Netwrix’s Epic Guide to SharePoint Permissions Best Practices
Everyone knows how confusing the permissions structure in SharePoint can be. You can grant permissions at different levels in SharePoint, from the web application and site collection levels down to the list and even the file level. Permissions at a given level are inherited by lower permission levels — but you can break permission inheritance. Moreover, you can assign permissions to both SharePoint groups and AD security groups, as well as directly to users to create fine-grained permissions.
The average Microsoft SharePoint server contains a lot of information, some of which is sensitive data or critical business information. Improperly configured permissions endanger this information, and any other data you store on your SharePoint sites. Using the least-privilege security model, on the other hand, can contribute to data privacy and improve security of your content.
This guide will help you puzzle out this difficult topic by explaining:
- The different levels of SharePoint permissions and groups, including predefined groups for specific sites with their default permissions (for example, owners with full control, visitors with read, members with edit and viewer with view only permissions). It will also explain limited access and other default permissions.
- How to manage SharePoint permissions, groups and group membership, including how to make changes to an available permission level and create a new custom level. You’ll also find information about the management of permission inheritance and how to break inheritance for lower level objects, like a subsite, list or document library.
- SharePoint permissions best practices, including the best use of SharePoint groups, the need for item-level permissions, how to avoid issues with inheritance, and how to ensure safe external sharing.
Setting up a clear SharePoint permissions structure is essential to keeping your SharePoint secure and manageable, so you need to be very familiar with the possible permissions and permission levels and make decisions based on known-good practices and security models. This guide is exactly what you need to come up to speed quickly and get the job done right.