Townsend Security Data Privacy Blog

Secure SharePoint with Remote Blob Storage (RBS) Encryption

Posted by Liz Townsend on Apr 10, 2013 2:42:00 PM

Since it's release in 2001, Microsoft SharePoint has quickly become one of the most widely used applications for document storage and collaboration.

SharePoint originally stored and organized documents and other critical information about those documents in rows and columns. However, as the use of SharePoint began to quickly grow, administrators Encryption-Podcast-SharePoint began to notice that the huge number and size of the documents being stored began to impact the performance of SharePoint, slowing down the application until it was fairly unusable. To rectify this issue Remote Blob Storage (RBS) was introduced to store the documents themselves outside of the SharePoint database so that the size of the documents wouldn't impact SharePoint performance. Now, when a SharePoint administrator starts to see performance impact from documents stored in SharePoint, they can store the files themselves separately, and SharePoint talks to the remote server in order to retrieve the files.

Now that SharePoint is so widely used, protecting data stored in SharePoint has become a big issue. Many companies use SharePoint to track customers, retail orders, personal health information, and other personally identifiable information (PII) that most industries (PCI-DSS, HIPAA/HITECH, GLBA/FFIEC, etc.) and many state laws mandate the protection of. Typically these regulations mandate the protection of this data using encryption and encryption key management.

The good news is that encrypting data in SharePoint is pretty easy, and it's often only a two-step process. SharePoint administrators must:

  1. Encrypt the SQL Server database SharePoint runs on
  2. Encrypt the Remote Blob Storage (RBS) used to store documents.

Encrypting SharePoint on SQL Server is easy with transparent data encryption (TDE) for SQL Server 2008/2008 R2/2012. Extensible key management (EKM) also allows admins to manage encryption keys and meet compliance regulations using an external third-party encryption key management hardware security module (HSM).

Townsend Security offers FIPS 140-2 compliant encryption key management system for Microsoft SharePoint to help you protect SharePoint and meet compliance. To learn more about securing data in SharePoint, check out our podcast, “Securing SharePoint with Encryption & Key Management.

Download the Podcast

Topics: Data Privacy, SQL Server, SharePoint