SharePoint is gradually emerging as the most preferred collocation platform for enterprises. The greatest challenge to any collaboration platform is to ensure security without compromising the collaboration facilities. Access to SharePoint data is controlled by the permissions given to users. But what would happen if permissions can be changed without being noticed? Such a possibility should be avoided at any cost. That is why auditing permission changes…Continue
Added by Satyendra Tiwari on January 19, 2016 at 12:53 — No Comments
Evaluating how well SharePoint's security model performs against a real-world business scenario.
In my last post, we established 4 core requirements for a new hypothetical security model for SharePoint. They were:
1) Accommodate business change,…
Added by Peter Bradley on January 6, 2016 at 12:00 — No Comments
SharePoint's old security model was conceived in a different era. Let's imagine what a new security model might look like.
In my last post, we looked at the humble beginnings of SharePoint as Microsoft Tahoe, and pointed out that the security model really hasn't changed in the 15 years…Continue
Added by Peter Bradley on December 15, 2015 at 10:18 — No Comments
In my first post, I explained the biggest problems of SharePoint security model and how it creates risks. With so much change, so much growth, so many new threats - perhaps SharePoint's security model could use a rethink?
Microsoft Tahoe - Where it all…Continue
Added by Peter Bradley on November 30, 2015 at 11:00 — No Comments
I wanted to share with you my thoughts on SharePoint security model, and why it's clearly outdated for today's corporate environment.
SharePoint's groups-based security model
SharePoint security is…
Permissions act as the gateway and firewall to your SharePoint objects. The fact that SharePoint is (generally) available to all your staff in house and via the Internet is good news for ease of access, but would…Continue
If you’re exploring how to leverage Forms-based Authentication for your SharePoint Extranet, chances are you’ve run into the ASP.NET SQL Membership Provider. Aside from the MSDN link I just pointed to, you’ll probably find countless tutorials about it online, as well as a few open-source products (such as the CodePlex SharePoint FBA Pack) and other commercial products I won’t name here for…Continue
In my work as an IT consultant I spend a lot of time focusing on security, both of content and users. Almost every organisation I work with has questions about how SharePoint deals with these issues, and they can slow down a project right upfront as details are worked out and senior stakeholders reassured.
SharePoint 2013, as many of us know, offers a powerful security model. As well as groups and permission levels, the inheritance model means that right 'out of the box' SharePoint…Continue
SharePoint 2013 has a new and improved search results page functionality:
Another aspect of…Continue
In a study conducted by InfoSecurity-magazine and Emedia and sponsored by Boldon James results show that “shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application”.
In the study they contacted a wide range of business from -25…Continue