Category Archives: SharePoint
Dunross & Co Selects HiSoftware for SharePoint Security
Today we announced that Dunross & Co, an independent international investment company, has selected HiSoftware Security Sheriff™ SP to secure content in its SharePoint 2013 environment.
Following a review of SharePoint security products in the market, we were able to meet Dunross & Co’s requirements, where other vendors fell short, to classify, restrict access to and encrypt SharePoint content and documents. Additionally, Dunross & Co will use Security Sheriff to prevent the distribution of confidential content and track the entire lifecycle of documents for added security and control.
SharePoint Collaboration: How to Control Company Confidential Documents on iPads
Previously I’ve blogged about two of the “Top 10” security challenges with SharePoint collaboration. The first was on how to prevent breaches caused by downloading and sharing sensitive SharePoint documents and the second on how to stop IT staff from reading highly confidential documents in SharePoint. In my last post of the series I’ll look at how to control company confidential documents accessed on iPads.
Problem
The explosion of bring-your-own-device (BYOD) to work offers the promise of increased productivity for contributors and managers. There are increasing demands on IT from senior managers to provide corporate documents on their iPads for internal and external meetings. Senior executives also need access to highly confidential information. However, most of their documents are not confidential and need to be shared with their staff and colleagues. How do you balance these conflicting requirements?
Prevent Breaches Caused by Downloading and Sharing Sensitive SharePoint Documents
Many companies have invested in SharePoint for managing their unstructured information. However, few have realized the potential efficiencies and productivities that SharePoint offers because of concerns about the security of the information stored in it. Worse still, many continue to maintain legacy document management systems to store sensitive information and continue to incur the associated software maintenance, labor and hardware costs. This drastically reduces the ROI on their SharePoint investment.
Our latest white paper The Top 10 Security Challenges with SharePoint Collaboration looks at the top security challenges facing executives and IT managers today.
Previously I answered How to stop IT staff from reading highly confidential documents in SharePoint? In this second post, I will discuss how to keep confidential documents safe when downloaded or shared:
What happens when a user downloads a confidential document from SharePoint to his/her desktop or shares a document from their SharePoint Workspace?
451 Group Says to Automate Information Governance
In a 451 Group report Defining and driving ‘information governance’ in the era of the cloud and ‘big data’, analysts David Horrigan, Carl Lehmann and Alan Pelz-Sharpe position the importance of information governance. The introduction is particularly interesting:
“Information governance means different things to different actors in the enterprise; hence, defining and implementing information governance is much easier said than done. Nevertheless, now is the time to do so because it has become possible to automate much of the process, and the potential benefits of doing so now far outweigh the cost and effort.”
We define information governance as the need to control the content within your organization. It includes the policies created to comply with regulations for privacy and accessibility, and internal policies for confidential company information and intellectual property. It even extends to include website quality and brand integrity. More importantly, it should encompass how these policies are enforced and updated to fit how an individual organization is actually using the information. As highlighted in the 451 Group quote above, automating this process offers significant benefits despite the costs.
Make SharePoint Accessible
Regulations governing the accessibility of Web content and applications are gaining momentum. Public-facing websites have traditionally been the focus for accessibility; however with the growing reliance on systems like SharePoint for internal collaboration, organizations must also consider application accessibility.
To ensure SharePoint environments can be used and accessed by everyone in compliance with Section 508 and WCAG 2.0 standards, organizations often require a third party solution that can address the changes that need to be made to the framework.
The latest version of the Accessibility Foundation Module (AFM) for SharePoint provides just that. AFM version 3.0 offers several enhancements for faster deployment as a set of three SharePoint Solution Packages (WSPs) and the ability to implement accessibility fixes more easily with minimum impact to existing SharePoint sites and no modifications to Master pages.
HiSoftware Receives High Marks in Customer Satisfaction and Loyalty
Delivering a high quality solution is essential to our business. Part of this is to ensure that not only are our customers satisfied with our solution, but that they feel supported during installation, deployment and that they are provided with exceptional on-going support.
With that in mind, we are extremely pleased to announce our renewed membership as a Microsoft Gold Certified Application Development Partner. But more importantly, the results behind the survey that showed we are delivering on our mission to support our customers. HiSoftware received:
- 100% in the customer satisfaction and loyalty category for Customer Satisfaction
- 100% in the customer satisfaction and loyalty category for Likely to Recommend
- 20-30 percent higher than the overall national Microsoft partner average in the category:
- Ability to Meet Your Needs
- Competitive Advantage
- Overall Performance
- 32 percent higher in the Value Received category than the overall national Microsoft partner average.
Top Security Challenges with SharePoint Collaboration
In today’s business environment successful companies rely upon the rapid and efficient exchange of information. Collaboration between employees is a critical part of this equation and a key driver for increasing competitiveness and productivity. Effective collaboration requires timely access to information— both structured (databases) and unstructured (file systems, online content and communications).
Many companies have invested in SharePoint for managing their unstructured information. However, few have realized the potential efficiencies and productivities that SharePoint offers because of concerns about the security of the information stored in it. Worse still, many continue to maintain legacy document management systems to store sensitive information and continue to incur the associated software maintenance, labor and hardware costs. This drastically reduces the ROI on their SharePoint investment.
Top 6 Capabilities Required for SharePoint Encryption
Failing to encrypt content properly still remains a challenge in 2013 despite industry experts recommending it as an important line of defence against data breaches.
In an IT World article on best practices for preventing breaches, Leon Rodriguez, director of the Office for Civil Rights is quoted as saying that encryption technology is key to avoiding breaches. He continues within an HHS announcement to say, “Encryption is an easy method for making lost information unusable, unreadable and undecipherable.”
Most companies fall into three boats; one they either do not encrypt at all; two, they are encrypting content based on standards from five years ago; or three they are automatically encrypting content within SharePoint based on the presence of sensitive content.
For those organizations in the first two boats, here are six capabilities you need to provide if handing any sensitive personal or health-related data (PII or PHI), or confidential company information (intellectual property (IP), board documents, M&A).
Military Data Theft and the Lessons Your Business Can Learn from It
A Washington Post article reported that Sixing Liu, a Chinese citizen, was sentenced in federal court in violation of a U.S. arms embargo act for stealing thousands of files from L-3 Communications, a small company owning a major defense contract to develop a device called a disk resonator gyroscope for the US government. The article reported that:
“David Smukowski, president of Sensors in Motion, the small company in Bellevue, Wash., developing the technology with L-3 estimated that the loss of this tiny piece of technology alone could ultimately cost the U.S. military hundreds of millions of dollars.”
“…in November 2010, Liu made an electronic archive of his work e-mail and transferred it to his personal computer along with the entire Sensors in Motion program folder, according to court records.”
“… Liu downloaded documents for programs in which he had no involvement, though the judge said Liu knew “just how sensitive the material he had was.””
“…Liu was convicted last September of…possessing and transporting stolen trade secrets.”
The article demonstrates the risk one person’s actions can bring to a military, federal, healthcare, financial or enterprise organization. The article included C. Frank Figliuzzi’s, the former head of the FBI’s Counterintelligence Division, statement to Congress last year that perhaps the most important measure against the theft of proprietary information “is identifying and taking defensive measures against employees.”
SharePoint Security: Will using folders cause problems with document duplication?
Previously I’ve blogged about two folders vs. metadata SharePoint security topics. The first was on the best way to secure documents and the second on when will folder navigation breakdown. In my last post of the series I’ll look at whether or not using folders for controlling document permissions will cause problems with document duplication:
Problem
Folders hide content. If it takes a long time for a user to find an important document, he or she is more likely to make a local copy of that document. Alternatively, that user might also move it to a folder higher up the tree to avoid having to search for it again in the future.
Subscribe to our RSS Feed 
Follow Us on Twitter 
Find us on LinkedIn 