SharePoint Privacy Management @ SESP



SharePoint sites facilitate document collaboration through the utilization of "Document Libraries".

By default all SharePoint sites have a document library named "Documents"

Each SharePoint site affiliated with SESP also includes an Active Directory group that correspond's to the site's name and grants access to the default "Documents" section of the site. Each site also has a designated Data Steward that manages user access to the site.

To grant a SESP community member access to view or edit documents stored in the "Documents" section of a SharePoint site, their NetID must be added to the corresponding Active Directory group by the designated Data Steward of the SharePoint site 

As an example, the SESP - COMMUNICATIONS SharePoint site has a corresponding AD group named SESP - COMMUNICATIONS. To access and edit files in the 'Documents' section of this SharePoint site, a member of the SESP - COMMUNICATIONS team needs their NetID added to the SESP - COMMUNICATIONS group by the Data Steward.

Active Directory group membership is managed by the Data Steward with the Northwestern ADS Self Service tool.  Information about this tool is available @ Managing group permissions using the Self-Service Group Management tool 

The files and folders in the Documents section are available to all team members in that ADS group

Additional Privacy

When dealing with documents or folders that require restricted access to a smaller set of team members, two recommended options available.

  1. Create a folder in the Documents section with restricted access for specific individuals removing the ADS group from that folder.
  2. Request a new document library be added to the site.  This new document library will have it's own dedicated ADS group, whose members can be a subset of the larger group.

Option #1

All members of a document library have the ability to either create a new folder or modify an existing folder to provide more restricted access to the enclosed documents.  

Quick Instructions are detailed below.

First click the three dots to the right of the folder name and choose Manage access
Then click the Groups tab and click the Can edit to the right of the group name which matches the name of the SharePoint site.
Then click the Can Edit again and from the drop down select Remove direct access.
Then from the People tab, click Grant Access
Finally, add all individuals you wish to have access to the folder and all files and folder nested with this folder.

Following the steps above we allow you to have a folder stored in the Documents section, which is only available to select team members.

It is important when utilizing this technique, that the modified folder is at the top level of the Documents section.

Modifying folder permissions on nested folders (folders one of more levels below the top level) can create difficulty for team members to locate folders that they have access to.

Ensuring that all folders with more restricted access at at the top level of their document library greatly assists in usability.


Option #2

When a team or group has some broadly identifiable sub-groups of users, you can request to have one or more additional document libraries added to the site.  Each new document library with have its own corresponding ADS group for permissions which are managed by the Data Steward of the SharePoint site.  

As example below is a screen shot of the SharePoint site for SESP Doctoral programs.

This site had a Documents section which all members of the SESP Doctoral Program community have access to.

This site has a number of additional document libraries, including the HDSP - FACULTY and HDSP - STUDENTS sections.

Access to each of these section of the site is restricted to members of those specific communities.

The primary advantage of this type of organization is that it eliminates the need for team members to continually modify or verify specific sharing permissions on individual folders.


Was this helpful?
0 reviews
Print Article


Article ID: 2614
Thu 5/16/24 12:36 PM
Fri 5/24/24 9:25 AM