SlideShare a Scribd company logo

D Cornell Securing Share Point

Art Upton
Art Upton

This document summarizes common approaches to securing SharePoint deployments and identifies common blind spots. It discusses securing the infrastructure and using SharePoint's security features, as well as deploying add-on security products. However, it notes that custom software and data security are often overlooked areas that require additional focus. A comprehensive security strategy is needed to secure SharePoint deployments and address evolving risks.

Education
1 of 39
Securing SharePoint TASSCC TEC 2009 Web 2.0 Conference Dan Cornell Email: [email_address] Twitter: @danielcornell March 26 th , 2009
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Denim Group Background ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Key Learning Objectives ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint – Why Worry About Security? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Two Scenarios ,[object Object],[object Object]
SharePoint as the Platform ,[object Object],[object Object],[object Object]
Ad Hoc Deployments (Viral!) ,[object Object],[object Object],[object Object]
SharePoint Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Overview
Nature of SharePoint as a Web Application ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Nature of SharePoint as a Web Application
Approaching SharePoint Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Typical Approaches ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Infrastructure Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Product Security Features ,[object Object],[object Object],[object Object]
Up-Front Security for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Five Elements of Site Security in MOSS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Default Groups ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Defining Permissions for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Defining Permissions for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Add-On Products: Microsoft ForeFront ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common Blind Spots ,[object Object],[object Object],[object Object]
Custom Software on SharePoint ,[object Object],[object Object],[object Object],[object Object]
Custom Software on SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why Is This a Problem? ,[object Object],[object Object],[object Object],[object Object]
Security Code Review ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance and Enterprise Search ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance and Enterprise Search ,[object Object],[object Object],[object Object],[object Object]
How Much Better?
So What? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance, & Enterprise Search ,[object Object],[object Object]
Helpful Tools ,[object Object],[object Object],[object Object],[object Object],[object Object]
Logging and Auditing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3 rd Party SharePoint Auditing Tools ,[object Object],[object Object],[object Object],[object Object]
Denim Group SharePoint Auditing Tool ,[object Object],[object Object]
Need for Ongoing Scrutiny ,[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions and Answers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

J Tobolski Cloud Computing
J Tobolski Cloud ComputingJ Tobolski Cloud Computing
J Tobolski Cloud ComputingArt Upton
 
B Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesB Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesArt Upton
 
K Ziai Share Point At Ut
K Ziai Share Point At UtK Ziai Share Point At Ut
K Ziai Share Point At UtArt Upton
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
User access profiling model
User access profiling modelUser access profiling model
User access profiling modelJose Guerrero
 
IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration Sri Chilukuri
 
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...Adam Levithan
 

Recommended

J Tobolski Cloud Computing
J Tobolski Cloud ComputingJ Tobolski Cloud Computing
J Tobolski Cloud ComputingArt Upton
 
B Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesB Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesArt Upton
 
K Ziai Share Point At Ut
K Ziai Share Point At UtK Ziai Share Point At Ut
K Ziai Share Point At UtArt Upton
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
User access profiling model
User access profiling modelUser access profiling model
User access profiling modelJose Guerrero
 
IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration Sri Chilukuri
 
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...Adam Levithan
 
Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointSanjeev Samala
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceMarie-Michelle Strah, PhD
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504ypai
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEric Griffin
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?George Durham
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationJISC.AM
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365Brian Culver
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...Jesse Wilkins
 
What is killing ecm
What is killing ecmWhat is killing ecm
What is killing ecmMichael Knight
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002eaiti
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Christian Buckley
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini IntroductionLynn Langit
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Rita Barry
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Federation Policy
Federation PolicyFederation Policy
Federation PolicyJISC.AM
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationRoss Dawson
 
Collaboration Enterprise Architecture
Collaboration Enterprise ArchitectureCollaboration Enterprise Architecture
Collaboration Enterprise ArchitectureGovernment Technology Exhibition and Conference
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0brevenan
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...Richard Harbridge
 

More Related Content

What's hot

Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointSanjeev Samala
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceMarie-Michelle Strah, PhD
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504ypai
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEric Griffin
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?George Durham
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationJISC.AM
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365Brian Culver
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...Jesse Wilkins
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002eaiti
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Christian Buckley
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini IntroductionLynn Langit
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Rita Barry
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Federation Policy
Federation PolicyFederation Policy
Federation PolicyJISC.AM
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationRoss Dawson
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0brevenan
 

What's hot (20)

Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePoint
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH Compliance
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentum
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance Updates
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management Federation
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
 
What is killing ecm
What is killing ecmWhat is killing ecm
What is killing ecm
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance Strategy
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini Introduction
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving services
 
Federation Policy
Federation PolicyFederation Policy
Federation Policy
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participation
 
Collaboration Enterprise Architecture
Collaboration Enterprise ArchitectureCollaboration Enterprise Architecture
Collaboration Enterprise Architecture
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0
 

Similar to D Cornell Securing Share Point

Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...Richard Harbridge
 
SharePoint Integration and Interoperability
SharePoint Integration and InteroperabilitySharePoint Integration and Interoperability
SharePoint Integration and InteroperabilityRichard Harbridge
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...Richard Harbridge
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...Richard Harbridge
 
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordSharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordRichard Harbridge
 
SharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowSharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowRichard Harbridge
 
Best Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityBest Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityRichard Harbridge
 
Best Practices Integration And Interoperability
Best Practices Integration And InteroperabilityBest Practices Integration And Interoperability
Best Practices Integration And InteroperabilityAllinConsulting
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint OverviewAmy Phillips
 
Integrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackIntegrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackBijoy Viswanadhan
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & developmentMJ Ferdous
 
Sharepoint 2013 Overview
Sharepoint 2013 OverviewSharepoint 2013 Overview
Sharepoint 2013 OverviewTarek Yehia
 
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Christian Buckley
 
Intro to SharePoint for Developers
Intro to SharePoint for DevelopersIntro to SharePoint for Developers
Intro to SharePoint for DevelopersRob Wilson
 
Ferraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information ArchitectureFerraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information Architecturemferraz
 
Solve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesSolve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesCory Peters
 
Share Point Voice Annotation
Share Point Voice AnnotationShare Point Voice Annotation
Share Point Voice Annotationgma13
 

Similar to D Cornell Securing Share Point (20)

Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
 
SharePoint Integration and Interoperability
SharePoint Integration and InteroperabilitySharePoint Integration and Interoperability
SharePoint Integration and Interoperability
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
 
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordSharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
 
SharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowSharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to know
 
Best Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityBest Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and Interoperability
 
Best Practices Integration And Interoperability
Best Practices Integration And InteroperabilityBest Practices Integration And Interoperability
Best Practices Integration And Interoperability
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint Overview
 
Managesp 160805190411
Managesp 160805190411Managesp 160805190411
Managesp 160805190411
 
Integrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackIntegrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stack
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & development
 
Sharepoint 2013 Overview
Sharepoint 2013 OverviewSharepoint 2013 Overview
Sharepoint 2013 Overview
 
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
 
Intro to SharePoint for Developers
Intro to SharePoint for DevelopersIntro to SharePoint for Developers
Intro to SharePoint for Developers
 
Ferraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information ArchitectureFerraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information Architecture
 
Solve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesSolve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 Features
 
Share Point Voice Annotation
Share Point Voice AnnotationShare Point Voice Annotation
Share Point Voice Annotation
 

Recently uploaded

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 

Recently uploaded (20)

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 

D Cornell Securing Share Point

Editor's Notes

  1. Rotavirus images is Creative Commons Share Alike 3.0: http://en.wikipedia.org/wiki/File:Rotavirus_with_antibody.jpg
  2. -Security features versus secure features – SharePoint is very buzzword compliance with its provision of “security features” but it is crucial to determine if installations have properly used those security features and also crucial to know if new features that have been developed (WebParts, etc) have been done securely.
  3. -Multiple tool scans from different vantage points -Using tools like Nessus and the Microsoft Baseline Security Analyzer (MBSA) -Internet scan would only be done if the MOSS server was Internet accessible (naturally)
  4. ForeFront also has configurable text filtering rules for file content. This may help with some compliance issues that we address elsewhere (SSN, CC# detection)
  5. -SharePoint uses an XML-based API to push/pull data from many of its constructs