IN THIS CHAPTER

Managing groups in SharePoint

Handling security for apps, documents, and items

Giving access to administrators

Checking user permissions

SharePoint is a great tool for storing documents and managing calendars and contacts. But how do you know that your information is secure? Although your IT department makes sure that your network and servers are secure, managing the security for your SharePoint content falls on you as the site administrator.

When securing your site, you need to perform three basic tasks. We list them here in the order of the frequency you perform these tasks, from most often to seldom:

• Managing SharePoint group membership: When it comes to that dreaded time to manage SharePoint security, what you really need to be thinking is, “To which SharePoint group do I need to add this person?” If you don’t have an existing group and you find yourself descending into a morass of permission levels, inheritance, and other such incomprehensible stuff, back away from your browser. The reality is that assigning permissions — breaking inheritance and assigning groups — should be a rare event, if done right.
• Assigning permissions to sites, apps, or folders: Deciding which groups get access to what is an important task, and one you only want to think about infrequently — most usually at the time (or ideally before) you create your site. In other words, granting Read Only, Edit, and Delete permissions to the content in ...