How to Secure Microsoft SharePoint

How to choose a Microsoft SharePoint security solution

Inevitably, at some point in time, a breach or compliance violation is going to force a Microsoft SharePoint security solution purchase. When evaluating solutions that claim to provide secure access to Microsoft SharePoint, keep in mind that they must do or support the following ten things:

1. Integrate into multiple directories (Active Directory and LDAP directories included)

2. Support multiple attributes per policy for fine-grained access control

3. Support enterprise-wide policies across numerous Microsoft SharePoint application instances

4. Align security policy with business intent

5. Rapidly provision and enforce entitlement policies across applications and users

6. Easily define and enforce policies that control access to specific areas of a Microsoft SharePoint portal

7. Support audit and e-discovery mandates to ensure compliance

8. Centralize management to reduce administration costs and support shared ownership of policies across networking, security, applications and business teams

9. Increase return on investment benefit by leveraging investment in IT infrastructure, existing directory stores and the network

10. Provide security on time and within budget

Equally important is the evaluation process. Because many of the solutions are as new as Microsoft SharePoint, a comprehensive evaluation period should precede any purchase.

During assessments, remember to put the product under consideration through the rigors of real-world scenarios. Once trials conclude that the solution in question can provide all of the benefits listed above in actual situations, and that effective customer support is available, then it is time to buy.

 Shane Buckley is president and CEO of Rohati Systems Inc. He has more than 20 years of global executive and general management expertise, having held senior executive positions in the United States, Europe, the Middle East and Asia-Pacific. Before taking the helm at Rohati, Shane served as COO at Nevis Networks, Inc., a leader in network access control. Prior to that, he was VP of Worldwide Operations for Juniper Networks. Before that, he served as the International President of Peribit Networks, the leader in Network Optimization. Juniper Networks purchased Peribit in June 2005 for $385 million.

Prior to Peribit, Shane served as CEO of Conduit Software, a provider of Directory Assistance and Wireless Applications solutions. Before that, he was VP, EMEA at 3Com. In this role, he managed a $2.2 billion business unit and was responsible for 3Com's distribution strategy, OEM partnerships and reseller channels. Shane also chaired 3Com's Global Distribution Council, was a member of the company's worldwide OEM steering team, and served as 3Com's head of operations for the Asia-Pacific Region based in Hong Kong and Tokyo.

Shane is a frequent speaker at high-level industry trade shows and events such as Gitex, CeBIT, and The Wall Street Journal Europe conference. He has also contributed to many magazines and news programs, including MSNBC, SABC and Middle East Business news. He holds a Bachelor's Degree in Engineering from the Cork Institute of Technology in Ireland. He can be reached at shane@rohati.com.