SharePoint

Microsoft SharePoint Solutions

Support global deployments of Microsoft SharePoint (Secure, Availability, Performance)



  • Security
  • Data Archiving, Backup & Recovery
  • Specialist SharePoint Platforms
  • Compliance
  • Protection
  • Data Storage
  • Application Performance and Optimisation
  • Services

> Know which components are being used and applying policies to those components to the six SharePoint functions including:


SharePoint
SharePoint-admin
SharePoint-blog-posting 		SharePoint-calendar
SharePoint-documents
SharePoint-wiki



> Legal Search, eDiscovery, content tracking, Governance

> Protect SharePoint components (IIS, MS-SQL, ASP.Net) from serious threats such as SQL injection attacks and IIS buffer overflow attacks.


> Prevent information held within SharePoint from being exposed to theft or destruction. 

> Reign in unknown or rogue SharePoint deployments

> Maintain Compliance

> Implement a SharePoint governance policy

> Microsoft TMG replacement solutions

> Isolate and secure, SharePoint components 

> File Detection, Monitoring and Control  		> Specify what kind of information can be put on SharePoint

> Identify SharePoint Web applications that work with sensitive data 

> Detect and block malicious content hiding in file shares and SharePoint


> Protect SharePoint migrations 
(transport and maintain user rights / policies in migration)

> Track the entire life cycle of Office 365 documents (read, emailed, or printed and by whom)

 
Look beyond native SharePoint security features
Your SharePoint and Office 365 took off and people are using it.

But now that they are creating sites, lists, libraries and changing permissions on files and folders, how can you keep an eye on what's going on? On top of all this, how can you make sure your security is bulletproof?


Collaborate in Confidence

Microsoft SharePoint provides easy access to business-critical data through intranet, extranet, and public-facing applications. So when that information is sensitive or regulated, security is a major concern.


> Data Backup & Recovery
 
  • Protect SharePoint data across any storage tier, including snapshots, disk, tape and the cloud. 
  • Application-aware hardware snapshots, for improved recovery-based service levels like RPO and RTO. 
  • Granular recovery of individual SharePoint documents, including different versions of files, sites, sub-sites and lists. 

    • Ensure continuity with coordinated farm, site, doc, blob backup
    • Optimise SharePoint with integrated blob externalisation
    • Drive efficiency with blob archive to lower cost storage tiers



      > Data Storage Platforms  

      Optimised for Microsoft SharePoint

      • Increase performance and reduce infrastructure costs
      • Storage and server appliance solutions for on-premise deployments

      • Boost performance and over all long term costs with Fast SSD / flash Hybrid Storage Arrays

      • Automated failover and fail-back, simplified provisioning, and virtual storage provisioning 
      • Tiered/unified storage: Scalability and performance for physical or virtual environments
      • Virtual infrastructure: Lower TCO with dynamic server and storage utilisation 
      • Backup, recovery, archive: Unified protection for all Microsoft applications 
      • Archive: archive old data and serve primary near line data = better user experience. 
      • Business continuity: Nonstop operations and fast restores 
      • Enterprise content management: More efficient, faster business processes with compliance and cost savings 
      • Security: Data security in physical and virtual environments
       

      > Compliance

      Enable SharePoint governance
      • Apply retention and deletion policies to archived SharePoint content.
      • Data Segregation: Meet data governance mandates by segregating data repositories so that departments or entities can only see data they own and not adjacent data.

      • Expire sites when projects are completed but archive and retain site content for governance and compliance.
      • Enable rapid search and eDiscovery for internal audits and legal purposes.
      • Track and audit user activity and changes to SharePoint (who, what, when, where, and from which workstation).
      • Send critical alerts via email or to mobiles so you can respond faster to incidents or threats.
      • Tamper-proof, SSAE-16 certified



      > SharePoint Security        
      End-to-End security 

      Identify and controls six different SharePoint elements including:
      • SharePoint,
      • SharePoint-admin,
      • SharePoint-blog-posting,
      • SharePoint-calendar,
      • SharePoint-documents,
      • SharePoint-wiki.

      With this knowledge of which components are in use, IT can make a more informed decision on how to protect SharePoint and the users. Of the SharePoint features currently identified, the application usage and risk report shows that SharePoint and SharePoint-admin were most commonly detected. 



      SharePoint Security Solutions Features & Benefits
      > Data Loss Prevention

       > Encrypt Connectivity SSL VPN

      > Protect SharePoint data on Endpoints
      Secure Collaboration

      > Web Application Security & Firewall

      > Signature Database of thousands of Applications

      > Vulnerability Detection  & Protection

      > Proactively monitor, diagnoses any issues, and speeds up the troubleshooting process.

      > Virtual Patching

      > Server Patch Management 
      (physical and virtual platforms)

      > Access and content management for mobile device

      > Privileged Identity / Password Management
      > Anti-Viruses, malware, adware and spyware

      > Malicious file scanner prevent malware getting access into SharePoint (viruses, rootkits, worms and spyware)

      > Behaviour-based detection covers that crucial gap between the first appearance of new malware and the first signature detection being issued for the threat.

      > SSL offloading of intensive CPU transactions from the SharePoint

      > Application Performance and Security Testing

      > Two factor / pin code authentication

      > Data loss prevention

      > Data / File Archiving

      > Content filtering / control
      scan files residing or coming to SharePoint Database, and filter, block or inform users based on file types or text keywords.

      > Sandbox Malware Detection  
      Detect malware hidden within seemingly safe files or traffic content.



      > Encryption
      • Data in transit and at rest
      • Database encryption
      • Encryption: File and Database (on the fly: based on policy or document content identification)
      • Encrypt data within SharePoint Servers, in transit and at rest (mobile devices)
      • Encryption key management


      > Firewall
      Controlling application access addresses only a small part of the SharePoint security challenge. An equal or greater challenge is addressing the specific threats that are targeted at SharePoint environments. If SharePoint itself were the only element to protect, then the task would be relatively straightforward. However, SharePoint relies on IIS and in many cases, MS-SQL which means that the exposure to vulnerability exploits is significantly higher.
      • Vulnerability Exploit Protection: Firewall threat prevention detects and blocks vulnerability exploits that target SharePoint and the supporting applications.
      • Data filtering: can be added that monitors SharePoint traffic for unauthorised transfer of confidential data. Files based on file type (as opposed to looking only at the file extension) and confidential data patterns (credit card and social security numbers) can be detected and blocked based on policy.
      • Isolate the SharePoint components: (SharePoint, IIS, MS-SQL) using security-zones and apply policies that dictate which users can access those components.
      • Segmentation: segmentation by application, user and content. It identifies all traffic sent to the Microsoft SharePoint servers, based on actual application, not just port or protocol.
      • Data Center Segmentation: In a standard SharePoint implementation, there are multiple Sharepoint server roles, including web servers, database servers, search service and other service application roles. In small deployments, some of these services may be combined on a single server, but in large-scale enterprise deployments, there will be multiple servers dedicated to each role. In order to properly segment and secure the SharePoint implementation, the different server roles will be isolated in dedicated security zones that can only be accessed by authorised users with authorised applications.


      > Application Control

      Policy decisions including appropriate usage, content inspection, logging and reporting.
      • Web 2.0 threats
      Traditional firewalls detect and restrict applications by port, protocol and server IP address, and cannot detect malicious content or abnormal behavior in many web-based applications.

      Web 2.0 applications: such as Facebook, Twitter and Skype.


      • Block Malicious Content
        Visibility and control over application traffic, even unknown applications from unknown sources.


        • Identify and restrict application usage at a granular level
          - Behavioral analysis,

          - End-user association,

          - Application classification



          > Access Control


          • Access & identity management

          • Audit tracking and reporting for compliance on access history

          • Enable secure file access, sync and sharing from any device

          • Streamline access to a “business need-to-know” level.

          • Alert on unauthorised access 

          • Centrailse data owner to user access

          • Establish a regular review cycle to Identify and clean up dormant users, stale data, and excessive rights

          • Proxy authentication and secure remote access
          • User Identity Based Policy Access Management 

          • Authentication

          • Single sign-on (SSO) and role based authorisation 

          • Appliance-based firewall capabilities allow for granular access rules to be defined on a per-resource / application basis.

          • Secure mobile and remote access.

          • Encrypted SSL VPN, Application tunnels.

          • Optimised site-to-site encryption (secure network, cloud and app connectivity from anywhere)
            • Privileged User Rights Management
               Simplify SharePoint compliance by maintaining a record of all privileged user access to your SharePoint SQL database. Ensures that your SharePoint files, lists, and application data are fully protected from insider abuse or attackers.

              Allow elevated rights for some users, but prevent unauthorised application access from hackers or other internal users.               

              • Wired, wireless, mobile and cloud access control: Policies can be deployed that enable/disable use of key SharePoint functions (SharePoint, SharePoint-admin, SharePoint-blog-posting, SharePoint-calendar, SharePoint-documents, SharePoint-wiki).
              • Context based user / application access control (user and component rules, user device, O/S version, time of day, geographical location, security patch levels)
              • Endpoint security and posture checks / Integrity-checking ensures network protection by allowing organisations to tie user access to endpoint compliance, including checks for anti-virus, anti-spyware, firewall software, and many other device attributes.
              • Session clean up removes all traces of access from the endpoint, including cache cleaning, history removal, file deletion and more, to protect against unintended data leakage and unauthorised access.
              • Support for third-party authentication methods, including true two-factor SMS and web keypad authentication, Active Directory, and onboard LDAP, ensures only authorised users have access.


              > Data Loss / Leak Prevention
              Protect data on any device, anywhere.

              • Prevent risk of an accidental posting or extraction of sensitive information

              • Data Classification

              • Locate data owners

              • Create permission reports so data owners have visibility into who can access their data  validate with owners that access to data is legitimate

              • Limit file actions: block copy/paste or print.

              • Create usage reports so owners can see who is accessing their data

              • Monitor and control unauthorised file and data transfers

              • Apply policies that will extend file and data transfer controls beyond the SharePoint controls.

              • More than 50 different file types are identified and can be controlled with response options that include outright blocking, block and send the user a warning message or log and send an alert to the administrator.

              • In addition to file transfer controls, confidential data patterns (credit card and social security numbers) can also be detected with varied response options depending on the policy.


              > Data Archiving


              • Improve scale, efficiency, and access to content within SharePoint by offloading older content and document versions to less expensive storage.

              • Reduce storage costs by seamlessly archiving SharePoint data. 

              • Archive libraries, custom lists, wikis, blogs, discussion boards and more. 
              • Replace files and document versions with shortcuts to reduce the size of the SharePoint content database. 

              • Help migrations to newer SharePoint versions. 

              • De-duplicate redundant files across the entire archive



              > eDiscovery

              Discover and classify information across a SharePoint.
              • Identify and finger print messages, documents and files.
              • Search across backup and archive data sets for straight forward compliance and legal hold activities.
              • Cloud-based solutions offers high speed search, review, and export of email, files and documents.


              Optimise Application Delivery & Performance

              Enhance User experience is through faster response times


              Performance Monitoring

              Get ahead of SharePoint latency issues


              • Troubleshooting
              Solution provides you visibility for troubleshooting issues due to server resource constraints, service failures, hardware failures, poorly constructed SQL queries, or slow page load times for integrated components. 

              • Easily pinpoint whether issues in your SharePoint server are caused due to the network, server hardware, database, etc.
              • Monitor application availability and performance by drilling into the number of concurrent users accessing the application.
              • Identify latency issues that originate due to web transactions by having visibility across infrastructure layers
              • Get detailed metrics for each component in SharePoint, such as SharePoint services, user requests, usage, and more


              > Load Balancing

              Centralise SharePoint Server Performance & Monitoring - database issue visibility

              SharePoint leverages HTML front ends, HTTP and SSL protocols to blend intranets with web content management and document management systems.

              Challenge

              • Increased usage and a growing user base is straining application resources, resulting in a less-than-optimal user experience.
              • Cost of application licenses and servers are consuming IT budget that is needed elsewhere.
              • Business disruptions such as catastrophic events or failures are causing service interruptions for users.
              Solution


              • Load balancing SharePoint clients to the optimal servers assures a quality user experience at any given point in time.
              • Load balancing SharePoint clients to the optimal servers assures a quality user experience at any given point in time.
              • Local and global load balancing ensures that SharePoint services are not interrupted when servers, Internet connections or data centers are offline or otherwise unresponsive.
               




              • High Availability / Disaster Recovery for your SharePoint systems.

              • Ensure service availability and performance across the WAN, private or public cloud. 

              • Load balancer directs traffic across server.

              • Monitors Health of Applications and Servers
              • Ensures that the best possible target is used for individual requests. 

              • Data compression on responses to application requests to reduce bandwidth utilisation. 

              • Load balance a SharePoint farm in Microsoft Azure.

              • SSL handling: acceleration, offloading compute-intensive SSL processing from servers and further freeing primary production server resources.


              > Application Acceleration

              Ensure Remote Collaboration in Real Time without performance frustrations.
              • WAN optimisation
              • Application Optimisation
              • Latency reduction for best user experience 

              > Application Testing

              Easy, cost effective application user experience testing. Test Performance and Security.



              > Cloud / Hosting Services

              Solves SharePoint Sprawl and Custodial problems

              > Hosted SharePoint - Hosting

                • Cloud application hosting
                • Managed SharePoint lets you to leave the pain of administration, the worry of security, and the hassle of upgrading and patching behind.
                • Tamper-proof, SSAE-16 certified datacentre


                > Hosted / Cloud Archiving 
                • Governance solution for networked file shares, Microsoft SharePoint, Lotus Notes, and other content repositories.
                • Enabling enterprises to detect, manage, respond to, and control ever-growing file counts.

                > Cloud-based e-Discovery service




                > Reporting, Tracking, Log, Audit and Compliance

                Make it simple to collect, monitor, and analyse SharePoint logs quickly and easily.
                • Event Monitoring / Log Information Intelligence : gain control of log data, accelerates time to insight.
                • Use real-time SharePoint event log correlation to immediately troubleshoot and investigate security breaches.
                • Health and performance metrics for all tiers of the application delivery chain - network, web, VDI, middleware, database, and storage.


                - Who owns this data?

                - Who accessed this data?

                - When and what did they access?

                - Have there been repeated failed login attempts?

                - Audit policy change
                - SharePoint site collection administrator

                - Member added

                - Unique permissions

                - Permissions changed and

                 - Permission level modified                . 





                Contact us today to discuss your requirements in more detail.

                P: +44(0)7714 209927

                S: +44(0)1273 329753

                info@securenetconsulting.co.uk