HiSoftware Security Sheriff™ SP

By: Hisoftware  09-12-2011
Keywords: Health information, Information Security, Compliance

Making SharePoint Safe for Sensitive Data

While thousands of organizations are deploying SharePoint 2010 to manage enterprise content, streamline business processes, and deliver “enterprise 2.0” collaboration capabilities, compliance and security concerns − and their associated risks − remain top of mind.

As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of SharePoint 2010, the chance for a security breach or a compliance violation increases as well. A solution that automatically classifies, applies permissions, tracks, encrypts and prevents the inappropriate storage, access and distribution of sensitive content stored in SharePoint is clearly necessary to overcome this confidence gap.

Ensure Data Compliance, Enforce Information Security Controls

Security Sheriff SP builds upon the policy scanning and classification features of Compliance Sheriff SP to deliver content-aware security within SharePoint. Security Sheriff SP includes all the functionality of Compliance Sheriff SP with the added ability to restrict access to and encrypt content based upon the presence of Protect Health Information (PHI), Personally Identifiable Information (PII) or other sensitive corporate information using the functionality outlined below.

  • Restrict: Based upon the policy rules associated with its classification, access to a document or item within SharePoint can be restricted to a specific individual or group, even if a wider audience has access to the site, list or library where the item physically resides in SharePoint.
  • Encrypt: When Security Sheriff SP identifies sensitive content, it can encrypt the information immediately. This means only properly credentialed users will be able to access the content—whether inside or outside of SharePoint, even if they have SharePoint administrator privileges.
  • Workflow: As specific areas of content risk are identified in SharePoint, Security Sheriff SP triggers workflow to remediate compliance issues and/or task the proper individual(s) in the organization to review and potentially classify, re-classify and encrypt the content. Workflow can also be used to prevent the publication of non-compliant content (e.g. in a discussion forum or blog) based upon the policies managed within the HiSoftware rules engine.

Flexible Rules Engine

HiSoftware’s flexible content-aware rules engine ensures information moves in and out of your systems in accordance with your privacy policy, Written Information Security Program (WISP), and brand standards while preventing a damaging breach of private or other confidential information that could impact your bottom-line and your corporate reputation. Specific rule sets are pre-defined to address compliance with HIPAA/HITECH, MA 201 CMR, FISMA, COPPA, Section 508 and WCAG 1.0 and 2.0, OMB 10-22 and many other federal and state regulations. These rules are available for use in both Compliance Sheriff SP and Security Sheriff SP and are broken out into four modules, each sold separately.

    HiSoftware Connectors for Microsoft Office and Microsoft Outlook

    By deploying the HiSoftware Connectors for Microsoft’s Office and Outlook applications, organizations can add further controls to prevent sensitive content from being viewed by unauthorized users. Compliance Sheriff SP, working in concert with the Connectors, allows individual content contributors to scan and classify content on its way into and out of SharePoint from within the familiar Microsoft ribbon interface. Once classified, credentialed Privacy or other policy officers may choose to upgrade, downgrade or override a user classification, as needed, to ensure that a specific document is tagged with the proper level of sensitivity. Both Connectors are optional add-ons and are sold separately.

    Learn more about the HiSoftware Security Sheriff SP

    a HiSoftware solutions specialist to discuss your compliance needs.

    Download the


Keywords: Compliance, Health information, Hisoftware, Information Security,

Other products and services from Hisoftware


Compliance Solutions for Chief Information Security Officers

Without a proven solution for monitoring and securing the use of internal content platforms, Google docs and other free tools completely outside your control can be easily substituted by an increasingly savvy workforce, creating the perfect scenario for a breach.


Compliance Solutions for SharePoint Administrators

AIIM has also found that more than 60% of organizations have yet to bring SharePoint into line with existing data compliance policies and that 80% do not feel confident storing sensitive information in SharePoint. While training and usability enhancements will undoubtedly help adoption, for SharePoint to really be utilized as an ECM platform, its users need to believe that it is secure.


HiSoftware Product Index: content compliance solutions, risk

SharePoint and other file-based document repositories typically mirror the traditional “IT” approach to permissions and access management.


HiSoftware Compliance Sheriff

Validate for compliance with data and information security guidelines; Identify problem or exposed security areas; Integrate data and information security testing into your quality assurance and content delivery processes; Measure and manage risk and compliance across the organization; and Allocate resources appropriately.


HiSoftware Compliance Sheriff for SharePoint Compliance Management

Organizations scan information at rest within their SharePoint sites against the Compliance Sheriff rules engine to assess the level of sensitive information present and identify compliance issues. By deploying the HiSoftware Connectors for Microsoft’s Office and Outlook applications, organizations can add further controls to prevent sensitive content from being viewed by unauthorized users.