Keep SharePoint apps secure in the cloud
Last Updated Thursday, June 15, 2017
Are security concerns keeping you from migrating your Microsoft SharePoint implementation to the cloud? You’re right to be concerned. We live in an age of frequent cyberattacks and increasing compliance requirements. A recent survey by AIIM reports that 62 percent of SharePoint users cite security as their biggest concern when considering a cloud or hybrid solution for SharePoint.1
But security worries shouldn’t get in the way of the many benefits offered by SharePoint Online, including lower IT costs and better access for external partners and mobile users. By breaking down the specific concerns of SharePoint users, we can identify practical ways to address each concern and to mitigate the security fears around SharePoint Online.
Top three security concerns
Most security concerns fall into one of the following three areas:
- Identity and access: ensuring that the right users have access to the right applications or data. With SharePoint in the cloud, you need a way to ensure that your users, vendors and partners can access only what you want them to access.
- Data protection and privacy: keeping your company’s sensitive information safe in the cloud. Because SharePoint Online is accessed through a browser, it’s critical to ensure that all transactions are protected.
- Compliance and governance: the need for comprehensive auditing and reporting practices that can tell you who is accessing what information in SharePoint Online.
The good news is that you can address these security concerns head on, if you follow some best practices.
Six ways to minimize SharePoint Online security concerns
A recently published security guide from K2 provides detailed steps to address the primary security concerns expressed by SharePoint admins considering a move to the cloud. These six recommendations offer an overview of how you can achieve a stronger online security posture with SharePoint.
1. Identify where sensitive data might be used or surfaced so that you know where to focus your efforts.
2. Build custom applications with granular permissions, and make use of secure infrastructure like Microsoft Azure Active Directory and SharePoint groups.
3. Use Secure Sockets Layer (SSL) and other industry-standard encryption mechanisms to protect data and identities being transmitted through a browser.
4. Build customized forms and interfaces that help ensure the right users see the right data.
5. Monitor SharePoint data use with custom audit trails so that you can verify data is only going where it should.
6. Build reporting dashboards to capture audit information and relevant line-of-business (LOB) or process data for better insights into overall usage.
These practices allow you to manage and monitor who has access to what information in the cloud while better protecting sensitive data from would-be hackers. The steps can also help you meet auditing and compliance requirements and achieve proper standards for governance.
When you gain confidence in your security stance, you can enjoy all the benefits that SharePoint Online brings, including easier management, increased collaboration and reduced infrastructure costs.
To get the full story on securing SharePoint in the cloud, attend our upcoming webinar on May 21st, 5 Reasons for Security Confidence with K2, or read the short K2 guide, Security confidence in the cloud.
1 Survey. AIIM. “Connecting and Optimizing SharePoint — and important strategy choices.” 2015. http://www.aiim.org/Research-and-Publications