Microsoft Office SharePoint Server can be a great asset to your organization, but without the proper security considerations, it could cause problems within your organization or in extreme cases, become a devastating liability. This chapter covers the various mechanisms available for protecting your SharePoint site.
SharePoint security relies heavily on a breadth of topics outside the scope of this book, such as Windows Server 2003, Microsoft SQL Server, and network security, among others. Resources for additional information will be provided, however it is important to remember throughout the design, implementation, management, and administration of your SharePoint site that the security of your site does not exist in a vacuum. Numerous influences outside of SharePoint affect the security of your site collection and SharePoint.
As you go through the process of designing and implementing your SharePoint site, resist the "let's make it work and secure it later" mentality that's so common in many organizations. If you don't have time to properly implement security during implementation, you certainly won't have time to fix it all later. You will be in a position of either having to try to secure a system already in production or discovering that SharePoint has already been compromised from the outside or from internal users.
A secure implementation of Office SharePoint Server 2007 starts with a design ...