HiSoftware Compliance Sheriff for SharePoint Compliance Management

By: Hisoftware  09-12-2011
Keywords: Content Management, Information Security

Unstructured SharePoint Content is Putting Your Organization at Risk

With more than 65,000 customers and counting, there’s little doubt that SharePoint is rapidly becoming one of the market’s most widely deployed enterprise content management (ECM) systems. But despite this rapid adoption, gaps in SharePoint remain, particularly when it comes to data compliance and the management of private or otherwise sensitive content. In fact, only 20 % of the respondents to AIIM’s 2011 survey indicated they had sufficient confidence in SharePoint security to store sensitive information. And more than 60% of organizations surveyed have yet to bring SharePoint into line with their existing compliance policies.

Harness the Power of SharePoint Without the Compliance Risks

Compliance Sheriff SP is HiSoftware’s award-winning content-aware compliance solution for SharePoint. Fully integrated with SharePoint 2010, Compliance Sheriff SP allows organizations to realize the full ECM potential of SharePoint while mitigating the risk of a privacy breach and ensuring compliance with specific regulations and internal policies using the following functionality:

  • Scan: Organizations scan information at rest within their SharePoint sites against the Compliance Sheriff rules engine to assess the level of sensitive information present and identify compliance issues. In addition to information at rest, Compliance Sheriff SP also scans data in motion against these corporate policies as documents move in and out of your SharePoint environment.
  • Report: Through the Policy Dashboard, Compliance Sheriff SP provides executive visibility into SharePoint compliance status. Via standard reports, compliance and privacy officers get real-time insight into the compliance status of the SharePoint environment, identify teams or departments where issues are recurring, and measure progress against compliance objectives over time.
  • Classify: Compliance Sheriff SP continuously scans your SharePoint content and applies metadata values based on your specific policy parameters and business rules. Content scans are triggered:
    • by the Compliance Sheriff Server to scan data at rest within a specific SharePoint site, library or list;
    • automatically as new documents and items are added to SharePoint; or
    • by authorized users when they create and/or edit an individual document or content item.

HiSoftware is the only vendor to deliver both policy and user-based classification within SharePoint, offering layered protection that supports both compliance and information security mandates. A number of basic classification categories come standard with the solution, however, an organization may easily customize any number of new classification categories for their specific needs. Once an item is classified by Compliance Sheriff SP, the classification values can then be utilized by Security Sheriff SP to encrypt and/or apply permissions that restrict access to the item, regardless of the permissions applied to the larger SharePoint site, library or list in which the item physically resides. Classification can also aid in e-discovery, search and retrieval, and provide a persistent form of identification for sensitive content as your SharePoint environment grows and evolves.

Flexible Rules Engine

HiSoftware’s flexible content-aware rules engine ensures information moves in and out of your systems in accordance with your privacy policy, Written Information Security Program (WISP), and brand standards while preventing a damaging breach of private or other confidential information that could impact your bottom-line and your corporate reputation. Specific rule sets are pre-defined to address compliance with HIPAA/HITECH, MA 201 CMR, FISMA, COPPA, Section 508 and WCAG 1.0 and 2.0, OMB 10-22 and many other federal and state regulations. These rules are available for use in both Compliance Sheriff SP and Security Sheriff SP and are broken out into four modules, each sold separately.

    HiSoftware Connectors for Microsoft Office and Microsoft Outlook

    By deploying the HiSoftware Connectors for Microsoft’s Office and Outlook applications, organizations can add further controls to prevent sensitive content from being viewed by unauthorized users. Compliance Sheriff SP, working in concert with the Connectors, allows individual content contributors to scan and classify content on its way into and out of SharePoint from within the familiar Microsoft ribbon interface. Once classified, credentialed Privacy or other policy officers may choose to upgrade, downgrade or override a user classification, as needed, to ensure that a specific document is tagged with the proper level of sensitivity. Both Connectors are optional add-ons and are sold separately.

Keywords: Content Management, Information Security

Other products and services from Hisoftware


Compliance Solutions for Chief Information Security Officers

Without a proven solution for monitoring and securing the use of internal content platforms, Google docs and other free tools completely outside your control can be easily substituted by an increasingly savvy workforce, creating the perfect scenario for a breach.


Compliance Solutions for SharePoint Administrators

AIIM has also found that more than 60% of organizations have yet to bring SharePoint into line with existing data compliance policies and that 80% do not feel confident storing sensitive information in SharePoint. While training and usability enhancements will undoubtedly help adoption, for SharePoint to really be utilized as an ECM platform, its users need to believe that it is secure.


HiSoftware Product Index: content compliance solutions, risk

SharePoint and other file-based document repositories typically mirror the traditional “IT” approach to permissions and access management.


HiSoftware Compliance Sheriff

Validate for compliance with data and information security guidelines; Identify problem or exposed security areas; Integrate data and information security testing into your quality assurance and content delivery processes; Measure and manage risk and compliance across the organization; and Allocate resources appropriately.


HiSoftware Security Sheriff™ SP

As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of SharePoint 2010, the chance for a security breach or a compliance violation increases as well. By deploying the HiSoftware Connectors for Microsoft’s Office and Outlook applications, organizations can add further controls to prevent sensitive content from being viewed by unauthorized users.