Reimagining a New Security Model for Microsoft SharePoint
11
www.torsionis.com Reimagining a New Security Model For SharePoint SharePoint's old security model was conceived in a different era. Let's imagine what a new security model might look like.
-
Upload
torsion-information-security -
Category
Software
-
view
142 -
download
3
Transcript of Reimagining a New Security Model for Microsoft SharePoint
www.torsionis.com
Reimagining a New Security Model For SharePoint
SharePoint's old security model was conceived in a different era. Let's imagine what a new security model
might look like.
2|
SharePoint’s security model hasn’t changed since 15 years
Same basic approach to managing permissions:
‘We manually compile lists of people, then grant them permissions to stuff’
Let’s imagine what a ‘typical’ organization’s requirements for a brand new security model might be
Reimagining a New Security Model For SharePoint
3|
Constant Business Change
Reimagining a New Security Model For SharePoint
Change is possibly the only real constant: strategies, products, markets, people, systems…
4|
New security model needs to be designed to:
Be flexible to accomodate change, to adapt/respond swiftly when it happens
Keep information secure at all times
Reimagining a New Security Model For SharePoint
5|
Accuracy Information security is about connecting people with the
information they need, and keeping them from the information they shouldn't have
Reimagining a New Security Model For SharePoint
6|
Typical organizations have millions of permission configurations as to who gets access to what information
Accurately ensuring that the right people only have access to only the right
information is how we minimise the risk of internal security breaches
A person may require access to a document today, but should not have it tomorrow.
Requires constant review and maintenance
The majority of security breaches arise when permission configurations inaccurately reflect business requirements which constantly change
Reimagining a New Security Model For SharePoint
7|
Quick and Simple
Reimagining a New Security Model For SharePoint
8|
Reimagining a New Security Model For SharePoint
Tools and processes around keeping information secure needs to be simple, out of people's way quickly and largely automatic
Otherwise, people will find another way to get things done
9|
Robust and Reliable
Reimagining a New Security Model For SharePoint
10|
If a business user grants access to their information to a certain set of people, they need to trust that those are the people who will get that access
No hidden back doors, no ifs, no buts, no complications
Otherwise, users will start avoiding the system because they don't trust it, or will use it anyway and hope for the best!
Reimagining a New Security Model For SharePoint
So these are four fundamental requirements we can start from: 1) Accomodating constant change2) Accuracy3) Quick and Simple 4) Robust and reliable
Thank you!
Read the full version on: www.torsionis.com/blog
