Townsend Security Data Privacy Blog

What are the First Steps for Encrypting a SharePoint Database?

Posted by Liz Townsend on Sep 4, 2012 9:12:00 AM

Download Podcast: Securing SharePoint with Encryption & Key Management

university encryption

Listen to our podcast to learn how easy it is to secure your SharePoint data.

Click Here to View Now

Microsoft’s SharePoint is a great application that many organizations in the healthcare, retail, financial, and educational industries use to store data. Documents and files can be uploaded and managed within SharePoint to easily share, collaborate, and socialize. What many organizations fail to realize, however, is that a lot of the information that gets stored on SharePoint is often Personally Identifiable Information (PII) and Protected Health Information (PHI)--information that is protected under industry regulations and many state laws (PCI-DSS, HIPAA-HITECH, FFIEC, GLBA, etc.) If this data is not protected with AES encryption and proper key management, any data losses or breaches will result in data breach notification and hefty fines. I recently sat down with Patrick Townsend, CEO & Founder of Townsend Security, to discuss what first steps should be taken to protect your SharePoint database and how easy data protection is today:

Core steps to securing SharePoint:

1. Use Microsoft recommendations on how to secure SharePoint
Resources for IT professionals, administrators, and end users can be found on their website here. About half of SharePoint users don’t take basic security measures to protect data in SharePoint.

2. Encrypt your data in SharePoint
Implement NIST certified AES standard encryption. Disks and back-up drives also need to be protected.

3. Properly protect encryption keys using dual control and separation of duties
Compliance regulations and best practices state that proper key management includes FIPS 140-2 certification and the use of an external HSM to store encryption keys. These protocols eliminate points of failure and prevent unauthorized access.

To learn more about how easy encrypting Microsoft SharePoint can now be, listen to our podcast Securing SharePoint with Encryption and Key Management now!

Download the Podcast

Topics: Encryption, SharePoint