Blog

5 SharePoint Security Best Practices

By Jordan Weaver on 05/13/16

SharePoint is an incredibly useful tool for businesses, as it allows employees in all departments to work together effectively.  However, using SharePoint to share sensitive data and other content can present serious security risks for your organization.  Follow these SharePoint security tips to create a secure SharePoint environment and an overall effective security strategy.

 

1.  Control Access to Sensitive Data

In the average SharePoint Online environment, 17.4 percent of documents contain sensitive data, such as customer payment details or personally identifiable information.  It is very unlikely that every person in your organization needs to have access to all of this sensitive data, so it’s a good idea to restrict access to these documents to only those users who really need it.  The fewer the people who have access to sensitive data, the lower the risk of a data leak.

 

2.  Control External Data Sharing

If you use SharePoint to share information with collaborators from other companies, make sure you’re not sharing any sensitive data.  The well-known Target data breach that occurred in November 2013 was caused by hackers stealing sensitive information from a third-party vendor.  When you share sensitive data with external partners, remember that you can't guarantee that their environment is secure.  In SharePoint Online, you can use the External Sharing feature to invite external users to view content.  It’s a good idea to disable this feature by default and only turn it on when it’s absolutely necessary.

 

3.  Use Custom Permission Levels

Sometimes you need to give users the ability to read sensitive data, but that doesn’t mean they should be allowed to edit, delete, or create items.  Use custom SharePoint permissions to precisely control what users can do with data.  You can assign permissions collectively to SharePoint Groups, or assign permissions to each person individually.  Carefully controlling permission levels can help to prevent situations where users accidentally delete or overwrite important information.

 

4.  Analyze User Activity

Use the Management Activity API to analyze user activity in SharePoint.  You can analyze this information manually, but in large organizations this is often impractical.  A better option is to use security tools to analyze user events, which can automatically pick out anomalous patterns of behavior from everyday user activities.  Regular monitoring of both ordinary users and admins is a key part of SharePoint Compliance Management.

 

5.  Don’t Appoint Too Many Admins

Admins are SharePoint users who have more power over the SharePoint environment than other users.  Therefore, deciding to appoint a new admin is an important security decision.  Check that your admins understand the trust that you have placed in them and are ready to take on the responsibilities involved in being an admin.  Improve SharePoint security by avoiding the appointment of too many admins and carefully monitoring those you do appoint.

 

In order to protect your organization from data breaches and other security risks, you must carefully consider your SharePoint security strategy. The most important principle is to only give access to sensitive data to the people who really need it. Carefully control SharePoint permissions and take the time to monitor the activities of users and admins to protect your organization from malicious behavior.

These SharePoint security tips can improve SharePoint security in your organization, helping to protect you from potentially devastating security breaches.

 

To learn more about the best practices in managing and implementing a SharePoint Intranet, talk to a consultant today.  

Contact Us