Microsoft's latest SharePoint technologies, Windows SharePoint Services (WSS) 3.0 and Microsoft Office SharePoint Server (MOSS) 2007, are hugely popular collaboration solutions--in fact SharePoint is the fastest-growing product in Microsoft history. With so much crucial data moving to SharePoint, safeguarding that data is critical. That's why I was surprised to come across a report that says many SharePoint deployments are not adequately protected. The report was based on a survey conducted by Osterman Research and commissioned by Trend Micro . The survey showed that of 269 IT managers that oversee their organization's messaging and collaboration infrastructure, only 60 percent have currently deployed security, leaving 40 percent unprotected. What makes that percentage even more alarming is that many of these companies allow external users (partners, vendors, customers) to access their SharePoint systems, which leaves end user control outside of a company's hands and opens up new pathways into the corporate network.
Many organizations have the perception that their network security also adequately protects SharePoint. They don't realize that there are other important things (e.g., web pages, underlying database) that represent a risk to your SharePoint system. SharePoint's ease of use has led to a proliferation of sites that mangers have little control of or even knowledge of. One would think that SharePoint admins would have a hard time sleeping at night wondering what types of information users have put into SharePoint sites and who has access to it. .
I recommend you look at your SharePoint deployment and make sure your data and site are protected at the gateway, server, and end-user levels. Microsoft has a great resource. "Office SharePoint Server Security," to help you secure your SharePoint implementation.