Archive for the ‘SharePoint security’ Category

SharePoint Security Starts at Deployment

Saturday, November 23rd, 2013

As the repository of a great deal of an organization’s sensitive data, it is imperative to ensure that your SharePoint web applications are set up properly from the moment of deployment. All the precautions taken to ensure appropriate user access to libraries and lists can be completely undone if security best practices at the administration level are neglected.

Security in Microsoft SharePoint starts at the time of deployment. Setting up the proper user accounts ensures the proper separation of responsibilities and activity auditing. Therefore, it is important to set up multiple user accounts with limited privileges. These accounts exist for specific administrative functions and nothing more. At minimum, there should be three different user accounts created to manage setup, SQL management, and for SharePoint farm administration.

SPC Diary: Day 4 – User License Enforcement in SharePoint 2013

Wednesday, November 14th, 2012

The last few days here at SPC12 has included an exciting mix of lots of sessions and lots of events, including the Jon Bon Jovi concert last night which was awesome! Today is more of the same. One interesting session I attended, which I didn’t expect to be as interesting as it was, included a section on the new User License Enforcement capabilities in SharePoint 2013.

SharePoint in the past (and still today with SharePoint 2013) can be purchased through either a standard or enterprise license CAL (client access license). The standard or enterprise CAL either enables or disables certain features depending on which one is purchased. In addition, there are additional components that can be licensed for SharePoint from Microsoft, on top of these CALs. Traditionally, customers had to purchase either standard or enterprise for all their end users. If customers were in a situation where features from the enterprise CAL would be accessed by only a very small number of users, that didn’t matter – they still had to purchase the enterprise CAL for all their users. At times, for some customers, this made SharePoint prohibitive to purchase simply because of the cost of licensing the enterprise CAL for every user, even though most would not be using the enterprise features.

Well, SharePoint 2013 solves that in a very elegant way by allowing customers to delegate which users are entitled to enterprise CAL features and which are entitled to only standard CAL features, and SharePoint elegantly deals with the situation when a standard CAL user navigates to a page where an enterprise CAL feature is present.