Microsoft SharePoint security concerns surface
Category Microsoft IBM/Lotus
From vnunet.com: Microsoft SharePoint security concerns surface
Before you start laughing about another Microsoft security issue, read the article...
Most business managers have little visibility into their Microsoft SharePoint environments, and believe that the collaboration tool could put them at risk of data theft, according to new research from enterprise provisioning firm Courion.
The company found that, although SharePoint sites are proliferating among organisations, 86 per cent of managers are concerned that sensitive data is finding its way onto these sites without proper safeguards.
Over a third of firms have no policy defining acceptable usage for SharePoint, and around 63 per cent do not have the tools in place to monitor SharePoint usage, access or policy compliance.
Now... substitute the words Lotus Notes for SharePoint, and I think the article is still just as valid:
Most business managers have little visibility into their Lotus Notes environments, and believe that the collaboration tool could put them at risk of data theft, according to new research from enterprise provisioning firm Courion.
The company found that, although Notes sites are proliferating among organisations, 86 per cent of managers are concerned that sensitive data is finding its way onto these sites without proper safeguards.
Over a third of firms have no policy defining acceptable usage for Notes, and around 63 per cent do not have the tools in place to monitor Notes usage, access or policy compliance.
The point here is that while either technology can allow end users to create content repositories rather easily, organizations often don't place any form of governance, policy, or control on the resulting environment. So to say that Notes databases are out of control at a company (as a selling point for going to SharePoint) ignores the reality that SharePoint can and does suffer from the same malady.
From vnunet.com: Microsoft SharePoint security concerns surface
Before you start laughing about another Microsoft security issue, read the article...
Most business managers have little visibility into their Microsoft SharePoint environments, and believe that the collaboration tool could put them at risk of data theft, according to new research from enterprise provisioning firm Courion.
The company found that, although SharePoint sites are proliferating among organisations, 86 per cent of managers are concerned that sensitive data is finding its way onto these sites without proper safeguards.
Over a third of firms have no policy defining acceptable usage for SharePoint, and around 63 per cent do not have the tools in place to monitor SharePoint usage, access or policy compliance.
Now... substitute the words Lotus Notes for SharePoint, and I think the article is still just as valid:
Most business managers have little visibility into their Lotus Notes environments, and believe that the collaboration tool could put them at risk of data theft, according to new research from enterprise provisioning firm Courion.
The company found that, although Notes sites are proliferating among organisations, 86 per cent of managers are concerned that sensitive data is finding its way onto these sites without proper safeguards.
Over a third of firms have no policy defining acceptable usage for Notes, and around 63 per cent do not have the tools in place to monitor Notes usage, access or policy compliance.
The point here is that while either technology can allow end users to create content repositories rather easily, organizations often don't place any form of governance, policy, or control on the resulting environment. So to say that Notes databases are out of control at a company (as a selling point for going to SharePoint) ignores the reality that SharePoint can and does suffer from the same malady.
Comments
R8 has added "export controls (thank god)....
Posted by John Turnbow At 07:44:44 On 14/11/2008 | - Website - |
Posted by Duffbert At 08:39:49 On 14/11/2008 | - Website - |
It has always been so, in Notes, that you can EASILY build apps that are immensely powerful for distribution of information. This is the best reason for using Notes/Domino (and Sharepoint), but it is also the worst.
If you don't want to block your developers from utilizing the RAD functionality, you implicitely accept the risk of an environment with very little transparency and a high level of autonomy.
That, in itself, is "dangerous" and almost impossible to control.
Add sensitive information to the mix, and you have a disaster waiting to happen.
And just to top it off, it is incredibly easy to copy or forward just about any Notes-document (yes, yes - I DO know about security options) using the tightly integrated email features.
Sure, you can do allsorts of dandy tricks to stop it, but that is hard to do, when you might not even know what applications exist on your servers.
A "well run" Notes organization is also an organization that stifles collaborative creativity, like it or not.
The key - as it often is - is "balance".
But the risk is there, and the worries are real and should be taken seriously.
All that said, I'm quite sure that the tools to reduce this risk, are far better on the Domino platform than in Sharepoint.
Posted by Lars Olufsen At 13:53:49 On 14/11/2008 | - Website - |