User Training Alone is Not Enough to Secure SharePoint intranet collaboration

Despite the focus on outside threats, todays most damaging security threats arent limited to hackers or malware but from a companys trusted insiders with access to sensitive information in collaboration tools like SharePoint. A recent report from Cybersecurity Insiders and Nucleus Cyber looked at what companies believe are the drivers for insider attacks. The top answer – lack of user training. The solution to the problem most cited – more user training. While employees need access to sensitive information to do their job, organizations need a plan to make sure their own people are not the cause of a data breach – both malicious insiders and negligent insiders. However, more training alone isnt the answer training backed by automated enforcement in your Office 365 collaboration is.

Contributing Factors to Insider Threats and Prevention Methods

Heres a quick look at the facts around insider attacks according to the 2019 Insider Threat Report:

  • 56% of organizations surveyed believe the most critical factor enabling insider attacks is the lack of employee awareness and training.
  • On the flip side, the most utilized tactic in combating insider threats, 51%, is user training to address both inadvertent insider threats due to human error as well as recognizing unusual and suspicious behavior often exhibited by malicious insiders.
  • Those survey also cited a lack of training and expertise (58%) as the key barrier to better insider threat management, in addition to the lack of collaboration among departments (57%) and lack of budget (52%).

Theres one common thread here: a lack of or need for more user training.

Why More User Training Simply Isnt Enough

Collaboration tools, like SharePoint, are one of the best and worst things to happen to business productivity. Ironically, the ease of which users can share and collaborate on files is both its appeal and security downfall. With intranet tools like SharePoint, it has never been easier to share files with a colleague or even a third party. Plus, you can access files from any device with mobile apps designed to access your Office 365 documents at any time, from anyplace.

However, the facts clearly illustrate that simply relying on data governance and security policies to safeguard SharePoint data from insider attacks puts organizations in precarious security position. No one can guarantee that every person in an organization who has access to sensitive information in SharePoint and other collaboration tools will follow the rules – no matter how much training they receive.

There is concrete evidence that a large percentage of breaches are caused by employees accidentally or maliciously mishandling sensitive customer, patient or corporate information against policy.  The Insider Threat Report also revealed that 70% of organizations observed that insider attacks have become more frequent over the last 12 months. And 60% have experienced one or more insider attacks within the last 12 months. The results closely mirror McKinseys findings that insider threats are present in 50% of breaches reported in a recent study.

Adding to the complexity is the sheer number of communication channels that exist in Office 365 (i.e. SharePoint, OneDrive, Teams, Yammer) making it difficult for users to remember the rules for every situation and communication medium.

It can happen in any setting, and it can happen to you. So, what steps can you take to protect the business?

Protect Your Content and Your People

For starters, why are organizations only relying on user training when technology exists to protect data in any circumstance? Education has its place especially when it comes to protecting against outside threats from hackers like phishing attacks. And educating users on data sharing polices is important for them to understand the rules around collaboration, but its just one step you should be taking to protect your data.

Just as organizations depend on security technology to protect them from a myriad of outside threats, the right technology is also invaluable to protect data from within; from malicious insiders look to profit from data theft to innocent slips of the mouse that result in a headline making data breach.

You should look to protect your data and users (arguably your next most valuable asset) by:

  1. Auditing Data and Access: To start, identify where all your data currently exists in both SharePoint, SharePoint online, OneDrive and any other data repositories and tools used to store it like legacy Windows file shares. You also need to ensure only authorized personnel have access to sensitive information – that includes your SharePoint admins. Sure, they need to know the files exist to manage them, but they dont need to be able to look at the file contents unless the information is applicable to them just like any other user.
  2. Classifying and Securing Data: Once youve reviewed who should have access to sensitive information, you should look to automate the process of classifying documents according to their sensitivity level. Dont just rely on folder permissions or database security methods. The best course of action is to use data-centric security that both applies both classification and security to the individual document to restrict access and apply restrictions on what actions can be performed (print, save, email, etc.) based on its classification level. Extremely sensitive content should also be encrypted to ensure it remains protected if it makes its way out of the organization intentionally or not.
  3. Addressing Changing Risk Profiles: Todays data isnt static – its constantly being collaborated on and changing. Look at data on a continuous basis to account for how information and its associated access attributes and user context change over time, then adjust its security accordingly. Assess the risk profile associated with the data and its use cases, then consider the security that should be applied in each scenario.
  4. Balancing Security with Collaboration: Keep the right balance between what users want from a collaboration perspective and what the organization demands from a security perspective. Go too far in either direction and you can make your situation worse. Too lax and your data can be shared far too freely. Too stringent and your users find an alternative way to share and collaborate using shadow IT. In either situation you lose visibility and control of your sensitive data.

Training Backed by Automated Enforcement is Essential to Data Protection

Data-centric technologies that adapt security controls to match data sharing scenarios, without placing a burden on users that will cause them to circumvent or reduce their productivity, is the key to securing collaboration inside and outside of SharePoint.

Directly integrated into Microsofts content and collaboration platforms including Office 365, Teams, SharePoint, and Yammer NC Protect provides effective, dynamic data-centric security that minimizes data loss and misuse across entire organizations. NC Protect enables Microsoft customers to better secure collaboration and protect against inside threats.

NC Protect works natively with Azure Information Protection (AIP) and other Microsoft products to provide granular information protection to data within Microsoft collaboration tools by controlling file access and use combined with restricting certain collaboration functionality as needed, including elements of the SharePoint user interface, an applications method for viewing files, and encryption or restriction of attachments sent through Exchange Email. NC Protect can also apply dynamic, custom watermarks to editable and read-only Microsoft Office files for auditing and security purposes. It requires no additional client-side application, reducing IT overhead and the risks involved in implementing new cloud services or BYOD policies.

Secure Your SharePoint Collaboration

These measures coupled with a data-centric solution to automate these steps will help prevent insider attacks while ensuring the authorized users can access information in SharePoint to get their jobs done without bypassing security protocols to do so. In todays modern workplace solely relying on people to follow data security and sharing protocols is not only outdated, it can seriously impact the safety of your sensitive data.

Learn more about how to secure SharePoint and Office 365 content with NC Protect:

Watch the 2-minute video overview

See how a large utility company is dynamically securing access to sensitive information in SharePoint with NC Protect


If youd like to discuss any aspect of your SharePoint intranet security, then get in touch.

LiveTiles acquires leading ‘pocket’ intranet software

We’re proud to be LiveTiles’s top partner with more Wizdom implementations than any other partner in the world. Today we’re excited to hear that LiveTiles has acquired a new technology that we’ll be able to offer our customers. They’ve acquired CYCL, a Swiss company with two products: one is called Condense – it’s a mobile intranet delivered as a SaaS solution and is ideal for mobile workers that don’t necessarily have an Office 365 account. The other product is Matchpoint, a SharePoint product that complements Wizdom really nicely. We’ll find out more soon but for now, we’ve got a copy of the press release below:

Overview of CYCL

CYCL is headquartered in Basel, Switzerland with offices in Bern, Zurich and Boston. CYCLs highly experienced founders and senior management team include Patrick Pűntener (CEO and co-founder), Matthias Walter (CFO and co-founder), Thomas Brunner (COO), Urs Wermelinger (Chief Marketing Officer) and Matthias Weibel (Head of Product Development). The business was founded in 1999 and since the inclusion of its own intranet software products, has grown its revenues, customer base and staff substantially.

CYCL has 156 customers including many global brands and multinationals such as PwC, Roche, Shell, Siemens, SwissLife and the United Nations.

The business has 56 staff, including highly regarded services capabilities that are complementary to its product portfolio. CYCL has 10 active reseller partners and longstanding expertise in managing a high quality, low-cost nearshoring product development team to complement its Swiss-based product team.

CYCL recently established a sales presence in the US (Boston), and has a strong pipeline of qualified opportunities.

Overview of products

CYCL has two differentiated and highly complementary intranet software products: Condense and MatchPoint.

Condense: unlike full-service intranet software that requires bespoke implementation services in order to deploy and go live within an organisation, CYCLs recently developed Condense product is a mobile-focused cloud SaaS product enabling organisations to rapidly configure and launch a pocket intranet. Given the nature of this cloud product, LiveTiles sees strong opportunity to leverage the Condense technology to speed up the sales and deployment process for customers.

Condense significantly expands LiveTiles total addressable market through its focus on organisations with large front-line or mobile workforces, as well as smaller organisations. Critically, Condense enables organisations to reach front-line workers without traditional company IT account access the employee simply needs a mobile phone. Condense drives employee engagement and corporate culture across an organisation, providing content authoring and publishing, a native employee app and enterprise grade connectivity and security.

MatchPoint: an award-winning turnkey intranet solution aimed at enterprise-wide deployments, with a particular strength in financial services and the public sector (including on-premise deployments).

The combination of joint capabilities between CYCLs MatchPoint product, LiveTiles and Wizdom creates an enhanced Intelligent Workplace offering which will open up greater enterprise opportunities. The enhanced Intelligent Workplace offering will also help attract more and stronger partners given the increased opportunity for services with enterprise customers.

MatchPoint is built on the same Microsoft technology platforms as LiveTiles/Wizdom, thereby offering strong product and sales channel synergies.

Webinar: 3 classic mistakes to avoid when deploying MS Teams

Webinar details

Date: 20th November 2019
Time: 2:00pm to 2:30pm UK time
Presented by: Nico de Jong, Innovation and Experience Lead, Wizdom & LiveTiles

With more than 19 million weekly users just two years after launch, MS Teams has taken the world by storm. As an intuitive tool for teamwork and collaboration its not hard to understand that the application is adored by users.

Deploying MS Teams in your organisation, however, requires careful planning and consideration. As teams in MS Teams per default can be created by any user, policies must be in place to avoid:

  • An enormous number of MS Teams and Office 365 workloads created.
  • Lack of control in what is being shared externally from MS Teams.
  • Clutter of inactive teams resulting in low findability and discoverability.
  • More teams created for same purposes.
  • Users working in silos in different teams.

Have you already deployed MS Teams and are experiencing some of the issues above? Dont despair! We will also cover how you can gain control over your Office 365 self-service environment even long after a MS Teams rollout.

In this webinar we will cover how to establish automated processes for governance to ensure MS Teams is rolled out to make the workday better for each employee in your organisation.

Learn how:

  • to define fixed standards for teams creation and provisioning,
  • to maintain and keep your Office 365 self-service environment tidy,
  • to establish a healthy teams lifecycle.


Sign up today!


How a new SharePoint intranet can help unite classic and modern SharePoint

Moving over from classic SharePoint to modern SharePoint is not always straightforward. Not only can it feel like a new platform and interface to get used to, but then you have the issue of managing your legacy classic environment with your modern sites too.

Managing two systems is complicated in itself but additional questions arise. How do you move forward with a consistent user experience across your SharePoint landscape? What do you do when you want people to adopt modern sites, but a team wants to introduce a classic site, because thats what they’re used to?  You may also have an older intranet that can only cope with classic SharePoint.

These issues can sometimes even cause teams to postpone moving over to modern. In this article were going to see how a new SharePoint intranet can act as a bridge between classic and modern SharePoint and help teams with an over-reliance on classic SharePoint move forward with modern sites.

We still love modern

One of the best things about the recent evolution of SharePoint is the development of the modern experience and all the benefits it has brought to intranets and digital workplaces. Modern has delivered better interfaces, better performance, better support for publishers, better self-sufficiency, better site templates, better web parts and more. In 2018 we wrote about eight things we love about SharePoint modern pages.

As Microsoft continues to invest in modern and roll out additional features, we continue to enjoy working with it, both in our role as geeky developers and as intranet and SharePoint consultants, helping our customers launch fantastic intranets and digital workplaces.

Starting with SharePoint from scratch? Use modern!

Naturally anybody starting out on building a new intranet that is based on SharePoint Online and starting from scratch will be utilising the modern experience.  The same now goes for on-premises customers where SharePoint 2019 (which has been playing catch-up to a certain extent) can now also fully utilise the modern experience.

Weve launched both custom and Wizdom intranets that are mainly powered by modern SharePoint. Wizdoms in-a-box intranet was originally designed to work with classic SharePoint and has also now been extended to work along with modern SharePoint. Wizdoms developers have been working away since 2018 to make sure that each part of Wizdoms intranet and digital workplace offering plays nicely with all of modern SharePoint.

Recently we have been working on a brand new global intranet for TTEC, a global provider of customer experience solutions. Because the client wasnt working with existing classic SharePoint sites, we were able to only utilise modern web parts on a Wizdom intranet to deliver the very best experience possible for TTECs mobile and remote workforce.

Mixing classic and modern SharePoint

However, many organisations who are looking to design a new intranet or digital workplace environment may already have classic SharePoint in place or even a mixture of classic and modern SharePoint in place. This is particularly the case with organisations that have:

  • a custom-designed intranet that is based on classic SharePoint, so lists and sites and pages need to stay classic
  • worked with a previous SharePoint intranet based on classic and are looking to upgrade, but have already started to experiment with modern too. For example, perhaps a particular function has used a communication site and this has now spread to other parts of the business.
  • where a company has been brought together by acquisition and there are different versions of SharePoint being used
  • where there has been little to no governance and the SharePoint landscape is a digital wild west.

A SharePoint intranet as the unifying experience layer

In these types of situation, a new SharePoint intranet can actually act as an excellent unifying experience layer that can bridge the gap between classic and modern SharePoint, incorporating both within one common experience for users.  Depending on the situation, this new intranet could be a Wizdom intranet or a custom-build.

For example, Content Formula worked on improving the intranet for Petrofac, a global provider of oilfield services to the oil and gas industry with nearly 11,500 employees worldwide. Our work focused on building a new homepage experience. Despite the old intranet, Petronet, being based on classic SharePoint, our custom template for the homepage incorporated modern web parts. We also delivered other templates that led to a far more engaging, visually appealing and ultimately vibrant intranet.

When organisations do have a SharePoint environment where there is a mixture of classic and modern, the intranet helps your users:

  • deliver a great user experience for content, protecting users from the more dated and less friendly classic experience that tends to be the driver of negative opinion about SharePoint
  • bring the worlds of classic and modern SharePoint together so there is a more consistent and less confusing experience for all.

It also helps digital workplace teams too by:

  • allowing hesitant teams to finally get started with modern, because they previously wanted to avoid a mixture of classic and modern
  • aligning your SharePoint intranet with the Office 365 or SharePoint roadmap by starting to use modern sites and web parts, allowing for a more sustainable intranet with less retro moves of introducing more classic SharePoint
  • allowing teams to move forward with modern in a more achievable and gradual way, without having to migrate or upgrade everything over to modern all at once.

Moving forward with modern!

If youre stuck with a legacy intranet based on classic SharePoint, have a sprawling mixed landscape of modern and classic or are holding back on kick-starting modern SharePoint, then a new intranet can really help. Weve delivered both custom intranet with Sharepoint and Wizdom by LiveTiles intranets that unite modern and classic and end up being loved by the users and the teams that run the intranet! If youd like to discuss any aspect of modern SharePoint and moving on from classic, then get in touch.

#MSIgnite2019: Microsoft announces major upgrades to the Power Platform

Today, Microsoft CEO Satya Nadella unveiled a host of features for the Power Platform that are going to be rolled out to organisations over the coming months. Having already introduced over 400 new capabilities just a few weeks ago with the 2019 release wave, Microsoft seem to be keeping in line with their promise to help organisations drive more impactful business outcomes and take more proactive actions that will uniquely position and differentiate businesses in the fast-evolving market.

Microsoft Flow is going to be renamed to Power Automate to align better with the Power Platform – with Robotic Process Automation (RPA) being added to create automation solutions that cover AI, APIs and UI. UI Flows are going to allow organisations to record certain processes such as a human filling out different fields in a form and then use this recording in a Flow to automate that task, running it hundreds or even thousands of times.

Microsoft Power Automate UI Flows dashboard.

Power Virtual Agents will also be coming to the Power Platform (currently in preview). These are a no-code / low-code way of delivering intelligent chat bots allowing for ‘citizen developer’ scenarios in organisations. They enable subject matter experts in your organisation such as customer service, sales, marketing, finance, or HR to easily create virtual agents using a guided, point-and-click graphical interface without the need for data scientists or developers. Customer service questions and other types of external or internal inquiries at an organisation can be serviced by a virtual agent, freeing up staff to focus on more complex tasks.

• Microsoft Power Virtual Agents Dashboard .

A host of new security enhancements for Power BI, that add industry leading data security capabilities no matter where your analytics data is used and accessed.

Tighter integration between the Power Platform and Microsoft Teams bringing the worlds most popular collaboration app and Power Platform closer together.

A new set of pre-built models for AI Builder that add even more advanced AI models to Power Automate and Power Apps that are available to everyone.


We use cookies to give you the best experience on our site. By continuing to use our website, you are agreeing to our use of cookies. To find more about the cookies, please see our Cookie notice.

You can also read our privacy policy.