There was a recent post on Dark Reading about how SharePoint users are disregarding security when it comes to their documents and information. You can read the full post and access the survey results here.
It was interesting that 92% of respondents understood that taking data out of SharePoint made it less secure, 30% were willing to take the risk stating they were “Not bothered if it helps me get the job done”. Thirty four percent confessed they never really thought about the security implications of SharePoint, while incredibly 13% believe protecting company data is not their responsibility. The post went on to state that being able to access the information from home, and being able to share documents and information with external parties were the main reasons why people were copying the information and documents out of the secure SharePoint implementation.
It has been our experience during the implementations of our IMS solution that this is less about “security” as it is about having a true understanding of how users use the system, and implementing it in a way that allows them to do their jobs no matter where they are. During the requirements gathering phase, the need for users to be able to share documents with external parties and to be able to securely access them from home should become one of the key requirements for the system. By understanding the these requirements early, and building it into the systems and processes, many of these concerns can be addressed.
What are your thoughts? How have you addressed security within your SharePoint implementation?
