Conducting an Audit of your Sharepoint or Office 365 Environment
The majority of Fortune 500 companies use the Microsoft SharePoint platform for workforce collaboration and content management, either in an on premise or Office 365 cloud environment. Yet few make a regular assessment of their environments a part of their audit plan.
Ram Balakrishnan and Antonio Maio from Protiviti will discuss their approach to scoping, executing, and reporting on an assessment of a SharePoint or Office 365 environment. A SharePoint assessment will allow organizations to identify potential risks in their environment, optimize SharePoint configuration and performance, and determine whether additional user training on the system and education about potential risks are needed.
Don’t think your company is at risk? Consider this: a survey conducted at a recent SharePoint Conference found:
- At least 36% of SharePoint users are breaching security policies and gaining information to sensitive, confidential information that they are not entitled to access.
- 79% of those surveyed said their organizations stored sensitive data in a SharePoint environment, but only 18 percent said they prevented access through the use of technical controls.
- 23% of users admit to have knowingly accessed others' sensitive data. Administrators who responded to the survey showed a cavalier attitude toward privacy, sharing anecdotes that included "I am entitled to see everything" and "Administrative access is God mode."
- 36% of respondents said that their business had no SharePoint audits at all.
- Additionally 67% of SharePoint users have no security policy, according to InfoSecurity Magazine, in 2013.
Ram Balakrishnan and Antonio Maio from Protiviti