22 Mar

Solving Four Primary Security Challenges of Microsoft SharePoint

Posted by admin, under Problem Solving

Solving four primary security challenges of Microsoft SharePoint

Microsoft SharePoint has quickly become the enterprise standard for internal and external collaboration and content management much in the same way Microsoft Exchange has become the enterprise standard for email. However, along with SharePoint’s acceptance comes the same challenges that enveloped Exchange: The need to maximize ROI, guard against viruses and data leakage, and establish policies for governance and compliance. This white paper examines SharePoint’s benefits and risks and recommends best practices for protecting an organization’s digital assets.

1

Solving four primary security challenges of Microsoft SharePoint

Introduction to SharePoint

Microsoft Windows SharePoint enables information workers to collaborate on documents, exchange files, problem-solve, strategize, link to live web content and create tables and reports that are culled from an organization’s databases. SharePoint offers many benefits for organizations, especially those with 1,000 employees or more, because it:

»»Increases employee productivity by streamlining day-to-day business operations

»»Reduces project cycle time through collaboration

»»Empowers employees to make informed decisions by providing centralized access to information

»»Helps meet regulatory requirements through total content control

»»Simplifies access to structured and non-structured data across various systems

»»Offers a unique, integrated platform for managing business-wide intranet, extranet and internet applications

Microsoft SharePoint comprises two main components: Windows SharePoint Services 3.0 (WSS) and Microsoft Office SharePoint Server (MOSS).

Microsoft SharePoint sales broke the $1 billion revenue mark in 2008 with more than 100 million licenses sold, leading one market research analyst to proclaim that “SharePoint is the hottest-selling server-side product ever for the company.” Other analysts predict the growth of the popular content management and collaboration platform will remain steady and they expect to see it grow at a remarkable average annual rate of 25% over the next 4 years.

Today, a majority of organizations are using SharePoint to store and share their most vital electronic records such as strategic corporate planning documents, company financials, employee records, critical intellectual property records and personal health records.

Assessing reward versus risk

One of the key challenges IT managers and administrators face is finding a way to balance SharePoint’s rich functionality with the attendant risks that come from making interactive content more accessible beyond the organization’s walled garden. Even when SharePoint is used mainly by internal users (see shaded area in the figure on page 2) the threat of malware propagating across the network is remains significant.

As access to SharePoint is broadened to include outside partners and applications, the risks are magnified exponentially. What this means for IT managers and admins is that fully leveraging the organization’s investment in SharePoint also increases its vulnerability to malware, data leakage and many other concerns.

A secure deployment consists of layers of security backed with appropriate access controls so that the organization’s content is well protected while at the same time accessible beyond the walls of the organization.

What are the four primary risks?

SharePoint is susceptible to a variety of existing and emerging threats:

1. Viruses and other malware

2. Access to inappropriate content

3. Data leakage of the company’s competitive and bus iness intelligence

4. Data tampering by internal and external users

1. Viruses and other forms of malware

Windows SharePoint Services stores documents, lists, views and other information in a Microsoft SQL Server database.

Collaborative workspaces are an easy way to share files and content, which only increases the odds of contracting viruses and other forms of malware. This is a significant concern if content originates from outside the organization from unmanaged machines (for example, enabling customers to post attachments or links to untrustworthy sites in a SharePoint-based environment).

Recommendations

Deploy an anti-virus suite designed for scanning SQL Server database stores to find malware and suspicious files stored within the database — a capability that typical endpoint/server AV solutions lack. Other features to consider include:

»»On-access, on-demand, or on-schedule protection from malware, viruses, spyware, adware, suspicious files and potentially unwanted applications, which ensures maximum security while offering a completely transparent end-user experience.

»»Proactive zero-day detection of new malware using Behavioral Genotype technology.

»»Integrated quarantine manager for deleting, disinfecting or authorizing files.

2. Access to inappropriate content

Don’t let your SharePoint portal become a vast source of inappropriate, illegal or similar content that violates legal requirements for compliance and governance.

Recommendations

»»Simplify compliance with advanced content filtering.

»»Make sure the third-party solution you deploy includes a comprehensive content scanning and policy engine.

»»Control file types based on file name, size, or type using true-file-type technology to prevent file type masquerading.

»»Delivers centralized data security control across mixed IT environments.

»»Provides consistent implementation and enforcement of company-wide security policies.

»»Makes storage, exchange and recovery of keys simple and easy through centralized state-of-the-art key management

»»Provides comprehensive data protection on all kinds of devices, including: laptops, desktops, removable media, PDAs, CDs, and email

»»Offers encryption and data leakage prevention (DLP) under a single management console.

»»Fully manages Windows Vista BitLocker Drive Encryption

»»Integrates quickly and effectively with existing security infrastructures and automates administrative tasks.

Emerging concerns

»»The threats are getting greater and are not likely to subside any time soon, if ever. One reason is that employee mobility continues to rise. The 2009 Total Employee Mobility Benchmarking Report, released by Runzheimer International, notes 51% of the workforce is mobile on any given day. However, many IT execs do not have control over the associated risks, costs or benefits. The annual report was developed through interviews with executives from 90 small, mid-sized and large organizations across the U.S.

»»SharePoint is among the easiest-to-use tools in the Windows suite, experts say. The problem is any user can set up a SharePoint site, and, often, there are no guidelines for who can access it or what data can be stored there. Some users assume that because it’s used on the company’s internal network, SharePoint data must be protected by the standard corporate security defenses.

3. Data leakage of the company’s competitive and business intelligence

Because SharePoint technology enables the easy exchange of files between users, even if you’ve deployed security policies on perimeter and mail servers, users might still try to use SharePoint to exchange files that would ordinarily be blocked by email security.

Recommendations

»»Look for a solution that specifically ensures sensitive data is not being leaked through SharePoint or Exchange.

»»Employ content control that prohibits users from uploading or downloading sensitive information.

»»Check to see that files can be controlled by file name and by content (words and phrases) within files.

4. Data tampering

According to a recent survey, one-quarter of 330 respondents lack confidence that their organizations’ electronic records or other digital content are protected when they are being shared within the SharePoint environment. Of the respondents whose organizations have suffered a data breach within their SharePoint systems, 67% indicated that the tampering was at the hands of a person with access to SharePoint from inside the organization.

Recommendations

»»Look for a modular information protection control solution that enforces policy-based security for PCs and mobile devices across mixed environments.

»»It should be fully transparent to end users and easy to administer from a single central console. Finally, its modular architecture provides comprehensive data security tailored to your organization’s needs and growth requirements.

»»In other cases, employees make the mistake of offering SharePoint access to business partners or contractors outside of the company, without taking steps to secure the exchange of data.

This article was provided by Sophos and is reproduced here with their full permission. Sophos provides full data protection services including: security software, encryption software, antivirus, and malware.


Related Blogs

No Comments | Tags: , , , , , ,
13 Mar

Four Lessons From Children Concerning Anger Management

Posted by admin, under Anger Management

Lesson # 1 Acknowledge that the simple, pure emotions of anger and sadness that children express are at the root of more complicated adult feelings.  

When children are traumatized, they heal from it naturally as long as there is a safe environment to do so. Many children experience a wide range of traumas like sexual abuse, death of a loved one, divorce, moving to a new neighborhood, or being teased at daycare. As surprising as it may be, I have observed that there are only two emotions which children express to help themselves heal. These two emotions are ANGER and SADNESS. In affirmation of the wisdom of this natural choice by my young clients, I have noted a similar pattern among my adult clients. Those who make the most progress are those who get in touch with these primary emotions of sadness and anger.  

Lesson # 2 Express your feelings. Don?t repress them.  

As adults we develop defenses such as depression, anxiety, phobias, worry, stress-induced illnesses, and a myriad of other non-healing ways of trying to cope with emotional pain. In contrast to children, some adults never cry or display anger. Most adults take repression too far. While doing Anger Work, both children and adults learn to express their anger in safe environments. The following case of Shawn and Jaime are good examples of how children use their sadness and anger to heal themselves. (Please note that names and details have been changed to protect the confidentiality of my clients).  

Once when I was directing a day care center, the parents of a two-year old child named Shawn was left with me by her parents. It was the first time in her life she had ever been separated from them. As I took Shawn from her anxious parents, she immediately started crying. Shawn cried off and on for the entire three hours. Though I tried to set her down a couple of times, she never let go of me. By the time her parents returned, my shirt was soaked.  

The next week Shawn returned and of course started crying the second her parents left. I held Shawn for about five minutes and then she stopped crying. After watching the other children playing all around us, she slowly made her way out of my arms. Though she kept a watchful eye out for me for a few minutes to make sure that I would rescue her, Shawn began to play. She never cried again when her parents left her at childcare with me. Shawn?s tears of sadness helped her heal from the emotional trauma of leaving her parents for the first time in her life.  

As the case of Shawn demonstrates, experiencing and expressing your sadness through tears can be an effective tool for healing. However, I find that children between the ages of two and seven primarily express one feeling during their treatment: that is anger. They rarely cry about their trauma–they just get angry, sometimes very angry. Afterward they leave the session feeling better, and over time the symptoms which brought them into therapy go away. Children like Jaime in the following story have taught me that anger heals.  

Jamie was a two-and-a-half year old girl with whom I worked for a year. She was brought to therapy because she had been sexually abused by a man and woman at a day care center where she was being watched for a few hours. Evidence of this crime was her radical behavior change after the incident. She regressed to soiling her panties, began playing with her private parts, started pinching and biting her younger brother, and did not want to return to the daycare. When I saw her, she appeared to be a sweet little girl who just wanted to play. During all the sessions with Jamie, her mom or dad stayed with us in the same room, reading magazines or books, so that Jamie would give me her full attention. Quickly Jaime began displaying intense anger towards toys as she played with them. She would growl at them, hit them, throw them, and even try to destroy them. Jamie had told her parents what happened at the daycare, but she never verbalized anything about the abuse during therapy. Her play clearly displayed that she was angry at the abusers who had fondled her private parts.  The parents were instructed not to let Jamie aim her anger at them or her younger brother. During the year, Jamie’s behavior gradually improved until she was back to her old self. Therapy was terminated and Jamie has never returned. She is reported to be doing fine.  

Lesson # 3 Have an appropriate object for your wrath. Acting-out on people or animals takes you backwards.  

Tony was an eight year old bully. He was always getting in trouble at school for teasing and tripping younger kids. Other times, he would take strings that had bells or forks attached to them and tie them to the cat?s tail in order to torment the poor old cat. Once Sam, the family?s golden retriever who loved people food, had to be rushed to the animal emergency hospital because he had suddenly become deathly ill. After surgery, the veterinarian found a cactus spine in Sam?s stomach. Tony confessed that he had given the cactus spine to Sam covered in butter. His parents were very concerned and did not know what to do.  

First I helped them to come up with rewards for when Tony was behaving appropriately, and taught them to use time out for when he was taking out his anger on others. Having his parents reinforce appropriate behavior at home, in addition to bringing him to therapy was very helpful. Very shortly, Tony began to love coming to therapy, because here he and I had lots of toys and he could do whatever he wanted. He was free to express his anger, as long as he did not direct it at me. His favorite ?toy? was my couch. He loved to throw things at it, jump on it, hit it whatever he wanted. When Tony first came to see me his anger was a constant threat, boiling just beneath the surface. He was expressing his anger at people and animals, and his problems only snowballed. His self esteem was very low and he felt that nobody really liked him. He was ostracized on the playground because he had done so many mean things to his classmates that most of them stayed away from him out of self-protection. In therapy he expressed his anger by directing it at inanimate objects and his life began to transform. He was now releasing his anger regularly, instead of letting it build up. Without all that repressed anger, he didn?t feel as many impulses to do mean things.  

Lesson #4  Stay active and use your body to express yourself, especially when you?re doing Anger Work.  

If you think about it from a historical perspective, it has not been long since our world was much more physically active, like our children?s world. In the past, people did more physically demanding work for a living. They spent 5-12 hours a day doing something physical, like chopping wood, harvesting fields, hand-washing the laundry or grinding grain. This type of work provided more natural opportunities for letting off steam.

Today our lives are often more sedentary. We need to be proactive in creating opportunities for exercise and include a healthy expression of anger at the same time. My young clients are almost always throwing, shooting, or hitting something during their sessions. Combining physical work with anger work is not only good for the body, but for the psyche as well. Today we must work to add that additional activity to our daily lives.  

Dr. Robert Puff is a Newport Beach psychologist and international business consultant who has given over a 1000 media interviews, including TV and radio talk shows. This article is taken from his critically acclaimed book, Anger Work: How to Express Your Anger and Still be Kind. If you would like either a free unabridged download or free unabridged audio recording of his book, go to =>

http://www.doctorpuff.com/


Related Blogs

    No Comments | Tags: , , , , , ,
    05 Mar

    The Four Components Of Postive Self-Esteem

    Posted by admin, under Self Esteem

    People who struggle with low self-esteem normally exhibit many relational and emotional problems.  The desire for a good self-esteem is great and is actually found in relationship with something bigger than ourselves.  One of the wonderful benefits of living in relationship with God by faith is that He gives us a positive identity.  We know who we are and we know it is good!  This positive identity is another term for what psychologists call positive self-esteem.  It is actually a more accurate term because self-esteem is about how I feel about myself, positive identity is about who I really am!  Positive identity has four major components:

                1)  Virtue.  This is the sense that we have spiritual value and worth.  Our value is inherent in the fact that we are created in the image of God. It is not derived from the good things I do for God.  God created Adam and Eve and then called them good.  What had they done to deserve that affirmation?  Nothing.  Their goodness was a part of the way God made them, their true self.  Knowing our true value is a vital part of a positive identity.

                2)  Community.  This is the sense that we belong and are a part of something

    bigger than ourselves, that we have something to offer.  God created us out of community (“let us create man..”) and for community (“it is not good for man to be alone”).  An infant is “we” with its mother before he or she become an “I”.  Knowing that you belong to a caring community is a vital part of a positive identity.

                3)  Power.   This is the sense that we have choices and the ability to choose.  We have already established that God created us with a choice and with the power to make that choice.  Limits to our power by God-given boundaries help keep our power from destroying our virtue.  Knowing that we have the power to make good choices is a vital part of a positive identity.

                4)  Gender.  This is the sense that we are masculine or feminine and comfortable with our sexuality.  God specifically created mankind  as “male and female”.  The difference between the genders is a part of the design.  The unique ways that God created men and women allow them to complement each other as they move together toward intimacy.  Knowing our gender and being comfortable with our masculinity or femininity is a vital part of a positive identity.

    Since all four of these qualities are part of the true self that God created us to be, it stands to reason that any movement away from these qualities is a good indication that we have taken a detour from life.  In fact, anytime that we move away from life, our positive identity suffers because we are trying to find life in something other than God, and since God gives us our positive identity, we lose sight of it as we wander from Him.  Therefore, these components of positive identity become a good criterion for judging whether we are living in this intimate relationship with God called life. 

    This is a good time for us to pause and ask a few probing questions.  Do I understand my true value as a person or do I tend to base my value on performance or behavior?  Do I fully enter in to community and feel a part of something bigger than myself or do I tend to isolate from others and “perform” at public functions?  Do I carefully use my power to make good choices or do I tend to play the victim, as if I have no power to make positive choices?  Do I feel the need to use my power to control those around me?  Am I comfortable with my masculinity or femininity, or do I tend to act as though I have something to prove in that area?     Life and positive identity go hand in hand.  This is the way we can regularly take inventory of our life. 

    Our tendency, though, is to judge the quality of our life by other criteria.  Am I happy?  Am I getting what I want?  Am I achieving all of my goals?  These criteria actually grow out of a view of God as a resource to make my life work the way I think it should rather than viewing God as life itself!

    Bob Perdue is the author of Ten Life Choices and is the survivor of childhood sexual abuse, sexual addiction, depression and a suicide attempt. Bob is active in recovery ministry and counseling. His book and other resources are available at www.lifenowministries.com

    No Comments | Tags: , , ,
    04 Mar

    Four Easy Steps to Problem Solving And Creativity

    Posted by admin, under Problem Solving

    Flashes of inspiration are quite common and happens in practically all aspects of human life. But unlike a mathematical proof, these are often very personal, and cannot always be reconstructed by other people. By the way, it is a good idea to put down your thoughts in writing, for 90 percent of all good ideas get lost forever if they are not immediately jotted down. Also, not every good thought can be used immediately. Sometimes, ideas or inspirations are only fragments of a whole, which first have to be polished and supplemented with additional pieces. This is something that poets, playwrights and novelists do, they jot down parts for poems, stories, settings or characters as they occur, returning to them later to be developed and become a verse, a scene or a piece of dialogue.

    However, for most of us, wonderful answers don’t just appear all by themselves. One of the most important prerequisites for creative work is to suspend automatic behavior and monotonous functions. The routine that says “this is the way its always been done” is the death knell for inspiration.

    One of the most effective methods of creative thinking is brainstorming. Basically there are four rules to the method.

    One – anything and everything can be said.

    Two – the more ideas expressed, the better.

    Three – No one should ridicule anyone’s idea.

    Four – Any adaptation, improvements or combinations to the ideas presented is encouraged. The beauty of this technique is not to find exactly the right answer since there can be many answers to the problems – but to provoke new ideas that have previously not been thought of.

    The most important and most difficult rule for such a communal sharing of ideas is – no criticism. This would immediately stifle the creative process and collective thinking of the group involved in the brain-storming. New ideas presented need not be explained or even defended. They must only be taken down spontaneously and in rapid sequence then, at a later stage, they can be evaluated by the entire team to find out if they are of use or not. Do you find that you are stuck in certain situations? Do you need to face up to new ideas? Then brainstorming may be just the right creative method for you.

    Here’s an example to show how effective the technique can be while searching for a zip replacement for space suits, NASA designers employed a particularly open technique of idea generation. One participant would pick a word or term at random from the dictionary – for example “forest”. During the brainstorming session, he imagined walking through a forest with thorns getting stuck on his clothes. For the astronauts, the result was a type of fastener which thousands of thorn-like fibres hook into one another. The material was named Velcro. Today, it is not only a household name, it is used in space, in the military, in workshops –everywhere.

    You need not have a group of people in order to brainstorm. You can do it on your own. Imagine in your mind that you have a group of advisors offering the pros and cons of an idea. Remember, you need to convince yourself that the answer or solution is already lodged somewhere in your memory. Take a walk along a beach or a garden to see how nature solves its problems, they may yet offer clues to yours.

    Martin Mak has a new program to help people enhance their memory or learning experience. To find our more about his popular and free ecourse, visit

    =>http://www.mightymemory.com/article.html

    No Comments | Tags: , , , , ,
    01 Mar

    Goal Setting in Four Simple Steps

    Posted by admin, under Goal Setting

    Copyright (c) 2009 Meredith Liepelt

    Goal setting is a critical skill to learn for any business owner. If you don’t know where you are going, “any road will get you there,” as was said so poetically in Alice in Wonderland. Without a clear understanding of where you are heading, you are almost guaranteed to become side-tracked by opportunities that will pull you off of your true course and original intention.

    There are four simple things that you can do to help you define your goals and stay on track:

    1. Create a Written “Contract.”
    Research shows that less than 5% of business owners actually write down their goals. However those who do write out their goals generate up to 10 times the revenue that others do! Now if that’s not incentive to take 30 minutes to write down your goals, I don’t know what is!

    2. Know Thyself.
    Ask yourself why you want the goal. Dig deep to find out why it’s important to you. This will help you experience the root of your desire. For example, if your goal is to create an additional income stream of $20,000 in the next six months, make sure you know why that is important. Do you want to take the summer off? Go on vacation? Pay off your car? You can even post a picture of your goal in your office if that is helpful to you. Knowing the essence of why you want to reach a goal is extremely motivating!

    3. Get Detailed.
    Create a list of all the different things you need to do to in order to reach your goal. For example, I brainstorm each step, write them individually on post-it notes and put them all on my wall. From there, I organize the post-it notes into categories and/or into a flow chart so I can see what needs to happen first, second and so forth. From there, I put each step into my calendar so I can be assured that if I just accomplish one or two things toward my goal on the assigned day, I will be directly on target to meet my goal.

    4. Share.
    If you share your goals with a trusted and supportive resource, you are much more likely to achieve your goals. It takes courage to put yourself out there and tell others what your goals are, particularly if they are financial goals. But if you choose wisely, you’ll find the support to be uplifting and very helpful.

    Meredith Liepelt, President of Rich Life Marketing, publishes Smart Marketing, a free bi-weekly ezine featuring marketing tips, insider secrets and thought provoking articles designed to help the busy female entrepreneur become known as an expert in her field, build trust with clients and prospects and generate more income than ever before. Claim your free subscription today at http://www.richlifemarketing.com .

    No Comments | Tags: , , , ,
    « Previous Page