SharePoint Privacy Management @ SESP

Tags SESP
TECH.SESP

Documents

All essential files should be stored on a SESP affiliated SharePoint site and managed in accordance with these guidelines.

Most SharePoint sites at SESP are owned by a program, a center, a faculty member, or an individual research project.

Default Document Libraries

All SharePoint sites at SESP are configured with a minimum of three "Document Libraries".

The three libraries are named-

NAME  (matches the name of the SharePoint site), SHARED, and PUBLIC

When browsing a SharePoint site, document libraries appear as navigation options on the left-hand of the screen.

 

Library Purpose
NAME                                                                                 This document library is intended to storage files and documents which are available to everyone in the group or team. For example in the SESP-MSHE site, the MSHE document library is available to all of the staff members in the MSHE program.
SHARED This document library can be used to store folders and files which need to be shared to individuals outside your immediate group. Folders and files in this document library can be shared to individuals outside your group by following the step detailed @ Share SharePoint files or folders. Additionally, SHARED may be used for folders that do not require access by your entire team. Information on changing the permissions of a folder for more privacy are detailed in the Additional Privacy section of this page.
PUBLIC This document library can be used to store and folders or files which you need to make available to the "public" with an anonymous sharing link. Instructions for this are available in the Share by using "Copy link" section @ Share SharePoint files or folders

Each SESP SharePoint site has an identified Data Steward, who is responsible for managing who is a member of the Active Directory group that corresponds to the site and grants access to the main or NAME document library.

Active Directory group membership is managed by the Data Steward with the Northwestern ADS Self Service tool.  Information about this tool is available @ Managing group permissions using the Self-Service Group Management tool 

Additional Document Libraries 

When a team or group has some broadly identifiable sub-groups of users, you can request to have additional document libraries added to the site.  Each new document library with have its own corresponding ADS group for permissions which are managed by the Data Steward of the SharePoint site.  

As example below is a screen shot of the SharePoint site for SESP Doctoral programs.

This site had a DOCTORAL PROGRAMS section which all members of the SESP Doctoral Program community have access to.

This site has a number of additional document libraries, including the HDSP - FACULTY and HDSP - STUDENTS sections.

Access to each of these section of the site is restricted to members of those specific communities.

The primary advantage of this type of organization is that it eliminates the need for team members to continually modify or verify specific sharing permissions on individual folders.

Additional Privacy

When dealing with documents or folders that require more privacy, you may create a folder in the SHARED document library and remove access to the folder for your entire group by removing the ADS group from that folder and directly adding the individuals requiring access.

Quick Instructions are detailed below.

Start by creating a new folder in the SHARED document library.
Give the new folder a name.
Click the ... to the left of the folder Name and choose Manage access
Click the ... in the upper right corner and choose Advanced settings
Click Stop Inheriting Permissions
Click Grant Permissions

Add yourself to the Invite people section.

Select Full Control.

Click Share

Refresh your browser window, so you see your account listed.

Then select the group, this will match the name of your SharePoint site.

Once the group has a check mark, click Remove User Permissions.

Clicked the SHARED link on the left to return to the document library
 
Then click the ... to the left of the folder Name and choose Manage access  
Then from the People tab, click Grant Access
Finally, add all individuals you wish to have access to the folder and all files and folder nested with this folder.

Flatter is Better

When organizing files in SharePoint, it is recommenced to avoid the overuse of nested folders.

Modifying folder permissions on nested folders (folders one of more levels below the top level) can create difficulty for team members to locate folders that they have access to.

Ensuring that all folders with more restricted access at at the top level of their document library greatly assists in usability.


 

Was this helpful?
0 reviews