3.1 Ensure a secondary SharePoint site collection administrator has been defined on each site collection.

Information

A secondary SharePoint site collection administrator must be defined when creating a new site collection.
Rationale:
If a site reaches its maximum size, users will be denied access until an administrator fixes the problem. Having a secondary administrator reduces the risk of having a Denial-of-Service on a site. If the site reaches its maximum size, the secondary administrator can fix the problem if the primary administrator is not available. In some situations, having a secondary site administrator could be inappropriate for reasons of control or confidentiality.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

1. Log on to SharePoint Central Administration as a member of the Farm Administration Group.
2. In Central Administration, click Application Management.
3. On the Site Collection Administrators page, click the arrow next to the site collection name, and then select Change Site Collection if the site collection you want is not already selected.
4. Select the URL of the site collection, and then click OK. If the site collection is not listed, click the arrow next to the web application name, click Change Web Application, select the name of the web application that contains the site collection, select the URL of the site collection, and then click OK.
5. In the secondary site collection administrator area, either type the name of the user whom you want to add by using the format <domain>\<username> or select the user by using the address book.
6. Click OK

See Also

https://workbench.cisecurity.org/files/2031

Item Details

Category: IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|IA-2(1), 800-53|SC-5, CSCv6|5

Plugin: Windows

Control ID: a9520ea4f89d8f6e2e7bc6b777baaea0e5c8bf9ee67953248e23516da5cea6c5