In many companies, SharePoint begins as a grass-roots effort with little thought given to governance, risk and compliance (GRC). Before long, issues with security, storage, site sprawl, and others force us to rethink our long-term SharePoint strategy. Around this time, governance plans are developed and put into place. But, do these plans address the auditing, records management, e-discovery and other legal risks? And does SharePoint’s built-in feature set deliver everything you need to rest soundly? In this session, we’ll raise some questions, share some stories and most-importantly provide answers and much needed guidance to this trending topic.

6. What is
governance

7. • Greek kybernân to steer (a ship)

9. (including the choice of inaction)

10. assess the
risks and potential costs of non-compliance against
the projected expenses to achieve compliance,

11. At the very highest level we are talking about
making the right information available to the
people who should have it and protecting it from
the people who should not.

15. 80%
70%
61%
60%
50%
41%
40%
30%
30%
20%
13%
10% 8%
0%
Hackers Accidental Accidental 3rd Intentional Intentional
gaining employee party breach Employee 3rd party
access breach breach breach

16. The onslaught of risk and compliance issues related to
Information sharing includes:

17. By 2016, Gartner predicts
that 20% of CIOs will lose
their job due to
information governance
and compliance

20. “Never in all history have we
Risk harnessed such formidable
Awareness technology. Every scientific
advancement known to man
Never in all history have we harnessed
such formidable technology. Every has been incorporated into
scientific advancement known to man its design. The operational
Risk
has been incorporated into its design.
The operational controls are sound and controls are sound and
Avoidance
foolproof!” foolproof!”
E.J. Smith, Captain of the
Titanic
E.J. Smith, Captain of the Titanic

23. Transparency/ Data Protection/
Collaboration Management

24. A compliance strategy
Prevent
Respond
& Detect
Resolve
Track

25. 1 Know who accesses what & when
• Record and track all user interactions, security changes, and search queries in any or all of
your Microsoft SharePoint environments
2 Track employees’ SharePoint usage
• See everything an individual employee or group of employees has done and is doing in
your SharePoint environment
3 Track an item through its entire life
• See what happened to a document, including when it was created and by whom; who has
viewed it when; and when it was deleted and by whom
4 Audit SharePoint search
• See who has performed a search, for what, and when. See how often an item is returned in
search results

26. Prevention
 Assign permissions & access to SharePoint site
 Assign metadata or policy to content with real time filtering and
scheduling
 Assign policy access rights and permissions to content stored in
Prevent File Shares
 Proactive policy enforcement of secure vs. non-secure sites
through automated site provisioning & permissions
management

27. Detect
 Discover offensive content with real time scans and scheduled
risk reports
Detect  Search for user permission with security search
 Individual user or group profile of security permissions

28. Tracking
 Track user activity with the user life cycle repots
Track  Track content life cycle with item life cycle reports

29. Respond & Resolve
 Legal hold and tracking
Respond  Archive and encryption
&  Restructure permissions & access metadata and security of
Resolve content itself

31. randy.williams@avepoint.com
@tweetraw
slidesha.re/RB2Upd