CISO's Guide to Securing SharePoint - owasp

More documents

Recommendations

Info

Finding Excessive Permissions Focus on access to HIPAA regulated data What departments have access? Why does G&A have access? Who are the users? What type of access do they have? How did they get the access? CONFIDENTIAL 20
Automatic Identification of Excessive Rights Should “Everyone” have access to sensitive data? • “Everyone” group literally means all users Are there any direct user permissions? What rights are not used? • Users with access they appear not to need
Page 1 and 2: CISO’s Guide to Securing SharePoi
Page 3 and 4: Impact of SharePoint Insecurity “
Page 5 and 6: Food Brings Along Appetite External
Page 7 and 8: Source: SharePoint: Strategies and
Page 9 and 10: Source: SharePoint: Strategies and
Page 11 and 12: Type of Content Shared Other Propri
Page 13 and 14: Native SharePoint Security Capabili
Page 15 and 16: #1: Getting Permissions Right • S
Page 17: User Rights Management: Doing it Ri
Page 21 and 22: Reviewing User Rights with Data Own
Page 23 and 24: #2: Compliance Reporting • Summar
Page 25 and 26: SharePoint Admins Gone Wild Most po
Page 27 and 28: SharePoint Architecture - Direct Ac
Page 29 and 30: Patch Protection InfoWorld (2010):
Page 31 and 32: Google Diggity Project
Page 33 and 34: Database Protection Microsoft Suppo
Page 35 and 36: A Checklist to Securing SharePoint
Page 37 and 38: A Checklist to Securing SharePoint
Page 39: https://www.surveymonkey.com/s/Rese

CISO's Guide to Securing SharePoint - owasp

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?