Tag Archives: Solving

Solving four primary security challenges of Microsoft SharePoint

Solving four primary security challenges of Microsoft SharePoint

Microsoft SharePoint has quickly become the enterprise standard for internal and external collaboration and content management much in the same way Microsoft Exchange has become the enterprise standard for email. However, along with SharePoint’s acceptance comes the same challenges that enveloped Exchange: The need to maximize ROI, guard against viruses and data leakage, and establish policies for governance and compliance. This white paper examines SharePoint’s benefits and risks and recommends best practices for protecting an organization’s digital assets.

1

Solving four primary security challenges of Microsoft SharePoint

Introduction to SharePoint

Microsoft Windows SharePoint enables information workers to collaborate on documents, exchange files, problem-solve, strategize, link to live web content and create tables and reports that are culled from an organization’s databases. SharePoint offers many benefits for organizations, especially those with 1,000 employees or more, because it:

»»Increases employee productivity by streamlining day-to-day business operations

»»Reduces project cycle time through collaboration

»»Empowers employees to make informed decisions by providing centralized access to information

»»Helps meet regulatory requirements through total content control

»»Simplifies access to structured and non-structured data across various systems

»»Offers a unique, integrated platform for managing business-wide intranet, extranet and internet applications

Microsoft SharePoint comprises two main components: Windows SharePoint Services 3.0 (WSS) and Microsoft Office SharePoint Server (MOSS).

Microsoft SharePoint sales broke the $1 billion revenue mark in 2008 with more than 100 million licenses sold, leading one market research analyst to proclaim that “SharePoint is the hottest-selling server-side product ever for the company.” Other analysts predict the growth of the popular content management and collaboration platform will remain steady and they expect to see it grow at a remarkable average annual rate of 25% over the next 4 years.

Today, a majority of organizations are using SharePoint to store and share their most vital electronic records such as strategic corporate planning documents, company financials, employee records, critical intellectual property records and personal health records.

Assessing reward versus risk

One of the key challenges IT managers and administrators face is finding a way to balance SharePoint’s rich functionality with the attendant risks that come from making interactive content more accessible beyond the organization’s walled garden. Even when SharePoint is used mainly by internal users (see shaded area in the figure on page 2) the threat of malware propagating across the network is remains significant.

As access to SharePoint is broadened to include outside partners and applications, the risks are magnified exponentially. What this means for IT managers and admins is that fully leveraging the organization’s investment in SharePoint also increases its vulnerability to malware, data leakage and many other concerns.

A secure deployment consists of layers of security backed with appropriate access controls so that the organization’s content is well protected while at the same time accessible beyond the walls of the organization.

What are the four primary risks?

SharePoint is susceptible to a variety of existing and emerging threats:

1. Viruses and other malware

2. Access to inappropriate content

3. Data leakage of the company’s competitive and bus iness intelligence

4. Data tampering by internal and external users

1. Viruses and other forms of malware

Windows SharePoint Services stores documents, lists, views and other information in a Microsoft SQL Server database.

Collaborative workspaces are an easy way to share files and content, which only increases the odds of contracting viruses and other forms of malware. This is a significant concern if content originates from outside the organization from unmanaged machines (for example, enabling customers to post attachments or links to untrustworthy sites in a SharePoint-based environment).

Recommendations

Deploy an anti-virus suite designed for scanning SQL Server database stores to find malware and suspicious files stored within the database — a capability that typical endpoint/server AV solutions lack. Other features to consider include:

»»On-access, on-demand, or on-schedule protection from malware, viruses, spyware, adware, suspicious files and potentially unwanted applications, which ensures maximum security while offering a completely transparent end-user experience.

»»Proactive zero-day detection of new malware using Behavioral Genotype technology.

»»Integrated quarantine manager for deleting, disinfecting or authorizing files.

2. Access to inappropriate content

Don’t let your SharePoint portal become a vast source of inappropriate, illegal or similar content that violates legal requirements for compliance and governance.

Recommendations

»»Simplify compliance with advanced content filtering.

»»Make sure the third-party solution you deploy includes a comprehensive content scanning and policy engine.

»»Control file types based on file name, size, or type using true-file-type technology to prevent file type masquerading.

»»Delivers centralized data security control across mixed IT environments.

»»Provides consistent implementation and enforcement of company-wide security policies.

»»Makes storage, exchange and recovery of keys simple and easy through centralized state-of-the-art key management

»»Provides comprehensive data protection on all kinds of devices, including: laptops, desktops, removable media, PDAs, CDs, and email

»»Offers encryption and data leakage prevention (DLP) under a single management console.

»»Fully manages Windows Vista BitLocker Drive Encryption

»»Integrates quickly and effectively with existing security infrastructures and automates administrative tasks.

Emerging concerns

»»The threats are getting greater and are not likely to subside any time soon, if ever. One reason is that employee mobility continues to rise. The 2009 Total Employee Mobility Benchmarking Report, released by Runzheimer International, notes 51% of the workforce is mobile on any given day. However, many IT execs do not have control over the associated risks, costs or benefits. The annual report was developed through interviews with executives from 90 small, mid-sized and large organizations across the U.S.

»»SharePoint is among the easiest-to-use tools in the Windows suite, experts say. The problem is any user can set up a SharePoint site, and, often, there are no guidelines for who can access it or what data can be stored there. Some users assume that because it’s used on the company’s internal network, SharePoint data must be protected by the standard corporate security defenses.

3. Data leakage of the company’s competitive and business intelligence

Because SharePoint technology enables the easy exchange of files between users, even if you’ve deployed security policies on perimeter and mail servers, users might still try to use SharePoint to exchange files that would ordinarily be blocked by email security.

Recommendations

»»Look for a solution that specifically ensures sensitive data is not being leaked through SharePoint or Exchange.

»»Employ content control that prohibits users from uploading or downloading sensitive information.

»»Check to see that files can be controlled by file name and by content (words and phrases) within files.

4. Data tampering

According to a recent survey, one-quarter of 330 respondents lack confidence that their organizations’ electronic records or other digital content are protected when they are being shared within the SharePoint environment. Of the respondents whose organizations have suffered a data breach within their SharePoint systems, 67% indicated that the tampering was at the hands of a person with access to SharePoint from inside the organization.

Recommendations

»»Look for a modular information protection control solution that enforces policy-based security for PCs and mobile devices across mixed environments.

»»It should be fully transparent to end users and easy to administer from a single central console. Finally, its modular architecture provides comprehensive data security tailored to your organization’s needs and growth requirements.

»»In other cases, employees make the mistake of offering SharePoint access to business partners or contractors outside of the company, without taking steps to secure the exchange of data.

This article was provided by Sophos and is reproduced here with their full permission. Sophos provides full data protection services including: security software, encryption software, antivirus, and malware.

Related Blogs

Causes of Infertility in Women – Knowing and Solving

The biggest causes of infertility in women often involve physical health issues that often have a wide variety of forms, but have the same short range of remedies. For a woman to truly break free from her infertility, she needs to know what’s causing it, and devise a way to ensure that it doesn’t keep hunting her for the rest of her life.

The first step to knowing is to give your doctor a small visit. Infertility in women often comes from ovulation disorders, uterine issues, age, pre-existing health problems, and overall physical unfitness. With a few simple and cheap tests, your doctor can determine whether any of the more common causes for infertility are preventing you from conceiving, or if there’s anything more serious that you should be aware of. By knowing the answer to the simple problem of “what’s causing it all,” you are giving yourself a few targeted options to take in the long run.

Once you know what’s causing the infertility, take the time to solve the problem. Solving the problem could either mean taking some medications, going on certain fertility diets, increasing overall physical wellness, active monitoring of physical statistics such as basal body temperature and menstrual cycles, or a combination of some or all of these options.

Women who have ovulation disorders and uterine issues are often prescribed medications to improve their hormonal balance. A good hormonal balance will promote the regularization of a woman’s menstrual cycle, and increase uterine wall thickness — a problem that tends to become more pronounced with age.

Along with these treatments, a woman could also be subjected to fertility diets and overall lifestyle changes so to counteract the effects of age, the environment, and any other external factors that may affect a woman’s fertility adversely. Lastly, with active monitoring, you give yourself the benefit of knowing when you have the greatest probability of conceiving successfully: use these odds to your advantage, and you can even counteract the disadvantages of certain adverse factors, such as age and physical health, that you might have.

The above-stated problems and solutions are targeted for those that are most commonly being experienced by women today. Some cases might be more serious, and may require more drastic measures such as surgery and artificial fertilization. However, it is still important to note that the general solutions are still practical to take no matter how serious or mild your causes of infertility might be, as these simply lead to a healthier you.

If you are trying to get pregnant quickly and naturally and need help getting pregnant, visit http://www.pregnancyin60days.com to get a explosive free report on ‘Getting Pregnant At Any Age In 60 Days’.

This report has helped 1000s of women with their infertility.

Related Blogs

2 Tips Solving Nintendo DSi vs DS iPlayer Firmware Not Find System Problem | Ishopvideogame

Recently, more and more people reflected that there is a popular problem with their Nintendo DSi vs DS iplayer. It is that there always will be such a message ” CAN NOT FIND SYSTEM” when they are using iPlayer. They have tried it over and over again. But it still does the same thing. No luck with it.

At the same time, they searched the answer or solution in the Google and Yahoo, but they still could not find a good way to solve this problem. It seems to be a hard nut to crack. But they ignored a very common problem solving approach. It is the customer service where they bought their Nintendo DS iPlayers from.

Generally speaking, merchant is much more experienced than users, especially customers. By the way, I would strongly recommend that the first thing customers should do when there are some problems with their goods is to contact with the sellers or its customers service. Please do not try to solve it by yourself unless you are a master-hand. No matter which kind of goods you buy, it is the most effective way.

OK, let us get back to the point. If your DS iPlayers can not find system, here are two tips for you to follow. Both of them seem to be very easy, buy very useful and effective. Just try them.

Tip 1: Plug into your power socket tightly. Sometimes if your socket is loose or not secured, there will be NOT FIND SYSTEM with DS iPlayer.

Tip 2: Check your iPlayer and update it to V1.4 if it is a need or must for your DS iPlayer.

Are them very easy? Sometimes the problems themselves are very easy. We can not solve them because we never thought it would come to this. So try them and repair your DS iPlayer by yourself.

Source: www.ishopvideogame.com

ishopvideogame.com Free Shipping R4 DS,R4DS,R4 SDHC,R4i,R4i Gold,R4i SDHC,Acekard 2i, Wii Accessory,X box Accessory,PS3 Accessory,DSi Accessory,DS Lite Accessory.

Related Blogs

Herding the Fat Cats: A Holistic Approach to Stifling Corporate Greed?And Solving Our Tax Code and Healthcare Problems in the Process!

Herding the Fat Cats: A Holistic Approach to Stifling Corporate Greed—And Solving Our Tax Code and Healthcare Problems in the Process!

After a year of bailouts and a barely-breathing economy, many Americans want to know what 2010 will bring. Has corporate America really learned its lesson? Author Blaine Loomer isn’t waiting around to find out. He offers up a holistic solution to ending corruption in America’s big businesses that will also create some much-needed progress in other areas.

  Cincinnati, OH (December 2009)—When President Obama criticized the “fat cat” bankers early last week, he was echoing the sentiments citizens on both sides of the political fence feel toward Corporate America. No wonder. As we look back over the past 12 months, it’s hard not to be disgusted by The Year of the Bailout. The spectacle of be-suited executives begging for government handouts is truly sickening to the Average Joes and Janes who struggle to pay their bills with their own meager, recession-choked finances. What’s worse is that most of us suspect no lessons were learned—Corporate America’s lousy decision-making isn’t likely to end any time soon.

That’s why Blaine Loomer calls BS on the whole system.

“Just consider the worst of the worst of Corporate America for 2009: AIG,” says Loomer, author of the new book Corporate Bullsh*t: A Survival Guide (Mitchell Publishers Inc., 2009, ISBN: 978-0-9842016-0-0, $29.50). “Its executives spent almost half a million dollars on a fancy retreat after receiving $85 billion in bailout money. That’s so outrageous it’s almost comical.

“The government bailed AIG out to try and protect the economy, but it didn’t address the problems that put AIG in that position in the first place,” he adds. “Too often, the government or some other entity swoops in to clean up the messes corporate fat cats in various industries have made, but nothing is done to prevent these disasters from happening in the first place.”

Despite 2009’s rock-bottom low points, reforming Corporate America is possible, says Loomer. He suggests that our nation take a holistic approach to dealing with the corruption, greed, and poor decision-making that plague many of our companies and industries.

As his book title suggests, Loomer is accustomed to advising people on how to navigate corporate bullsh*t on a personal level. (The book offers solutions to problems ranging from lack of corporate accountability to toxic colleagues to securing promotions and raises.) However, he is also plenty comfortable taking a macroscopic view of the BS.

Below, he offers up a four-part example of how a holistic problem-solving approach can help keep Corporate America in check while also addressing some of the nation’s other pertinent issues—namely, our overly complicated tax system and healthcare reform. 

The Problem Part One: Publicly trading corporations are allowed to run amok.

The Solution: “The SEC needs to have more enforcement capability,” says Loomer. “The real problem here is not the current legislation, although it does need to be updated. The real problem is that the proper resources aren’t in place to enforce the existing laws.” 

In his book, Loomer proposes that the U.S. staff up the SEC with auditors to be embedded in all public companies. These auditors will attend board meetings and audit company activities as well as investment instruments to make sure these companies are being good corporate citizens. SEC agents will be there to protect the interests of the shareholders, other investors, and employees in an effort to “prevent” greed-driven executives from shooting their own companies in the foot.

 “I would also like to see an SEC review board that would analyze new investment instruments for the risk of catastrophic losses,” says Loomer. “Investing is a zero sum game, and if someone is making 500 percent returns, someone else is taking 500 percent losses.” 

The Problem Part Two: New SEC staff will require money that isn’t available.

The Solution: “You’re probably thinking, This guy’s crazy. Staffing up the SEC for this task will require thousands of people,” says Loomer. “And you’d be right. But remember, we are approaching all of this with a holistic view. That said, let’s talk for a minute about a flat tax—an option that frequently comes up for debate.” 

One concern opponents of a flat tax often bring up is that it will cause a loss of jobs in the IRS and in accounting firms. The last thing anyone wants to do these days is eliminate jobs, but Loomer points out that we have an opportunity here to not only staff up the SEC to enforce greater corporate accountability but to also minimize the cost of managing the tax system. 

“Basically, the funds saved through the simplified tax system would be moved over to the SEC where they could be better utilized,” he explains. “The IRS employees, who already have the skill set to monitor financial instruments, should be able to make the transition to the SEC with minimal training.” 

The Problem Part Three: Independent accounting firms will suffer.

The Solution: To talk about what fate would befall the accounting firms in Loomer’s plan, let’s bring in a seemingly unrelated topic: health care reform and the possibility of a public option. Everyone is worried about government health care costs spinning out of control, right? By taking a holistic approach to these problems, the tax accountants displaced by a simplified tax system could go to work in the health care arena. 

“After all, who better to monitor the health care system than a group of auditors and accountants?” asks Loomer. “These accounting firms could work on a contract basis to monitor some or all of the health care system.” 

The Problem Part Four: Health insurance employees will lose their jobs.

The Solution: Just put these people to work administering the new health care system. 

“My answer is: Why does the government want to take on another huge cost center to administer health care when skilled people are already in place?” asks Loomer. “We could contract with the insurance companies for the administrative services that will be necessary when health care is reformed.” 

The best part of Loomer’s vision? It could conceivably allow America to solve several of the nation’s most tricky challenges without incurring extra costs or raising taxes.

“This is certainly a bold plan, and I realize that putting it into action will take more than a simple snap of the fingers,” admits Loomer. “But it seems that this kind of holistic approach is much better than trying to solve these problems one at a time, as if they weren’t all interconnected. Remember, we are all paying for the system we have now—the one that has allowed corporate greed and government ineptness to drive our economy into a recession—and we will be paying for the system we have in the future. We might as well make it a better one.”

 

# # #

 

About the Author: 

Blaine Loomer’s expertise in the corporate world evolves from over 20 years of experience in corporate management and sales. He has consulted with thousands of companies over the years, from enterprising individuals of mom and pop shops to executive officers of some of the largest corporations in America. As a corporate sales expert, he has hired, educated, and managed sales teams across North America. Over the years Blaine has logged millions of miles and fostered business relationships with thousands of people from all walks of life, both domestic and international. Through his travels and experiences, he has gathered a wealth of knowledge. After 20 years he has decided to put down the suitcase and share what he has learned with you in an effort to help you succeed in the pursuit of your career.

 About the Book: 

Corporate Bullshit: A Survival Guide (Mitchell Publishers Inc., 2009, ISBN: 978-0-9842016-0-0, $29.50) is available at bookstores nationwide and from major online booksellers. 

For more information, please visit www.corporatebsguide.com.

 

Blaine Loomer?s expertise in the corporate world evolves from over 20 years of experience in corporate management and sales. He has consulted with thousands of companies over the years, from enterprising individuals of mom and pop shops to executive officers of some of the largest corporations in America. As a corporate sales expert, he has hired, educated, and managed sales teams across North America. Over the years Blaine has logged millions of miles and fostered business relationships with thousands of people from all walks of life, both domestic and international. Through his travels and experiences, he has gathered a wealth of knowledge. After 20 years he has decided to put down the suitcase and share what he has learned with you in an effort to help you succeed in the pursuit of your career.

Related Blogs