew Madelung
 
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013Jasper Oosterveld
 
Give Your SharePoint Site a Physical
Give Your SharePoint Site a PhysicalGive Your SharePoint Site a Physical
Give Your SharePoint Site a PhysicalAscendum Solutions
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...CoLaboraDK
 
SPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss PreventionSPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss PreventionNCCOMMS
 
Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011Intergen
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013AntonioMaio2
 
Enterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BIEnterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BISenturus
 

More Related Content

What's hot

SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365NCCOMMS
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsAlexander Meijers
 
Best Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information ArchitectureBest Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information ArchitectureJoel Oleson
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsSecuring SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsDrew Madelung
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Securing the SharePoint Platform
Securing the SharePoint PlatformSecuring the SharePoint Platform
Securing the SharePoint PlatformBert Johnson
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
What’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattleWhat’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattleDrew Madelung
 
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013Jasper Oosterveld
 
Give Your SharePoint Site a Physical
Give Your SharePoint Site a PhysicalGive Your SharePoint Site a Physical
Give Your SharePoint Site a PhysicalAscendum Solutions
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...CoLaboraDK
 
SPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss PreventionSPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss PreventionNCCOMMS
 
Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011Intergen
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 

What's hot (20)

SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365SPUnite17 Information Management and Data Governance in Office365
SPUnite17 Information Management and Data Governance in Office365
 
Sp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basicsSp24 design a share point 2013 architecture – the basics
Sp24 design a share point 2013 architecture – the basics
 
Best Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information ArchitectureBest Practices to SharePoint Physical and Information Architecture
Best Practices to SharePoint Physical and Information Architecture
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
 
Share Point online
Share Point onlineShare Point online
Share Point online
 
Managesp 160805190411
Managesp 160805190411Managesp 160805190411
Managesp 160805190411
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern Extranet
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity LabelsSecuring SharePoint, OneDrive, & Teams with Sensitivity Labels
Securing SharePoint, OneDrive, & Teams with Sensitivity Labels
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
Securing the SharePoint Platform
Securing the SharePoint PlatformSecuring the SharePoint Platform
Securing the SharePoint Platform
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
 
What’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattleWhat’s the News About SharePoint News - SPFestSeattle
What’s the News About SharePoint News - SPFestSeattle
 
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
SPCA2013 - Best Practices Document Management in SharePoint (Online) 2013
 
Give Your SharePoint Site a Physical
Give Your SharePoint Site a PhysicalGive Your SharePoint Site a Physical
Give Your SharePoint Site a Physical
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
SPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss PreventionSPUnite17 SharePoint and Data Loss Prevention
SPUnite17 SharePoint and Data Loss Prevention
 
Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011Highlights from the SharePoint Conference 2011
Highlights from the SharePoint Conference 2011
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 

Similar to Best practices for Security and Governance in SharePoint 2013

A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013AntonioMaio2
 
Enterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BIEnterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BISenturus
 
SharePoint Governance 101 - Austin O365 & SharePoint User Group
SharePoint Governance 101 - Austin O365 & SharePoint User GroupSharePoint Governance 101 - Austin O365 & SharePoint User Group
SharePoint Governance 101 - Austin O365 & SharePoint User GroupJim Adcock
 
SharePoint Governance 101 - OKCSUG
SharePoint Governance 101 - OKCSUGSharePoint Governance 101 - OKCSUG
SharePoint Governance 101 - OKCSUGJim Adcock
 
Iam update 2014.10.16
Iam update 2014.10.16Iam update 2014.10.16
Iam update 2014.10.16kevin_donovan
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...AntonioMaio2
 
Governance sharepointserver-2010
Governance sharepointserver-2010Governance sharepointserver-2010
Governance sharepointserver-2010Chad Solomonson
 
SharePoint Governance 101 SPSSA2016
SharePoint Governance 101 SPSSA2016SharePoint Governance 101 SPSSA2016
SharePoint Governance 101 SPSSA2016Jim Adcock
 
Mythra Product Presentation
Mythra Product PresentationMythra Product Presentation
Mythra Product PresentationSANAND809
 
SharePoint Governance 101 - Austin SharePoint User Group August 2014
SharePoint Governance 101 - Austin SharePoint User Group August 2014SharePoint Governance 101 - Austin SharePoint User Group August 2014
SharePoint Governance 101 - Austin SharePoint User Group August 2014Jim Adcock
 
#SharePoint Governance 101 #SPEngage October 2015
#SharePoint Governance 101 #SPEngage October 2015#SharePoint Governance 101 #SPEngage October 2015
#SharePoint Governance 101 #SPEngage October 2015Jim Adcock
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always OnAntonioMaio2
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarConcept Searching, Inc
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudAntonioMaio2
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudChristian Buckley
 
Threat from within
Threat from withinThreat from within
Threat from withinNuxeo
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint GovernanceImperva
 
Itil certification course
Itil certification courseItil certification course
Itil certification courseMakeMeWise
 

Similar to Best practices for Security and Governance in SharePoint 2013 (20)

A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013
 
Enterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BIEnterprise Security: Tableau vs. Power BI
Enterprise Security: Tableau vs. Power BI
 
SharePoint Governance 101 - Austin O365 & SharePoint User Group
SharePoint Governance 101 - Austin O365 & SharePoint User GroupSharePoint Governance 101 - Austin O365 & SharePoint User Group
SharePoint Governance 101 - Austin O365 & SharePoint User Group
 
SharePoint Governance 101 - OKCSUG
SharePoint Governance 101 - OKCSUGSharePoint Governance 101 - OKCSUG
SharePoint Governance 101 - OKCSUG
 
Iam update 2014.10.16
Iam update 2014.10.16Iam update 2014.10.16
Iam update 2014.10.16
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...
 
Governance sharepointserver-2010
Governance sharepointserver-2010Governance sharepointserver-2010
Governance sharepointserver-2010
 
SharePoint Governance 101 SPSSA2016
SharePoint Governance 101 SPSSA2016SharePoint Governance 101 SPSSA2016
SharePoint Governance 101 SPSSA2016
 
Mythra Product Presentation
Mythra Product PresentationMythra Product Presentation
Mythra Product Presentation
 
SharePoint Governance 101 - Austin SharePoint User Group August 2014
SharePoint Governance 101 - Austin SharePoint User Group August 2014SharePoint Governance 101 - Austin SharePoint User Group August 2014
SharePoint Governance 101 - Austin SharePoint User Group August 2014
 
#SharePoint Governance 101 #SPEngage October 2015
#SharePoint Governance 101 #SPEngage October 2015#SharePoint Governance 101 #SPEngage October 2015
#SharePoint Governance 101 #SPEngage October 2015
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always On
 
Best of Intranet Global Forum LA 2015
Best of Intranet Global Forum LA 2015Best of Intranet Global Forum LA 2015
Best of Intranet Global Forum LA 2015
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the Cloud
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the Cloud
 
Threat from within
Threat from withinThreat from within
Threat from within
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance
 
Itil certification course
Itil certification courseItil certification course
Itil certification course
 

More from AntonioMaio2

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioAntonioMaio2
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioAntonioMaio2
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!AntonioMaio2
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365AntonioMaio2
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013AntonioMaio2
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013AntonioMaio2
 
Share point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioShare point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioAntonioMaio2
 
Webinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityWebinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityAntonioMaio2
 
SharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioSharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioAntonioMaio2
 

More from AntonioMaio2 (13)

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maio
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maio
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maio
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
 
Share point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maioShare point security 101 sps-ottawa 2012 - antonio maio
Share point security 101 sps-ottawa 2012 - antonio maio
 
Webinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint SecurityWebinar: Take Control of SharePoint Security
Webinar: Take Control of SharePoint Security
 
SharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio MaioSharePoint Saturday Toronto July 2012 - Antonio Maio
SharePoint Saturday Toronto July 2012 - Antonio Maio
 

Recently uploaded

Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Best practices for Security and Governance in SharePoint 2013

  • 1. Antonio Maio Protiviti, Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Best Practices for Security and Governance in SharePoint 2013 Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2
  • 2. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. About Protiviti INDIA (3) Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE® 1000 and Global 500 companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half International Inc. (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index. • 2,500+ professionals • 1,000+ clients • 70+ offices • Over 20 countries in the Americas, Europe and Asia-Pacific Protiviti is one of the fastest growing consulting firms worldwide. Our revenues have increased from US $15 million in 2002, to US $423.8 million in 2011.
  • 3. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Goal Inform and Educate on Key SharePoint Security Features Illustrate the Importance of Establishing Strong Governance
  • 4. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What do we know about Security and Governance? • Security is critical in government and military deployments • It’s a critical consideration in business • Requires good planning • Requires good awareness of SharePoint capabilities • Requires knowledge of what SharePoint cannot do • Yet… Security and Governance are still often an after thought for many deployments
  • 5. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What Drives our Information Security Needs? • Information Security comes down to 2 or 3 drivers – Protecting Your Investments (intellectual property, digital assets, competitive advantage…) – Reducing Your Liability (avoid compliance violations, fines/sanctions, reputation issues…) – Public Safety or Mission Success (protect classified information, mission plans, reputation issues…) – Public Health (health records, health insurance, insurance fraud/theft…)
  • 6. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. What Drives our Information Security Needs? • How does this affect us as SharePoint people? – How We Deploy SharePoint – Control Access – Assign Roles – Establish Repeatable/Predictable Process – Regulatory Compliance Standards – Auditing & Reporting Obligations
  • 7. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Governance Ignorance is not always bliss… it’s problematic! … Why?
  • 8. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Governance • Governance means setting out the structures, people, policies, procedures and controls implemented to manage information and support an organization's immediate and future requirements: – Regulatory – Legal – Risk – Administrative – Environmental – Operational
  • 9. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Governance and SharePoint • SharePoint as a platform which offers services to your organization’s users • Governance for the SharePoint platform means: • Managing existing services in a predictable way • Deploying new services in a predictable way • Providing a clear set of guidelines for usage and administration • Achieve Strong Governance for SharePoint: 1. Develop a Governance Plan • Cross functional - Identifies ownership for business and technical teams • Regulatory, risk, legal, admin, environmental, organizational Needs 2. Establish a Governance Team • Include stakeholders from across the organization
  • 10. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Define Information Architecture/Structures (Includes Metadata Taxonomy) Confidential Developing a SharePoint Governance Plan - Key Areas to Focus Define Security Controls/Groups, Permissions and Roles for Assigning Permissions Define Roles, Responsibilities, Authority Determine Training Needs; Plan to Educate User Community Define Rules for Site Creation, Management, Decommissioning
  • 12. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. SharePoint Deployment • Plan your Deployments and Necessary User Accounts • Use Least Privileged Accounts • Review SharePoint deployment guide before you install • SharePoint is a web application built on top of SQL Server – Best practice: to use specific user accounts for specific purposes with least privileges • Benefits: Separation of Concerns – Multiple points of redundancy – Targeted auditing of account usage – Minimize the risk of compromised accounts
  • 13. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Deployment User Accounts • Use 3 Different Deployment Accounts (at minimum) SQL Server Service Account Setup User Account SharePoint Farm Account Assign to MSSQLSERVER and SQLSERVERAGENT services when installing SQL Server (ex. domainSQL_service) Used to install SharePoint, run Product Config Wizard, install patches/update Used to run the SharePoint farm; not just for database access (ex. domainsp_farm_user) No special domain permissions - given required rights in SQL Server during SQL setup Login with this when running setup (ex. domainsp_setup_user) After Product Config Wizard run, prompted to provide the Database Access Account – this is the all powerful farm account Must be local admin on each server in SharePoint farm (except SQL Server if its different box) Given ownership of Config database - also configures several SharePoint services (ex. timer service) to use this as its identity Before starting SharePoint setup, assign the securityadmin and dbcreator roles in SQL
  • 14. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Deployment User Accounts • Use 3 Different Deployment Accounts (at minimum) SQL Server Service Account Setup User Account SharePoint Farm Account • Should all be AD domain accounts (user accounts) • Do not use personal admin account, especially for Setup User Account • Configure central email account for all managed accounts
  • 15. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Authentication • Determine that users are who they say they are (via login) • Configured on each web app • Multiple authentication methods per web app • SharePoint 2010 Options • Classic Mode Authentication (Integrated Auth, NTLM, Kerberos) • Claims Based Authentication • Forms Based Authentication available - through Claims Based Auth. – UI configuration options only available in UI upon web app creation – To convert non-claims based web app to claims will require PowerShell • SharePoint 2013 Options • Claims Based Authentication - default • Classic Mode Deprecated - Configuration UI has been removed (Only configurable through PowerShell)
  • 16. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Authorization • Determine if users have access to specific information objects and which level of access are they granted • Accomplished through Permissions in SharePoint • Allow you to secure any information object or container • Apply to items, documents, folders, lists, libraries, sites • Do not apply to individual column field values • Assigning Permissions Includes • The information object or container in question • The user, group or claim that is granted access • The permission level we are granting as part of that access
  • 17. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permission Examples: Users and Groups • Finance AD Group has Full Control on Library A • ProjectXContractor SP Group has Read access on site B • Antonio.Maio AD user has Contribute access on Document C User or Group (also called a ‘Principle’) Permission Level (collection of permissions) Information Object (item or container)
  • 18. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permission Examples: Claims • Remember: Claims are trusted attributes about a user • May assign a Claim as part of a permission to an object or container (like a user or group) • ‘SecurityClearance=Secret’ has Full Control access on Document X • ‘ITARCleared=True’ has Read access on Library Y • ‘EmploymentStatus=FTE’ has Contribute access on Site Z
  • 19. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
  • 20. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
  • 21. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
  • 22. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Users Interacting with Permissions
  • 23. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Inherited Permission Model • Hierarchical permission model • Permissions are inherited from level above • Can break inheritance and apply unique permissions • Manual process • Permissive Model SharePoint Farm Web Application Site Collection Site Collection Site Site Library List Document Web Application Item Site Document Document Item Demo Members SharePoint Group Edit Demo Owners SharePoint Group Full Control Demo Visitors SharePoint Group Read Finance Team Domain Group Edit Senior Mgmt Domain Group Full Control Research Team Domain Group Full Control Senior Mgmt Domain Group Full Control Research Team Domain Group Full Control Senior Mgmt Domain Group Full Control Antonio.Maio Domain User Full Control
  • 24. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Permissions and Security Scopes • Every time permission inheritance is broken a new security scope is created • Security Scope is made of up principles: • Domain users/groups • SharePoint users/groups • Claims • Be aware of “Limited Access” • Limitations • Security Scopes (50K per list) • Size of Scope (5K per scope) Microsoft SharePoint Boundaries and Limits: http://technet.microsoft.com/en-us/library/cc262787.aspx
  • 25. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Information Architecture and Metadata • Information Architecture – The structural design of your information sharing environment • Organization and Storage • Identification • Retention • Business sensitivity and confidentiality • … • Metadata can provide important insight into what type of information you have in SharePoint • Recommended: Use Metadata to Classify information and Identify its Sensitivity
  • 26. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Standardized Metadata
  • 27. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Standardized Metadata • Implement Standardized Metadata Fields across libraries/lists • Library or List Level • Site Column Level • Managed Metadata Service (across Site Collection or Farm) • Ensure users are adding metadata when adding/editing information (mandatory fields) • Be aware of situations where SharePoint doesn’t request metadata (multi-file upload, explorer view) • Keep it Simple: Limit sensitivity classification to 3 or 4 labels – Public, Confidential, Restricted, Highly Restricted – Low Business Impact, Moderate Business Impact, High Business Impact – Unclassified, Confidential, Secret, Top Secret • Educate, Educate, Educate: What does each label mean/impact?
  • 28. © 2014 Protiviti Consulting Private Ltd. An Equal Opportunity Employer. Recap • Develop a SharePoint Governance Plan with Key Stakeholders • Ignorance is not bliss… it’s problematic! • Understand the type of information you have • Develop an information architecture • Understand the risks to that information: accidental, insider and external threats • Use Metadata to identify sensitivity • Educate end users on significance of sensitivities – make them part of the solution • Deploying SharePoint with Appropriate Least Privileged Accounts • Determine your Authentication and Authorization Needs • Understand how permissions work • Plan for how permissions are given and managed • Understand SharePoint Security Features • Others: Web App Policies, Anonymous Users, Information Rights Management, Privileged Users , Event Auditing
  • 29. Antonio Maio Protiviti, Senior SharePoint Architect & Senior Manager Microsoft SharePoint Server MVP Thank You! Email: Antonio.maio@protiviti.com Blog: www.trustsharepoint.com Slide share: http://www.slideshare.net/AntonioMaio2 Twitter: @AntonioMaio2