Securing an organization’s information is crucial. Protecting organizational content is a key component to the success of that security.
Microsoft SharePoint 2013 provides proficient security tools to ensure that teams are completely confident that their content is available only to the users to whom they’ve granted access. Using the SharePoint security model, you can apply access privileges at an overall level such as the site collection, down to an individual level like a single document—not to mention all the levels in between (sites, pages, or lists and libraries).
You can only access SharePoint 2013 if a SharePoint administrator or site owner grants you permission. You can grant permissions to groups of people or to individuals. SharePoint administrators can grant access to Active Directory groups, or Windows network groups, as well.
It is recommended to add individuals to SharePoint groups and then provide access to those groups, rather than directly to individuals. A SharePoint group is a collection of individuals (up to 5,000), and it is much more convenient to manage the applied security settings to a group than to manage individual users.
On the Home page, click the Settings button (the small gear icon next to the name of the logged-on user). On the menu that appears, click Site Settings.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions page, view the permission levels assigned to each group on the site.
A new site can be created to use the same permissions as the parent site or to use unique permissions. Upon creation of a new site with unique permissions, SharePoint 2013 automatically creates three groups: Visitor, Member, and Owner. New groups can be created, and unused groups can be deleted.
Permissions then need to be assigned to groups for them to actually be of use. SharePoint administrators can use permission levels to control what groups or individuals can do within SharePoint. Thirty-three selectable permissions can be mixed and matched in different combinations to define thousands of permission levels.
Permission levels determine what type of activities that group can perform on a site, page, list, library, item, or document. Upon creation of a new team site, SharePoint automatically creates seven permission levels:
Permission level | Definition |
Full Control | Users have full control of a site to add, delete, approve, move, and create new sites. |
Design | Users can view, add, delete, approve, and customize a SharePoint site. |
Edit | Users can add, edit, and delete lists. They can also view, add, update, and delete list items and documents. |
Contribute | Users can view, add, update, and delete list items and documents. |
Read | Users can view pages and list items. They can also can download document copies. |
Limited Access | User can view specific lists, document libraries, list items, folders, or documents when given permission. |
View Only | Similar to the Read permission level, but users cannot download items. |
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions page, click the Permissions tab and then, in the Grant group, click Grant Permissions.
In the Share dialog box, in the designated text box, enter names, email addresses, or the word “Everyone”.
Click the Hide Options button.
In the Select A Group Or Permission Level list box, select a group name.
Click Share.
Customizing SharePoint groups makes it possible for your organization to effectively grant access to only the users it specifies. When you create a group, you can name it, assign it a permission level, and add people to it.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions page, click the Permissions tab and then, in the Grant group, click Create Group.
On the Create Group page, in the Name text box, enter a name for the group.
In the About Me text box, enter a description.
Assign a group owner to the group.
In the Give Group Permission To This Site section, select a check box corresponding to the permission level that you want to assign to the group.
Click Create.
By assigning people to SharePoint 2013 groups, you can see what permissions an individual has and assign those same permissions to someone else simply by adding that person to the same group. Occasionally, however, you might need to assign permissions directly to a user to grant access to a site or its individual items.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions tab, in the Grant group, click Grant Permissions.
In the Share dialog box, in the designated text box, enter names, email addresses, or the word “Everyone”.
Click the Show Options button.
In the Select A Group Or Permission Level list box, select a permission level.
Click Share.
By default, all children objects (sites, pages, lists, libraries) inherit their permissions from their parent site. Permissions for objects cascade from the parent to the child. For instance, a subsite inherits the permissions of its parent site. A library inherits the permissions of the site in which it is created, and a document inherits the permissions of the library to which it is uploaded. If you want to stop this inheritance and customize permissions, you’ll need to break inheritance.
Perhaps you have a site with team information for everyone on your team. By default, everyone who has access to a team library can see the documents in that library. Still, you might want to restrict the Performance Reviews folder to only allow managers to access it. In this case, you would break the inheritance from the parent library so that only the Managers group can see that particular folder.
Select the list or library with which you want to work (for this example, we’ll work with a library).
On the ribbon, click the Library tab.
In the Settings group, click Library Settings.
On the Library Settings page, in the Permissions And Management section, click Permissions For This Document Library.
On the Permissions tab, in the Inheritance group, click Stop Inheriting Permissions.
In the pop-up message box that asks you to confirm the change, click OK.
Select the list or library with which you want to work (for this example, we’ll work with a library). On the ribbon, click the Library tab and then, in the Settings group, click Library Settings.
On the Library Settings page, in the Permissions And Management group, click Permissions For This Document Library.
On the ribbon, click the Permissions tab and then, in the Inheritance group, click Delete Unique Permissions.
In the pop-up message box that asks you to confirm the change, click OK.
When not inheriting permissions from its parent, SharePoint 2013 allows owners to apply unique security at the site collection level, the site level, the library or list level, and to items within a library or list. You might want to grant your department Read access to your site but only allow certain team members to edit documents within the site. SharePoint flexibly accommodates these needs.
Select the list or library with which you want to work (for this example, we’ll work with a library).
On the ribbon, click the Library tab.
In the Settings group, click Library Settings.
On the Library Settings page, in the Permissions And Management group, click Permissions For This Document Library.
On the Permissions tab, in the Grant group, click Grant Permissions.
In the Share dialog box, in the designated text box, enter names, email addresses, or the word “Everyone”.
Click the Show Options button.
In the Select A Permission Level list box, select a permission level.
Click Share.
Click the drop-down ellipsis to the right of an item in a list or library. (Hover over the item to view the pointing hand.)
In the lower-right corner of the Properties box that opens, click the drop-down ellipsis. (Hover over the item to view the pointing hand).
On the menu that appears, click Shared With.
On the Shared With page, click Advanced.
On the Permissions tab, in the Inheritance group, click Stop Inheriting Permissions.
In the pop-up message box that asks you to confirm the change, click OK.
Back on the ribbon, click Grant Permissions.
In the Share dialog box, in the designated text box, enter names, email addresses, or the word “Everyone”.
Click the Show Options button.
In the Select A Permission Level list box, select a permission level.
Click Share.
Logically, if you’ll be granting access to SharePoint 2013, you’ll be removing access, as well. Removing users from items or groups involves the same steps as adding users. You’ll begin to realize the convenience of managing users in groups as opposed to individually. Removing users from a group can be done in one location instead of each location where they’ve been added separately.
On the Home page, click the Settings button (the small gear icon next to the name of the logged-on user). On the menu that appears, click Site Settings.
On the Site Settings page, in the Users And Permissions section, click People And Groups.
On the Quick Launch bar, click Groups.
Click the name of the group from which you want to remove the user.
Select the check box next to the name of the user whom you want to remove.
Click the Actions drop-down arrow.
On the menu that appears, click Remove Users From Group.
In the pop-up message box that asks you to confirm the change, click OK.
On the Home page, click the Settings button (the small gear icon next to the name of the logged-on user). On the menu that appears, click Site Settings.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
Select the check box next to the group from which you want to remove site permissions.
On the Permissions tab, in the Modify group, click Remove User Permissions.
In the pop-up message box that asks you to confirm the change, click OK.
Suppose that a project has completed and you no longer want the team to add or edit the project’s supporting documents. The flexibility of SharePoint 2103 gives you the ability to easily make changes to permission level of an individual or a group.
On the Home page, click the Settings button (the small gear icon next to the name of the logged-on user). On the menu that appears, click Site Settings.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions page, if the site is inheriting permissions, click Stop Inheriting Permissions, and then, in the pop-up message box that asks you to confirm the change, click OK.
Select the check box next to the group or individual for which you want to edit permissions.
Click Edit User Permissions.
Clear the current permissions check box and select a different one.
Click OK.
It can be easy to lose track of who has access to your sites and libraries. You can use the tools on the SharePoint 2013 ribbon to check what permissions are on an entire site or to view a summary of the permissions assigned to a group or individual.
On the Quick Launch bar, click Site Contents.
Click the drop-down ellipsis to the right of the library with which you want to work. (Hover over the library for the drop-down indicator to display).
On the menu that appears, click Settings.
On the Library Settings page, in the Permissions And Management group, click Permissions For This Document Library.
On the Permissions tab, review each group name and permission level.
On the Home page, click the Settings button (the small gear icon next to the name of the logged-on user). On the menu that appears, click Site Settings.
On the Site Settings page, in the Users And Permissions section, click Site Permissions.
On the Permissions tab, in the Check group, click Check Permissions.
In the Check Permissions dialog box, in the User/Group text box, enter the name of the person or group.
Click Check Now.
In the Check Permissions dialog box, review the permission level summary.