Security Management of SharePoint Sites

Security Management of SharePoint Sites


We're delighted to offer an excerpt from the book SharePoint 2013 – First Look for Power Users, by Asif Rehmani. Here's a great new security feature in SharePoint 2013. Those of you on SharePoint 2010 or earlier will find it a small but significant change that enhances collaboration.

Security Management of SharePoint Sites

Security management of SharePoint sites in SharePoint 2010 has been a bit ‘klugy,’ unfortunately, leaving a lot to be desired by both the users and the administrators. Requesting access to a resource or granting access to a resource should not be confusing. In fact, managing security for a site is one of the most fundamental aspects of SharePoint and should be easy and straightforward so you can move on to more pressing things that require your attention.

The following are a few of the challenges in SharePoint 2010 currently:

● When site owners are granting rights to other users, they don’t understand which permission level to grant to the other users.

● Once a site owner adds a person to a SharePoint group, they generally don’t understand the rights they are granting that person.

● There is no simple way to figure out who currently has access to a site.

● Once an access request gets submitted by a user, it disappears into oblivion. There is no way to find out the status of that request (aside from emailing or calling the site owner).

● There is no one place where a site owner can go to manage pending access requests.

The SharePoint product team set out to focus on these shortcomings and build a better sharing mechanism in SharePoint 2013.

When a user doesn’t have access to a site and tries to navigate to it, they are presented with the request "Let us know why you need access to this site." Makes a lot of sense, doesn’t it? It helps the user articulate why they need access when the request is sent, rather than requesting the access and then having the site owner ask this same question in return. (See Figure 1 or click image below.)

tn_Why you need access
Figure 1: Why You Need Access

This conversation component is visible to both the user who is requesting access and the owner(s) in charge of granting access to the site. It’s a great way for all parties involved to keep on top of the status of the request. The eventual result of the request and the action taken by the site owner is then archived for later reference as needed.

For the scenario where the site owner wishes to invite folks to the site, it is a simple straightforward process. The site owner clicks the Share link on top left of the site and the dialog appears showing who the site is currently shared with and the fields to invite others to the site. (See Figure 2 or click image below.)

share dialog
Figure 2: Share Dialog Box

Once the site owner decides who to invite and what permission level to grant them, those people get an email notifying them regarding the invitation. This process is pretty straightforward and has worked the same way (but now with a better interface) in SharePoint 2010.

To read more, see  Asif's book, "SharePoint 2013--First Look for Power Users," available from Amazon.
SharePoint 2013--First Look for Power Users

Asif Rehmani runs To learn more about SharePoint videos and about Asif, see his website.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.