Two-thirds of SharePoint users have no security policy

Even though Microsoft SharePoint is widely deployed throughout enterprises and SMBs as a collaboration platform, a shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application.

The situation translates to a smorgasbord of opportunity for a hungry information-hijacker, but one which could soon turn into an all-you-can-eat buffet. The study, carried out by Emedia and provided to Infosecurity on an exclusive basis, investigated a wide range of businesses from fewer than 25 through to 5000+ PC users. The study found that while about half (52%) of those surveyed were currently using SharePoint, the other half planned to adopt the application once its social networking enhancements were live.

“This is a data leakage time bomb,” said security specialist and UK Accounting Standards Board member Steve Bailey. “SharePoint is a very widely-used medium, and it’s growing fast, so it is remarkable that IT-savvy users are disregarding the security implications. This could be down to complacency, confusion as to where the responsibility for developing such a policy lies, or simply lack of awareness.”