SharePoint Defense in Depth is an open community site and resource for those interested in security, defense in depth, compliance, and SharePoint. This community site provides a place to pose questions to experts, and to learn how best to tackle your SharePoint security challenges.
For access to resources including a SharePoint Content Scanner, and SharePoint Risk Assessment, please create a login. Note that to limit spam and non-useful content on this site, we require either a valid corporate e-mail domain, or a legitimate LinkedIn profile for registrants before approving access.
Our simple goal is to provide the SharePoint community with tools and resources that enable you to more effectively secure your SharePoint environments. We encourage you to engage, and post your own tips, tricks, and resource to help make SharePoint sites more secure. If you have ideas as to how we can make the SharePoint Defense in Depth site a better community resource, please contact us on: firstname.lastname@example.org.
The annual survey is called the State of Collaboration Security and is specific to security trends for the SharePoint and adjacent market segments. This year’s survey showed interesting trends which you can read about for yourself bydownloading the report and infographic. The information that grabbed my attention was:
As the CipherPoint team increasingly leverages Office 365 and Azure, we wanted to keep a rolling list of our lessons learned in terms of security. We not only use these technologies but also provide data security solutions for Office 365 and Azure environments and often need to dig into gory details of authentication, web services format, etc. in order to truly understand how these services work.
Let’s face it. Collaboration is the backbone for most any process intended to move projects through stakeholder channels, final drafts and completions.
For collaboration security, it's not surprising that certain team members will often be assigned different levels of tasks requiring access throughout SharePoint’s document management modules. But, not everyone is expected to have the same privileges, for example, to add or edit content.
How are government agencies deploying SharePoint 2010 despite the fact that SharePoint does not support FIPS 140-2 level validation as required by NIST?The operating system that hosts SharePoint must…Continue
One of our members just posted the above question in his status. Is anyone here using Windows Rights Management (or third party RMS provider) with *any* version of SharePoint? If so, please post your…Continue