Eighty-three percent of SharePoint enterprises report actual security losses from user error.
Imagine for a second that you’ve left the world of technology. Suppose you decided to launch a new venture -- a retail store, or a nightclub.
You spend a lot of time working on the floor plans, construction, architecture -- even the menu. Your sign out on the highway has lots of flashing lights to attract visitors. On opening night you have thousands of people show up. There's a line around the block behind a red velvet rope. Everything feels like a smashing success.
Except you notice people aren’t staying as long as they can, and leave fairly early. Soon there's no one waiting to get in and you have plenty of empty space, not a lot of people. You're worried about all of those early exits -- why did they leave? To prevent a similar situation, you try a new policy -- no cover charge, but once in, you have to stay until 2 a.m. and cannot go anywhere else.
The next day no one leaves -- because no comes in. Soon your shiny new sign is dark and you're out of business.
Sounds crazy, right? Except that SharePoint implementations can all suffer from this issue. SharePoint failures are often left running. These so called "zombie" sites may represent nearly 60 percent according to AIIM of all SharePoint implementations ever tried.
Information Leaks on Zombie Sites
Information leaks can happen to many organizations. SharePoint is a fantastic enterprise content repository. Once content arrives, we can work with it -- collaboration, security, management, routing, information lifecycles, classification and archiving, for example.
But all these functions go for naught if the information leaves SharePoint as soon as it arrives. Just telling people they can’t leave isn’t enough. Most people don't have an exit plan for SharePoint -- they upload documents expecting to keep them in perpetuity. Zombie SharePoint sites drive a lot of information out the back door. Perhaps more perniciously, empty or sparsely populated SharePoint sites suggest to users this may not be the best place for them to keep storing documents. If the last home page update was 18 months ago, users won’t have much confidence.
Much of the focus on preventing information loss considers the targets. The two most common exit ramps for SharePoint information are desktop downloads and email. To be fair, content management for SharePoint should almost always prevent these scenarios. Lock the back door -- or at least close it.
Instead of focusing on where the content is going, we should talk about why. Most people approach SharePoint with the best of intentions. They’re trying to achieve a business goal -- usually, its collaboration. People start out trying to do the right thing. Even French philosopher Jean Jacques Rousseau would agree -- “Man is born free, but everywhere he is in chains.”