1 / 26

About

About. Chris Welch Synergy – Global Reach. Local Service. Email - cwelch@synergyonline.com Cell - 808 255 9431  Online - www.synergyonline.com USA | South Africa | United Kingdom | Asia Pacific. SharePoint 2010 End User Security - Standardization and Customization.

stella-finch
Download Presentation

About

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. About Chris Welch Synergy – Global Reach. Local Service. Email - cwelch@synergyonline.com Cell - 808 255 9431  Online - www.synergyonline.com USA | South Africa | United Kingdom | Asia Pacific

  2. SharePoint 2010 End User Security - Standardization and Customization • Understanding security in the End User environment • Discussion and Demonstrations • All participation is welcome and appreciated

  3. SharePoint 2010 End User Security - Standardization and Customization How do you make a meaningful security infrastructure? > Planning and understanding < So… Let’s talk a bit about security

  4. What is security? • Trust • Trust in people • Trust in technology • Trust in business P&P • Trust in the institutional setting

  5. Security is a management process • Best Practice • Keep it simple • Reduce • Reuse • Recycle

  6. Basic Security Concepts • Plan the security environment • What – define security • Sites • Lists and libraries • Who – define roles • Separation of Duties • Access – define levels • Least Privilege

  7. SharePoint Roles • Standard Security Roles • Farm Administrator • Site Collection Administrator • Service Application Administrator • Site Administrator • Users

  8. Security 101 - Terms • Authorization vs. Authentication • Risk Management • $ or other measure • Central tenets of measuring secure systems • Confidentiality • Integrity • Availability • Non Repudiation • Others….

  9. So What About SharePoint? • Demo Interlude • How does SharePoint do - • Confidentiality • Integrity • Availability • Non-Repudiation

  10. Discussion Point • Where are the • Strengths in your SharePoint security • Weaknesses in your SharePoint security • What is the trust factor

  11. Architecture Primer • SharePoint architecture Web Application Site Collection Sites Lists and Libraries

  12. Web Application Security • Performed by a Farm Administrator • Security • Authentication • User Permissions • Policies • Anonymous • User • Permissions

  13. Web Application Demo • Authentication Providers • User Permissions • Remove Manage Lists permission • Policies • Create Deny Delete Permission Policy • Apply as a User Policy

  14. Site collection security • Site Collection Administrator • Has full control of all content in a site collection • Is bound by security policy settings at the Web Application level • Is managed at the site collection or farm Web Application level • Highly trusted position in user environment • Farm Administrator

  15. Site Level Security • Uses three basic pieces of infrastructure • Security principle • Securable Object • Permission Level User or Group Site-List-Item Permission Level

  16. Users and Groups • Maintained at the site collection • Users • Available from Authentication Provider • Stored in user information list • Groups • AD • SharePoint • Best Practice Discussion • Users vs. Groups

  17. Some Limits to Consider • Supported Limits • Groups per users - 5000 • Users – 2 million per SC • Principles per group – 5000 • SharePoint Groups – 10,000 per SC • Security Scope – 5000 • Limits based on performance

  18. Users and Group Demo • Users and Group • Review groups • Create a group and discuss settings • Suggestions Group • Add users • Settings overview • Groups page • Group

  19. Securable Objects • Sites, lists and libraries, item • Security inherited by default • Inheritance can be removed • Sites can be created with unique permissions • Creates three groups by default • Permsetup.aspx

  20. Securable Objects Demonstration • Review settings • Remove inheritance for a site • Remove inherited principles • Create a new security infrastructure

  21. Permissions and Permission Levels • Used to grant access • Based upon granular permissions • 33 • Default set of permission levels • FDCRL • AMRV • Do not delete! • Used to create customized security settings

  22. Permission Levels • Stored at the top level site • Inheritance can be broken, using PowerShell • Best practice is to create a new Permission Level by inheriting from an existing one

  23. Demo of Permission Levels • Review permissions • Create a permission level by copying • Remove delete versions • Create a manage lists permission level • Demonstrate permission dependencies

  24. Finally • Security • Standardize where possible • Customize where necessary • Plan • Document • Simplify

  25. Questions?

More Related