This is SharePoint Metadata and Classification's Typepad Profile.
Join Typepad and start following SharePoint Metadata and Classification's activity
Join Now!
Already a member? Sign In
SharePoint Metadata and Classification
Charlie is the co-founder of TITUS, and is the lead on the company's SharePoint product line.
Recent Activity
It’s an exciting week here at TITUS as we release TITUS Security Suite for SharePoint 3.3, which includes both TITUS Metadata Security and Document Policy Manager. While there are many improvements and new features with this release, such as enhanced audit reporting and the ability to use hidden columns to create more flexible policies, for me the standout feature is secure mobile access to documents and list items. Because mobile devices are easily lost, stolen or hacked, many SharePoint administrators don’t want to let their workers download highly sensitive information to their mobile. For instance, while it might be perfectly... Continue reading
Mobile data access and sharing is a great idea but one that comes with a lot of risk. The chance of unauthorized access, data loss, and data exposure are all increased when information stored in SharePoint is accessed from a mobile device. In the recent Aberdeen Analyst Insight, SharePoint Collaboration: Secure and Mobile, Derek Brink sheds some light on how organizations can ensure their SharePoint data is made more secure for mobile users. Workers are demanding access to their work files from mobile devices, yet mobile devices are more susceptible to data breaches. Beside the fact that the devices themselves... Continue reading
As the repository of a great deal of an organization’s sensitive data, it is imperative to ensure that your SharePoint web applications are set up properly from the moment of deployment. All the precautions taken to ensure appropriate user access to libraries and lists can be completely undone if security best practices at the administration level are neglected. Security in Microsoft SharePoint starts at the time of deployment. Setting up the proper user accounts ensures the proper separation of responsibilities and activity auditing. Therefore, it is important to set up multiple user accounts with limited privileges. These accounts exist for... Continue reading
A new report released by AIIM outlines the significant impact that SharePoint has had in the both collaboration and the content management space. New features within SharePoint 2013 fuel the debate about SharePoint’s ability to be the enterprise’s primary collaboration tool, repository, and archive without requiring customizations or third-party add-on products. In SharePoint 2013 – Clouding the Issues, the new capabilities and potential pitfalls for cloud SharePoint deployments are examined against the backdrop of overall SharePoint adoption and project success. Among the key findings in the report: The biggest on-going issues are user adoption, extending the business scope, and governance.... Continue reading
Welcome to the first in a series of posts that will review fundamental security features in Microsoft SharePoint 2013. In this first post I will examine the reasons behind information protection as it impacts the security strategy, its adoption, and ultimately the success of your SharePoint security policies and practices. When I speak about SharePoint security I often start off with a discussion about why organizations secure their information. What reasons drive people to implement security measures to control and govern information? I have found that, for a business owner or C-level executive it may be obvious, but for the... Continue reading
In case you missed it, Alan Pelz-Sharpe (Research Director, Content Management and Collaboration at 451 Research) and our own Antonio Maio (Senior Product Manager, TITUS) hosted a great webcast titled: Key Strategies to Effectively Govern and Secure Sensitive Data in SharePoint 2013. There were a lot of great tips in the webcast, but there is one item that captured most of the participant’s attention: automating security and policies. Since managing security in SharePoint is a manual process, it is very difficult to consistently enforce the ever-changing security and policy requirements across all content. Our participants had a lot of great... Continue reading
Is your enterprise considering a move to the Cloud? Are you aware of the benefits and risks of moving SharePoint and key workloads to a Cloud environment? Webinar: Thursday, March 28, 2013 11:00 AM – 12:00 PM EDT Register today for this webcast to learn the pros and cons of moving to the Cloud: Join Microsoft SharePoint MVPs Christian Buckley, Director of Evangelism, Axceler and myself for a discussion on functional trade-offs of the platform, potential impacts and risks that need to be considered when moving SharePoint to the Cloud. This webinar will cover topics such as: • SharePoint... Continue reading
In its latest release, TITUS Metadata Security for SharePoint Version 3.2 has greatly increased the support for SharePoint Managed Metadata. In particular, TITUS Metadata Security can work with managed metadata terms in a more meaningful way as part of the conditions that it evaluates when determining if a specific policy needs to be enforced on a document or item. These conditions which can be part of any policy are referred to as “Conditional Expressions”. Continue reading
What Are Your Organization’s Top SharePoint Security Challenges? Recently, TITUS had the opportunity to ask over 200 SharePoint users about their top SharePoint security concerns. The survey confirmed for us what we had been hearing from our customers over the past number of years – organizations are storing a wide variety of sensitive information in SharePoint, from financial and HR information, to intellectual property, to personally identifiable information (PII). This raises a number of security challenges for organizations. From our survey, we found that 79% of organizations see permissions management and site ownership as the top SharePoint security challenge. Not... Continue reading
TITUS Senior Product Manager and SharePoint Server MVP Antonio Maio recently shared some of his insights on SharePoint security. He provided tips, pointed to current challenges and explained how SharePoint will be affected as computing becomes more mobile and social. Question: What are some aspects of SharePoint security that you think are critical but may be overlooked? Maio: People often come to talk to us about enforcing security at a fine-grained level or detailed level. This relates to the level of security on each individual document or each individual data item within SharePoint, as opposed to broadly applying security to... Continue reading
We’re very pleased to announce the latest release of the TITUS SharePoint Security Suite! With this release, TITUS is making it easier than ever before to enhance and automate security within Microsoft SharePoint. TITUS Security Suite for SharePoint version 3.2 enhances security by automatically enforcing fine-grained access control and applying visual labels – promoting strong, consistent data governance for SharePoint content. TITUS products leverage existing document metadata combined with trusted user claims to ensure that security is applied automatically and consistently across all SharePoint content. As Microsoft SharePoint becomes an increasingly critical platform for document and records management, administrators and... Continue reading
I’m excited to announce that “SharePoint Joel” and I will be co-presenting a webinar on Thursday, October 4th at 12pm ET (you can register here). As most of you know, Joel Oleson is one of the world’s top SharePoint experts, and is highly regarded for his dedication to the SharePoint community and his #1 SharePoint IT blog, At the webinar, Joel and I will be speaking about SharePoint security, including best practices to enable secure information sharing, enhance risk awareness, and apply SharePoint policies. Through our discussion of real-life security and data governance scenarios, you’ll discover how to: Protect... Continue reading
According to a 2011 AIIM survey, organizations are experiencing a 23% yearly growth in electronic records. This rapid growth presents a challenge to organizations that must comply with records management regulations while ensuring that the right people are accessing the right information. To address this challenge, many organizations are looking to Microsoft SharePoint 2010. With its powerful recordkeeping capabilities, organizations can now manage their records using the same platform as they use for everyday collaboration and document management. But as with all sensitive content within SharePoint, it’s important not to overlook the security implications of storing records in SharePoint. We’ve... Continue reading
Microsoft SharePoint 2010 has some great capabilities built in for accessing SharePoint from a mobile device. Some mobile browsers are fully supported out of the box, and others are partially supported today, with more support to come in the future. Lately I’ve been researching how we secure access to SharePoint from a mobile device or tablet for a particular customer, and there are several useful blog posts already out there that have been an enormous help. Securing access from a mobile device is becoming a critical part of security planning for SharePoint, as the phenomenon of Bring Your Own Device... Continue reading
Microsoft SharePoint 2010, with its built-in support for retrieving trusted attributes about a user upon login (or what is commonly referred to as claims), can be used to authenticate users and authorize access to content. As I’ve written about previously, this allows businesses to implement new and interesting information protection policies. SharePoint also allows us to build and deploy custom claim providers that can retrieve attributes from a wide variety of sources and transform them in order to enforce specific policies within SharePoint. This article will walk through a simple example of building a custom claim provider and review some... Continue reading
I ran across an interesting little side effect of altering my claims enabled web application in SharePoint 2010 the other day I thought would be useful for others to know about. The situation has to do with accessing AD Groups from within the SharePoint people picker in a claims enabled environment. Initially one of my SharePoint web applications was configured to allow authentication either through NTLM or through a Trusted Claims Provider (which was ADFS 2.0 sitting in front of AD of course). I could select which method I wanted to use when I navigated to the site through the... Continue reading
Implementing claims based authorization in SharePoint 2010 provides great alternatives to using security groups in order to control access to sensitive content in SharePoint. Traditionally, security groups have been used to restrict access to content or to enforce a role based security mechanism. However, organizations are quickly finding that security groups, whether they are SharePoint groups or Active Directory groups, do not scale well in large enterprise environments. Many enterprises already have large numbers of groups deployed, so how can those organizations still make use of those groups to enforce advanced security policies without complicating group management further? As well,... Continue reading
In a recent post I introduced the concept of claim rules within Microsoft Active Directory Federation Services 2.0 (ADFSv2) and the templates it provides. Claim rules can be used to easily evaluate, transform or augment claims before they are returned to a relying party application like SharePoint. In this post, the second in the series, we dive into ADFSv2’s Claim Rule Language and how it can be used to issue claims under more specific conditions, retrieve attributes from external data sources and implement some unique scenarios. For an introduction to claim rules or some background on the template based rules... Continue reading
Microsoft SharePoint is used in many highly secure environments around the world that deal very sensitive information – information that is considered ’secret’ or ‘top secret’ and where security of that data is critical to not only business but also to national security. These deployments exist primarily in military and government installations, or as part of the intelligence community. In these SharePoint deployments, its extremely important that security and access control policies be configured in such a way that they “Fail Safe”. The concept of “Failing Safe” means that if the security system which implements the access control policies fails,... Continue reading
Previously, we’ve talked about how using trusted attributes of a user’s identity (or claims) along with document metadata is a very robust way of enforcing security policies within Microsoft SharePoint 2010. This article reviews another important tool that can be used to configure security policies for SharePoint: Claim Rules. In general, claim rules can be used to centrally evaluate, transform or augment claims before they are returned to a relying party application like SharePoint. Microsoft Active Directory Federation Services version 2.0 (ADFSv2) can act as a trusted identity provider to SharePoint and other relying party apps. It provides a great... Continue reading
The topic of claims, or trusted user attributes, is an established and well defined concept within the identity management space. In SharePoint 2010, Microsoft introduced support for a claims-based identity model. Claims-based identities can be used in Microsoft SharePoint to enhance the process of user authentication. By harnessing the power of claims and extending its use to authorization, organizations can also effectively manage security and governance policies for accessing valuable information assets. It is important to understand the many concepts of the claims-based identity paradigm in order to implement granular, scalable and dynamic security within Microsoft SharePoint. Organizations can implement... Continue reading
When configuring SharePoint 2010 for claims based authentication or authorization you typically need to connect to an identity provider to retrieve user attributes as claims. To really see all the benefits of claims in the enterprise, we need to ensure that our SharePoint Server trusts the claims its receiving, and that often means configuring it to connect to a “trusted identity provider”. One such server application that can act as a trusted identity provider is Microsoft Active Directory Federation Services version 2.0 (ADFSv2). ADFSv2 is often also referred to as a ’secure token server’ because it plays the role of... Continue reading
I got quite a few questions and request for copies of my slides for the presentation I did a few weeks ago at the Microsoft SharePoint Conference 2011 in Los Angeles. The presentation was called Using Claims for Authorization in SharePoint 2010. For an explanation of how claims can be used for authorization (deciding what documents or items users are allowed to see) in SharePoint click on this link to download my presentation. The PowerPoint has been converted to PDF format. I have also started a blog series on Claims in SharePoint and here is my first post What are... Continue reading
Reflecting on the Microsoft SharePoint 2011 Conference (SPC2011) of last week there were several hot topics presented – one was the concept of claims and using claims in SharePoint 2010 for interesting security-related scenarios like authentication. This topic is particularly important in the identity management space right now. I’d like to thank everyone that came to my session on the Wednesday afternoon titled Using Claims for Authorization in SharePoint 2010. It appears that the deck I presented may still not be available on the Microsoft MySPC site. I have asked Microsoft to look into this and post the updated deck... Continue reading
Hello from the Microsoft SharePoint Conference 2011 in Anaheim CA. Many enterprises use Microsoft SharePoint for Records Management. Despite how much has been written on this, Records Management is sometimes confused with Document or Content Management , but it’s in fact quite a unique discipline with its own best practices and processes. Microsoft SharePoint 2010 provides some great features to enable these processes, and it provides enterprises with the appropriate controls over the data and documents that they declare to be corporate records. Here at the Microsoft SharePoint Conference, Records Management figures pretty prominently among several of the sessions. There’s... Continue reading