Share via

Security planning for sites and content (SharePoint Foundation 2010)


Applies to: SharePoint Foundation 2010

Some of the sites in your enterprise probably contain content that should not be available to all users. For example, proprietary technical information should be accessible only on a need-to-know basis. An intranet portal for employee benefits should be available only to full-time employees, whereas the home page of an Internet Web site is accessible by anonymous clients.

Permissions control access to your sites and site content. You can manage permissions by using Microsoft SharePoint Foundation 2010 groups, which control membership, and fine-grained permissions, which help to secure content at the item and document level. This section describes permissions for sites and site content and provides considerations for choosing permissions.

In this section:

securitySecurity Note
SharePoint Foundation 2010 does not currently comply with Federal Information Processing Standard (FIPS) 140-2 - Security Requirements for Cryptographic Modules. FIPS 140-2 defines security standards which the United States and Canadian governments use to validate security levels for products that implement cryptography.
For more information about FIPS 140-2, see the following references: