A community site for SharePoint security and compliance issues
About this community
SharePoint Defense in Depth is an open community site and resource for those interested in security, defense in depth, compliance, and SharePoint. This community site provides a place to pose questions to experts, and to learn how best to tackle your SharePoint security challenges.
For access to resources including a SharePoint Content Scanner, and SharePoint Risk Assessment, please create a login. Note that to limit spam and non-useful content on this site, we require either a valid corporate e-mail domain, or a legitimate LinkedIn profile for registrants before approving access.
Our simple goal is to provide the SharePoint community with tools and resources that enable you to more effectively secure your SharePoint environments. We encourage you to engage, and post your own tips, tricks, and resource to help make SharePoint sites more secure. If you have ideas as to how we can make the SharePoint Defense in Depth site a better community resource, please contact us on: info@sharepointdefenseindepth.com.
Members
Blog Posts
Video demonstration of the content scanner
Posted by Mike Fleck on July 18, 2016 at 9:53am 0 Comments 1 Like
If you came to SharePointDefenseInDepth looking for complimentary access to the data discovery tool (Content Scanner), you can request your copy by reaching out to info@cipherpoint.com. If you'd like to learn more about how to use the scanner and what it can locate check out this video on Vimeo. The first minutes minutes is background material so don't worry if you heard the audio but the video doesn't seem to be moving. …
Continue Understanding file encryption in Office 365
Posted by Mike Fleck on March 8, 2016 at 12:01pm 0 Comments 0 Likes
In early 2015 Microsoft started rolling out per file encryption for SharePoint Online and OneDrive for Business in Office 365. Prior to that, the file encryption capability in Office 365 was simple BitLocker storage encryption. The newer approach, often referred to as Fort Knox, involved breaking files into fragments and encrypting each file fragment with a unique encryption key. Microsoft sometimes refers to this fragmenting of files as “shredded storage.” The fragment encryption keys (FEK)…
Continue
Reimagining a New Security Model for SharePoint
Posted by Peter Bradley on January 6, 2016 at 5:00pm 0 Comments 0 Likes
The free SharePoint Content Scanner is back
Posted by Mike Fleck on December 18, 2015 at 12:57pm 0 Comments 0 Likes
CipherPoint is once again providing free access to the content scanner.Yes, Office 365 has Data Loss Prevention but there are few reasons why you would be interested in this tool vs. the one from Microsoft.
- The CipherPoint scanner lets you create custom patterns to find.
- The CipherPoint scanner can search for sensitive content in on-premises AND Office 365 at the same time.
- The CipherPoint scanner is a lot easier to use.
To get the scanner you…
ContinueEvents
Videos
Forum
Take the CipherPoint's Annual State of Collaboration Security Survey
Started by Mike Fleck in General security topics Jul 14, 2014. 0 Replies 1 Like
Each year, CipherPoint conducts a survey to understand businesses’ top security concerns relating to file…Continue
Government Agencies Deploying SharePoint Despite the Lack of FIPS 140-2 Level Validation
Started by K Nahbrha in Industry compliance. Last reply by Mike Fleck Dec 6, 2013. 1 Reply 0 Likes
How are government agencies deploying SharePoint 2010 despite the fact that SharePoint does not support FIPS 140-2 level validation as required by NIST?The operating system that hosts SharePoint must…Continue
Tags: DISA, Cryptography, NIST, 2010, SharePoint
Securing SharePoint
Started by Site Admin in General security topics Aug 16, 2013. 0 Replies 0 Likes
A reader posted this response to a blog we posted on the Snowden breach, and the SharePoint connection. What do you think...can SharePoint be securely deployed?JimOur blog is here:…Continue
Is anyone using RMS and SharePoint 2013?
Started by Mike Fleck in General security topics. Last reply by Kirk Hasty Jul 22, 2013. 1 Reply 0 Likes
One of our members just posted the above question in his status. Is anyone here using Windows Rights Management (or third party RMS provider) with *any* version of SharePoint? If so, please post your…Continue
Tags: 2013, sharepoint, management, rights
General security topics (6)
| Discussions | Replies | Latest Activity |
|---|---|---|
 Take the CipherPoint's Annual State of Collaboration Security SurveyEach year, CipherPoint conducts a survey to understand businesses’ top security concerns relating to file sharing and collaboration platfor… Started by Mike Fleck |
0 | Jul 14, 2014 |
 Securing SharePointA reader posted this response to a blog we posted on the Snowden breach, and the SharePoint connection. What do you think...can SharePoint… Started by Site Admin |
0 | Aug 16, 2013 |
Is anyone using RMS and SharePoint 2013?One of our members just posted the above question in his status. Is anyone here using Windows Rights Management (or third party RMS provide… Started by Mike Fleck |
1 |
Jul 22, 2013 Reply by Kirk Hasty |
Microsoft CISO's preferred security frameworksWe hosted a webinar this past Thursday featuring Bill Billings. Bill is currently the CISO and VP of Federal at Blackridge Technology, befo… Started by Mike Fleck |
0 | Nov 4, 2012 |
Allowing external access to SharePoint sitesSharePoint is often used to share information externally. One of the more common ways I’ve seen people accomplish this is to simply extend… Started by Mike Fleck |
2 |
Oct 22, 2012 Reply by Mike Fleck |
Security based on metadata?What do you folks think about security that relies on metadata, content types, etc? My personal view is any security that relies on optiona… Started by Mike Fleck |
0 | Aug 28, 2012 |
© 2018 Created by Jim.
Powered by
