Challenges Securing SharePoint Against Privileged Insiders


Editor’s note: Contributor Mike Fleck is Co-founder of CipherPoint Software, Inc. Follow him @mfleckca

2013-08-27-SharePointSecurityImpact-01.pngIt is well documented at this point that some leaked Wikileaks data came from SharePoint sites. Details have emerged regarding how the data relating to the PRISM breach was obtained, and this breach, like Wikileaks, also involved SharePoint.

To provide some structure for this discussion, we’ll break the discussion into three types of collaboration platforms: legacy file servers, on-premises SharePoint sites, and cloud collaboration platforms such as Office 365 and SharePoint Online.

Legacy file servers

Insider security threats in legacy file server environments include classic systems administrator issues (excessive permissions, inability to enforce need to know, lack of separation of duties). Third party products exist that can help add a layer of security control to these environments. These products enforce need to know by using an independent access control and encryption capability, which is usually managed by IT security or by the business manager (data owner).

On-premises SharePoint

Purpose-built collaboration platforms such as SharePoint bring a multitude of security issues, many of which depend on the use case, and the deployment model.

For example, SharePoint when deployed as an intranet collaboration system presents a different set of potential security threats versus SharePoint as an extranet collaboration platform. Regardless, however, it’s hard to argue that the SharePoint platform, out of the box, has sufficient security controls to prevent insiders from accessing sensitive information that they have no valid “need to know” of.

Even if you implement background checks and other process-based controls to mitigate insider threats, consider that administrator credentials are among the most prized targets by external attackers. Given the porous nature of perimeter-only security defenses today, implementing technical security controls that limit the damage that can be done from compromised system administrator accounts is just smart security (and part of a defense in depth strategy). It’s also worth acknowledging that systems administrators frequently take the path of least resistance, by combining service accounts and privileges. This can easily lead to a situation where the sysadmin’s credentials are literally the “keys to the kingdom.”

Locking down premise SharePoint sites requires an additional layer of access control and encryption.

Cloud Collaboration (Office 365, SharePoint Online)

Cloud collaboration systems bring a different set of security issues. Whether SaaS or IaaS, it’s impossible to ignore the fact that in external cloud services, outsiders (in the form of cloud service provider system administrators) are your new insiders (and insider threat).

Here’s an article that describes the havoc that can be brought by a rogue cloud service provider system administrator.

As with premise file servers and SharePoint sites, applying encryption and access control to data stored in cloud collaboration systems is the only way (from a technical control standpoint) to protect access to sensitive data. There are a number of different technical approaches to securing cloud data. Future articles will explore the various ways to do this.

For everything SharePoint and Office 365 from the community for the community!