One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 459641 |
| Date de publication | 2018-01-22 14:00:00 (vue: 2018-01-22 14:00:00) |
| Titre | SharePoint Security Best Practices |
| Texte |
Being conscientious of SharePoint security is simple if you understand the basics. SharePoint is a Microsoft platform which is designed to integrate with Microsoft Office. Microsoft launched the product in 2001. SharePoint is useful for thousands of organizations worldwide because it facilitates sharing documents on private web servers.
SharePoint can be purchased as a separate product to deploy on your own intranet web servers, or you can use SharePoint Online as a component of many Office 365 packages. SharePoint Online is hosted on Microsoft’s own servers.. But poorly secured web servers and web applications can make organizations vulnerable to cyber-attack. Some of a company’s documents that are distributed through SharePoint may contain sensitive or proprietary information, and you don’t want them to fall into the hands of cyber attackers who could be either internal or external to your network! This quick guide will show you how to use and deploy SharePoint in a secure way so your organization can enjoy the convenience and functionality of SharePoint without introducing vulnerabilities to your corporate network.
SharePoint security permission levels
There are various different types of permissions you can grant users in your SharePoint system.
Full Control- These users have all possible SharePoint permissions, and this permission is granted to all members of the Owners group by default. Be careful about which users you place in the Owners security group or otherwise grant Full Control permission. The best practice here is to only grant a limited number of administrators this permission.
Edit- This permission enables users to add, edit, and delete lists, and to view, add, update, and delete documents and list items. By default, all users in the Members security group have this permission. So don’t place users in the Members group who only need to view, read, or contribute documents.
Design- Users with this permission can create lists and document libraries. They can also make sites look pretty by editing pages, applying themes, style sheets, and borders. No security group is assigned this permission automatically. So if you want some users to be able to make aesthetic changes to your SharePoint site pages who aren’t administrators in your Owners group with Full Control, then you’ll have to manually assign this permission to another group or to individual users.
Contribute- This is a more limited version of the Edit permission. Users with the Contribute permission can add, update, view, and delete documents and list items.
Read- This permission should be granted to users who just need to view and download documents, and may also need to see historical versions of documents.
Restricted Read- These users can view pages and documents, but they can’t see historical versions of documents or user permissions. In most cases where a user only needs to be able to read the documents on a site, this is the best permission to grant them.
View Only- These users can view pages, items and documents. They can only download documents that cannot be viewed in their web browser.
Limited Access- This permission only grants users some access to a specific page or file as opposed to an entire site. This level is automatically assigned by SharePoint when you provide access to one specific item. You can’t directly grant this permi |
| Envoyé | Oui |
| Condensat | 2001 365 able about access according accordingly accountable acquire actions active add administer administration administrative administrators aesthetic all allow allows also altogether and anonymous another any anywhere application applications apply applying approve approvers are areas aren’t arguably assign assigned attack attackers attacks authenticate authentication automatically basic basics because being best better biggest borders browser but can can’t cannot careful carefully cases changes cleartext collection collections comes company’s component concept conscientious contain contribute control convenience corporate could create crucial cyber cybersecurity data default delete deploy deploying design designed different difficult directly directory disable discovered distributed document documents don’t download each easily edit editing effective either enable enables encrypt encrypted enjoy entire entity equivalent example external facilitates fall feature; features file files folders from full functionality grant granted grants group groups guide hands have here hierarchy historical hosted how ideally iis individual information inheritance integrate internal internet intranet introducing issues it’s item items jobs just keeping kerberos key know launched least level levels libraries like limit limited list lists locations look make makes man manage managers manner manually many may means members methods microsoft microsoft’s middle mind monitor more most need needs network networks never ntfs number office one online only open opposed order organization organizations other otherwise overall own owners packages page pages passwords permission permissions place platform pointless poorly possible practice practices pretty private privilege product proprietary protect provide public purchased quick read receive require required restricted run sake secure secured security see select sends sensitive separate servers set settings sharepoint sharing sheets should show similar simple site site’s sites situations some specific style sub such system them themes then therefore these they’ll think those thought thousands through tips traced transmitted types understand update use used useful user users using various version versions very view viewed volumes vpn vulnerabilities vulnerable want watched way web when where which who will windows within without work works worldwide you’ll you’re your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.