Access in SharePoint allows users to see the content they have permission for. Only site owners, however, can configure if and how users can request access. Knowing how to manage access in a SharePoint folder reduces the risk of exposing data and makes permissions management easier. Read our SharePoint online permissions best practices to create your own strategy.

1. Identify the goal of the site

Understanding the site’s purpose makes it easier to manage SharePoint site permissions. Ask yourself these questions:

  • Who needs access?
  • What should users of this site do?
  • What should the capabilities of the site be?
  • Who is the site manager?

2. Know the Site Hierarchy

Build permissions for the site based on the Site Hierarchy. The site should have a pyramid structure, with a few users having high permission and most users having low permission. This practice simplifies permissions management by limiting most actions to a select group. You can base the pyramid structure on your existing company hierarchy.

3. Set up appropriate permission levels

SharePoint permissions in Office 365 are balanced to what each user needs to do. You can create new permission levels or change existing ones. However, using the SharePoint permissions as they’re set up out of the box satisfies most security requirements.

Set up appropriate permission levels

4. Use group memberships instead of direct permissions

Direct permissions assign access by individual while group membership grants access to many users at once. Granting permission to groups instead of directly to users makes long-term permission management easier. If you need to remove access for an individual, remove the individual from the group, and the change will apply to all the items.

5. Edit and create permission levels

There are 10 default SharePoint site permissions, each containing individual permissions. You can edit these permissions as your organization needs or create custom permission levels for more control.

6. Know the difference between authentication and authorization

In SharePoint, authentication verifies the user’s identity, and authorization decides what the user can access. SharePoint handles authorization, not authentication.

See also  What is Ransomware? 

SharePoint supports forms-based authentication (FBA), security assertion markup language, (SAML), and standard Windows authentication out of the box. You can use one of these claims-based authentication methods for additional security.

Contact Agio about SharePoint cybersecurity today

Agio offers several cybersecurity services for SharePoint users. We have the industry-specific experience needed to identify and fix security issues, lower your risk, and improve your cost efficiency. Contact us online today for more information.

Contact Agio about SharePoint cybersecurity today