CISO's Guide to Securing SharePoint - owasp
CISO's Guide to Securing SharePoint - owasp
CISO's Guide to Securing SharePoint - owasp
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
#1: Getting Permissions Right<br />
• Summary:<br />
– Microsoft’s advice begins with permissions<br />
– “Content should not be available <strong>to</strong> all users… information should be accessible on a need<strong>to</strong>-know<br />
basis”<br />
• Why challenging?<br />
– Difficult <strong>to</strong> track and maintain<br />
– Constantly change<br />
– No au<strong>to</strong>mation or aggregation<br />
– Need <strong>to</strong> involve data owners.<br />
• What is Required?<br />
– Au<strong>to</strong>mated permissions review <strong>to</strong>ols<br />
– Baseline and change reports<br />
– Simplify rights reviews