If your organization uses Microsoft’s SharePoint, setting up a strong security model is essential. When you keep your SharePoint secure, you aren’t just protecting your information, you are optimizing workflows that allow your team to work confidently and securely. 

Our software experts are here to guide you through SharePoint security tips to make the tool both accessible and secure. 

Navigating Security in the Settings Menu

Understanding SharePoint’s core administration features will start with the settings menu. The settings menu is accessed by the “gear” icon at the top-right corner of your browser. This menu is where you manage the settings for a list, library or the entire site. 

List or library settings let you set security and permissions for individual lists or libraries, while site settings allow you to control security and features across the entire site. 

Public vs. Private Sites

Another crucial SharePoint security decision you’ll face is whether to make the site public or private. Public sites are visible to everyone, while private sites limit access to only specific groups. 

Organizations typically leverage both public and private sites. Public sites are used as communication sites for one-way announcements from your organization to the whole company. A Teams site (private) facilitates two-way collaboration amongst your team members. This allows multiple users to share and edit content. 

Setting Up Site Security and Sharing

When you implement proper security and sharing settings are in place, you ensure that users only gain access to what they need. In SharePoint, owners manage the users and set permissions. Members can access site features but shouldn’t have the ability to alter security settings. 

Site permission allows you to control sharing, allowing you to adjust how members can share content. We highly recommend you use the “only Site Owners can share” setting. 

Understanding Groups in SharePoint

SharePoint security can get confusing with the combination of Microsoft 365 groups and SharePoint groups. 365 groups give your team access to Teams and group mailboxes. SharePoint groups allow for more control within your site. 

If you want stricter permissions, we suggest you create custom SharePoint groups. This is the best option when some members of your company will need full access and others need limited, task-specific permissions. 

Permissions Levels Explained

Permissions help you determine what users and groups can do within the libraries and lists in SharePoint. Your options include: 

• Full control.
• Edit.
• Read. 
• Customized permissions to fit the needs of specific people within your organization.

Avoid applying unique permissions at the folder level as it can disrupt your established SharePoint security structure. Create a separate library if unique permissions are needed. 

Managing Permissions in Libraries and Lists

Lists and libraries inherit their permissions from the parent site by default. The “break inheritance” option will need to be selected to break the inheritance if you need unique permissions. 

Choosing this option won’t affect other parts of your site when applying specific permissions to a list or library. 

If needed, you can also revert any inherited permissions. This will remove all custom settings and set a user’s permissions back to default. 

Sharing Content Safely

Sharing files, folders and libraries is an important part of SharePoint and it’s critical for SharePoint security to do it in a certain way. For 365 group members that have edit access, sharing a link to the site or item is enough. 

We suggest avoiding the default “anyone with a link” setting as it creates security risks. You should select the “people with existing access” option. This ensures your SharePoint security isn’t compromised when your team shares links. 

Need Help Implementing Our SharePoint Security Tips?

SharePoint is a vital tool to many organizations and SharePoint security is important to help keep your organization secure as well. If you need assistance implementing SharePoint into your organization or any other software, our software staff augmentation services are here to help. Book a meeting with us today to get started.