SlideShare a Scribd company logo

D Cornell Securing Share Point

Art Upton
Art Upton

This document summarizes common approaches to securing SharePoint deployments and identifies common blind spots. It discusses securing the infrastructure and using SharePoint's security features, as well as deploying add-on security products. However, it notes that custom software and data security are often overlooked areas that require additional focus. A comprehensive security strategy is needed to secure SharePoint deployments and address evolving risks.

Education
1 of 39
Securing SharePoint TASSCC TEC 2009 Web 2.0 Conference Dan Cornell Email: [email_address] Twitter: @danielcornell March 26 th , 2009
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Denim Group Background ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Key Learning Objectives ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint – Why Worry About Security? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Two Scenarios ,[object Object],[object Object]
SharePoint as the Platform ,[object Object],[object Object],[object Object]
Ad Hoc Deployments (Viral!) ,[object Object],[object Object],[object Object]
SharePoint Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Overview
Nature of SharePoint as a Web Application ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Nature of SharePoint as a Web Application
Approaching SharePoint Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Typical Approaches ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Infrastructure Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Product Security Features ,[object Object],[object Object],[object Object]
Up-Front Security for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Five Elements of Site Security in MOSS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SharePoint Default Groups ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Defining Permissions for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Defining Permissions for SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Add-On Products: Microsoft ForeFront ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common Blind Spots ,[object Object],[object Object],[object Object]
Custom Software on SharePoint ,[object Object],[object Object],[object Object],[object Object]
Custom Software on SharePoint ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why Is This a Problem? ,[object Object],[object Object],[object Object],[object Object]
Security Code Review ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance and Enterprise Search ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance and Enterprise Search ,[object Object],[object Object],[object Object],[object Object]
How Much Better?
So What? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Data Security, Compliance, & Enterprise Search ,[object Object],[object Object]
Helpful Tools ,[object Object],[object Object],[object Object],[object Object],[object Object]
Logging and Auditing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3 rd Party SharePoint Auditing Tools ,[object Object],[object Object],[object Object],[object Object]
Denim Group SharePoint Auditing Tool ,[object Object],[object Object]
Need for Ongoing Scrutiny ,[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions and Answers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

J Tobolski Cloud Computing
J Tobolski Cloud ComputingJ Tobolski Cloud Computing
J Tobolski Cloud ComputingArt Upton
 
B Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesB Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesArt Upton
 
K Ziai Share Point At Ut
K Ziai Share Point At UtK Ziai Share Point At Ut
K Ziai Share Point At UtArt Upton
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
User access profiling model
User access profiling modelUser access profiling model
User access profiling modelJose Guerrero
 
IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration Sri Chilukuri
 
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...Adam Levithan
 

Recommended

J Tobolski Cloud Computing
J Tobolski Cloud ComputingJ Tobolski Cloud Computing
J Tobolski Cloud ComputingArt Upton
 
B Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesB Chambers Doculabs Shared Web Services
B Chambers Doculabs Shared Web ServicesArt Upton
 
K Ziai Share Point At Ut
K Ziai Share Point At UtK Ziai Share Point At Ut
K Ziai Share Point At UtArt Upton
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Options for Building a Modern Extranet
Options for Building a Modern ExtranetOptions for Building a Modern Extranet
Options for Building a Modern ExtranetChristian Buckley
 
User access profiling model
User access profiling modelUser access profiling model
User access profiling modelJose Guerrero
 
IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration IDC-IL Webcast on Enterprise Content Collaboration
IDC-IL Webcast on Enterprise Content Collaboration Sri Chilukuri
 
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...
European SharePoint Community - Hybrid Dilemma: Using Infrastructure as Infor...Adam Levithan
 
Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointSanjeev Samala
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceMarie-Michelle Strah, PhD
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504ypai
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEric Griffin
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?George Durham
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationJISC.AM
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365Brian Culver
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...Jesse Wilkins
 
What is killing ecm
What is killing ecmWhat is killing ecm
What is killing ecmMichael Knight
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002eaiti
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Christian Buckley
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini IntroductionLynn Langit
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Rita Barry
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Federation Policy
Federation PolicyFederation Policy
Federation PolicyJISC.AM
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationRoss Dawson
 
Collaboration Enterprise Architecture
Collaboration Enterprise ArchitectureCollaboration Enterprise Architecture
Collaboration Enterprise ArchitectureGovernment Technology Exhibition and Conference
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0brevenan
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...Richard Harbridge
 

More Related Content

What's hot

Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointSanjeev Samala
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceMarie-Michelle Strah, PhD
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504ypai
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEric Griffin
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?George Durham
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationJISC.AM
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365Brian Culver
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...Jesse Wilkins
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002eaiti
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Christian Buckley
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyChristian Buckley
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini IntroductionLynn Langit
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Rita Barry
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Federation Policy
Federation PolicyFederation Policy
Federation PolicyJISC.AM
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationRoss Dawson
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0brevenan
 

What's hot (20)

Enterprise Collaboration using SharePoint
Enterprise Collaboration using SharePointEnterprise Collaboration using SharePoint
Enterprise Collaboration using SharePoint
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH Compliance
 
BEAPressReleases.290214504
BEAPressReleases.290214504BEAPressReleases.290214504
BEAPressReleases.290214504
 
Emc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentumEmc World 2009 : microsoft sharepoint and emc documentum
Emc World 2009 : microsoft sharepoint and emc documentum
 
Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?Cloud Computing for Nonprofits - What's Microsoft Got?
Cloud Computing for Nonprofits - What's Microsoft Got?
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance Updates
 
Technical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management FederationTechnical Requirements of the UK Access Management Federation
Technical Requirements of the UK Access Management Federation
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
 
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
20110110 ARMA Dallas Managing Web 2.0 Records: Facebook, Twitter and Everythi...
 
What is killing ecm
What is killing ecmWhat is killing ecm
What is killing ecm
 
Middleware 2002
Middleware 2002Middleware 2002
Middleware 2002
 
Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010Metadata Management In A Social Media World, Spsbos, 2 2010
Metadata Management In A Social Media World, Spsbos, 2 2010
 
How Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance StrategyHow Social and the Cloud Impact Your Governance Strategy
How Social and the Cloud Impact Your Governance Strategy
 
Gemini Introduction
Gemini IntroductionGemini Introduction
Gemini Introduction
 
Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.Factors to keep in mind when you’re considering cloud storage services.
Factors to keep in mind when you’re considering cloud storage services.
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving services
 
Federation Policy
Federation PolicyFederation Policy
Federation Policy
 
Web 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participationWeb 2.0 goes to work for business: Enabling the power of participation
Web 2.0 goes to work for business: Enabling the power of participation
 
Collaboration Enterprise Architecture
Collaboration Enterprise ArchitectureCollaboration Enterprise Architecture
Collaboration Enterprise Architecture
 
barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0barcamphanoi - Enterprise 2.0
barcamphanoi - Enterprise 2.0
 

Similar to D Cornell Securing Share Point

Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...Richard Harbridge
 
SharePoint Integration and Interoperability
SharePoint Integration and InteroperabilitySharePoint Integration and Interoperability
SharePoint Integration and InteroperabilityRichard Harbridge
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...Richard Harbridge
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...Richard Harbridge
 
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordSharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordRichard Harbridge
 
SharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowSharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowRichard Harbridge
 
Best Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityBest Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityRichard Harbridge
 
Best Practices Integration And Interoperability
Best Practices Integration And InteroperabilityBest Practices Integration And Interoperability
Best Practices Integration And InteroperabilityAllinConsulting
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint OverviewAmy Phillips
 
Integrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackIntegrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackBijoy Viswanadhan
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & developmentMJ Ferdous
 
Sharepoint 2013 Overview
Sharepoint 2013 OverviewSharepoint 2013 Overview
Sharepoint 2013 OverviewTarek Yehia
 
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Christian Buckley
 
Intro to SharePoint for Developers
Intro to SharePoint for DevelopersIntro to SharePoint for Developers
Intro to SharePoint for DevelopersRob Wilson
 
Ferraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information ArchitectureFerraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information Architecturemferraz
 
Solve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesSolve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesCory Peters
 
Share Point Voice Annotation
Share Point Voice AnnotationShare Point Voice Annotation
Share Point Voice Annotationgma13
 

Similar to D Cornell Securing Share Point (20)

Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel Oleson
 
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
SharePoint Fest Chicago - SharePoint 2010 Integration and Interoperability: W...
 
SharePoint Integration and Interoperability
SharePoint Integration and InteroperabilitySharePoint Integration and Interoperability
SharePoint Integration and Interoperability
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
 
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
SharePoint Fest Denver - SharePoint 2010 Integration and Interoperability: Wh...
 
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday HartfordSharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
SharePoint 2010 Integration and Interoperability - SharePoint Saturday Hartford
 
SharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to knowSharePoint 2010 Integration and Interoperability: What you need to know
SharePoint 2010 Integration and Interoperability: What you need to know
 
Best Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and InteroperabilityBest Practices - SharePoint 2010: Integration and Interoperability
Best Practices - SharePoint 2010: Integration and Interoperability
 
Best Practices Integration And Interoperability
Best Practices Integration And InteroperabilityBest Practices Integration And Interoperability
Best Practices Integration And Interoperability
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
 
SharePoint Overview
SharePoint OverviewSharePoint Overview
SharePoint Overview
 
Managesp 160805190411
Managesp 160805190411Managesp 160805190411
Managesp 160805190411
 
Integrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stackIntegrated Proposal (Vsts Sps Tfs) - MS stack
Integrated Proposal (Vsts Sps Tfs) - MS stack
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & development
 
Sharepoint 2013 Overview
Sharepoint 2013 OverviewSharepoint 2013 Overview
Sharepoint 2013 Overview
 
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
Don't Just Migrate: Transform Your SharePoint Environment - DevConnections Or...
 
Intro to SharePoint for Developers
Intro to SharePoint for DevelopersIntro to SharePoint for Developers
Intro to SharePoint for Developers
 
Ferraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information ArchitectureFerraz Ia252 Developing An Information Architecture
Ferraz Ia252 Developing An Information Architecture
 
Solve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 FeaturesSolve Todays Problems with 10 New SharePoint 2010 Features
Solve Todays Problems with 10 New SharePoint 2010 Features
 
Share Point Voice Annotation
Share Point Voice AnnotationShare Point Voice Annotation
Share Point Voice Annotation
 

Recently uploaded

4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWQuiz Club NITW
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Association for Project Management
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
ARTERIAL BLOOD GAS ANALYSIS........pptx
ARTERIAL BLOOD GAS ANALYSIS........pptxARTERIAL BLOOD GAS ANALYSIS........pptx
ARTERIAL BLOOD GAS ANALYSIS........pptxAneriPatwari
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
Tree View Decoration Attribute in the Odoo 17
Tree View Decoration Attribute in the Odoo 17Tree View Decoration Attribute in the Odoo 17
Tree View Decoration Attribute in the Odoo 17Celine George
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesVijayaLaxmi84
 
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxAnupam32727
 
CHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxCHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxAneriPatwari
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQuiz Club NITW
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Developmentchesterberbo7
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMr Bounab Samir
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxDIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxMichelleTuguinay1
 

Recently uploaded (20)

Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITW
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
ARTERIAL BLOOD GAS ANALYSIS........pptx
ARTERIAL BLOOD GAS ANALYSIS........pptxARTERIAL BLOOD GAS ANALYSIS........pptx
ARTERIAL BLOOD GAS ANALYSIS........pptx
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
Tree View Decoration Attribute in the Odoo 17
Tree View Decoration Attribute in the Odoo 17Tree View Decoration Attribute in the Odoo 17
Tree View Decoration Attribute in the Odoo 17
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their uses
 
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
 
CHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxCHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptx
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Development
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdf
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptxDIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
DIFFERENT BASKETRY IN THE PHILIPPINES PPT.pptx
 

D Cornell Securing Share Point

Editor's Notes

  1. Rotavirus images is Creative Commons Share Alike 3.0: http://en.wikipedia.org/wiki/File:Rotavirus_with_antibody.jpg
  2. -Security features versus secure features – SharePoint is very buzzword compliance with its provision of “security features” but it is crucial to determine if installations have properly used those security features and also crucial to know if new features that have been developed (WebParts, etc) have been done securely.
  3. -Multiple tool scans from different vantage points -Using tools like Nessus and the Microsoft Baseline Security Analyzer (MBSA) -Internet scan would only be done if the MOSS server was Internet accessible (naturally)
  4. ForeFront also has configurable text filtering rules for file content. This may help with some compliance issues that we address elsewhere (SSN, CC# detection)
  5. -SharePoint uses an XML-based API to push/pull data from many of its constructs