What’s Missing in SharePoint and Office 365? Dynamic Security

March 15, 2017 |
Screenshot of Security Sheriff

SharePoint is an excellent platform to leverage for collaboration. The problem is that there are too many requirements across an organization, making it near impossible to keep up with all the demands for permission and flexibility. Continuous collaboration requests can quickly complicate compliance policies and security requirements. With data at rest and data in motion, and the introduction of mixed SharePoint environments, the notion of an effective perimeter is no longer part of the IT equation. Everyone is chasing an easier way to allow for secure collaboration without overburdening IT staff or creating unusable situations.

It’s a balancing act between ensuring security and enabling collaboration. And it’s tough to decide which is more important especially when considering the various compliance requirements or certifications that need to be maintained in these environments.

According to Forrester research on secure collaboration:

“Your role is to help foster safe behaviors, control information access, and verify ongoing compliance — all without hampering creativity, productivity, collaboration, or other daily activities.” Forrester Research, August 17 2016

How Organizations Handle SharePoint Security Today

Consider the scenario in which a SharePoint site or tenant is used as an organization’s intranet. Each department has its own site collections for organizational purposes. Each department is laser-focused on keeping their data within their department while documents and items are being worked on.

A marketing team is a great example. While working on new assets, they want to ensure that draft copy is kept within the group and isn’t inadvertently sent to a prospect or customer. To prevent assets from being used before ready, the department may generate a number of sites or libraries. Permissions may be applied at the library, folder, or document level. There may even be advanced training where users learn to be responsible for manually setting permissions on their documents (this is always a bit taxing for the end user). These approaches definitely introduce challenges.

There are a number of ways organizations secure content in SharePoint today. Juggling inherited permissions, maintaining multiple user groups or creating unique silos for specific sharing scenarios all introduce management complexity and security weaknesses:

  • It is hard to manage and maintain
  • It creates complicated interactions
  • Out-of-the-box security functionality is incomplete
  • More complex rule sets need to be defined by administers and then followed by users

This is where frustration can make it difficult to have secure yet collaborative environments. Further, all of the methods mentioned provide static security only.

What Security is Missing in SharePoint

Traditionally, permissions are set directly to a file. Security remains consistent and the same for every person accessing that file. So what is missing? Dynamic security.

Click to Tweet: Office 365 and SharePoint need dynamic security: apply security as users and docs change in real-time Tweet: #Office 365 & #SharePoint need dynamic security: apply security as users and docs change in real-time https://ctt.ec/66v_9+

Dynamic security is defined as the ability to apply security as users and documents change in real-time. Consider employees traveling internationally to a manufacturing facility. How can you ensure that while they’re abroad sensitive content isn’t exposed or extracted from their PCs while in locations that you’ve deemed inappropriate for those items to reside? If content does happen to leave SharePoint, how is security maintained or permissions revoked?

If an organization has concerns about content leaving SharePoint, it tends to shy away from either using the platform or limits what type of content can be stored on the platform. Both of these options really thwart collaboration capabilities.

Using dynamic information about the user and content is the best way to ensure that content is properly secured without placing undue burden on employees or administrators. Certainly the more diverse a use case, the more difficult it is to maintain and ensure ease of use. And when these use cases multiply, it becomes more and more difficult to manage.

Applying Dynamic File Protection to SharePoint

To protect both users and files, dynamic security is key. Using user attributes – device type, location, security clearance, and department – combined with file attributes – location, on-premises or in the cloud, author, and specific projects – organizations can create sophisticated policies.

This is how Security Sheriff delivers dynamic security overlaid on top of any SharePoint environment. Because it’s dynamic, if any of these attributes change, policies are applied in real-time.

Security Sheriff: Protecting Users and Files

Security Sheriff offers fine-grained control of files and users in SharePoint. With Security Sheriff, real-time authentication determines:

  • What a user sees when viewing and searching for files
  • Whether a user can open, export, or copy a file
  • What actions are enabled in the Microsoft ribbon
  • If a file is encrypted when saved, copied, or emailed
  • If a file should be emailed
  • If a user must view the file securely

Learn more about Security Sheriff by listening to the webinar Dynamically Securing SharePoint Content – Easily and Quickly. You’ll hear some specific use cases and see a demo of how Security Sheriff enhances your ability to deliver security and collaboration.


Back to Blog Home

Diana South

As Senior Product Marketing Manager, Diana South is responsible for Cryptzone’s data loss prevention and digital accessibility solutions. Diana brings over 20 years of experience with enterprise software to help organizations provide equal and secure access for their users, delivering products that become integral to the customers' business.

Leave a Reply

Your email address will not be published. Required fields are marked *