HiSoftware Security Sheriff SP for Microsoft SharePoint® 2010


Making SharePoint Safe for Sensitive Data

While thousands of organizations are deploying SharePoint 2010 to manage enterprise content, streamline business processes, and deliver “enterprise 2.0” collaboration capabilities, compliance and security concerns − and their associated risks − remain top of mind.

As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of SharePoint 2010, the chance for a security breach or a compliance violation increases as well. A solution that automatically classifies, applies permissions, tracks, encrypts and prevents the inappropriate storage, access and distribution of sensitive content stored in SharePoint is clearly necessary to overcome this confidence gap.

Ensure Data Compliance, Enforce Information Security Controls

Security Sheriff SP builds upon the policy scanning and classification features of Compliance Sheriff SP to deliver content-aware security within SharePoint. Security Sheriff SP includes all the functionality of Compliance Sheriff SP with the added ability to restrict access to and encrypt content based upon the presence of Protect Health Information (PHI), Personally Identifiable Information (PII) or other sensitive corporate information using the functionality outlined below.

  • Restrict: Based upon the policy rules associated with its classification, access to a document or item within SharePoint can be restricted to a specific individual or group, even if a wider audience has access to the site, list or library where the item physically resides in SharePoint.
  • Encrypt: When Security Sheriff SP identifies sensitive content, it can encrypt the information immediately. This means only properly credentialed users will be able to access the content—whether inside or outside of SharePoint, even if they have SharePoint administrator privileges.
  • Prevent: Security Sheriff SP can prevent sensitive information from leaving SharePoint. For example, if a document is going to be emailed to a group and a listed recipient does not have proper access to that category of document, the email cannot be sent until that individual is removed from the distribution list.
  • Track: Security Sheriff SP tracks the entire lifecycle of SharePoint content and documents. This means that a policy officer can see if and when a document has been accessed, emailed, printed, or edited, and by whom. A document’s entire “chain of custody” is recorded and easily available in the event of a breach or a regulatory audit.
  • Workflow: As specific areas of content risk are identified in SharePoint, Security Sheriff SP triggers workflow to remediate compliance issues and/or task the proper individual(s) in the organization to review and potentially classify, re-classify and encrypt the content. Workflow can also be used to prevent the publication of non-compliant content (e.g. in a discussion forum or blog) based upon the policies managed within the HiSoftware rules engine.

Flexible Rules Engine

HiSoftware’s flexible content-aware rules engine ensures information moves in and out of your systems in accordance with your privacy policy, Written Information Security Program (WISP) and brand standards while preventing a damaging breach of private or other confidential information that could impact your bottom-line and your corporate reputation. Specific rule sets are pre-defined to address compliance with HIPAA/HITECH, MA 201 CMR, FISMA, COPPA, Section 508 and WCAG 1.0 and 2.0, OMB 10-22 and many other federal and state regulations. These rules are available for use in both Compliance Sheriff SP and Security Sheriff SP and are broken out into four modules, each sold separately.

  • Privacy – HiSoftware’s Privacy Module automatically scans SharePoint sites to detect the presence of PII and PHI and notify policy officers and privacy managers. Depending on your organization’s unique compliance approach and risk threshold, Compliance Sheriff can also confirm the use of secure methods to collect private information with the proper consents, and that whenever information is stored, accessed or moved, it is only by credentialed users and only to appropriate locations. Some of the specific privacy checkpoints offered standard with the privacy module include HIPAA, FISMA, COPPA, OMB 10-22 cookie guidance, and MA 201 CMR 17.
  • Accessibility – HiSoftware’s Accessibility Module establishes ongoing, automated checks to ensure SharePoint accessibility concerns are seamlessly managed and that compliance issues are flagged and prioritized for swift remediation. The Accessibility Module checkpoints map to all the common Web accessibility standards, including Section 508, WCAG 1.0 and 2.0, Canadian Common Look and Feel (CLF) and XML Accessibility Guidelines (XAG).
  • Brand Integrity and Site Quality – HiSoftware’s Brand Integrity and Site Quality Module consistently scans and analyzes SharePoint content for broken links brand conformance issues such as logo consistency and integrity, correct legal name usage, copyrights and more. This module also includes checkpoints to monitor for offensive or inappropriate language that may be included in collaborative environments such as blogs, discussion lists or other user-generated social computing content. Detailed reports help development and quality assurance managers pinpoint and fix issues before issues arise.
  • OPSEC Information Assurance – The Compliance Sheriff OPSEC Module monitors and verifies that SharePoint content complies with federal risk assessment practices and the U.S. government’s OPSEC guidelines. This includes operational military information and helps to determines if published SharePoint content references any information that would reveal sensitive movements of military assets or the location of units, installations, or personnel where uncertainty regarding location is an element of the security of a military plan or program. These safeguards help protect against the accidental disclosure of confidential information and fully integrates OPSEC testing into quality assurance and content delivery processes for your SharePoint farm.