InfoSecurity study shows that two-thirds of SharePoint users have no security policy

In a study conducted by InfoSecurity-magazine and Emedia and sponsored by Boldon James results show that “shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application”.

In the study they contacted a wide range of business from -25 users to +5000 users. Half of those respondends were currently using SharePoint, the other half was planning to get SharePoint.

A huge 75% of those respondends claimed they had no security policy in place. And 22% of the respondends has no plans to develop one.

Survey answer infosecurity
Image provided by Boldon James

Survey results

The survey concluded that a organisations need a way to label the sensitivity of their information. Yet, the study shows that only 17% mark both email and files. Governement agencies commonly use protective marking to minimize inadvertent disclosure of confidential information, commercial organisations use protective marking to control intellectual property or customer data.


(and that is just what the sponsor, Boldon James, provides 🙂 )

About: Marijn

Marijn Somers (MVP) has over 14 years experience in the SharePoint world, starting out with SP2007. Over the years the focus has grown to Office 365, with a focus on collaboration and document management. He is a business consultant at Balestra and Principal Content Provider for "Mijn 365 Coach" that offers dutch employee video training. His main work tracks are around user adoption, training and coaching and governance. He is also not afraid to dig deeper in the technicalities with PowerShell, adaptive cards or custom formatting in lists and libraries. You can listen to him on the biweekly "Office 365 Distilled" podcast.

%d bloggers like this: