SharePoint Information Protection

Protect your organisation's sensitive information with an enterprise end-to-end information protection solution. Allow information owners to classify their data and have it protected against exfiltration or misuse through the application of mandatory access controls that can be enforced and monitored not only in SharePoint but via e-mail and at the end-point (printing, moving to external storage devices, etc.).


Not classifying data in SharePoint is a data breach waiting to happen. Berkeley's proprietary Enterprise Security Services Platform (ESSP) allows organisations to define an information security policy and enforce that policy within SharePoint. With ESSP you can require information owners to classify all SharePoint content with security metadata and then establish mandatory access controls based on this metadata and user attributes. Ensuring that all SharePoint content, even calendar appointments is classified is the quickest and most cost effective way to prevent a data breach.


INTEGRATED EMAIL, Office document and windows security

Why should users have to classify material in Microsoft Office and then reclassify it when they upload it to SharePoint? This leads to human error and data breaches. Allow users to classify their content in either Microsoft Office or Windows Explorer and have that security metadata automatically applied in SharePoint. When users download content from SharePoint, the security classification goes with the content. If attached to an e-mail your security policy will be enforced, and the e-mail will be classified automatically at the highest classification level of any attachment. Stop individuals accidentally or deliberately bypassing your SharePoint security by e-mailing content to users who should not have access.

ESSP secures your content in SharePoint windows explorer mode, with FAST Search and all API calls - straight out of the box.


Developing a data governance scheme or information security policy can be hard work, but enforcing it is more difficult. Enterprise Security Services Platform (ESSP)  ensures your organisation's information security policy is enforced by applying your mandatory access control rules.

Comply with policies such as:

  • Government Classification Schemes
  • Privacy Acts
  • Gramm-Leach-Bliley (GLBA)
  • RACGP Computer and Information Security Standards
  • APRA/SEC Guidelines

Unauthorised access, inadvertent data breaches and misuse of critical business data can cost your company millions and senior IT staff their jobs. With ESSP content is only visible to, and accessible by users who have attributes that meet your mandatory and discretionary access control rules.


IT staff typically have little to no idea who should be accessing sensitive content, so why have IT staff manage permissions in SharePoint? With little or no training required, business units can manage their permissions groups and use those groups to apply discretionary access controls. An intuitive, familiar user interface gives individual work group leaders a single view to efficiently take personal control of user and group permissions defining who sees, edits and shares sensitive data. ESSP also integrates with ADFS and IBM Tivoli Identity Manager


Out of the box SharePoint and other SharePoint security solutions that utilise item level security suffer badly from performance degradation. As a result, information that should be contained in a single document library is split into many libraries to avoid performance constraints.

Engineered from the ground up to overcome the scale and complexity challenges of large scale SharePoint deployments. ESSP allows users to apply item level security without some of the typical performance problems associated with "Breaking Inheritance*". We mitigate many of the performance degradation issues and Microsoft's officially documented constraints on sites and lists.

* Breaking Inheritance is where permissions on a content item are no longer inherited from the list they are contained in. This is the process in SharePoint of applying item level security.


The "Insider Threat" is the most difficult data security risk to mitigate and yet it's the most dangerous. ESSP ensures your insider threat is mitigated by simplifying the application of mandatory and discretionary access controls. Other functionality includes live notifications when sensitive content is accessed, and the ability to require a work peer or manager to authorise specific one-time access to a content item. ESSP even blocks site-collection administrators from accessing content


Berkeley boasts nearly two decades of experience with the Defence community keeping the world’s most sensitive shared data available to all those who need it yet safe and secure from those who are not meant to see it.