3 tips to keep your Sharepoint Online safe

There are several controversial about data security in the cloud. But it depends on two main factors: The cloud provider and also how the customer manages access to their environment.

Microsoft has several security features and also provides each Tenant with a Compliance Center, where security settings can be managed and organized.

As the organization has full control over Sharepoint Online security, this offers flexibility. For example: The organization can grant access to external partners. This can be very useful, but it can create some risks for the environment.

What are the security issues related to Sharepoint Online?

Is Sharepoint Online less secure than Local Sharepoint? Not necessarily.
It is more than obvious that Microsoft Datacenters have better firewalls and great general protections compared to your organization's On Premise servers.

But on the other hand, data stored in the cloud, if not well protected, ends up becoming an easy target for anyone with a password to access their environment and steal their information.

Read more:
How to configure Advanced Threat Protection (ATP): Anti-Phishing
Enable Office 365 message encryption
Whose responsibility is security in the cloud?
Sharepoint permissions online, learn how to set up
Microsoft should explain to the Brazilian government flaw that exposed user data
Experts point out mistakes that can cost your information

The question is: How to protect cloud environments and ensure the security of users' data in the cloud?

1- Sharing your Sharepoint Online content with External users
Before Sharepoint 2013, adding external users to a Sharepoint environment was a complex process, as it was necessary to add it individually to your AD or other identity provider.

This has been enhanced in Office 365, where Sharepoint content can be shared with external users in three ways:

  • Sites can be shared using a Microsoft Office 365 ID or Microsoft account (Live ID).
  • Individual documents can be shared using a Microsoft 365 ID or a Microsoft account (Live ID).
  • A guest direct link to documents can be sent to grant anonymous access to specific documents

2- Manage group permissions on Sharepoint Online

Since Sharepoint 2013, the security settings in the local Sharepoint applied only to individual users or to groups of Sharepoint.

For example, when multiple sites need to be shared with a department, this can be done by giving each user permission or sharing the data with a group.

In the first scenario, when an employee in this department leaves, their permissions must be revoked individually. When managing permissions for a group, the user only needs to be removed from that group and nothing else.

In larger companies, you can even assign AD groups to Sharepoint groups. This group membership is typically managed at the Active Directory level.

When assigning AD groups to Sharepoint, group membership changes need to be applied only in Active Directory. In Sharepoint Online, the same logic applies, so make sure you are doing this consistently and that there is a process for when an employee is leaving the company.

3- Microsoft 365 Trust Center

Today, one of the biggest problems for companies is the reliability of the data that is allocated there.
It is common for companies to think that data is better protected in an On Premise environment, but this also exposes the data to some degree of risk.

For companies that tend to be more conservative, cloud computing can be a cause for concern.

With that in mind, Microsoft created a website called Office 365 Trust Center, which covers everything about cloud security, such as:

  • Physical Security: How does the access to people in their Datacenters work, the protection of the buildings themselves.
  • Logical Security: How servers are configured, what network security is applied and what types of audits are implemented.
  • Data Security: Since real data is protected, what would happen if someone had access to your databases? Could they read your data?

One of the points to consider Microsoft as a Public Cloud, is that it is an American company that is under the judicial reach of Patriot Act.

This means that the US government may require Microsoft to deliver customer data.
Microsoft has released information on exactly how it can affect Microsoft 365 service customers.

Briefly, the answer is Cryptography. With that, the customer keeps the key so that nobody but him has access to his data. In addition, you must rely on Microsoft's statements regarding the security of your information.

We can consider that among cloud providers, Microsoft is one of the most secure.
But as already said, everything will depend on how you set up your environment, especially when it comes to Sharepoint Online, which if poorly configured offers several types of risks to your information. Therefore, administrators must take full advantage of all security features and control data with maximum efficiency.

Follow the news in real time. Follow our Instagram profile..

Felipe Santos
Felipe Santos is a Cloud and Security Architect, with experience in Windows Server, Cluster, Storages, Backups Veeam and Office 365 environments.



Do you want to upgrade your career? 

Invest in yourself and get ahead! Get that dream job in 2022!