The increasing use of Microsoft SharePoint to store sensitive business data, extended access and collaboration to partners, customers and suppliers has outpaced native SharePoint security capabilities.
More and more organizations are storing and accessing sensitive, regulated information through this platform. To improve business security, organizations must invest in organizing, managing and protecting these valuable assets.
When securing your site, you need to perform three basic tasks.
- Managing user via SharePoint group
- Assigning permission to your site and site assets
- Granting Administrative Access
Managing users via SharePoint group
A fundamental responsibility concerning site security is managing who can access resources on your site. SharePoint enables you, as a site owner, to control what users or groups of users can access your SharePoint sites. SharePoint uses groups to manage the process of granting someone access to the content in a site. Each SharePoint group maps to a set of permissions that define the tasks that a user can perform. When we create a site, SharePoint automatically creates groups for the site, and assigns permission levels to the groups. These are known as the default SharePoint groups. All the apps and sub sites that are created below the top-level site use these groups and have the same set of people inside the groups. By default, all the content and sub sites in your top-level site have the same permissions, dubbed permissions inheritance.
Site Visitors: Grants read-only access to the site and allows users to create alerts. Users who need read access to a site but don’t need to contribute content are visitors.
Site Members: Confers the Contribute permission level for users, which allows them to add, edit, and modify items and browse sites. Most end users fall into this category for a site.
Site Owners: Grants full control. A site owner may or may not use the site on a regular basis, but the site owner can delegate administrative and design tasks to others. Also, a site owner may or may not be a technical person.
Access to your site and its content is managed through group membership. Adding and removing users from SharePoint groups is the most efficient way of granting and revoking permissions.
Adding users to a group
To add users to the Site Members group, follow these steps:
Log in to the SharePoint site as a site owner and add users to groups on the Site Settings page by clicking the People and Groups link in the Users and Permissions section.
Click to continue »