Implementing security for Microsoft SharePoint Server 2010 is a multifaceted exercise. Although it is impossible to completely secure any system connected to a network, you can implement controls to mitigate the most common risks. The controls discussed here are a basic set of practices to use as you begin your secure design and implementation; they do not guarantee security. Your environment might require greater security than discussed here, or practices described in this chapter could possibly break your current implementation. For these reasons, you should always test new access, authentication, and authorization controls in a ...