SharePoint Defense in Depth

A community site for SharePoint security and compliance issues

About this community

SharePoint Defense in Depth is an open community site and resource for those interested in security, defense in depth, compliance, and SharePoint. This community site provides a place to pose questions to experts, and to learn how best to tackle your SharePoint security challenges.

For access to resources including a SharePoint Content Scanner, and SharePoint Risk Assessment, please create a login. Note that to limit spam and non-useful content on this site, we require either a valid corporate e-mail domain, or a legitimate LinkedIn profile for registrants before approving access.

Our simple goal is to provide the SharePoint community with tools and resources that enable you to more effectively secure your SharePoint environments. We encourage you to engage, and post your own tips, tricks, and resource to help make SharePoint sites more secure. If you have ideas as to how we can make the SharePoint Defense in Depth site a better community resource, please contact us on:

Blog Posts

We're bringing it back!

Posted by Mike Fleck on March 10, 2015 at 10:37am 1 Comment

CipherPoint is bringing back the free content scanner. Keep an eye on your email inbox for further announcements. There will be a few strings attached to this offer but only things that are in everyone's best interest. For example, we're going to first release it for folks in the US and Canada and we'll require some web-based training in order to make sure everyone has a positive experience as we roll this out.

2014 State of Collaboration Security Report is Available!

Posted by Mike Fleck on November 19, 2014 at 1:46pm 0 Comments

The annual survey is called the State of Collaboration Security and is specific to security trends for the SharePoint and adjacent market segments. This year’s survey showed interesting trends which you can read about for yourself bydownloading the report and infographic. The information that grabbed my attention was:

  • 54% of surveyed organizations…

Office 365 and Azure Security Considerations (Part1)

Posted by Mike Fleck on November 19, 2014 at 1:45pm 0 Comments

As the CipherPoint team increasingly leverages Office 365 and Azure, we wanted to keep a rolling list of our lessons learned in terms of security. We not only use these technologies but also provide data security solutions for Office 365 and Azure environments and often need to dig into gory details of authentication, web services format, etc. in order to truly understand how these services work.

  1. Read Microsoft’s transparency …

Collaboration security in the Office Web Apps environments.

Posted by Site Admin on February 14, 2014 at 3:35pm 0 Comments

Let’s face it. Collaboration is the backbone for most any process intended to move projects through stakeholder channels, final drafts and completions.

For collaboration security, it's not surprising that certain team members will often be assigned different levels of tasks requiring access throughout SharePoint’s document management modules. But, not everyone is expected to have the same privileges, for example, to add or edit content.

As such, Office Web Apps used in…





Take the CipherPoint's Annual State of Collaboration Security Survey

Started by Mike Fleck in General security topics Jul 14, 2014. 0 Replies

Each year, CipherPoint conducts a survey to understand businesses’ top security concerns relating to file…Continue

Government Agencies Deploying SharePoint Despite the Lack of FIPS 140-2 Level Validation

Started by K Nahbrha in Industry compliance. Last reply by Mike Fleck Dec 6, 2013. 1 Reply

How are government agencies deploying SharePoint 2010 despite the fact that SharePoint does not support FIPS 140-2 level validation as required by NIST?The operating system that hosts SharePoint must…Continue

Tags: DISA, Cryptography, NIST, 2010, SharePoint

Securing SharePoint

Started by Site Admin in General security topics Aug 16, 2013. 0 Replies

A reader posted this response to a blog we posted on the Snowden breach, and the SharePoint connection. What do you think...can SharePoint be securely deployed?JimOur blog is here:…Continue

Is anyone using RMS and SharePoint 2013?

Started by Mike Fleck in General security topics. Last reply by Kirk Hasty Jul 22, 2013. 1 Reply

One of our members just posted the above question in his status. Is anyone here using Windows Rights Management (or third party RMS provider) with *any* version of SharePoint? If so, please post your…Continue

Tags: 2013, sharepoint, management, rights

Latest Activity

Sony Nguyen updated their profile photo
Nov 20
Sony Nguyen posted a photo
Nov 19
Profile IconSony Nguyen and Todd Caron joined SharePoint Defense in Depth
Nov 19
Profile IconJay Hunnicutt and Sølve Fredheim joined SharePoint Defense in Depth
Nov 2
YKLee is now a member of SharePoint Defense in Depth
Oct 30
Sriharsha Aswathanarayan is now a member of SharePoint Defense in Depth
Oct 7
Profile IconAnna M Francke, Noel Levasseur, Ken Stimson and 1 more joined SharePoint Defense in Depth
Oct 1
Mike Fleck liked Mike Fleck's blog post We're bringing it back!
Oct 1
Mike Fleck commented on Mike Fleck's blog post We're bringing it back!
"Sorry for the delay. We're still going to do this but we've been slammed."
Oct 1
Profile IconDave and Mike Carmelo Giacomin joined SharePoint Defense in Depth
Sep 29
Profile IconScott Rogler and Bill Pitchford joined SharePoint Defense in Depth
Sep 28
Paul B. Callahan is now a member of SharePoint Defense in Depth
Sep 10
Profile IconMonet Raths, Joel Snyder and LuAnn Keyton joined SharePoint Defense in Depth
Aug 5
Eric Burgan is now a member of SharePoint Defense in Depth
Aug 3
Eric Burgan liked Mike Fleck's blog post We're bringing it back!
Aug 3
Profile Icongreg stirewalt and Joe Federico joined SharePoint Defense in Depth
Jul 13


  • Add Photos
  • View All

Sponsored by CipherPoint


© 2015   Created by Jim.   Powered by

Badges  |  Report an Issue  |  Terms of Service