• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
SharePoint Security Risks and Compliance - Best Practices for Governance
 

SharePoint Security Risks and Compliance - Best Practices for Governance

on

  • 520 views

Organizations are generating vast amounts of content and, with mobile access, enterprise social collaboration and cloud solutions, employees are sharing information in new ways, continually expanding ...

Organizations are generating vast amounts of content and, with mobile access, enterprise social collaboration and cloud solutions, employees are sharing information in new ways, continually expanding how we collaborate. Microsoft SharePoint has become the corporate information hub for most organizations, and SharePoint content is often coming from for both internal employees as well as external partners and clients. This presents new risks to organizations like the inadvertent exposure of sensitive information, malware entering the enterprise and regulatory compliance issues.

It’s important to consider if you are protecting yourself against these types of security risks and compliance issues? Is your corporate SharePoint Strategy using the best practices available for information security and governance?

In this live webinar, Antonio Maio, Microsoft SharePoint MVP, and Chris Taylor, Trend Micro Director of Global Product Marketing, will discuss how current shifts in SharePoint utilization can create risks and compliance concerns for even the most veteran users and IT organizations.

A live recording of this webinar can be found by visiting: https://www.brighttalk.com/webcast/1506/102913

Statistics

Views

Total Views
520
Views on SlideShare
222
Embed Views
298

Actions

Likes
0
Downloads
0
Comments
0

3 Embeds 298

http://www.trustsharepoint.com 296
http://feedly.com 1
http://translate.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    SharePoint Security Risks and Compliance - Best Practices for Governance SharePoint Security Risks and Compliance - Best Practices for Governance Presentation Transcript

    • SharePoint Security Risks & Compliance: Best Practices for Governance Antonio Maio SharePoint Consultant, Microsoft SharePoint MVP www.trustsharepoint.com @AntonioMaio2 Chris Taylor Dir of Global Product Mgt Trend Micro @ctaylor123 Presented by: To listen to the online recording visit: https://www.brighttalk.com/webcast/1506/102913
    • Microsoft SharePoint has Grown to be Critical Business Infrastructure 23/25/2014 Copyright 2014 Trend Micro Inc. 80% Fortune 500s Use SharePoint 62% SharePoint Users Use It Every Day 125M SharePoint Licenses Worldwide > *
    • SharePoint is Not just a Web Application 33/25/2014 Copyright 2014 Trend Micro Inc. SharePoint is a Platform on which Business is Run
    • Information is the New Currency 43/25/2014 Copyright 2014 Trend Micro Inc. Sharing Information is Critical to Business Success
    • Sharing with Internal Teams and Knowledge Workers 53/25/2014 Copyright 2014 Trend Micro Inc. Traditional SharePoint Deployments… *Microsoft Case Study (United Airlines and SharePoint 2013) http://bit.ly/1is4RWO
    • Information Sharing is Evolving… 63/25/2014 Copyright 2014 Trend Micro Inc. Going beyond the Traditional!
    • Extranet: Sharing with External Partners 73/25/2014 Copyright 2014 Trend Micro Inc. *Microsoft Case Studies: • (FTN Financial Group and SharePoint 2010) http://bit.ly/1nbojZT • (IBE Consulting Engineers and SharePoint 2013) http://bit.ly/1nbod4n Public Web Sites: Sharing with Customers
    • Cloud Deployments - SharePoint Online and the Hybrid Environment 83/25/2014 Copyright 2014 Trend Micro Inc. SharePoint Online Widely Shared Data SharePoint On Premise Sensitive Internal Data
    • Risk: Information Leaks • The Insider Threat • Inadvertently leaking PII, PHI outside the organization • Sharing incorrect information with partners 93/25/2014 Copyright 2014 Trend Micro Inc.
    • Risk: Malware & Viruses • Malware Infected Content • Malicious URLs 103/25/2014 Copyright 2014 Trend Micro Inc.
    • Risk: Loss of Productivity • IT Costs • System Downtime • Information Leaks in the Press 113/25/2014 Copyright 2014 Trend Micro Inc.
    • Plan for Governance and Security • Know your Data and Where its Coming From • Understand your Obligations and your Risks • Insider Threats • Inadvertent Data Leaks • Malware and Viruses • Regulatory Compliance Obligations • Risks to Productivity and Reputation • Plan and Document Governance Strategies • Protect your Content and Infrastructure • Automate as Much as Possible 123/25/2014 Copyright 2014 Trend Micro Inc.
    • What Data Do You Need to Control? 3/25/2014 13Copyright 2014 Trend Micro Inc. Privacy: Customer, Employee & Patient Data (structured) Regulatory Compliance • Account Information • Credit Card Numbers • Contact Information • Health Information Intellectual Property (unstructured) Competitive • Source Code • Engineering Specs • Strategy Documents • Pricing Company Confidential (unstructured) Contracts Reputation • Quarterly Results • M&A Strategy • Internal Conversations
    • What Data Do You Need to Control? • Privacy data – Industry specific: HIPAA, PCI,… – Personal information: personnel records, ID numbers 3/25/2014 14Copyright 2014 Trend Micro Inc. Mississippi Guard Personnel Information Compromised
    • • Higher impact to worker productivity • Higher IT/Compliance Admin review time • Lower risk of data leak / compliance violation Trading Off Review Time vs. Productivity vs. Risk When Using DLP Controls 3/25/2014 15Copyright 2014 Trend Micro Inc. Quarantine/ Block Warn UserAlert Admin / Report
    • Trading Off Review Time vs. Productivity vs. Risk When Using DLP Controls 3/25/2014 16Copyright 2014 Trend Micro Inc. Quarantine/ Block Warn UserAlert Admin / Report Use threshold settings for # violations in one document: vs.
    • Risk of Inappropriate Content 3/25/2014 17Copyright 2014 Trend Micro Inc. physical team discussion virtual team discussion vs. What’s the difference between these two scenarios?
    • Where is Inappropriate Content Most Likely to Occur? (i.e. harassment, profanity,…) 3/25/2014 18Copyright 2014 Trend Micro Inc. Forums, social sites, blog comments… (web parts) Documents or
    • Where is Inappropriate Content Most Likely to Occur? (i.e. harassment, profanity,…) 3/25/2014 19Copyright 2014 Trend Micro Inc. Forums, social sites, blog comments… (web parts) Documents or Most content filtering solutions can’t look here
    • Users Outside Your Control Increase Malware Risk 3/25/2014 20Copyright 2014 Trend Micro Inc. Employees
    • Users Outside Your Control Increase Malware Risk 3/25/2014 21Copyright 2014 Trend Micro Inc. Contractors, consultants Mobile / Remote workers Employees
    • Users Outside Your Control Increase Malware Risk 3/25/2014 22Copyright 2014 Trend Micro Inc. Partners, Customers Contractors, Consultants Mobile / Remote workers Employees
    • Malware Scanning Considerations • Standard server security can’t scan SharePoint content! 3/25/2014 23Copyright 2014 Trend Micro Inc. Server SharePoint Content
    • Malware Scanning Considerations • Standard server security can’t scan SharePoint content! • Real-time scan vs. manual/scheduled scans • Is your malware scanner compatible with your SharePoint storage plans? – Remote BLOB, Shredded storage 3/25/2014 24Copyright 2014 Trend Micro Inc. 90,000 new threats / day Server SharePoint Content
    • Trend Micro: The largest independent security provider Global Security Leader: • Server • Virtualization • Cloud Mission: Protecting the exchange of digital information for businesses and consumers How We Do It Global Threat Intelligence • 1,200 threats experts Who We Are Eva Chen: Co-Founder / CTO  CEO 25 Years of Innovation 36 Offices Worldwide 5,000 Employees 1,500 R&D Engineers $1.2B USD Revenue Protect 48 of 50 top global corporations Cloud Security R&D: $400M USD & 500 engineers over last 4 years 3/25/2014 25Confidential | Copyright 2012 Trend Micro Inc. What We Do
    • Trend Micro PortalProtect for SharePoint • Securing SharePoint since 2002 3/25/2014 26Copyright 2014 Trend Micro Inc. Application Servers Database Servers Corporate users External users SharePoint Web Servers
    • Trend Micro PortalProtect for SharePoint • Securing SharePoint since 2002 • Comprehensive content protection: – Top antimalware (AV-Test.org) – Unique malicious URL protection – Content filtering for web parts (& docs) – DLP included 3/25/2014 27Copyright 2014 Trend Micro Inc. Application Servers Database Servers Corporate users External users SharePoint Web Servers
    • Trend Micro PortalProtect for SharePoint • Securing SharePoint since 2002 • Comprehensive content protection: – Top antimalware (AV-Test.org) – Unique malicious URL protection – Content filtering for web parts (& docs) – DLP included • Supports: – SharePoint 2013 / 2010 / 2007 – Remote BLOB / Shredded storage – Virtual and cloud datacenters 3/25/2014 28Copyright 2014 Trend Micro Inc. Application Servers Database Servers Corporate users External users SharePoint Web Servers
    • Thank You 29 Antonio Maio SharePoint Consultant, Microsoft SharePoint MVP www.trustsharepoint.com @AntonioMaio2 Chris Taylor Dir of Global Product Mgt Trend Micro @ctaylor123 To listen to the online recording visit: https://www.brighttalk.com/webcast/1506/102913