Welcome to the SharePoint Security Labs at ARB Security Solutions. The security lab is committed to instigating security research in the central areas of collaborative and aggregate systems security. SharePoint and collaborative security is a captivating area of study. The goals of SharePoint security research are to formulate reliable and operative tactics for developing and deploying trustworthy SharePoint systems and complex collaborative applications, and carry outresearch and development activities for underlying enabling technology. This is procured through research in the practical and theoretical aspects of secure collaborative system design and thoughtful implementation.
- Multi-Level Classified Collaborative Environments
- Agnostic Authentication Factories
- Microsoft Sister Server Security Platform Integration
- Monitoring Tool Development
- Efficient encryption system and network reliability
- Autonomic security
- Reactive security systems
- Automated patching
- Host-based intrusion prevention
- Applications of peer-to-peer networks
- Security and availability policy
- Network intrusion detection and anomaly analysis.
The aggregate purpose of this research is to offer to the public internal SharePoint security model advice (pluggable authentication providers, pluggable role providers, etc.), security management tools, guides on multi-level SharePoint security architecture (accommodating formal security models such as BP and CW methodologies), as well as any other security practice and implementation that affects a collaboration and communications platform that leverages SharePoint technologies.
SharePoint as a technology is meant to connect information workers in organizations in amazing ways. By implementing robust content management controls with communications and collaboration functionality, information workers that exist in disparate places can effectively achieve goals that would otherwise not be possible. Promoting this organizational collaboration is a key business driver in building more advanced business systems for knowledge management, content management and distribution, and business process automation.For each piece of data that SharePoint adds into an environment, it is crucial that there be security mechanisms and disaster recovery policies in place for the information. Implementing security measures into your SharePoint environment is central to a successful deployment, protecting your business data should be one of the implementations highest priorities.
At its core, SharePoint has incredible aggregation features for your business data, quickly becoming the central repository for your operational documentation. By hardening the environment that is acting as the warehouse, it can be ensured that data is not compromised, and organization can avoid financial, operations, and reputation risks.
At a very high level, protecting SharePoint exists on a multitude of planes, from developing secure modules that run within the SharePoint framework to providing your portal administrators with the proper toolset to shield your environment while an attack is occurring. There are several immediate, visible layers that are central when planning out your security methodology
- Application and Web Services Security
- Hardening Windows Server and IIS
- Active Directory Auditing and Management
- Identity Management (Manage User Access Security)
- Access Control (Application / Database)
Security in any organization should be an ongoing and dynamic process, the implications of it change as technology progress further. SharePoint is a living technology as it is consistently improved, modifications and enhancements are made, and server based assets evolve further. With this growth, the security relating to the technology also changes. Implementing progressive security management policies and technologies will allow an organization to adapt to these changes and make the appropriate modifications to an environment.
Our research strives to offer this to the public. By promoting and exposing all research and development projects public, we believe that we can achieve this.