Upload
others
View
11
Download
0
Embed Size (px)
Citation preview
The 3 Pillars of SharePoint Security
Liam ClearyCEO/OwnerSharePlicity
Jeff MelnickSystems EngineerNetwrix Corporation
AGENDA
• The Problem
• Attack Vectors
• Intranet, Extranet and Public Facing
• Proactive Protection
• Netwrix Auditor Solution
• Q&A Session
• Prize Drawing
THE PROBLEM
• SharePoint is a large platform
• Utilized for different solutions– Intranet
– Extranet
– Public Facing Website
• Often stores personal data– PII
• Organically grows – quickly
• Permissions are often not set correctly
• Misconfiguration is common
• Customized extensively
SHOW MEWeb Shell, Client Side Code, and Search Engine Crawling
ATTACK VECTORS
"An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element"
Attack Vectors
Application InfrastructureBrowserUsers
Social EngineeringXSS, CSRF, Clickjacking,
Brute-Force
Browser & Add-on Exploits
Brute-Force, 0-Day Exploits
Attacker
Attack Vectors
Unknown
InternalUsers
ExternalUsers
Nation States, Crime Organizations,
Professional Hackers or Hacking Platforms
Thre
at A
ssu
mp
tio
ns
Known Internal Employees with Access
Normal Hackers, “Script Kiddies”, Whistleblowers or Disgruntled Employees
PROACTIVE PROTECTION
PROACTIVE PROTECTION
Infrastructure Audit
Physical Server Access, Firewall Security and
Exploit Checking
Security Access Audit
Penetration Test Pro
tect
ion
User and Security Permissions, Access
Control Flow and Permission Inheritance
External and Internal Attacking
PROACTIVE PROTECTION
Infrastructure Audit Operating System
Database Servers
Application Configuration
Patching
Errors & Issues
Version, Roles and enabled Services.
Minimize Footprint.
TCP / UDP Port Checking, Browser Service,
Encryption and Account Permissions
Security Patches and Cumulative / Service Packs
as Needed
Stored Credentials, Connection Strings and Anonymous Functions
Event Viewer, Logs and Debugging Tools
PROACTIVE PROTECTION
Security Access AuditAuthentication
Authorization
Account Configuration
Internal / External Access
Permissions
Authentication approach, standard NTLM, Forms or
Federation
Controlled using Security Groups, Site Groups or Pre-Authorized at Edge
Access Control Flow, separate paths for Internal
versus External
Password Policies as well as Security Group
Memberships
Inherited or Unique Permissions. Global or
Specific Access.
PROACTIVE PROTECTION
Penetration Test Network Level Access
Core Services
Internal Access
External Access
Application Specific
Services visible on the network, controlled network path access
Enumerate Services and Fingerprinting
Firewall Access Control Brute Forcing, or Malformed traffic
Normal user access, to pivot other systems
Application Backdoors or misconfiguration to allow
access
PROACTIVE ASSURANCE
PROACTIVE ASSURANCE
Infrastructure Audit Security Access Audit Penetration Test
Protection
Physical Server Access,
Firewall Security and Exploit
Checking
User and Security Permissions, Access
Control Flow and Permission Inheritance
External and Internal Attacking
3 Pillars
PROACTIVE ASSURANCE
Harden Operating System
Harden SQL Servers
Reduce Surface Area of Attack
Whitelist / Blacklist Processes
Limit Administration Access
Enabled Required RolesDisable Unused Services
Multiple InstancesBlock Standard PortsUse BitLockerUtilize TDE EncryptionEncrypt ConnectionsServer Isolation
Firewall PoliciesGroup PoliciesAppLocker Policies
Use BitLockerEncrypt Connections (SSL)
Server Isolation
Separate AdministratorsControl Password ListLimit Domain Admins
Netwrix AuditorVisibility platform for user behavior analysis
and risk mitigation
About Netwrix Auditor
A visibility platform for user behavior analysis and risk mitigation
that enables control over changes, configurations, and access in hybrid IT environments.
It provides security intelligence to identify security holes, detect anomalies in user behavior
and investigate threat patterns in time to prevent real damage.
Netwrix Auditor
Netwrix Customers
Financial Healthcare and Pharmaceutical
Federal, State & Local Government Education
Industrial and Technology Business Services
Netwrix Auditor for SharePoint
• Changes to farm configuration, user content and
security, permissions, group membership, security
policies
• Read access auditing
• State-in-time information on permissions
• Sensitive data discovery
Netwrix Auditor for
Active Directory
Netwrix Auditor for
Windows File Servers
Netwrix Auditor for
Oracle Database
Netwrix Auditor for
Azure AD
Netwrix Auditor for
EMC
Netwrix Auditor for
SQL Server
Netwrix Auditor for
Exchange
Netwrix Auditor for
NetApp
Netwrix Auditor for
Windows ServerNetwrix Auditor for
Office 365
Netwrix Auditor for
SharePoint
Netwrix Auditor for
VMware
Netwrix Auditor for
Network Devices
Visibility into SharePoint Permissions
See who has access to what on your SharePoint
Tighten access around sensitive data and enforce the least privilege principle
Prove to auditors that you are able to control access to sensitive data
Create a more manageable and transparent SharePoint environment
SharePoint is infamous for its complicated permissions layout, which is nearly impossible to untangle
using only native tools. Seeing who has access to what enables companies to:
Why Do You Need Visibility into SharePoint Permissions?
How Can You Use Visibility Into SharePoint Permissions?
Analyze permissions to site collections with sensitive data
Align user privileges with their responsibilities
Identify broken inheritance
Demonstration
Netwrix Auditor
Useful Links
Free trial: Set up Netwrix Auditor in your own test environment netwrix.com/auditor9.7
Virtual appliance: Get Netwrix Auditor up and running in minutes netwrix.com/go/appliance
In-browser demo: Run a demo right in your browser with no need to install anything
netwrix.com/go/browser_demo
Contact Sales to obtain more information: netwrix.com/contactsales
Webinars: join our upcoming webinars and watch the recorded sessions
netwrix.com/webinars
netwrix.com/webinars#featured
Questions?
www. .com
Thank you!
Liam ClearyCEO/OwnerSharePlicity
Jeff MelnickSystems EngineerNetwrix Corporation