Securing Sharepoint In The Age Of Remote Work

ByThe SharePoint FAQs Team

With more employees working remotely than ever before, securing SharePoint sites and the sensitive data they contain is critically important. Companies must take proactive steps to restrict access, monitor activity, encrypt data, and keep software patched against security vulnerabilities. Failing to properly secure SharePoint can lead to data breaches, loss of intellectual property, compliance violations, and lasting damage to the business.

Enabling Multi-Factor Authentication

Multi-factor authentication (MFA) adds an extra layer of security by requiring users to verify their identity with more than just a password. After entering their password, users must provide an additional authentication factor, such as entering a code sent to their phone or from a mobile app. Enabling MFA can greatly reduce the risk of hackers gaining access to SharePoint by stealing employee credentials. Some best practices for implementing MFA include:

  • Enable MFA at the company-level to cover all cloud services, including SharePoint Online, OneDrive, and Office 365.
  • Use app-based authentication codes via apps like Microsoft Authenticator whenever possible for better security over SMS and voice calls.
  • Educate employees to not share MFA verification codes with others.
  • Set up fallback authentication options, like voice calls and SMS, in case employees lose access to their MFA app.
  • Consider time-based one-time passcodes (TOTPs) generated by MFA apps for privileged users who handle highly sensitive data.

Restricting Site Access

With employees accessing SharePoint from personal devices and unknown networks, it’s important to limit site access to only authorized personnel. Some best practices include:

  • Assign users to SharePoint permission groups based on their role and minimum data access needs.
  • Leverage dynamic security groups and rules to automatically add users while restricting those no longer with the company.
  • Limit access to sensitive content by using isolated permission groups for only certain users.
  • Enforce device compliance policies to block users from unsupported devices.
  • Configure external sharing settings to disable guest user access if not required.

Monitoring User Activity

Auditing and monitoring user activity is crucial for detecting suspicious access attempts and responding to security incidents. SharePoint provides detailed audit logs that can integrate with third-party Security Information and Event Management (SIEM) tools. Best practices include:

  • Enable audit logging for site collections and content types that hold sensitive data.
  • Log critical user events like deleted/restored content, permissions changes, sign-in events, access requests.
  • Send logs to a SIEM tool for alerts on high-risk events and centralized analysis.
  • Designate admins to periodically review reports of critical events and anomalies.
  • Compare SharePoint logs with Azure AD to track users across all cloud services.

Encrypting Sensitive Data

Since remote workers use personal networks outside of enterprise security controls, it’s essential to encrypt sensitive SharePoint data like financial records, PII, intellectual property, etc. Microsoft offers several encryption capabilities:

  • Enable SQL Server Transparent Data Encryption for SharePoint content databases.
  • Use Azure Rights Management to encrypt documents and emails.
  • Leverage document fingerprinting to track documents outside the organization.
  • Utilize Office 365 Message Encryption for emails and documents shared externally.

Educating Employees on Security Best Practices

Despite technological measures, employees remain the most common cause of security incidents. Organizations should implement security awareness training to educate all employees on threats and best practices, such as:

  • Identifying phishing attacks to avoid disclosing credentials.
  • Using strong, unique passwords for SharePoint protected with MFA.
  • Only accessing sensitive data for authorized purposes.
  • Never sharing passwords or verification codes for MFA.
  • Reporting suspicious emails, links and SharePoint activity per company policy.

Configuring Remote Device Policies

With BYOD environments full of employee personal devices, organizations should enforce mobile device management (MDM) and conditional policies to enable secure SharePoint use. Best practices include:

  • Enroll permitted devices into the MDM solution to enforce security policies.
  • Set password complexity rules and mandatory lock screens for lost devices.
  • Require employees to store company documents only in protected apps.
  • Enable remote wipe capabilities to delete company data from lost equipment.
  • Limit cut, copy and paste for company documents to prevent saving elsewhere.

Keeping Software Up-to-Date

Cyber criminals aggressively target known software vulnerabilities using automated tools to compromise systems at scale. That makes prompt patching and updating major security priorities:

  • Enable automatic Microsoft and third-party software updates across devices.
  • Restart systems as needed for updates to fully take effect.
  • Test patches before broadly deploying whenever possible.
  • Notify employees of any important system updates requiring user action.
  • Replace end-of-life and outdated programs presenting security risk.

Creating Robust Backup Plans

Despite safeguards, disasters happen. Power failures, equipment theft, fires, hacking, and human errors can wipe out SharePoint data at great cost. Companies must implement backup solutions allowing rapid restoration after data loss events. Key measures include:

  • Configure SharePoint Online and OneDrive recycle bins and retention policies.
  • Enable Microsoft Teams data backups via Stream or Exchange.
  • Utilize SharePoint Online backup tools vetted for security and data integrity.
  • Secure physical servers safely storing backup data for on-prem SharePoint.
  • Conduct test restores to validate recovery processes actually work.

With cybercrime exponentially rising, companies accepting risks posed by inadequately secured SharePoint environments do so at their own peril in today’s environment. Implementing the robust security measures detailed above will help protect remote employee access, safeguard valuable company information, enable regulatory compliance, and shield the organization from damaging incidents for years to come.

Leave a Reply

Your email address will not be published. Required fields are marked *