SharePoint – Online Security and Security by Obscurity

SharePoint Online Security settings are scattered all around… Sad smile

Next problem is that the Online version OOTB might not give you all the security features you need ?

So you will have to apply some tricks to fool the users.

Here is an overview of what is to your disposal ….

SP Security :

SharePoint delivers a Security Model that is a combination of AD user & Groups with SP Users & Groups.

See Managing the Security Model for more info.

These users and “Nested” Groups can be used to secure your Site Collections on different levels

image

Using Site Settings –> People and Groups and Site Permissions

image

To set security on different levels

1. Site level
2. List and Library security
3. Record level Security

See here for more info

What is Record level Permissions versus Record level Security, see here for more info.

Setting Record Level Security will also have a performance hit !  So try to avoid it as much as possible.

– Search Security
Via Site Settings you can refine the security on the Search

image

So let’s say you don’t want to have the users see the search EVERYTHING option

image

Go to SITE SETTINGS –> SEARCH Settings

image

Delete the EVERYTHING from the list.

Disable File and Folder Sharing :

image

Go to SITE SETTINGS –> Site Permissions –> Access Request Settings

 

SP Security by Obscurity :


Using Target Audience settings :

This is not a real security because the SP Search will ignore the target audience settings !!


– Hiding List or Document Library records using Audience Targeting :

On the list or Library activate Audience Targeting

image

You have to use it in combination of the Content Query Web Part

See here on how to.

– Hiding Web Parts using Audience Targeting :

This is done using the EDIT Web Part feature

image

In the Advanced Section you specify the TARGET Audience user(s) or group(s).

image image

You can use different other settings to HIDE Web Part features from the users

– Select a different VIEW to limit and filter the records shown in the Web Part. And hide the TOOL Bar if needed.

image

In the MISCELANEOUS section you can hide different sections

image

Here you decide to hide the Web Part Toolbar and only leave the INLINE LIST SEARCH available.

– Hiding Search options using Audience Targeting

image

Next you can  set Targeting Audience using SP Groups to limit the search this site feature for certain users.

– Hiding Objects using CSS

Examples to hide the SEARCH box on a site, and more …

<style type="text/css">  
#DeltaPlaceHolderSearchArea {display: none;}
.ms-InlineSearch-SearchStatus {display:none;}
.ms-cui-topBar2 { display : none; }
</style> 

– Hiding Objects using JQuery, give the same effect.

– Hiding Objects using SharePoint Designer : See below

Tools :

1. SharePoint Designer

Hide Libraries from the all site contents

image

image

Use SP Designer Workflows to automate Security settings on Lists and Libraries or Records / Documents

See here for how to.

First activate the Workflows can use app permissions using Site Features

image

Go to Site Settings –> Site App Permissions

image

Copy this part of the GUID and insert it in

image

Go to the Site Collection URL and add this part  “_layouts/15/appinv.aspx”

Workflow App Permissions : See here for the extra steps to complete the whole process

2. PowerShell

Use PowerShell to automate Security settings on Lists and Libraries or Records / Documents

Or to create reports to get visibility on Security.

See here for some good examples

So if you combine all of them, you can go a long way !

But it is important that you have a good security strategy, before starting to build your application.

Enjoy !

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: