hands typing on laptop with folder logos surrounding it

SharePoint Lockdown – How Can SharePoint be Secured?

More and more businesses are moving their storage to the cloud. While this helps facilitate collaboration between team members and save resources, there is still a lot of hesitation about cloud computing among IT decision-makers in companies. Many businesses worry that increasing the use of cloud services will increase their risk of a data breach. 

Much of this concern comes from a lack of understanding. So today we’re going to take a look at the security of one of the most popular cloud platforms – Microsoft SharePoint and answer the question “how secure is SharePoint?”

What Is SharePoint?

SharePoint is a collaborative platform from Microsoft. Organizations can create SharePoint “sites”, these sites can be used for file storage, as company intranets, or as custom web applications – among other uses. Authorised users within that organization can then access SharePoint from any device with a web browser, including PCs, laptops, and mobile devices. Files can be uploaded to or downloaded from SharePoint. Microsoft Office 365 files (like Excel or Word docs) can be worked on in the cloud itself through a browser interface. Multiple users can also work on a document in the cloud simultaneously, which makes SharePoint great for team collaboration.

How Is SharePoint Secured?

When you are using SharePoint, you are entrusting your data to Microsoft. One of the largest and most secure companies in the world. Their cloud services team includes former defence and intelligence agency employees, and they utilise extremely strong encryption for your files, both in transit and at rest. 

That said, your organization still has a part to play in securing your data. While the backend cloud systems are handled by Microsoft, securing the access to your data is still your responsibility, or that of your managed IT services provider. 

Microsoft does not provide backups of your SharePoint files either. This is one reason it is good practice to back up your data to another location in addition to SharePoint. Remember the “3, 2, 1” rule for data backup; you should have 3 copies of your data, on at least 2 different storage media, with at least 1 copy kept separate from the other two.

How Can I Secure Access To My SharePoint Data?

At Carden IT Services, we’ve set up SharePoint sites for clients of all sizes and worked with them to secure access to their data in the cloud. Here are some of the key ways our cloud security services help keep them safe: 

  • Restricting Access By IP Address
    By restricting which IP addresses can access your data in the cloud you can prevent unauthorized access. If all your employees work from one location, that location’s IP address can be set as the only authorized IP. If your employees work from multiple locations, this can be more complicated but is still possible.
     
  • Implement Conditional Access
    This allows you to specialise which conditions a device or user must meet to be able to access your SharePoint site. Blocking and restricting access from unmanaged devices is a good cybersecurity practice. To be extra secure, all access to your files should be blocked by default from countries or states where you currently have no employees.
     
  • Implementing Two Factor Authentication For SharePoint Logins
    Two Factor Authentication (2FA) refers to the process of using an additional piece of information to authenticate your account. Often this is done using a code sent via SMS to your mobile or a code generated by the Microsoft Authenticator app. While simple to implement and use, using 2FA greatly increases your security as a potential attacker would now need physical access to your mobile device as well as your username and password in order to gain access to your SharePoint files. As the code sent is time sensitive, they would also need physical access at the exact moment they were trying to log on. While having any form of 2FA is better than having none, it is better to use a code generated by an app rather than sent by SMS as the SMS method is more open to abuse by hackers cloning your SIM card or tricking your phone provider into diverting your texts to the hacker’s number.

  • Signing Inactive Users Out
    You can implement policies that will automatically sign out SharePoint web sessions which have been inactive for a set period of time. This reduces the risk from a team member accidentally leaving a browser with SharePoint access open on an unattended machine.

  • Restricting Access To Specific Files and Folders
    Not every team member needs access to every file on your SharePoint. Creating different cloud storage sites for different departments and restricting each user’s access to only the files they actually need is good practice when using SharePoint.

  • Deploying Data Loss Prevention (DLP) Policies
    Data Loss Prevention policies are a useful method for preventing sensitive information from being shared. By setting rules and conditions for different types of data you can effectively lock down that information. Many of the most common sensitive information types, such as credit card numbers, bank accounts, social security numbers, and passport numbers, have definitions built in to Microsoft 365 that can easily be applied across your organization. Documents which contain this sensitive data can be blocked from being shared, accessed, or downloaded by anyone other than an administrator. This is particularly useful for organizations who wish to use cloud services while staying compliant with industry regulations such as HIPAA.

How Carden IT Services Help You Secure Your SharePoint Site?

At Carden IT Services, we’ve helped businesses of all sizes set up secure and efficient cloud storage services like SharePoint. We can assist in migrating your data to the cloud securely and implementing access controls as part of our managed IT services package. We are experienced working with a variety of different industries and can customise our support and cybersecurity to ensure that you stay compliant with your sector’s specific regulation and legislation.  

If you are looking to move your data into the cloud or and concerned about the security of your current cloud storage environment – speak to Carden IT Services today.

Author: Jeremy Huson

Jeremy Huson is the founder and director of Carden IT Services LLC. He has nearly two decades of experience managing businesses’ IT networks and his areas of expertise are IT consultation and cybersecurity.