Coming Soon

An innovative security and governance solution for SharePoint will soon be available here.

Improve Compliance and Risk Management

Protect Business-Critical Information and Processes.

Please contact info at SharePoint2007Security.com for more information.

guidance

File Classification Infrastructure in Windows Server 2008 R2

Posted on 20. Aug, 2009 by Tristan in classification, file classification infrastructure, guidance, labelling, policy

Introduction

A new "File Classification Infrastructure" service has been introduced into Windows Server 2008 R2. It is used to classify and act upon files based on their business value, and is aimed at reducing administrative burden while increasing policy compliance.

Section 508 Compliance with SharePoint

Posted on 16. Jul, 2009 by Tristan in accessibility, compliance, guidance, Section 508, wcag

Section 508 of the 1998 Amendment to the Rehabilitation Act covers accessibility for systems in the United States Federal sector, including systems developed, maintained, used, or procured by US Federal agencies.

SharePoint 2010 Sneak Peek

Posted on 13. Jul, 2009 by Tristan in guidance, news, SharePoint 2010

Microsoft have just released a "sneak peek" into the new features coming with SharePoint 2010 at http://sharepoint.microsoft.com/2010/Sneak_Peek/Pages/Overview-Video.aspx .

SharePoint Audit Logging and other Logs

Posted on 05. Jul, 2009 by Tristan in audit log, consolidation, guidance, logging, version history

SharePoint and associated components produce a large number of logs.

Security standards, authorization policies, and models

Posted on 19. May, 2009 by Tristan in authorization, dac, guidance, mac, noforn, oasis, rbac, security model, standards, xacml, xml

Authorization Policies

Organisations define security policies.

Some example business rules derived from policy are:

Single sign-on (SSO)

Posted on 07. May, 2009 by Tristan in authentication, guidance, single sign-on, sso

A guide to the SharePoint SSO service.TBD.

Add new comment

Administration accounts and roles

Posted on 02. May, 2009 by Tristan in accounts, administration, governance, guidance, roles

Administration can occur at a number of levels of granularity in SharePoint. Microsoft refers to this as a three-tier administration model.

The broadest, most powerful tier is that of Farm-level Administrators. This type of account provides control over the entire SharePoint farm.

Authentication options

Posted on 02. May, 2009 by Tristan in active directory, ad, authentication, fba, forms based authentication, guidance, web sso

Authentication is the process of determining who someone is.

Business Data Catalog (BDC) security

Posted on 27. Apr, 2009 by Tristan in BDC, guidance, ISecurityTrimmer, search, security trimmer

Generally, line-of-business (LOB) system security integration requires

Security considerations for MS SQL Server database with SharePoint

Posted on 27. Apr, 2009 by Tristan in configuration database, content database, database, guidance, mssql, sql server

SharePoint uses MS SQL Server for two purposes:

Content database - used to store and manage SharePoint content
Configuration database - used to store the global configuration settings for the associated SharePoint form.

Navigation

1 year 51 weeks ago

Introduction to Claims-based Authentication in SharePoint 2010 in plain English

2 years 13 weeks ago

Firewall rules and protocol usage

2 years 33 weeks ago

Access Control with SharePoint Groups

2 years 35 weeks ago

Section 508 Compliance with SharePoint

2 years 26 weeks ago

Using the People Picker Editor picker control

2 years 30 weeks ago

Authentication options

2 years 28 weeks ago

SharePoint Audit Logging and other Logs

2 years 29 weeks ago

Uncategorized's tweets

enjoying watching the #SPC11 conference videos - some great information on #SharePoint branding, deployment, customisation and governance. — 14 weeks 5 days ago
I'm looking for #SharePoint devs in #Canberra Australia for a leading-edge project. — 18 weeks 6 days ago
@givenscj it's a microsoft product - of course it integrates with their other products. ;-) — 22 weeks 5 days ago
#SharePoint Governance requires solid decision-making framework with clear roles and responsibilities. Start with people, not technology. — 24 weeks 9 hours ago
#sharepoint 2007 gurus, when using FBA with Active Directory Membership provider, can you still manage security using AD groups? — 32 weeks 2 days ago
@BrianFarnhill what do you think about HiSoft 's compliance sheriff? lots of gov't customers demand WCAG 2 AA compliance with SharePoint. — 40 weeks 19 hours ago
@givenscj another option is to address #SharePoint DR at virtualisation layer. #VMWare appear to lead here over hyper-v. — 42 weeks 5 days ago
@michellemcgee there's an article on my site about it that seems to be pretty popular - i really need to write part 2 sometime soon — 43 weeks 18 hours ago
Should I be worried about the #accessibility results when I scan #sharepoint 2010 with Total Validator? 30+ #WCAG 2.0 errors.. — 43 weeks 2 days ago
@fernybell good luck! The slide decks and presentations from Microsoft conferences can be very helpful. — 44 weeks 19 hours ago

Sharepoint 2007 and 2010 Security

guidance

File Classification Infrastructure in Windows Server 2008 R2

Section 508 Compliance with SharePoint

SharePoint 2010 Sneak Peek

SharePoint Audit Logging and other Logs

Security standards, authorization policies, and models

Authorization Policies

Single sign-on (SSO)

Administration accounts and roles

Authentication options

Business Data Catalog (BDC) security

Security considerations for MS SQL Server database with SharePoint

Navigation

Most Popular

Uncategorized's tweets

User login