Skip to Main Content
LIVE CHAT
AvePoint Compliance Guardian

AvePoint Compliance Guardian

  • Overview
  • Business Case
  • Business Advantages
  • Technical Overview
  • Guides and Resources

AvePoint Compliance Guardian for SharePoint and other IT System Compliance

Manage. Protect. Mitigate Risks of Privacy, Security, and Accessibility Policy Violations.

AvePoint ® Compliance Guardian is designed to ensure that information is available and accessible to the people who should have it and protected from the people who should not. Compliance Guardian helps organizations proactively protect SharePoint environments from harmful information leaks, contamination, or misuse while simultaneously ensuring that all activities and content residing in their environments are compliant, accessible, and manageable. AvePoint Compliance Guardian bridges the gap between compliance, IT, and the business to establish as well as support a constructive, productive, and compliant environment.

AvePoint Compliance Guardian helps organizations tackle the spectrum of areas that encompass compliance and risk mitigation, including (click on the boxes below for more information):

Accessibility Compliance

Compliance Guardian enables organizations to easily validate their IT systems, applications, and content against standards-based and custom organizational policies for accessibility. Compliance Guardian’s accessibility features allow users to test against regulatory requirements including: Section 508 of the Rehabilitation Act, Web Content Accessibility Guidelines (WCAG) 1.0 and 2.0, and Common Look and Feel (CLF).

Automated accessibility testing for content and IT system frameworks can also incorporate input from human testing to further validate test results and ensure compliance with the most rigorous standards. By aggregating discovered accessibility defects along with additional Compliance Guardian data, such as content access history, organizations can assign priority to the errors for decisive action. If you already have SharePoint deployed, learn more about AvePoint’s capabilities for SharePoint accessibility.

To continue reading about how AvePoint Compliance Guardian provides your organization with the means to to meet various web accessibility requirements, read one of our featured blog posts from one of AvePoint’s compliance subject matter experts at DocAve.com

Operational Security and Sensitive Security Information Compliance

AvePoint’s end-to-end solutions provide an integrated, full risk management life cycle approach that allows customers to address Operational Security (OpSec) and Sensitive Security Information (SSI) requirements and securely manage highly sensitive data. Compliance Guardian helps to close operational and security gaps caused by inadvertent mishandling of data or relaxed permissions controls for information stored on the Web or internal systems, ensuring no information that is sensitive in nature (e.g. ITAR information or logistical data) can be taken advantage of by a malicious third party, drastically mitigating risks of accidental breaches. 

Privacy Compliance

Through a multi-step approach to compliance, Compliance Guardian scans and reports on enterprise content for sensitive data including personally identifiable information (PII), protected health information (PHI) as well as Sensitive Security Information (SSI); tags or classifies that content appropriately; and takes action to protect your environment from privacy violations by deleting, quarantining, securing, or routing content to a more appropriate location. Compliance Guardian can be invoked as part of a real-time compliance risk assessment and risk management system and also used as part of an ongoing audit program, allowing organizations to continuously improve their compliance posture.

Site Quality Compliance

Ensure that your content complies with requirements for site quality, brand management, and maintains a consistent look and feel across your organization.

Compliance Guardian is designed to empower organizations to comply with regulatory, statutory or organization specific requirements to manage and oversee access to sensitive data by:

  • Scanning content in real time or on a schedule based on out-of-the-box test definitions files that map to a wide range of US, International and vertical specific requirements and legislation for Privacy, Information Assurance, Operational Security Sensitive Security Information, Site Quality and Accessibility
  • Tagging sensitive data with either an embedded metatag within the document as well as with SharePoint metadata (if the content is managed within SharePoint) to indicate the sensitivity level of that content
  • Providing unlimited extensibility for advanced metadata classification and schemas
  • Blocking, deleting, quarantining, moving to a protected location, or protecting in place through assignment of specific limited permissions based on the document classification

Compliance Guardian works with AvePoint's extended Compliance Solutions to provide a "heat map" that provides additional actionable context about the document including: how old is the document, who authored it, how many times has it been accessed, who can access it, who has accessed it and what have they done with it. In this way organizations can take specific steps to protect their environment and further mitigate the likelihood of a breach or data leak.

Learn how AvePoint Compliance Guardian can publish reports directly in Microsoft SharePoint to ensure key stakeholders have access to the data they require

Through Compliance Guardian's graphical user interface, technical and non-technical compliance officers, including privacy officers, security officials, 508 coordinators, company executives, and SharePoint administrators, can:

  • Obtain high level score card reports via an executive dashboard
  • Pinpoint risk with a customizable risk calculator
  • Quickly identify and correct problems
  • Report on a single farm, across a de-centralized environment and across multiple systems
  • Maintain a historical view of their compliance status over a period of time to demonstrate statutory compliance and maintain a complete audit trail

By identifying, classifying, and taking action on compliance risks - and presenting this information in easily digestible formats for various stakeholders, organizations can more effectively build and maintain a compliant framework.

Take a look at suggestions of how AvePoint helps with your overall content compliance sustainability and accessibility initiatives

All Microsoft, All the Way

As with all AvePoint software, Compliance Guardian utilizes only fully supported Microsoft APIs.

AvePoint Compliance Guardian Business Case

In today’s hyper competitive business landscape, it is imperative that organizations balance the push to collaborate and share information across multiple data sources with the requirement to protect sensitive information. It is imperative that organizations ensure information is accessible and available to those that need it in their enterprise-wide content management and collaborative environments, while bringing the systems that support these initiatives in line with existing compliance policies in order to combat potential exposure of sensitive or classified information. A robust risk management framework must be implemented to support Accessibility, Privacy, Operational Security (OpSec) and Sensitive Security Information (SSI), and Site Quality.

cloud

Moving to the Cloud? Assess Your Cloud Readiness with AvePoint

clock

Assess the Health of Enterprise Content & IT Systems with AvePoint

Accessibility. Organizations must comply with accessibility statutes like Section 508 of the Rehabilitation Act, as well as the World Wide Web (W3C) Web Content Accessibility Guidelines (WCAG) 1.0 and 2.0 to ensure information is accessible and available to those that need it, regardless of physical ability. Compliance Guardian tests organizational content, as well IT system frameworks including Microsoft SharePoint, reporting on any accessibility errors and helping organizations to prioritize these errors based on activity and usage.

Privacy. Worldwide Public Sector organizations, public companies, regulated industries, and even medium or small business may be subject to a range of privacy and information security requirements. Privacy1 is a major concern of any organization that handles personally identifiable information (PII), protected health information (PHI), or even Sensitive Security Information (SSI). Private information in the wrong hands exposes significant financial risk, whether in regulator fines or by severely damaging a company’s reputability. As such, Compliance Guardian helps by scanning content upon upload or existing in enterprise content management systems for PII, PHI, or SSI, allowing organizations to tag this content appropriately and take decisive action to route it to the appropriate location, assign permissions, delete the content, or quarantine it for further review.

Operational Security/Sensitive Security Information. Information placed on the Web or within internal systems, even with good intent, can create operational and security gaps that could put assets at risk. Troop movement, dignitary visits, power plant schematics, bio hazards, diseases, border information, financial information, or an improper address or phone number may create security issues that could be taken advantage of by a third party. This type of information can create unintended consequences for potential National Security threat and/or terrorist activity. With the current administrations push for government agencies to put everything “online” in support of transparency in government, the potential for inadvertent or unauthorized disclosure of sensitive information continues to grow. Using search engines and information compilation algorithms, a single user can aggregate, analyze, and construct new levels of understanding from unclassified sources. Compliance Guardian helps to secure sensitive information and establish an effective risk management lifecycle to help organizations proactively mitigate risks of data leak.

Site Quality. As part of best practices for establishing corporate intranets or enterprise content management systems such as Microsoft SharePoint, organizations often establish branding guidelines so users have a greater sense of ownership of the system and are more encouraged to utilize the portal for collaboration, whether to find colleagues, organizational updates, or information relevant to their projects and activities. To ensure optimal user adoption, system usability and accessibility must also be considered and accounted for. As such, organizations must establish guidelines for Site Quality that not only account for accessibility and usability, but also branding guidelines, to establish a consistent look and feel (CLF). Compliance Guardian helps organizations comply with accessibility, branding, and look and feel guidelines to maintain optimal Site Quality.

Supporting Vertical and Industry Specific Regulations and Guidelines

AvePoint supports regulatory requirements across a range of vertical markets and industries, including financial services, government, and healthcare.

To learn more about how AvePoint helps government agencies comply with transparency requirements; accessibility requirements for citizens and employees with disabilities; and meet federal requirements for protection of personally identifiable information and management of Operational Security Risks, peruse our AvePoint Public Sector specific Products and Solutions

1 AvePoint is a corporate member of the International Association of Privacy Professionals (IAPP)

Business Advantages for SharePoint and other IT System Compliance

  • Quickly Identify Privacy, Accessibility, Compliance, and Security Risks

    Scan your environment to identify non-compliant data across a broad framework of organization-specific or regulatory requirements, including Personally Identifiable Information, Information Assurance, Operations Security, Sensitive Security Information, Accessibility, Brand Management and Site Quality.

  • Classify Content as it Enters Enterprise Technology Systems

    Utilize highly customizable business rules to classify content as it is uploaded or created with SharePoint or embedded metadata, ensuring sensitive or regulated content can be appropriately tracked and organizations can accurately determine risk levels of their information.

  • Proactively Protect Against Compliance Infractions

    Based on content classification, block or quarantine non-compliant content; route content to the appropriate location; and apply appropriate security and permissions to ensure compliance with information governance, security and architecture policies.

  • Comprehensive Insight into Risk-defined Content

    Aggregate compliance scan results across one or many environments, and present results in easily consumable formats targeted towards various stakeholders – including executive dashboards, configurable risk analysis indicators, or trend results – for Compliance Officers, company executives, and SharePoint administrators. Gain contextual insight into results by aggregating data from AvePoint's DocAve Software Platform to comprehensively view, modify, and report on your environment's usage and activity history (the "who, what, when, and how"), permissions, and content at any level of granularity.

  • Extend Compliance Strategies throughout the Enterprise

    Scan non-SharePoint sources, including social or CRM platforms, against plain text or regular expressions by utilizing AvePoint's Content Compliance Engine API, ensuring privacy, policy, and accessibility violations can be identified and quickly addressed.

AvePoint Compliance Guardian Technical Overview

  • Scan and crawl your enterprise content management systems including SharePoint 2010 and Microsoft Office SharePoint Server (MOSS) 2007 content; design elements including HTML files, PDFs and social elements such as blogs and wikis to ensure branding compliance; and protect against privacy (PII/PHI) or accessibility (Section 508) violation 
  • Scan content in real time or on a schedule against regular expressions or proprietary Test Definition Files (TDFs) that include plain text search terms and report criteria for up to 40% faster scanning than regular expressions
  • Scan multiple content sources utilizing the CCE API to integrate enterprise-wide content compliance efforts 
  • Tag content with imbedded or system metadata, including SharePoint content types, managed metadata, or standard columns via a Metadata Classification Engine
  • Based on content classification, assign permissions, route to the appropriate location, or block or quarantine to comply with information governance policies
  • Support user-driven tagging through native Ribbon-based document panels or automated tagging
  • Identify inconsistencies between document and system or SharePoint metadata, and synchronize to ensure metadata consistency across platforms
  • Quarantine or remove sensitive or inappropriate content from SharePoint to prevent spillage and other forms of environment contamination
  • Analyze scan results to calculate a refined risk list by aggregating audit and security data from AvePoint’s DocAve Software Platform, reporting on content age, number of times accessed and users, and security settings 
  • Present scan and risk assessment results in graphical dashboard displays, or automatically input all compliance risk data and reports into Microsoft Excel files for download and reference
  • Generate actionable email notifications upon identification of sensitive or non-compliant content for end users or compliance teams for decisive action
  • Multi-language support (Unicode) ensures global SharePoint environments remain fully protected from non-compliant content, and enforces tagging policies for sensitive or regulated content
  • Manage multiple, large environments through a single administration console with a distributed architecture to support enterprise scalability 
  • Supports Microsoft SharePoint 2010 and MOSS 2007

AvePoint Compliance Guardian Resources

Guides Resources icon

Product Brochures:

Need information regarding previous releases of Compliance Guardian?

Guides Resources icon

Solution Briefs:

  • AvePoint Accessibility Solution for Microsoft SharePoint

    Ensure SharePoint framework and web pages remain accessible to the people who need it in accordance with accessibility compliance regulations, regardless of physical ability.

  • AvePoint Cloud Readiness Assessment

    It’s not a question of IF you’re moving to the cloud – but WHAT you’re moving to the cloud. This assessment helps organizations identify sensitive or regulated content and develop a best practices approach to separate regulated and non-regulated content or workloads, and subsequently migrate appropriate content to the cloud.

  • AvePoint Compliance Healthcheck Assessment

    Assess a select portion of your SharePoint environment, detecting any areas of concern or risk, and report on compliance infractions and at-risk sites. Develop a best practices approach to subsequently reduce the risk of compliance infractions to support a comprehensive risk management lifecycle.

  • AvePoint Compliance Solutions

    Comply with confidence. Ensure SharePoint content availability, integrity, and confidentiality.

  • AvePoint Compliance Solutions for Accessibility

    Ensure enterprise-wide IT systems and content are available and accessible to the people who need it in accordance with accessibility compliance regulations, regardless of physical ability.

  • AvePoint Compliance Solutions for Operational Security

    Secure sensitive information and establish an effective risk management lifecycle to help organizations proactively mitigate risks of data breach to comply with operational security and sensitive security information requirements.

  • AvePoint Compliance Solutions for Privacy

    Protect sensitive information to support privacy compliance by preventing data leaks or breaches, and automating remediation and redaction to quickly resolve privacy violations.

  • AvePoint Compliance Solutions for Site Quality

    Track and monitor Web systems’ structural integrity to ensure compliance with site quality requirements and optimize quality of service for end-users from both a content and site perspective.

Explore all of our available Solution Briefs

Guides Resources icon

White Papers:

  • Meeting Compliance Objectives in SharePoint

    This document is intended to aid IT administrators and other stakeholders responsible for managing Microsoft SharePoint deployments, in planning and implementing a comprehensive, reliable and efficient compliance strategy appropriate to their organizational needs. 

Peruse our collection of available White Papers

Guides Resources icon

User Guides:




Next Steps

Featured Video

Introducing AvePoint Compliance Guardian

Introducing AvePoint Compliance
Guardian