Guidelines and Considerations for Securing Your Microsoft SharePoint Environment
Source: RSA Security
Microsoft SharePoint can be an extremely powerful tool for sharing and collaborating on information, providing a flexible, distributed approach to management and control. However, its very strengths can also lead to a wide range of security and compliance problems. By moving the responsibility for what gets stored in SharePoint and who has access to it out of the central IT and security teams and into the end-user and business unit communities, organizations are diluting their control of sensitive information. To ensure the undue risks aren't introduced in the course of SharePoint operations, organizations need to carefully plan the SharePoint implementations, ensure that appropriate processes and procedures are in place and that personnel are adequately trained, and regularly review and monitor their SharePoint environments.