(Ping! Zine Issue 15D) – Microsoft SharePoint was originally conceived to make it easier for people to collaborate. It enables the sharing of ideas, information and expertise; the ability to manage documents from start to finish; and publish reports that help everyone, ideally, to make better decisions. And, with resultant vast data stores, it provides a comprehensive search facility for users to quickly find appropriate content. The problem is that, all too easily, any one can find things they shouldn’t. The result is inappropriate snooping, actively promoted by SharePoint, and that spells trouble for every organization using the tool.
Before we go on, it’s worth clarifying that SharePoint, itself, isn’t insecure, it’s the way it’s used that causes the problem. The reason is the controls used by most organizations are inadequate. For example, access rights in SharePoint relate to users but hidden behind location proxies.
Read More in Issue 15D