Share via


Countering the Content Security Risks at SharePoint Server

SharePoint is used as a centralized place to store the information in an organization, which can be accessed from anywhere by anyone at any time. More and more number of organizations are adopting it and migrating their content from traditional servers to SharePoint. Being a shared portal, there are risks to the security of content stored on SharePoint Server. In the absence of security measures, not only the precious data can be stolen, but an organization will also face the issue of non-abidance to the regulatory compliance.  In this article, we will have a look at the top security risks and their preferred resolutions.

Access Rights

The access rights to the different kinds of content should be clearly assigned to the SharePoint users. The Administrator should manually assign the permissions to users for accessing the particular files and folders. Once a user is assigned the sole right to manage a Site Collection, other users should be banned to modify that Site Collection. The administrators have to trace the content owners and work with them manually to decide who can access their data. Any change in the user permissions should be recorded and administrator must remain aware of it.

End Points

The “Bring Your Own Device” movement in the organizations hosting SharePoint can invite more security risks. Accessing the SharePoint Server only through browsers is one of the biggest issues. The Web browsers always save a cache on the local disk so that the same pages can be accessed more quickly if visited again. Such caches will contain the exact copy of the content. The devices or computers storing such cache can be an easy prey for hackers, who can access the cache storing SharePoint content. The Administrators should configure Page Output Cache Settings for both authenticated and anonymous users. In addition, the organizations should not provide the access to their local network and SharePoint at the personal devices of users.

Malware

This is not just about a normal malware but the SharePoint is vulnerable to attacks by Trojan Horses, rootkits, viruses, and spyware. While browsing a site or uploading the content from an infected machine, the malware can transmit its root files to a SharePoint Server. Once a particular content becomes infected, it can spread the infection to the computers browsing its content. The best way to remain protected from such intrusion cases is to install a third party and trusted antivirus or security software for SharePoint Server.

Auditing

The in-depth auditing of every modification in SharePoint, especially the trails of permission modifications clearly highlights the security status. The native auditing of SharePoint Server is not encoded and can be accessed easily, therefore a third party and trusted auditor suite should be used. The captured auditing logs should be encoded into a machine language and stored in a safe location.

Content Migration

While migrating the content from File Server, another SharePoint Server, Exchange Server, or other sources, the Meta Data and user/group permissions should be migrated along with the content. The Administrator should map the user permissions and manage the same restriction between the source and SharePoint Server. The traditional way of uploading the content may not be useful in this case. Therefore, it is suggested to use a trusted SharePoint content migrator to move content from any source to SharePoint that offers you options to map the permissions and Meta Data.

Connectivity to Public Web Applications

More and more organizations are connecting their in-house SharePoint Server to the publicly accessible Websites. Such a situation can be harmful in case of a hacker’s attack. The hacker can connect to SharePoint, break its security if any, and access the valuable data stored in it. It is recommended to deploy a Web Application Firewall (WAF) that separates and manage the access of Web Applications to SharePoint. The firewall should ban the public access automatically upon sensing any infiltration.

Compliance

The Administrators should modify the default settings of SharePoint Server to meet the demands laid down by the regulatory compliance. It will be a good choice to use a third party compliance tool and to generate the weekly/monthly reports to verify the abidance to compliance.

Summary

If SharePoint Server is let to remain in its default state, there can be some security concerns. However, the modifications of default settings like Access Control Lists, browser cache, and user permissions for different content can secure it. The trusted third party products for antivirus protection, auditing and migration will provide an additional security shield.