Microsoft SharePoint: 5 tips for keeping content private

The risks of keeping SharePoint content safe are not limited to malicious attacks or disgruntled employees leaking information

From its humble beginnings as a repository for Office documents to its current role as a hulking enterprise-wide information portal, Microsoft's SharePoint Server suite has always been about content.

SharePoint's vast feature set now includes enterprise content management, search, social networking, blogs and wikis, collaboration and business process management. But all parts of the machine depend on content, from training videos to financial reports to confidential legal documents.

However, it is a machine that can potentially wreak havoc if SharePoint is not implemented and monitored effectively by IT.

Storing content in SharePoint is only part of the challenge; securing it is an area where many organizations run into trouble when clear corporate policies regarding SharePoint access and user permissions are not in place.

The risks of keeping SharePoint content safe are not limited to malicious attacks or disgruntled employees leaking confidential information, says Larry Concannon, VP of product marketing at HiSoftware, a Web content and social media compliance software firm.

Slideshow: 10 Things We Love About SharePoint 2010

SharePoint 2010: Five New and Improved Features

Microsoft SharePoint: Three Sleek Social Networking Alternatives

"The most common privacy breaches are inadvertent," says Concannon, "often resulting from carelessness or lack of awareness by an employee."

The best content security strategy for SharePoint is one that lets employees freely contribute content and collaborate, but enforces policies within departments to keep sensitive documents from ending up in the wrong hands, internally as well as outside the company.

HiSoftware recommends five of the most common ground rules for protecting content in SharePoint.

Make it Clear What Content Is Permissible

Enterprises should create clear, documented policies as part of their SharePoint implementations, says Concannon, including rules about what types of content is permissible.

While each organization will have its own definition of permissible content, the most secure SharePoint implementations are governed by policies that take into account who is allowed to review or publish content, and what content itself is appropriate for storage within SharePoint.

Educate Employees

Another key to a secure SharePoint implementation is educating users about the privacy and confidentiality rules set up by IT that protect both the employee and the company.

"On one level this means simple user training," says Concannon. "But it could also mean creating a "terms of service" screen that comes up as users are creating their own My Site, for example."

Use Classification to Guide Behavior

One configuration available in SharePoint that protects content is a classification screen that pops up every time a document is added. These classification screens are based on categories set up by IT to enforce what should and should not be in the system.

"Classification screens will let you know if a document doesn't fall into one of the designated categories," says Concannon. "If it doesn't, don't publish it."

Don't Forget to Enforce the Policies

Once the business rules are in place for SharePoint, says Concannon, IT managers must enforce them and let users know when violations occur. One approach is to provide users with a way to tag content they consider to be "inappropriate."

Automated software is also available from HiSoftware and other vendors to check SharePoint content before it is published to avert the posting of non-compliant content. Features like automated content scans can be used to validate specific regulations in SharePoint that are designed to prevent privacy breaches and confidentiality leaks.

Social Tools: Find the Right Balance

One area in SharePoint that needs to be watched closely is social networking, says Concannon. Social features like blogs, wikis, communities, My Site profile pages and forums have been featured more prominently in SharePoint 2010. While these popular tools can improve communication and productivity, they are potential compliance landmines.

[ For complete coverage on Microsoft's SharePoint collaboration software -- including enterprise and cloud adoption trends and reviews of SharePoint 2010 -- see CIO.com's SharePoint Bible. ]

To safeguard this new wave of Web 2.0 content as well as plain old documents, HiSoftware recommends a balanced approach where collaboration and information sharing is encouraged, but security regulations are enforced within departments to prevent, say, a legal document about a potential merger from being viewed by the wrong person.

Shane O'Neill covers Microsoft, Windows, Operating Systems, Productivity Apps and Online Services for CIO.com. Follow Shane on Twitter @smoneill. Follow everything from CIO.com on Twitter @CIOonline. Email Shane at soneill@cxo.com.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags applicationsMicrosoftsoftwarecollaboration

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Shane O'Neill

CIO (US)
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?