sharepoint hack-ability, how safe is your...
TRANSCRIPT
![Page 1: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/1.jpg)
SharePoint Hack-ability, How Safe Is Your Environment?
Presented by: Jamie Herman Sergey Polak Kris Wagner
![Page 2: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/2.jpg)
Jamie Herman Manager of Information Security, Ropes & Gray
Sergey Polak Manager of Enterprise Systems, Ropes & Gray
Kris Wagner Chief Architect, MS SharePoint MVP, & MS V-TSP, Project Leadership Associates
Presenters:
![Page 3: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/3.jpg)
Audience Polls
1. What are you using SharePoint for?
2. What version(s) of SharePoint are you running?
3. What type of security monitoring are you doing?
![Page 4: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/4.jpg)
How People Use SharePoint SharePoint…Mr. know it all
![Page 5: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/5.jpg)
Sink your teeth into functionality…
Intranet DMS Workflow Tool Database Public Facing Website Extranet Records Management
System Survey Tool Collaboration Platform
![Page 6: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/6.jpg)
…What are you placing your bets on?
![Page 7: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/7.jpg)
Web App Attack
Any incident in which a web application was the vector of attack. This includes exploits of code level vulnerabilities in the applications as well as thwarting authentication mechanisms. ● Punching bag of the internet ● Defeated in two ways
○ Stolen credentials ○ Exploiting weakness in application
![Page 8: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/8.jpg)
Vulnerabilities
A software vulnerability is a security flaw, glitch or weakness found in software or an operating system that can lead to security concerns.
● SharePoint ● Windows ● Web Parts and 3rd party plug-ins ● Remote access mechanism
![Page 9: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/9.jpg)
SharePoint Vulnerabilities
● Insider threats ● Misconfiguration of access ● Ineffective log management ● Vulnerability in 3rd Party code and web parts ● Data leakage ● Unauthorized access to SQL db’s ● Social Features
![Page 10: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/10.jpg)
Identify insider threats
![Page 11: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/11.jpg)
Identify events that stand out
![Page 12: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/12.jpg)
Foolproof access control
![Page 13: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/13.jpg)
Duct Tape won’t fix this
Where is your data going?
![Page 14: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/14.jpg)
We can write something for that
![Page 15: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/15.jpg)
![Page 16: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/16.jpg)
![Page 17: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/17.jpg)
The Cloud...
![Page 18: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/18.jpg)
What others are saying...
● 97% have security concerns about non-employee SP access ● 76% granted non-employee SharePoint access ● 82% concerned about hosted SharePoint
○ Top concern around documents being copied outside controlled systems
● 42% audit external SharePoint access ● 7% run SharePoint access audit at least weekly
- Dimensional Research 2013 SharePoint and
Security
![Page 19: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/19.jpg)
Encryption Considerations
● Encrypt in the cloud
● Encrypt before data leaves firm
● Encrypt and require access through
appliance (i.e. Vaultive)
● Encrypt/protect at point of data
creation (i.e. Ionic, Microsoft RMS)
● Key Management, Key Management,
Key Management
![Page 20: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/20.jpg)
When your data is in the cloud…
● Consider confidentiality and integrity of data
● Disclose to clients that data resides in the cloud
● Discuss with internal GC or relevant authority on risk for guidance
● Understand increased risk (if any identified) and implement compensating controls before
you migrate, not after
● Audit and treat this hosted data no different than your own onsite data
![Page 21: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/21.jpg)
Attorney Commentary
“If your data is in the cloud (e.g. Amazon, MS) and they receive a subpoena, what do you think the host’s obligation is? What is the firm’s obligation if client data is onsite versus data that’s in the cloud?” What about if there was a data breach? What could/should/would your response be?”
![Page 22: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/22.jpg)
Attorney Commentary, Cont’d
● If the firm (or if hosting agent) received such a subpoena, we would object and seek
protection based on privilege.
● If there is a data breach at the firm, we’ve got a problem. Three step process: (1) stop
the breach; (2) assess the breach; (3) call our (E&O) carrier
● Include language in the client engagement around data and the removal of the firm’s
liability (... firm would be held harmless) related to data loss, or breach.
![Page 23: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/23.jpg)
Resources
SharePoint Web Access User Management (http://connect.iltanet.org/communities/alldiscussions/viewthread/?GroupId=913&MID=483077) Dell SharePoint and Security Survey (http://software.dell.com/documents/sharepoint-and-security-a-survey-of-sharepoint-stakeholders-whitepaper-
27128.pdf)
![Page 24: SharePoint Hack-ability, How Safe Is Your Environment?ilta.personifycloud.com/webfiles/...Hackability.pdfIf there is a data breach at the firm, we’ve got a problem. Three step process:](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88d9b1c90a4847822d2042/html5/thumbnails/24.jpg)
Questions