Your SlideShare is downloading. ×
0
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

6 Most Surprising SharePoint Security Risks

992

Published on

As SharePoint gains traction in your organization, users quickly create new sites and add data to help them share information and work more efficiently. Before you know it, sensitive files are spread …

As SharePoint gains traction in your organization, users quickly create new sites and add data to help them share information and work more efficiently. Before you know it, sensitive files are spread throughout SharePoint and security becomes crucial. Are you aware of - and prepared to stop - all the SharePoint security risks that are out there?

SharePoint is a complex, far-reaching system that's exposed internally and externally. With increased reliance on SharePoint comes multiple security risks, some obvious and some you wouldn't have imagined. Review this presentation to learn about some of the most surprising risks in SharePoint, uncovered by Imperva's security experts, including: (1) the six most surprising SharePoint threats including compromised insiders and search engine data leakage; (2) real-world examples of each threat; (3) practical methods for addressing these risks

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
992
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
64
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. © 2014 Imperva, Inc. All rights reserved. The 6 Most Surprising SharePoint Security Risks Webinar Confidential1 Carrie McDaniel - Product Marketing Manager, SharePoint Security
  • 2. © 2014 Imperva, Inc. All rights reserved. Agenda Confidential2 §  Discuss 6 of the most surprising SharePoint risks •  An example of each risk •  Ways to mitigate these threats §  Newly released, supporting research
  • 3. © 2014 Imperva, Inc. All rights reserved. Carrie McDaniel – SharePoint Security Team 3 §  Product Marketing Manager for File Security; focus on SharePoint security §  Previously held product marketing position at Moody’s Analytics in San Francisco §  Past experience in finance and tech industries at Wells Fargo and NetApp §  Holds degrees in Marketing and French from Santa Clara University
  • 4. © 2014 Imperva, Inc. All rights reserved. Confidential4 Web applications remain the proverbial punching bag of the internet. They’re beaten in one of two ways: by exploiting a weakness in the application or by using stolen credentials to impersonate a valid user. Many of the attacks in our 2013 dataset targeted off the shelf content management systems… 2014 Verizon Data Breach Investigations Report
  • 5. © 2014 Imperva, Inc. All rights reserved. SharePoint Architecture Confidential5 Web Servers Application Servers MS SQL Databases
  • 6. © 2014 Imperva, Inc. All rights reserved. SharePoint Components Hit Hard in 2013 Confidential6 35% of data breaches resulted from web application attacks. 88% of all incidents reported were due to privilege abuse. Out of all corporate assets, 25% of data was stolen from databases. 2014 Verizon Data Breach Investigations Report
  • 7. © 2014 Imperva, Inc. All rights reserved. Reasons Why This is Happening Confidential7 Only 42% audit external SharePoint access. 76% grant non-employee SharePoint access. Only 7% run SharePoint access logs. Dimensional Research. SharePoint and Security Survey. December 2013.
  • 8. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 1 Confidential8 Insider Threats
  • 9. © 2014 Imperva, Inc. All rights reserved. Critical Data is Stored in SharePoint Confidential9 Regulated Sensitive 2014 Verizon Data Breach Investigations Report
  • 10. © 2014 Imperva, Inc. All rights reserved. The Insider Threat is Multifaceted Confidential10 1.  Insiders steal data by abusing excessive privileges 2.  Users are compromised, and privileges are escalated “…taking advantage of the system access privileges granted by an employer and using them to commit nefarious acts – tops the list.” 2014 Verizon Data Breach Investigations Report Administrators hold the keys to the kingdom.
  • 11. © 2014 Imperva, Inc. All rights reserved. SharePoint is Complex; Permissions are Challenging Confidential11 HR Site Finance Site Engineering Site IT Contractor HR Employee Engineer
  • 12. © 2014 Imperva, Inc. All rights reserved. Conclusions on Insider Threats Confidential12 1.  Organizations must have a centralized view of file and folder permissions across the SharePoint platform. 2.  Preventing data access based solely on an ACL-based security model is ineffective. •  Insiders are getting around these controls 3.  Monitor, monitor, monitor.
  • 13. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 2 Confidential13 Ineffective Log Management
  • 14. © 2014 Imperva, Inc. All rights reserved. Companies Not Monitoring SharePoint File Access Confidential14 However: •  29% of organizations do not use SharePoint access logs •  64% run them monthly Dimensional Research. SharePoint and Security Survey. December 2013. Facts: •  76% of organizations allow non-employees access to SharePoint •  The majority are worried about unauthorized access from the general public and partners
  • 15. © 2014 Imperva, Inc. All rights reserved. SharePoint’s Access Logs Have Challenges Confidential15 1.  Not typically turned on. 2.  Audit logs accumulate volumes of unnecessary data. 3.  Logs are cyclic, and rollover quickly. 4.  No separation of duties. 5.  Not auditor-ready.
  • 16. © 2014 Imperva, Inc. All rights reserved. Conclusions on SharePoint Log Management Confidential16 1.  Organizations need to record all access across the web, content and database layers of SharePoint. 2.  Monitoring must occur in real-time to ensure data security. 3.  Auditors need to ensure that appropriate data controls are in place, no matter where it’s stored.
  • 17. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 3 Confidential17 Vulnerabilities in Third-party Code
  • 18. © 2014 Imperva, Inc. All rights reserved. Confidential18 More than half of organizations use or are “…planning to use third-party add-on products in order to enhance functionality. Only a third thinks they will stick with the vanilla product.” AIIM 2012 Industry Watch Survey Nowhere is this exploited on a larger scale than in Content Management Systems (CMS)…and even then, more in the added plugins than the core CMS code itself. 2012 2013 2014 Verizon Data Breach Investigations Report
  • 19. © 2014 Imperva, Inc. All rights reserved. Add-ons Defined Confidential19 Plug-in A software component that adds additional functionality to the larger SharePoint system. Example: SharePoint Outlook Integration Web Part A stand-alone application that is embedded into SharePoint that pulls in useful information from other Websites. Example: Twitter feed Optimus.com
  • 20. © 2014 Imperva, Inc. All rights reserved. Confidential20 Convenience Collaboration Productivity Ease-of-use
  • 21. © 2014 Imperva, Inc. All rights reserved.21 3rd Party According to Veracode: •  “Up to 70% of internally developed code originates outside of the development team” •  28% of assessed applications are identified as created by a 3rd party Confidential
  • 22. © 2014 Imperva, Inc. All rights reserved. Confidential22 IT and security teams should always assume that third-party code present in SharePoint applications contain significant vulnerabilities. You can’t fix code you don’t own. Organizations won’t be protected until that third-party addresses the vulnerabilities. What’s the risk?
  • 23. © 2014 Imperva, Inc. All rights reserved.23 OWASP Top 10 – 2013 Update New, A9 - Using Known Vulnerable Components Confidential
  • 24. © 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential24 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Single Site Attack
  • 25. © 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential25 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Multiple Site Attacks
  • 26. © 2014 Imperva, Inc. All rights reserved. SharePoint Application Hacking Confidential26 Hacking 1.  Identify add-on 2.  Find Vulnerability 3.  Exploit
  • 27. © 2014 Imperva, Inc. All rights reserved. Imperva’s Take: Vulnerabilities in Third-party Code are Inevitable Confidential27 Photo Credit: cnet.com
  • 28. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 4 Confidential28 Data Leakage
  • 29. © 2014 Imperva, Inc. All rights reserved. Global Site Sensitive Data Leakage Often Occurs Accidently Confidential29 §  Simple SharePoint misconfigurations can expose corporate data Head of Finance Finance Site HR Site Sales Site
  • 30. © 2014 Imperva, Inc. All rights reserved. Global Site Sophisticated Search Tools Can Uncover Sensitive Data Confidential30 §  Google capabilities like Indexed FTP, Search by Image, and Table Search offer new ways to discover and extract data Web User Finance Site HR Site Sales Site
  • 31. © 2014 Imperva, Inc. All rights reserved. Conclusions on SharePoint Data Leakage Confidential31 1.  Organizations need tight controls over the content being served by SharePoint. 2.  Implementing security policies that check for outgoing data can help prevent leakage. 3.  As part of your security strategy, put a process in place to validate the content accessible via your SharePoint web servers.
  • 32. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 5 Confidential32 Targeted Attacks / Phishing
  • 33. © 2014 Imperva, Inc. All rights reserved. Attackers Pull Data From Websites for Use in Targeted Attacks Confidential33 §  Site scraping – not just for undercutting competitor’s prices and republishing Website listings 80% of the Fortune 500 are using SharePoint Source: www.topsharepoint.com
  • 34. © 2014 Imperva, Inc. All rights reserved. Conclusions on Phishing and Targeted Attacks Confidential34 1.  Companies can protect their brand by protecting against site scrapers. 2.  It’s difficult to distinguish site scrapers from legitimate users; proactive detection must be in place. 3.  Organizations can rely on malicious source IP address feeds to protect against site scraping.
  • 35. © 2014 Imperva, Inc. All rights reserved. SharePoint Security Risk 6 Confidential35 Unauthorized Access to the Microsoft SQL Database
  • 36. © 2014 Imperva, Inc. All rights reserved. An Overlooked SharePoint Security Risk Confidential36 Databases and file servers, both repositories of so much valuable information, are targeted regularly… Admins unknowingly make unsupported database changes. Malware-compromised insiders access the database. Malicious insiders target the database. 2014 Verizon Data Breach Investigations Report
  • 37. © 2014 Imperva, Inc. All rights reserved. Conclusions on Unauthorized Database Access Confidential37 1.  The SharePoint SQL database holds the crown jewels, and must be protected from abuse. 2.  Even unintentional changes can have a broad security impact on the SharePoint system. 3.  Monitor, monitor, monitor.
  • 38. © 2014 Imperva, Inc. All rights reserved. Reduce Risk, Protect Your Data, Save Time Confidential38 SecureSphere for SharePoint
  • 39. © 2014 Imperva, Inc. All rights reserved. Imperva Secures the SharePoint Platform, From End-to-end Confidential39 1.  Insider Threats 2.  Ineffective Log Management 3.  Vulnerabilities in Third Party Code 4.  Data Leakage 5.  Targeted Attacks 6.  Unauthorized Access to the SQL Database Web Application Security File Security Database Security
  • 40. © 2014 Imperva, Inc. All rights reserved. Audit Enterprise Users The Internet SQL Injection XSS Web Servers Application Servers MS SQL Databases Web-Application Firewall Activity Monitoring, Permissions Management & Access Control Excessive Rights Administrators DB Activity Monitoring & Access Control Unauthorized Changes Audit Unauthorized Access Layers of SharePoint Protection Confidential40
  • 41. © 2014 Imperva, Inc. All rights reserved. Gartner’s Take: WAFs Are Worth the Investment Confidential41 Firewalls and Intrusion prevention systems don’t provide sufficient protections for most public- facing websites or internal business-critical and custom Web applications. WAFs are different from NGFWs and IPSs. WAFs protect, at a granular level, the enterprise's custom Web applications against Web attacks. Web Application Firewalls Are Worth the Investment for Enterprises Jeremy D’Hoinne & Adam Hils; Feb 28, 2014 Gartner, Inc.
  • 42. © 2014 Imperva, Inc. All rights reserved. Webinar Materials 42 Post-Webinar Discussions Answers to Attendee Questions Webinar Recording Link Join Group Join Imperva LinkedIn Group, Imperva Data Security Direct, for…
  • 43. © 2014 Imperva, Inc. All rights reserved. www.imperva.com 43

×