locked
SharePoint, Sensitive Information and maintenance ? RRS feed

  • Question

  • Hello everyone,

    I have a situation here, I would like to know how I can protect my sensitive data which in SharePoint.

    Actually, the situation is : I have outsourced the maintenance of my SharePoint Server, so my question is how can I protect my sensitive information during the maintenance? Because the guys, who doing the maintenance, want Admin rights.

    I would like to know if it is possible to remove the access to my sites to certain admin?

    Thank you.




    • Edited by tono25 Thursday, February 23, 2012 10:08 AM
    Thursday, February 23, 2012 9:58 AM

Answers

  • Hi there,

    with protecting sensitive data it is always quite a complex question. You have to start with separation of the admin rights and you can end with stuff like RMS or transparent data encryption on SQL server.

    If you will assign admin rights to someone (farm admin) and the user will log to central administration, he/she can always modify either site collection admins to get an access to any site collection or modify web application user policy to get an access to your data.

    Also by default built-in admins of the windows server running SharePoint 2010 are farm administrators, so you can check if you can modify these settings.

    Protecting this data is also based on some etiquete and NDAs with contractors etc.


    Marek Chmel, WBI Systems (MCTS, MCITP, MCT, CCNA)
    Please Mark As Answer if my post solves your problem or Vote As Helpful if a post has been helpful for you.

    Thursday, February 23, 2012 10:40 AM

All replies

  • Hi there,

    with protecting sensitive data it is always quite a complex question. You have to start with separation of the admin rights and you can end with stuff like RMS or transparent data encryption on SQL server.

    If you will assign admin rights to someone (farm admin) and the user will log to central administration, he/she can always modify either site collection admins to get an access to any site collection or modify web application user policy to get an access to your data.

    Also by default built-in admins of the windows server running SharePoint 2010 are farm administrators, so you can check if you can modify these settings.

    Protecting this data is also based on some etiquete and NDAs with contractors etc.


    Marek Chmel, WBI Systems (MCTS, MCITP, MCT, CCNA)
    Please Mark As Answer if my post solves your problem or Vote As Helpful if a post has been helpful for you.

    Thursday, February 23, 2012 10:40 AM
  • I was already looking things about AD RMS, it can be a good idea...

    I will also look at your solution about built-in admins and farm admins and check.

    Thank you.


    • Edited by tono25 Thursday, February 23, 2012 1:35 PM
    Thursday, February 23, 2012 1:35 PM