Berkeley IT's ESSP Tightens Access Management in SharePoint

Does your SharePoint implementation need to be secure--really secure? Berkeley IT's Enterprise Security Services Platform for SharePoint is designed to improve data management within the Microsoft platform while locking the system down in accordance with a number of compliance standards.

Berkeley IT is an Australian-based security company that touts its experience with defense companies in describing the value of Enterprise Security Services Platform, or ESSP, for SharePoint. While the product covers a lot of security ground, it focuses on two key issues: insider leaks and managing data classification and enforcement.

ESSP is designed to ease the complexity of access rights management by grouping documents based on their functional purpose rather than their level of sensitivity.

"The biggest threat to data sovereignty is often from rogue individuals from within the organization who have authorized access,” said Scott Marshall, Berkeley IT’s general manager, business development, in a press release announcing the product.

A plug-in module to SharePoint, ESSP is designed to help companies automate and simplify the process of developing an access rights management systems in SharePoint, while at the same time ensuring that organizations' specific security and privacy needs are being addressed.

“In large organizations with large quantities of dispersed sensitive data in SharePoint, administrators would previously spend significant amounts of time designing, implementing and maintaining complex access structures for a sprawling array of disparate projects, content and work groups,” said Marshall. “That complexity is reduced to automated processes that require content originators to define the boundaries and lifecycle of access rights through the easy selection of access rights and expiry dates for each staff member’s permissions."

ESSP's NoLoneZone, for example, adds safeguards against improper access to sensitive material by trusted insiders, including the ability to require content owners to approve individual access requests and automated notifications of access to sensitive content.

ESSP can also help companies show compliance with relevant security and privacy standards, including ISO27001 Information Security Management and Health Insurance Portability and Accountability Act (HIPAA). Companies can use Berkeley IT's pre-configured options or work with the organization to tailor a configuration that meets specific compliance needs.

Is SharePoint's built-in access management meeting your compliance needs? Let us know in the comments section below.