Note this from WSJ today:
Sony Corp. said a hacker has obtained customer information, potentially including credit-card numbers, for the 77 million members of its online PlayStation Network, forcing the company to take down its service.
Data breaches are common and usually cost the company more in good will than it does in raw dollars. When SharePoint is exposed to the internet or an extranet scenario, often, those running the site collection have little or no education on how security actually works in SharePoint. This lack of training can result in embarrassing data breaches, loss of customers and loss of goodwill. When exposing SharePoint to the internet or an extranet, that you have the security aspect taken care of.
I *strongly* recommend that you install a third-party software package that manages security in SharePoint. The OOB interfaces are not good. Deliverpoint is the product that I recommend because it's functionality is strong and it's price point is fair. If you need better security management in SharePoint 2010, then I recommend Deliverpoint 2010.
Bill English, MVP
Chief Operating Officer | English, Bleeker & Associates, Inc.
Mindsharp Know More. Do More.®
SharePoint Best Practices Conference Clarity. Direction. Confidence.®
LinkedIn: Bill English