Share point encryption

Embed Size (px)



Text of Share point encryption

  • 1. WHITE PAPER Securing Sensitive Information in SharePoint Executive Summary Popular collaboration platforms such as Microsoft SharePoint are making sharing and storing information easy. Private and confidential information is finding its way into SharePoint environments with increasing frequency. This ease of deployment and use introduces new data security and compliance concerns for organizations. With data security breaches and attacks on the rise, protecting sensitive information stored in SharePoint is a critical issue. Security researchers from the Ponemon Institute now put the average organizational cost of a data breach at $6.75M. According to Osterman Research, the focus of SharePoint security concerns appears to be much more focused on protecting sensitive information than on traditional malware. Several approaches are available to provide for protection of the information stored in SharePoint sites. Each approach has its merits, and provides different levels of protection against different threats and attacks. The transparent data encryption approach implemented specifically to protect data on SharePoint servers provides the most comprehensive data security possible, addressing the broadest set of potential attack scenarios, including insider threats from administrators. Management staff responsible for securing SharePoint sites is advised to carefully consider the risks and threats to information, and implement an approach that effectively secures against these threats. 1
  • 2. Introduction Usage of collaboration sites such as SharePoint is experiencing explosive growth, with analyst firm Infotrends projecting that the market for SharePoint will surpass $5B in product and services revenue by 2012. The overall market for content management systems is projected to grow to $10B by 2014, according to industry analyst firm Basex. Analysts at Gartner have estimated 30% of SharePoint deployments are being deployed outside the control of central IT and information security groups. The increasing use of SharePoint for all types of information coupled with relatively less oversight from IT security staff and a simple user interface that makes storing and sharing sensitive information easy, and you have potential for data security breaches. As SharePoint has grown in popularity, sites are increasingly being used to store all types of private and confidential information. Recent high profile (and high cost) privacy breaches involving sensitive corporate data and customer information have increased the importance of properly securing collaboration and enterprise content management platforms such as SharePoint. In addition, vulnerabilities recently disclosed in SharePoint software releases have heightened the need to treat data security for SharePoint as a critical matter. This white paper identifies some of the key concerns around data security for sensitive and regulated information stored in SharePoint. Several approaches are possible for organizations seeking to enhance the security of SharePoint sites, each with different threat protection capabilities. This paper describes various threat scenarios, the different approaches to data security in SharePoint, deployment and user interaction considerations, and the relative pros and cons of each data security approach. Big Picture Security Concerns and SharePoint Information stored in SharePoint tends to be unstructured, with users to some extent using SharePoint to replace file servers and network drives. This approach results in private and confidential information becoming widely dispersed, easily accessed, and poorly secured. High-level security concerns include malware prevention, access control, and data security and compliance. Specific threats to information stored in SharePoint can come from both external attackers and from insiders. Security concerns for SharePoint are exacerbated by the following realities: 1) SharePoint is extremely easy to setup, and many sites are created outside of central IT organizations. Because of this, there is little governance over what should and should not be stored in SharePoint. In many cases there have not been adequate security controls deployed to protect sensitive data in SharePoint sites. 2) The platform is also very easy for end users to use, and as a result it tends to be used to facilitate document storage and collaboration of all sorts of private and confidential data. And users rarely understand the data security issues affected by storing private and confidential data in SharePoint. 3) The security capabilities that exist natively in SharePoint (largely access controls coupled to Active Directory identities, with a document permission inheritance scheme) have a reputation for quickly becoming very complex to administer and are not distinctly designed to secure private and confidential data. 4) The hierarchy of administrators required to configure and manage SharePoint (including SharePoint administrators, site administrators, and SQL database administrators) provides multiple insider threats with privileged user access to private and confidential data. The simple fact is that when lower level security approaches (such as disk encryption or SQL database encryption) are taken to protect data in SharePoint sites, the data is still accessible and viewable by these multiple administrators. Implicitly trusting all privileged users represents too much risk for most organizations. 2
  • 3. As a platform that leverages standard web protocols, SharePoint is susceptible to vulnerabilities that could cause security issues including things such as cross-site scripting, cross-site request forgery, and SQL injection. Recent patches for SharePoint (SharePoint Security Updates KB 983444 and KB 979445) have included fixes for some of these vulnerabilities. A security bug was recently reported in SharePoint for an escalation of privilege problem which is highly problematic for sites being used to store and share private and confidential information. Native security controls in SharePoint provide some ability to secure access to files through access control lists. However, in practice, the permissions inheritance is difficult to setup and maintain over time. Lack of synchronization, ongoing management, and general proliferation of static access control lists is a serious challenge with SharePoint. Beyond technical security considerations, the use of SharePoint as a repository and a means to collaborate can cause issues for data subject to compliance regulations. Numerous compliance regulations are now requiring effective controls and encryption for sensitive information types (non-public personal information in GLBA, electronically protected healthcare information in HIPAA, personally identifiable information in state data privacy laws, and cardholder data in PCI DSS). In addition, many of the now 43+ state data privacy laws strongly encourage the use of encryption by allowing organizations experiencing a security breach of sensitive information to avoid having to publicly disclose the breach (and to avoid having to incur expensive notification costs to individuals), if the data was encrypted. Other compliance regulations such as ITAR and FISMA have severe fines associated with the disclosure of sensitive data. Threat Scenarios and Attack Vectors for Information Stored in SharePoint Sites As with most IT platforms, attacks against the SharePoint platform and data resident in SharePoint sites can come from external attackers, as well as from insiders. Attacks and misuse by insiders, especially those with privileged user access rights, can oftentimes be the most damaging security incidents. A survey by a leading database user group regarding top security concerns bears this out. The 2009 studyi found that the top two greatest risks and threats to enterprise data were internal hackers or unauthorized users (32%), and abuse of privileges by IT staff (26%). Both of these risks represent the insider threat, and taken together they far surpass concerns around loss of media (25%), and malicious code or viruses (20%). While the platforms are obviously different, the insider threat is consistent across both databases and collaboration platforms with respect to sensitive information. One could argue that the insider threat problem is likely more acute in collaboration platforms, given the ease with which sensitive unstructured information can deposited, indexed and accessed, and the relative lack of mature data governance processes. An example of an insider attack (a malicious database administrator) resulting in public disclosure of sensitive customer information occurred at Fidelity National Information Services. This insider attack in early 2010 resulted in $975,000 in fines against the firm by the Florida Attorney General, and another $375,000 in fines from the Financial Industry Regulatory Agency. Clearly, managing access to sensitive information in collaboration sites is a key concern. Sh