When you think of Cloud Data Storage, you might think everything is locked down. But that is not the case as Microsoft now offers admins a couple of unified security tools. Most of the organizations when they adapt to SharePoint they place strict security rules so their content can be viewed only by authorized users.
Why ACL is not Sufficient?
However, everything is not achieved just with SharePoint. Office 365 manages content primarily via OneDrive, SharePoint and Exchange.
Depending upon the tool you use for Content, each has unique set of controls to manage the lifecycle of your content assets. We have something called ACLs Access Control Lists which is a traditional security strategy approach till now.
But the problem with ACLs is that they solve only a piece of the problem. When the content leaves your repository, ACLs did nothing to prevent unauthorized usage and you see we have a problem here.
We have three key enterprise security policy needs when it comes to SharePoint.
- Data Loss Prevention (DLP)
- Content Labels
- Device Management
Data Loss Pevention
The security policy, Data Loss Prevention that comes with Office 365 ensures that no sensitive information leaves the organization.
It also oversees security across various devices. To sum up, DLP is set of rules for content policies and managing devices. When you combine DLP with ACL, organizations would be able to implement content security policies for their content.
The Security & Compliance administrative tool in Office 365 is used to set these policies. Office 365 Security & Compliance tool lets you setup the DLP policies you need. SharePoint security policies can be created using default templates provided by Microsoft.
As the name suggests, Content Labels are a means to organize and categorize your content. Suppose, you have a set of legal documents that would need a periodical review.
You could easily label those content pieces and give a meaningful description. And now you can define a policy for the label which will initiate a review every 3 months or any frequency you set.
Very much like DLP, content labels are also managed via the Security & Compliance in Office 365.
You can create any number of content labels to not only classify your content, but also set policies which will define the timing for content retention or updation.
This kind of content disposition options are similar to the rules you could directly find in SharePoint Content Types. But the advantage with Security & Compliance tool is that they can be uniformly applied across products.
Your employees accessing your SharePoint workspace via other devices like Mobiles, Tab are prone to severe security threat, especially when the device is lost or stolen.
That would create dangerous security breaches not only for the organization, but also for their clients and related firms. But not to worry yet. Thanks to Office 365 device management capabilities. However your Office 365 Device Management functionality will depend on your license type.
Anyways, you have the basic device management features available across all license levels. You can check under the DLP menu found in Security & Compliance tool.
Admins can enforce added security features like encrypted storage, PIN access, managed email access etc. Admins can even setup wiping selective content remotely in case of theft.
Most of the recent changes in the past few months Microsoft has done to Office 365 is related to security. In addition to that, managing a full content lifecycle, detecting sensitive content proactively and applying security policies and other serious SharePoint security concepts are implemented.
When you are implementing SharePoint in your organization, you should be aware of all these security concepts to better safeguard your data.
Making yourself aware of Unified Content Security would help implement a safer and secure Digital Workplace for your organization.