Search

1 to 10 of 30
Sort by

Blog Entry
Managing Security/Permissions in SharePoint - The Hard Way

By default permissions are inherited from the parent (so a List inherits permissions from the Site, a Site inherits permissions from the Site Collection, etc...). In many cases, inheriting permissions is the recommended approach to implementing permissions (it’s certainly the easiest to manage), but this inheritance can be broken and unique permissions applied as required

Steven Pogrebivsky's profile image

Blog Entry
Security & Identity Management Considerations for Application Development in SharePoint 2013 & Office 365

Apps Granted Permissions In SharePoint 2013, an app that is granted permissions is not identical to how a user is granted permissions. App permissions have only two options which is they are or are not granted permissions as it is really a simple “yes or no” type scenario. App permissions have no permissions hierarchy unlike the user permissions strategy and available security hierarchy within a given site collection

Errin O'Connor's profile image

Blog Entry
Security Governance Best Practices for SharePoint 2013 & Office 365 | SharePoint Online

Public Safety or Deployment Success Protect classified or sensitive information and mission plans Overview of EPC Group's Compliance Management Framework EPC Group's Permissions Management Strategy When implementing your permission management strategy there are some core standards you can begin with such as ensuring that the accounts running services: Should be Active Directory (AD) domain accounts Should not be personal administration accounts The is a central email account configured for all managed accounts In most cases, the organization’s employees and contractors with existing Active Directory accounts will be granted access to the appropriate SharePoint Site Collection, Sites, Lists and Libraries, as shown in the image below, using the employees’ AD account and password. User permissions and related permission policies should be implemented as follows: User Permissions Permissions available within permission levels at site collection level Permission Policies Define groups of permissions (similar to permission levels) Only place with a “Deny” capability (i.e. default: deny write, deny all) User Policies Assign permission policies to users and groups for the entire web app (i.e. Deny group from deleting items within an entire web app – applicable to public facing web app) User access will be also be managed through the use of SharePoint groups Permissions will not be directly assigned to either Active Directory groups or individual user accounts A combination of Active Directory groups and individual user accounts will be utilized as appropriate for individual and specific situations and added to the SharePoint group to control permissions Overview of SharePoint’s Hierarchical Architecture Requests to access specific Site Collections should be made through the Site Collection Administrators through a built-in access request function

Errin O'Connor's profile image

Blog Entry
Purchase Order System Best Practices

Save yourself some time and the ride on an emotional roller coaster-evaluate purchase order systems that allow you to control permissions...Some purchase order systems offer permission based viewing allowing you to control who sees which purchase order requests

Courtney Rothe's profile image

Blog Entry
My Sites & Communities: System Architecture Deep-Dive in Office 365 & SharePoint 2013

Community sites are comprised of the following features and underlying capabilities: A template that is available similar to a new team site template in SharePoint 2013 Sites that contain features that are tailored to long-standing groups to facilitate discussion in a specific domain or profession A template that can be easily customized for the topic and goals of the community that consists of: Four basic pages as follows: Home, Categories, Members & About Membership and joining workflow The Activity Dashboard, Top Contributors, My Membership, Discussion List and Owner Tools web parts A site that requires routine attention and facilitation by dedicated moderators A template that is well integrated into the overall social fabric of SharePoint 2013, Office 365 and SharePoint Online Integration for a community into SharePoint 2013’s additional social components Community portal template for showcasing and promoting the various communities to users within your organization Lync integration for instant communication for another members of your community Community and discussion specific search Community sites provide for the following roles, features and related capabilities: Community users and/or members roles for discovering, joining, and participating in a community Community owner roles for adding users and/or members as well as configuring settings and permission Community moderator roles for monitoring, facilitating, managing and promoting content One of the most common areas of concern that organizations have around not having implementing the social capabilities of SharePoint in the previous two versions (e.g

Errin O'Connor's profile image

Blog Entry
Core Records Management Features in SharePoint 2013 & Office 365

Overview of the Managed Metadata Service Application An extremely useful capability of the managed metadata service is that it can allow records managers within your organization to administer and update metadata over time without the need to provide them with SharePoint farm administration permissions

Errin O'Connor's profile image



Blog Entry
Why Large Enterprise and Global SharePoint Deployments Will Not Work in the Cloud

An enterprise SharePoint Server 2010 platform implemented in a Private Cloud, an environment internal to the organization with total control of its servers, permissions \ security, customization and deployment policies, and federation between line-of-business systems and various data sources is the only deployment platform global and large enterprise organization should focus on. There is a place for a cloud-based SharePoint 2010 deployment in small to medium sized businesses who only mostly require out-of-the-box features and functionality and siloed \ departmental permission strategies

Errin O'Connor's profile image

Blog Entry
Implementing Global Intranet Governance with a Proper Long-term Roadmap

A broadband user, with continental latency, would experience up to 2x-4x response time (e.g. 4-8 seconds) A broadband user, with global latency, would experience up to 4x-8x response time (e.g. 8-16 seconds) Low bandwidth, and extremely high latency response times’ experience is hard to predict Global Farm Administration Considerations Provisioning Web Application Creation Site Collection Creation Content Databases Features and Solutions Local Service Applications Excel Services Access Service Vision Graphics Service Word Automation Services Word Viewing Global Help Desk and Support Considerations Operations System Administrators Site Collection Administrators Multi-Tiered Support Tier 1: Help Desk Tier 2: Subject Matter Experts Tier 3: Farm Administrators Support and Administrative Training Global Governance: Isolation Levels Examples Level Definition SharePoint Meaning (Potential) Isolation Tier 1 (I1) (Global) ·Out of the box SharePoint ·Out of the box Security ·Uptime During Business Operating Hours (7am-5pm EST M-F) ·Same SharePoint Farm Same IIS Application Pool ·Same Web Application ·Same Site Collection ·Same Content Database Isolation Tier 2 (I2) (Global) ·Custom SharePoint Features ·Unique SharePoint Permission ·Uptime During Business Operating Hours (7am-5pm EST M-F) ·Same SharePoint Farm ·Separate IIS Application Pool ·Same Web Application ·Separate Site Collection ·Separate Content Database Isolation Tier 3 (I3) (Local) ·Third Party Application ·Custom Functionality ·24 x 7 Uptime requirements. ·Unique SharePoint Permission ·Separate SharePoint Farm ·Separate IIS Application Pool ·Separate Web Application ·Separate Site Collection ·Separate Content Database Global Governance: Service Agreement Examples Service Level Agreement 1 (SLA 1) ·Recycle Bin Policy set to 30 ·Weekly Full Backups and Daily Incremental ·Uptime During Business Hours Backup Retention for 6 months ·Same SharePoint Farm ·Same IIS Application Pool ·Same Web Application ·Same Site Collection ·Same Content Database Service Level Agreement 2 (SLA 2) ·Recycle Bin Policy set to 120 ·Weekly Full Backups and Daily Incremental ·Backup Retention 6 months ·Backup Retention for Incremental Backup for 4 Weeks ·Uptime During Business Hours ·After Hours Technical Support ·Separate Farm ·Separate Database Server EPC Group Lessons Learned Intranet and Internet Deployments Identify Global Governance Board early Roadmap features and solutions for at least 12 months Get buy-in not only from global stakeholders but from local support groups as well Create a unified governance model for ALL farms as though they are one Project and Team Collaboration Deployments Identify the Global Governance Board early Set limits on what is globally governed and what is locally governed Create a high-level global governance which focuses on overall policies, architecture and processes Create local governance extensions which cover people, local policies, local processes and operating procedures and needs

Errin O'Connor's profile image