Add to collection(s) Add to saved
  1. Business

SharePoint Extranet Security Secure Deployment of

SharePoint Extranet Security
Secure Deployment of SharePoint
Extranet for Enterprises
A MUST-READ WHITE PAPER ON SHAREPOINT EXTRANET SECURITY , ADDRESSING
ISSUES THAT NEED TO BE CONSIDERED WHEN DEPLOYING A SHAREPOINT EXTRANET
White Paper
Copyright © 2012 NextLabs, Inc. All rights reserved.
The information in this document is subject to change without notice. NextLabs welcomes comments or
suggestions regarding this manual or any of our product documentation. Please send an e-mail to
info@nextlabs.com.
TRADEMARKS
NextLabs®, ACPL®, Enterprise DLP™, and the Enterprise DLP logo are registered trademarks of NextLabs, Inc.
All other brands or product names used herein are trademarks or registered trademarks of their respective
owners.
Published in San Mateo, CA, by NextLabs, Inc.
www.NextLabs.com
info@nextlabs.com
650.577.9101
2 Wat er s Par k Dr ive, Su it e 250  San Mat eo , CA  94403 USA  t :650-577-9101  f :650-577-9102
 w w w .Next Lab s.co m
© 2006-2012 NextLabs, Inc. All Rights reserved. NextLabs, Enterprise DLP, ACPL, Compliant Enterprise,
and their corresponding logo are trademarks or registered trademarks of NextLabs, Inc. in the United States.
All other trademarks or registered trademarks are the property of their respective owners. 09 -03
2 Wat er s Par k Dr ive, Su it e 250  San Mat eo , CA  94403 USA  t :650-577-9101  f :650-577-9102
 w w w .Next Lab s.co m
Secure Deployment of SharePoint Extranet for Enterprises
Enterprises use extranets for external collaboration with partners, suppliers, customers, clients, jointventures and remote employees. Enterprises collaborating with external users may have different types
of content that needs to be shared with different types of external users, requiring various types of
permissions and access control methods. With many variations in content, access control, permissions,
processes and such, enterprises concerned about security risks and compliance violations should
carefully and methodically plan extranet deployment.
Making more information and processes available to external users can enhance efficiency, increase
productivity, and create customer loyalty. At the same time, however, extranets can increase business
risk for those enterprises that need to be meet security requirements such as customer IP protection,
company confidential IP protection, company sensitive data protection, and compliance for obligatory
regulations such as ITAR, HIPAA, NERC, FERC, PIPAA and many more. To avoid security risks and
multi-million dollar fines, these business requirements should drive the pertinent techniques and
processes needed for secure extranet deployment. To meet these requirements, SharePoint architects
need to consider the following five important security areas with respect to business requirements:
 Web Application Architecture - means by
which an external user will access the
extranet content hosted by enterprises
(www.sharepoint.extranet.company.com).
 Authentication –process of verifying a
user’s identity.
 User Management –process used to
manage the external users.
 Authorization –process of defining
permissions, rules and rights for
authenticated users.
 Content Management – a set of processes
that manage content creation, content
placement on the extranet, content
classification, and workflows for
updating/approving content.
Web Application Architecture
Before a site or a site collection is created to collaborate with external users, a web application must be
created. A web application (http://sharepoint.extranet.company.com) is how an external user will
access the extranet. It is comprised of an Internet Information Services (IIS) site with a unique
application pool. When you create a new web application, you also create a new database and define
the authentication methods used to connect to the database. For SharePoint extranet deployments, you
can either use different web applications for internal and external employees or use the same web
application for everyone.
Using different web applications for internal and external users is
prevalent when enterprises use the extranet to share information with external users. Using the same
web application for both external and internal users is not as popular, but is preferred when enterprises
want internal and external users to use a single common application to work jointly to produce content.
Authentication
Authentication is the process of validating a user's identity and is managed by Internet Information
Services (IIS). The three main types of authentication methods that can be deployed for extranet are:
2 Wat er s Par k Dr ive, Su it e 250  San Mat eo , CA  94403 USA  t :650-577-9101  f :650-577-9102
 w w w .Next Lab s.co m
Related documents
Hill & Knowlton Looks for a New Knowledge Management System
Hill & Knowlton Looks for a New Knowledge Management System
Kickoff Meeting Presentation
Kickoff Meeting Presentation
Extranet Policy - California University of Pennsylvania
Extranet Policy - California University of Pennsylvania
Sharepoint and InfoPath Presentation
Sharepoint and InfoPath Presentation
SPSLouisville_SPCodeBank
SPSLouisville_SPCodeBank
A Model of Extranet Implementation Success Effects
A Model of Extranet Implementation Success Effects
Download