SharePoint Beyond the Firewall: Put Your Content to Work
SharePoint is undoubtedly one of the most important and widespread enterprise productivity tools, used by an estimated 67% of medium-to-large organizations, according to research firm AIIM. Many companies are heavily invested in SharePoint, and for good reason: it’s a highly adaptable solution that can be effective for content management and file sharing across a range of use cases. But SharePoint does have its limitations.
Where SharePoint struggles is when content needs to be securely shared outside the firewall, and consumed by remote workers, partners, or suppliers. Extending SharePoint for external needs introduces IT challenges, including content protection and security, user governance and support, and initial and on-going infrastructure and license costs.
This creates a challenge for organizations with sizable SharePoint investments and large populations of users. Rather than replacing SharePoint, it’s more practical to build on existing investments to provide secure, external collaboration and document sharing, without adding unnecessary complexity and cost to IT infrastructure, or putting sensitive or regulated content at risk.
According to AIIM, security and control are the top concerns of SharePoint administrators since it is routinely used to manage highly sensitive and regulated content: 51% of users share financial documents, 48% legal and contractual documents, and 36% board of directors and executive communications.
Leverage Your SharePoint Investment for External Document Sharing
As companies start sharing sensitive documents with collaboration partners, they need to maintain tight access control. SharePoint control over document access isn’t as well defined as many large enterprises might want. Attributes to consider for secure, seamless content sharing that complements your SharePoint investment include:
- Secure, policy-based document-sharing control
- Agile response, and easy set-up and adoption
- Low, up-front investment
- Ability to leverage existing systems without adding new complexity
- Provisioning and support for a community of external users
Cloud-based solutions are now meeting all of these demands to unburden the in-house IT infrastructure, but still allow internal users to continue using the familiar SharePoint-based platform and applications, with little or no change or added overhead.
Maintaining Control Over the Content Lifecycle
Externalizing SharePoint is one thing. Having control over the content once it’s left the firewall is another. For comprehensive control, you’ll want to consider tools with the following:
- Access rights for external partners. Given the large number of potential collaboration partners and the number of documents to share, you’ll need granular and dynamic document administration.
- Encryption. As soon as SharePoint documents pass beyond a firewall, they need to be encrypted and remain encrypted both as they move over the internet and while they are at rest within the external document sharing application. Seamless encryption means hackers can’t access the data within a document at any stage.
- Virus protection. Avoid picking up file-based viruses that could penetrate your network while content is in motion, and shared and accessed from various geolocations and devices.
- Information Rights Management (IRM). IRM services let IT departments provide secure document access to any device—PC, smartphone, tablet—while dynamically managing content rights even after a document has been distributed. Such systems have the ability to let users view without downloading documents, and prevent printing or screen capture. Ideally, IRM should be plug-in free so that it is frictionless to users. Finally, digital watermarking identifies a document as confidential and also embeds in the document the name of the person doing the download. This helps ensure that the user will be extra careful not to lose or leak the document.
- Monitoring and auditing. Know which people are looking at what documents, for how long, and create audit reports from this information. This verifies compliance with data privacy and other relevant regulations, such as the Sarbanes-Oxley Act.
These security, compliance, and information governance capabilities should be accessible without requiring additional SharePoint software customization, or introducing a new user interface.
One Firm’s Hybrid Approach
All of these capabilities were critical to a global investment bank that built just such a hybrid SharePoint-SaaS solution for sharing sensitive information with external investors.
While the firm used SharePoint for its internal collaboration, it needed a secure and audit-ready option to support external client communications, fund raising and regulatory reporting. This involved authorizing different levels of access to sensitive content and required tracking the distribution of various financial documents to demonstrate compliance. Access rights administration and audit reporting was important.
The bank elected Intralinks to serve the firm’s extended enterprise collaboration needs by integrating the secure, external collaboration capabilities of the Intralinks secure collaboration platform with the firm’s internal SharePoint environment through its own proprietary Intralinks Connector for SharePoint. With the connector, content is automatically replicated to the SaaS platform, users can be provisioned and access rights can be defined, and access reports and audit trail details can be viewed within the SharePoint interface. The bank trusted Intralinks because it was already using the company to manage the due diligence process for mergers and acquisitions, and had conducted an extensive audit and penetration testing to ensure it met their stringent security and governance demands.
The firm was able to rapidly implement a secure, external content portal for investors, while internal users could continue to work within the familiar SharePoint environment, without the delay and cost of setting up and supporting a separate SharePoint server farm for external user access.
Intralinks is a secure content collaboration company that offers solutions for sharing, storing and collaborating on highly regulated content.