1 | @bobbyschang | bobbyschang.com
Worst Practices
Bobby Chang
@bobbyschang
2 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Contact Info
• slideshare.net/bobbyschang
• linkedin.com/...
3 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Why Worst Practices?
Rather Than a List of To-Do’s
5 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
At Times It’s More Effective (and Fun) to Share
What NOT ...
And Scare You Share With You Its Consequences
SharePoint Permissions
Basic Overview
8 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Permissions Fundamental
To Provide or Restrict Users
with...
9 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Site Collection
Site
List / Library
Item
Child Site
10 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Site Collection
Site
List / Library
Item
Child Site
Brea...
11 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Site Collection
Site
List / Library
Item
Child Site
Brea...
12 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Permission Level
Determines how much access a user has
13 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Contribute
• Create, Read, Update, Delete content
• Targ...
14 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
“Edit”
15 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Edit Contribute
16 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Edit Contribute Delete List/Library
In other word, Edit ...
No Planning
Worst Practice
18 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Right?
Planning
Matters
Planning Matters
Photo Credit – Matthew Keagle & Creative Commons
Do You Have a Permissions Strategy?
21 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
- What is purpose of the site?
- Gathering Info vs. Diss...
22 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Consensus on processes and set expectations
• Increase...
23 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
“A governance strategy is never static – it is
a living,...
24 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
SharePoint Platform Matures
Governance Should Evolve as ...
“Full Control” for Everyone
Worst Practice
26 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Create & Delete Sites
Create SharePoint Groups
Manage Si...
27 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
28 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Dear Site Managers,
You play a pivotal role to SharePoint success (or failure)
When asked to pleeasseee have access to EVERYTHING
Image Credit: © SheKnows LLC
Let’s not rush to give
Full Control
32 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
33 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• “Everything” may pertain only to Documents
• “Access” ...
34 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Check or Refine governance policy
Ensure required traini...
35 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Thy requests must go through me …
It’s not that you’re
a...
Simply can’t have everyone
manage your site
Assigning Permissions to Individual Users
Worst Practice
39 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Team Growth
• Role Change for Existing Users:
– Expand...
40 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Where in the World is
Carmen Sandiego?
41 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Hard to decipher who has
what level of access
• Cumber...
Instead, Use …
SharePoint Group
43 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.comThen Add or Remove Users from the Group
First, Assign Per...
44 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
For SP2013 Microsoft recommends
AD (Active Directory) Gr...
45 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
AD Group
46 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Recommended by MSFT for performance
• Use AD group in ...
Default Settings for SharePoint Groups
Worst Practice
48 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
49 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
50 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Site Managers could be locked out
• Be Mindful of Defa...
51 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
ALWAYS assign a group as group owner
Preferably Site Col...
52 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Instead open membership list to everyone
Default -> only...
53 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
What to Look For When
Breaking Site Inheritance
54 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
55 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Reflect and Assess!
Do I really need unique site permiss...
Item Level Permissions
Worst Practice
57 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Item = Document or List Item
• You can set permissions...
doesn’t mean you should
Just because you can …
59 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• SharePoint View doesn’t differentiate
unique permissio...
60 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
F A C T : Reduced performance after
5000 files break inh...
62 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Embraces Social
Intuitive and Convenient
Great Tie-in wi...
63 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Sharing is Caring! Right??
64 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
65 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
66 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
The Gotchas
• Convenient but hard to govern
• UX is diff...
67 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Contributor
Note: It contradicts Contribute permissions ...
68 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
But wait… In Office 365, you have options
69 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
(Under Site Permissions > Access Request Settings)
70 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Item Level Permission (Worst Practice #5)
Permissions fo...
Fun with Limited Access
*BONUS* Worst Practice
72 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Because Limited Access is The Devil
74 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
If user is not declared in site permissions,
Permissions...
• Can’t easily identify where
access was granted
• Clutters site permission
• No easy clean-up process
76 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
When You Delete User’s Limited Access at Site,
SharePoin...
77 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Limited Access can now be hidden
78 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Already in a Permissions Hole?
79 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
First Things First – Stop the Bleeding!
e.g.: Change Ful...
80 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Assess the Damage and Document Findings
81 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Out of Box PowerShell Third-Party
Product
82 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Review of site permissions page
• Unique access are di...
83 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• PoSh Script is your friend for reporting
• Don’t reinv...
84 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Complexity of SharePoint permissions
warrants a third-...
85 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Few Considerations During Permissions Clean-Up
One is the
loneliest number
• Requires commitment,
time, and effort
– Warning:
• Don’t do it yourself!
– Gather requiremen...
87 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
For Worst Case Scenario, Consider Starting Over
88 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Might be more beneficial to start over
• Consider the ...
89 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Get executive buy-in
• Yield needs from business funct...
90 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
Mitigate Survey the Field Clean Up Manage & Control
Do N...
91 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Enforce permissions governance
• Gain leadership suppo...
92 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
• Define processes to periodically assess
• Determine mo...
93 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
94 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
“The greatest accomplishment is not in never failing,
bu...
linkedin.com/in/bobbyschang
bobbyschang.com
@bobbyschang
Questions?
Feel Free to Contact Me
Bobby Chang
twitter.com/bobbys...
SharePoint Permissions Worst Practices
SharePoint Permissions Worst Practices
Upcoming SlideShare
Loading in...5
×

SharePoint Permissions Worst Practices

62,166

Published on

Dug yourself into a SharePoint permissions hole? See how you can unearth yourself and avoid common mistakes from real life scenarios.

View a recording of the session here: https://www.youtube.com/watch?v=Poh4zxHTNvw

Published in: Technology, Design
12 Comments
61 Likes
Statistics
Notes
No Downloads
Views
Total Views
62,166
On Slideshare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
1,363
Comments
12
Likes
61
Embeds 0
No embeds

No notes for slide

SharePoint Permissions Worst Practices

  1. 1. 1 | @bobbyschang | bobbyschang.com Worst Practices Bobby Chang @bobbyschang
  2. 2. 2 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Contact Info • slideshare.net/bobbyschang • linkedin.com/in/bobbyschang • @bobbyschang • bobbyschang.com Bobby Chang SharePoint Consultant at Planet Technologies
  3. 3. 3 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Why Worst Practices?
  4. 4. Rather Than a List of To-Do’s
  5. 5. 5 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com At Times It’s More Effective (and Fun) to Share What NOT To Do
  6. 6. And Scare You Share With You Its Consequences
  7. 7. SharePoint Permissions Basic Overview
  8. 8. 8 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Permissions Fundamental To Provide or Restrict Users with Access to SharePoint Content
  9. 9. 9 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Site Collection Site List / Library Item Child Site
  10. 10. 10 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Site Collection Site List / Library Item Child Site Break Inheritance
  11. 11. 11 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Site Collection Site List / Library Item Child Site Break Inheritance
  12. 12. 12 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Permission Level Determines how much access a user has
  13. 13. 13 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Contribute • Create, Read, Update, Delete content • Target Audience = Team Members, Supervisors Read • View Content • Target Audience = Visitors, Clients, Extended Team Full Control • “The Kitchen Sink” • Target Audience = Site Administrators, Site Managers
  14. 14. 14 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com “Edit”
  15. 15. 15 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Edit Contribute
  16. 16. 16 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Edit Contribute Delete List/Library In other word, Edit is NOT recommended!
  17. 17. No Planning Worst Practice
  18. 18. 18 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Right?
  19. 19. Planning Matters Planning Matters
  20. 20. Photo Credit – Matthew Keagle & Creative Commons Do You Have a Permissions Strategy?
  21. 21. 21 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com - What is purpose of the site? - Gathering Info vs. Dissemination - Extranet vs. Intranet - Who’s the target audience? - Is there any confidential info? - Access for anyone outside org? - Who’s the Site Manager? - Is there more than 1 team involved? - Any group confidential info? - How will you document? - What is your training plan? - How will permissions be governed?
  22. 22. 22 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Consensus on processes and set expectations • Increased team awareness • Better understanding of SharePoint intricacies • More effectively managed platform • Compliance with rules and regulations
  23. 23. 23 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com “A governance strategy is never static – it is a living, breathing process and a set of rules that you should live by, not die by!” --Christian Buckley, MVP @buckleyplanet
  24. 24. 24 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com SharePoint Platform Matures Governance Should Evolve as Your
  25. 25. “Full Control” for Everyone Worst Practice
  26. 26. 26 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Create & Delete Sites Create SharePoint Groups Manage Site & List/Library Permissions Activate & Deactivate SharePoint Features Create, Update, Delete List/Library Public View Generate Site Web Analytics Reports Create, Modify, Delete SharePoint workflow Create, Modify, Delete Site & List/Library Columns Delete Site & List Template Delete Master Page & Page Layout Add, Update, Delete a Wiki and Web Part Page Add, Update, Delete Web Parts Etc. etc. etc.
  27. 27. 27 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  28. 28. 28 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  29. 29. Dear Site Managers, You play a pivotal role to SharePoint success (or failure)
  30. 30. When asked to pleeasseee have access to EVERYTHING
  31. 31. Image Credit: © SheKnows LLC Let’s not rush to give Full Control
  32. 32. 32 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  33. 33. 33 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • “Everything” may pertain only to Documents • “Access” could mean Read, Update, Delete Files • Thus, Contribute is sufficient
  34. 34. 34 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Check or Refine governance policy Ensure required training completion Consider other permission level • Admin privilege without site provision or security control • e.g.: Design
  35. 35. 35 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Thy requests must go through me … It’s not that you’re a control freak
  36. 36. Simply can’t have everyone manage your site
  37. 37. Assigning Permissions to Individual Users Worst Practice
  38. 38. 39 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Team Growth • Role Change for Existing Users: – Expanded Responsibilities – Rolling Off Project – Promotions • Onboarding New Employees • Employee Departures
  39. 39. 40 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Where in the World is Carmen Sandiego?
  40. 40. 41 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Hard to decipher who has what level of access • Cumbersome to manage existing permissions • SharePoint Out-of-Box “Check Permissions” function is rather limited
  41. 41. Instead, Use … SharePoint Group
  42. 42. 43 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.comThen Add or Remove Users from the Group First, Assign Permissions to SharePoint Group
  43. 43. 44 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com For SP2013 Microsoft recommends AD (Active Directory) Group SharePoint On-Prem Office 365 Security Group SharePoint Online
  44. 44. 45 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com AD Group
  45. 45. 46 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Recommended by MSFT for performance • Use AD group in SharePoint only if – AD group definition is well defined – IT Team is proactive in updating membership • AD Membership should be up-to-date to ensure proper access in SharePoint
  46. 46. Default Settings for SharePoint Groups Worst Practice
  47. 47. 48 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  48. 48. 49 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  49. 49. 50 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Site Managers could be locked out • Be Mindful of Default Settings when creating new
  50. 50. 51 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com ALWAYS assign a group as group owner Preferably Site Collection Owner or Site Owner group Default -> the user who created group
  51. 51. 52 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Instead open membership list to everyone Default -> only Group Members can view
  52. 52. 53 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com What to Look For When Breaking Site Inheritance
  53. 53. 54 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  54. 54. 55 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Reflect and Assess! Do I really need unique site permissions? Do I need all 3 new SharePoint Groups? Is there an existing group that I can use?
  55. 55. Item Level Permissions Worst Practice
  56. 56. 57 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Item = Document or List Item • You can set permissions at the Item Level
  57. 57. doesn’t mean you should Just because you can …
  58. 58. 59 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • SharePoint View doesn’t differentiate unique permissions • Laborious administration • Manual process of checking broken permissions • Updating permissions requires a change to each file • May lead to performance issue
  59. 59. 60 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com F A C T : Reduced performance after 5000 files break inheritance See Microsoft reference: http://bit.ly/1iMmyiC
  60. 60. 62 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Embraces Social Intuitive and Convenient Great Tie-in with other components
  61. 61. 63 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Sharing is Caring! Right??
  62. 62. 64 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  63. 63. 65 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  64. 64. 66 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com The Gotchas • Convenient but hard to govern • UX is different than other share functions • Could break permission inheritance of file • Could grant permissions to individual users For more details, click to read this great resource by Sharon Richardson
  65. 65. 67 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Contributor Note: It contradicts Contribute permissions level
  66. 66. 68 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com But wait… In Office 365, you have options
  67. 67. 69 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com (Under Site Permissions > Access Request Settings)
  68. 68. 70 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Item Level Permission (Worst Practice #5) Permissions for Ind. Users (Worst Practice #3) Oh so easy “Share” File in sp2013 + ________________________________
  69. 69. Fun with Limited Access *BONUS* Worst Practice
  70. 70. 72 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  71. 71. Because Limited Access is The Devil
  72. 72. 74 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com If user is not declared in site permissions, Permissions given to a user at library or list level leads to “Limited Access” creation for user at the site level Site List / Library Limited Access Contribute
  73. 73. • Can’t easily identify where access was granted • Clutters site permission • No easy clean-up process
  74. 74. 76 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com When You Delete User’s Limited Access at Site, SharePoint Automatically Removes User’s Permissions in Library/List/File Site List / Library Limited Access Contribute
  75. 75. 77 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Limited Access can now be hidden
  76. 76. 78 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Already in a Permissions Hole?
  77. 77. 79 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com First Things First – Stop the Bleeding! e.g.: Change Full Control access for unqualified folks to Design
  78. 78. 80 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Assess the Damage and Document Findings
  79. 79. 81 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Out of Box PowerShell Third-Party Product
  80. 80. 82 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Review of site permissions page • Unique access are displayed in yellow Pro: Free (with SharePoint) Con: Manual Process and needs to be done per site
  81. 81. 83 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • PoSh Script is your friend for reporting • Don’t reinvent the wheel! e.g.: Check out this script - http://bit.ly/1bH9f1v Pro: Highly Customizable, Repeatable, Powerful Con: (1) Require proper access and knowledge (2) SharePoint Online functions are currently limited
  82. 82. 84 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Complexity of SharePoint permissions warrants a third-party tool investment • List below is recommended by community Note: this is NOT a personal endorsement
  83. 83. 85 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Few Considerations During Permissions Clean-Up
  84. 84. One is the loneliest number • Requires commitment, time, and effort – Warning: • Don’t do it yourself! – Gather requirements – Talk to the business users – Leverage other team members You may not get it done in 1 day Photo Credit - The Daily Journal
  85. 85. 87 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com For Worst Case Scenario, Consider Starting Over
  86. 86. 88 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Might be more beneficial to start over • Consider the following path: – Inherit all permissions in site collection – Manually reconfigure permissions • This route could be high risk, high reward
  87. 87. 89 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Get executive buy-in • Yield needs from business functions • Devise plan with Content/Site Managers • Communicate impact to user community
  88. 88. 90 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com Mitigate Survey the Field Clean Up Manage & Control Do NOT forget this step!!
  89. 89. 91 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Enforce permissions governance • Gain leadership support: – Illustrate level of effort to remedy issue – Quantify the business impact ($) • Form & engage Governance Committee • Provide continuous training for Site Managers
  90. 90. 92 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com • Define processes to periodically assess • Determine monitoring tools – SharePoint Audit log reports – Compliance functions (e.g.: eDiscovery) – Automated Audit via Third Party tool
  91. 91. 93 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com
  92. 92. 94 | @bobbyschang | linkedin.com/in/bobbyschang | bobbyschang.com “The greatest accomplishment is not in never failing, but in rising again after you fall” --Vince Lombardi Photo Credit - Journal Communications, Inc.
  93. 93. linkedin.com/in/bobbyschang bobbyschang.com @bobbyschang Questions? Feel Free to Contact Me Bobby Chang twitter.com/bobbyschang slideshare.net/bobbyschang
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×