Blog Posts Process Management

SharePoint compliance and security: here’s what you need to know

Blog: Professional advantage - BPM blog

Let’s face it. Your organisation’s SharePoint environment contains sensitive corporate data. From employee personal details to confidential project plans, there’s plenty of information in SharePoint that you’d rather not share with unauthorised third parties.

The fact that SharePoint provides controlled access to this data is one reason why it’s a valuable collaboration and information-sharing tool. It’s also why organisations should take SharePoint compliance and security seriously.

Both SharePoint and SharePoint Online (Microsoft’s cloud-hosted SharePoint offering) are secure products, but there are a few things you can do to ensure that your organisation’s data is compliant and safe from prying eyes.

We’ll outline some of these steps later in this post. But first, let’s take a look at how Microsoft protects your SharePoint data in the cloud.


How safe is SharePoint Online data?

While security is a key concern when running SharePoint in the cloud or as a hybrid solution, it should not deter organisations from pursuing either deployment method.

In our experience, SharePoint Online is more secure that what many organisations can achieve through their own on-premise security investments (i.e. mobile device management and intrusion prevention and detection layers).

This is particularly true for organisations that use tools such as Box and Dropbox to store and share files. These consumer cloud services just aren’t as secure as corporate managed platforms like SharePoint.

The good news for SharePoint Online users is that Microsoft does cloud security better than almost any other provider. From hardware, software and data centres to verification by independent auditors, Microsoft’s security measures are thorough and effective. You can read more about Microsoft’s cloud security policies in its Office 365 Trust Centre.


Microsoft can’t share or sell your data

Your organisation owns all information stored in its SharePoint environment, regardless of the deployment method.

Microsoft will not share, sell or view SharePoint Online data. Though it hosts your data on its servers, it can’t share this information with others, even when requested to do so by law enforcement bodies. If this does occur, Microsoft will ask the authorities to contact you directly.

The only way Microsoft can pass on data to anyone else is if subpoenaed by a federal court, the same as if the data were stored on-premise.


Permissions, permissions, permissions

The last thing any organisation wants is for a third party to access sensitive corporate data without authorisation.

However, if you’re slow to lock down user access, are too generous with user permissions or assume that a default SharePoint deployment will give you the most appropriate security configurations for your organisation, you’re already one step behind.

Each new SharePoint version has improved authentication and security models to make sharing content inside and outside of your organisation more secure. Understanding the authentication and authorisation process can help visualise how, when, who and why users are accessing content.


SharePoint compliance and security checklist

Whether you’re setting up a brand new SharePoint environment or want to keep your existing deployment safe, here are a few ways to stay secure and compliant:

This list is certainly not exhaustive. However, it can help protect your organisation from potential hackers and help you meet auditing and compliance requirements.


You can read more about Professional Advantage and SharePoint here.

Need an answer about SharePoint?

Thank you for your enquiry. We’ll be in touch shortly.
Send us another message

The post SharePoint compliance and security: here’s what you need to know appeared first on

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples