Survey: SharePoint creating security weak point

A poll of business managers has revealed they are ignoring a myriad of SharePoint security and data risks.

A whopping 87 per cent of companies have cited SharePoint as a source of concern for sensitive data, according to a new survey.

While many organisations are adopting the Microsoft software package, the survey of 150 business managers worldwide found that most companies are largely unaware of what is happening within the information sharing environment.

Nearly two thirds (63 per cent) did not have the tools to monitor and control the use of SharePoint in their organisation, meaning they do not know if sensitive data is being shared in these sites, who is using these sites, who has access to them and who needs access.

Furthermore, more than one-third (34 per cent) of respondents do not have a policy defining acceptable usage for SharePoint. While more than 36 per cent of companies do not currently monitor usage of the software, nor was there anyone in the organisation responsible for ensuring SharePoint security and compliance.

The survey sponsor and access management and compliance firm, Courion said its findings were particularly worrying in light of the fact that analyst firm Gartner reports that approximately 50 per cent of small to mid-sized businesses (SMBs) surveyed are running some variant of SharePoint, primarily to meet their portal, content and collaboration needs.

The report said that users reported that SharePoint is so easy to install and deploy that it doesn't require significant IT expertise or involvement.

It said many IT directors find that, since they are already standardised on Microsoft products in their organisations, it was likely that SharePoint is already in their environment. This has made turning to software to an easy decision when their end users need a collaboration package.

Courion recommended that organisations establish risk-based governance and

controls in their SharePoint environments to ensure long term security and compliance with business policy and industry regulations.

Policy requirements include system administrators and security personnel knowing which SharePoint sites are on their networks and who owns them, as well as who has access to these sites and what permissions they have.

The vendor recommended establishing whether sites with sensitive data being managed using best practices consistent with the organisation's security policies and to amend them if not.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Most Popular

The benefits of workload optimisation

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021