Security Articles

SharePoint Security – SharePoint Authentication Part 1

Running SharePoint  on Windows Server 2008 R2 offers a wealth of possible  SharePoint authentication scenarios. You are no longer limited to the basic, often unsecure authentication types. In this article I will cover the SharePoint authentication methods, which closely mirror Windows Server 2008 R2 authentication scenarios since both SharePoint relies on Windows Server for much […]

Read more

Using SSL Authentication for SharePoint Sites

When using the default HTTP protocol for external SharePoint sites (for example Extranet zone for your clients) – you are taking a huge risk that someone will sniff and retrieve data trasnferred between your SharePoint front-end server and end-user. To prevent a data leak, you should encrypt the data that is being transferred between the […]

Read more

SharePoint Security – Managed Accounts

In the SharePoint 2007 farms I’ve often heard complaints about the requirement to setup “Password Never Expires” on the SharePoint service accounts which breaches many corporate security plans. That’s why I felt a great relief when SharePoint 2010 introduced  Managed Accounts. Simply put, Managed Accounts allow you to setup SharePoint service accounts and automatically change […]

Read more

Least Security Privilege Strategy for SharePoint

The easiest way to install SharePoint is to use one account which  will be the domain admin, SQL admin and all other security levels admin. However the easiest method is very often not the best from a security standpoint. From a security perspective it is best to use as little permissions as possible even if it means much […]

Read more

SharePoint Security – Five Golden Rules

SharePoint Security is an often ignored issue , many users and admins focus on optimizing SharePoint for performance and convenience to the detriment of security. To kick off our SharePoint security series we present the four golden rules for ensuring the security of your SharePoint site/farm, we will dive into greater depth on security in […]

Read more

Create a Group for a SharePoint Site

To create a new SharePoint group, navigate to the People and Groups page (Site Actions >  People and Groups) , click the New dropdown and select New Group: This opens the New Group page with several options. Name and About Me – simply enter the Name and Description Owner – This setting defaults to the […]

Read more

Change User or Groups Permissions in SharePoint

To change the permissions of a user or group in a SharePoint site, first navigate  to the site’s main Permissions page (Site Actions >  Site Settings > Advanced Permissions) : To change the permission levels for the users or groups, check the box next the user/group and click the Actions dropdown and select Edir User […]

Read more

Add User Permissions Directly in SharePoint

If you don’t want to add a user to a SharePoint group but want to give the user a specific set of permissions unrelated to a specific group then navigate to the site’s security page (Site Actions > Site Settings > People and Groups > All People (located on the left navigation bar). This page […]

Read more

Add or Remove Users in a SharePoint Group

To add or remove users from  a Group firstly navigate to the relevant group (Site Actions >  Site Settings > People and Groups > yourGroup ). Then in the group page, click the New dropdown and select Add Users: This opens the Add Users page (below) where you can either add users by entering them […]

Read more