Feeds

SharePoint gods peek into colleagues' info – poll

Security is for other people

Boost IT visibility and business value

SharePoint admins are abusing their privileged status to sneak a peak at classified documents according to a poll that shows consistent abuse of security in Microsoft's business collaboration server.

A third of IT administrators or somebody they know with admin rights have read documents hosted in Microsoft's collaboration server that they are not meant to read.

Most popular documents eyeballed were those containing the details of their fellow employees, 34 per cent, followed by salary – 23 per cent – and 30 per cent said "other."

Ironically, the poll found the jury almost split on whether the authors of documents themselves could be trusted to control the security privilege settings on their work.

IT admins are firmly in control of setting access rights within SharePoint; 69 per cent set the permission levels that say who reads what, by individual or by group.

The data comes from a Cryptzone SharePoint security survey of 100 individuals running or using SharePoint systems, which has just been released. Respondents worked for a range of companies of varying size.

The poll reveals a consistently healthy disregard for the security supposedly afforded to company documents by SharePoint. Forty-five per cent of respondents said they'd copied sensitive information to the drive of a local PC or to a USB stick; 43 per cent did it because of the need to work from home; while 55 per cent said they'd done it because the docs were needed by somebody who didn't have access to SharePoint.

Ninety-two per cent of admins said they realised their actions made the material less secure while 30 per cent said they weren't bothered because taking the information had helped them get their job done. ®

You can download a copy of the report here (warning: PDF). ®

Build a business case: developing custom apps

More from The Register

next story
PEAK LANDFILL: Why tablet gloom is good news for Windows users
Sinofsky's hybrid strategy looks dafter than ever
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Fiendishly complex password app extension ships for iOS 8
Just slip it in, won't hurt a bit, 1Password makers urge devs
Mozilla keeps its Beard, hopes anti-gay marriage troubles are now over
Plenty on new CEO's todo list – starting with Firefox's slipping grasp
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.