Security Blog Post on WSS and Office SharePoint Server 2007
I just posted a collection of security resources, web casts, and links for IT Pro's on the SharePoint Team blog. I recommend reading through it and checking out the resources. There's a lot of good stuff on the topic.
My top 5 security related features...
Information Policies - Auditing of security, deletions, etc...on lists and Site Collections - the ability to know who deleted the documents, and who added that rogue person on the site. (requires MOSS)
Pivot Reports of the Auditing - We could have ended up with all of the auditing going into the security logs in Windows. It's great to have the ability to run adhoc reports on site collections, or run reports in Central Admin to see exactly who's been doing what. (Requires MOSS)
Information Rights Management integration - I've seen the demo's but haven't done it myself. But the idea of being able to set my doc library to not allow anyone to print anything they put in it or I put in it as long as it lives, is very cool. Of course, if you want to create other policies the integration is very easy to configure. (Some capabilities in WSS)
Pluggable Auth - After seeing the Text and Oracle provider on the sharepointsecurity.com site I was floored. Auth and membership is so open this release I think it worries our AD folks! Of course AD is still the easiest and richest experience. ;) (Some in both, LDAP in MOSS)
Exchange as the Edge - This Exchange 2007 feature comes in as my fifth new cool security feature of SharePoint Server and WSS. Imagine being able to drag and drop items in your inbox into a managed folder via OWA or Outlook which is archived to a SharePoint site (refer to "Archive Integration"). Very cool. As well, imaging you're at home, you have OWA and you're checking your mail and you get a link to an internal site, (when rules for URL as allowed is configured by your Exchange Admin) click on the link and have Exchange fetch the doc for you with your credentials. (Refer to "LinkAccess" as the feature) Managing which Exchange servers your SharePoint Server trusts is extra cool. No SPAM on lists. (When configured).... This LinkAccess feature is not a security hole, it requires the Exchange Administrator to specify what paths are available. The users still needs to know what they are or click on a link in an email. As well, it requires proper user rights.
More on all these topics at the post above.
