Managing permissions in SharePoint is one of the most complex yet crucial aspects of maintaining a secure, efficient, and collaborative environment. Without a clear strategy, organisations risk over-permissioning, security breaches, and inefficiencies that slow down productivity.
This post explores a real-world use case—how a mid-sized legal firm structured its SharePoint permissions to balance security, compliance, and collaboration.
This post is part of a new series on SharePoint use cases, showcasing practical solutions to common challenges.
The Challenge: Securing Legal Documents Without Hindering Collaboration
A mid-sized legal firm, handling confidential client cases, adopted SharePoint to streamline document management across departments. However, they faced three key challenges:
- Balancing security and accessibility – Legal documents needed to be highly secure, but teams also required access for collaborative casework.
- Simplifying permissions management – Without a structured approach, permissions were quickly becoming unmanageable.
- Minimising risks of accidental access – Breaking inheritance at every level was causing inconsistent permissions and confusion for administrators.
The SharePoint Structure: Organising Legal Documents by Function
The firm structured its SharePoint environment to reflect its departmental and case-based workflows:
- SharePoint Site – The firm’s main document management hub.
- Document Libraries – Each department (Litigation, Conveyancing, Family Law) had a dedicated library.
- Document Sets – Each case was stored in a document set, grouping related documents together.
- Individual Documents – Sensitive files, such as contracts and court filings, were stored within document sets.
This structure allowed them to apply permissions at multiple levels for controlled access without unnecessary complexity.
The Solution: A Structured Permissions Strategy
The legal firm adopted a layered approach to SharePoint permissions, ensuring the right people had the right access at the right level.
1. Site-Level Permissions: Establishing Strong Oversight
Objective: Control access to the overall SharePoint environment and prevent unauthorised site-wide access.
- Managing partners and IT were granted Full Control to manage site settings.
- Department heads received Edit access to oversee their teams’ libraries.
- External users were restricted from accessing the site entirely for maximum security.
Outcome: Centralised control prevented unauthorised access to the entire SharePoint site, reducing security risks.
2. Library-Level Permissions: Department-Specific Access
Objective: Ensure departments only had access to their own documents while maintaining structured collaboration.
- Custom SharePoint groups were created for each department:
- Litigation – Full Control for the department head, Contribute for team members.
- Conveyancing – Edit for the leader, Read for team members.
- Family Law – Custom permissions based on case sensitivity.
- Inheritance was broken at the library level to ensure that each department’s library was only accessible to the relevant team.
Outcome: Departments could work on their cases without the risk of unauthorised access to other teams’ sensitive files.
3. Document Set Permissions: Securing High-Profile Cases
Objective: Apply additional security controls for high-profile cases that required restricted access.
- Most document sets inherited permissions from their parent libraries.
- For high-profile cases, inheritance was broken to allow access only to:
- The lead lawyer handling the case.
- Select team members directly involved in the case.
Outcome: The firm protected highly sensitive cases without overcomplicating permissions across all document sets.
4. Item-Level Permissions: Protecting Critical Documents
Objective: Secure individual files that required strict access control.
- Specific files, such as settlement agreements and privileged legal advice, were assigned unique permissions:
- Read access was limited to senior partners and relevant legal staff.
- Edit access was only granted to case managers and key contributors.
Outcome: Highly sensitive documents remained protected, ensuring compliance and preventing accidental access.
Key Takeaways: Best Practices for SharePoint Permissions
Keep in mind the following best practices when structuring your SharePoint permissions:
- Use inheritance wisely – Breaking inheritance too often leads to permission chaos. Only break it when absolutely necessary, such as for high-profile cases.
- Keep permissions simple – Assign permissions at the highest logical level (site or library) to avoid complexity.
- Group users for efficiency – SharePoint Groups make permission management easier than assigning access to individuals.
- Review permissions regularly – Conduct audits to check for unauthorised access and remove inactive users.
- Train your team – Educate staff on best practices to prevent mismanagement and unintentional permission changes.
Final Thoughts: SharePoint Permissions Don’t Have to Be Overwhelming
With strategic planning and the right structure, managing permissions in SharePoint becomes much more manageable and effective. This real-world legal firm example demonstrates how permissions can be used to enhance security and collaboration without unnecessary complexity.
Want to master SharePoint the simple way?
This legal firm’s story is just one example of how the right structure and approach can transform SharePoint from overwhelming to organised.
My course SharePoint Essentials for End Users – The Container Method™ takes these lessons further, giving you a clear mental model and step-by-step guidance to confidently navigate SharePoint in any workplace.
Are you new to SharePoint and unsure where to start? This beginner’s guide will help you understand its core components and purpose. SharePoint is one of the most powerful tools in the Microsoft 365 suite, designed to streamline collaboration, document management, and communication for teams and organisations. Whether you’re entirely new to SharePoint or just beginning to explore its capabilities, understanding the basics is key to unlocking its potential.
This guide will cover what SharePoint is, why it’s essential, its main features, and a clear learning path to help you get started.
What is SharePoint For?
At its core, SharePoint is a web-based platform that enables teams to:
- Collaborate effectively: Share files, ideas, and updates in real-time.
- Centralise resources: Store, organise, and access documents and information from anywhere.
- Streamline workflows: Automate repetitive tasks and approvals.
- Improve communication: Keep everyone informed with news, announcements, and events.
Whether you’re managing projects, sharing files, or creating a company-wide intranet, SharePoint provides the tools you need to keep everything connected and organised.
Why Use SharePoint?
SharePoint is flexible and designed to adapt to your team’s needs, offering:
-
Accessibility: Access your content securely from any device, anywhere in the world.
-
Scalability: Whether you’re a small team or a global organisation, SharePoint can grow with you.
-
Integration: Seamlessly connect with Microsoft 365 apps like Teams, Outlook, and OneDrive for a unified experience.
-
Efficiency: Save time by centralising information and automating tasks.
-
Security: Keep sensitive data protected with robust permission controls.
Key Components of SharePoint
SharePoint offers a variety of features, but these foundational components will help you get started:
Sites
SharePoint sites are like digital workspaces tailored to specific teams, departments, or projects. They provide a structure for organising files, hosting news, and managing resources.
Document Libraries
A cornerstone of SharePoint, document libraries are where you store, organise, and collaborate on files. With version control, metadata, and views, they’re designed to simplify document management.
Lists
Think of lists as customisable tables to manage information like tasks, contacts, or inventory. They integrate seamlessly with other Microsoft 365 tools for automation and reporting.
Pages
SharePoint pages help you share information visually, whether it’s news updates, dashboards, or instructions. Use web parts to add content like text, videos, or quick links to your page.
Metadata and Views
Metadata helps categorise and tag your files for better organisation and searchability. Custom views allow you to display only the information you need, saving time and reducing clutter.
Integration with Microsoft Teams
SharePoint and Teams work hand-in-hand to enhance collaboration. Share files, host meetings, and access SharePoint resources directly within Teams.
Popular Solutions and Ways SharePoint is Used
SharePoint’s flexibility allows it to be used in many creative and effective ways. Here are some of the most popular solutions organisations implement using SharePoint:
Intranet Portals
-
Create a central hub for company-wide announcements, policies, and resources.
-
Encourage employee engagement with newsfeeds, event calendars, and recognition pages.
Project Management Sites
-
Manage tasks, timelines, and project updates in a single location.
-
Use lists and document libraries to track project deliverables and share resources.
Document Management Systems (DMS)
-
Store, organise, and manage critical business documents.
-
Leverage version control to ensure everyone is working on the latest file.
Team Collaboration Spaces
-
Provide teams with dedicated workspaces for sharing files, ideas, and updates.
-
Integrate with Teams for seamless collaboration.
Process Automation
-
Automate repetitive workflows like leave requests, expense approvals, or document reviews.
-
Use Power Automate to extend SharePoint’s automation capabilities.
Knowledge Management
-
Build a repository of training materials, guides, and best practices.
-
Enhance searchability with metadata and tags.
Compliance and Record Management
-
Maintain regulatory compliance by managing sensitive documents with permissions and retention policies.
-
Use audit logs to track activity and ensure accountability.
Event and Task Coordination
-
Schedule events, assign tasks, and track progress with integrated tools like calendars and lists.
A Beginner’s Learning Path for SharePoint
To help you get started with SharePoint, here’s a step-by-step learning path:
Understand the Basics
-
Read introductory articles and watch beginner-friendly tutorials.
-
Familiarise yourself with the SharePoint interface and navigation.
-
Explore the purpose of SharePoint, including how organisations use it for intranets, document management, and collaboration.
Explore Key components
-
Create a SharePoint site and experiment with different site templates to learn their features.
-
Set up and manage document libraries, including adding, organising, and sharing files.
-
Create and customise lists for tracking tasks, events, or data.
-
Design pages with web parts to display news, reports, and other content.
-
Implement metadata and create custom views to improve organisation and search functionality.
Learn Integration
-
Connect SharePoint to Microsoft Teams to create a collaborative workspace with shared files.
-
Sync SharePoint document libraries with OneDrive for offline access.
-
Explore integration options with other Microsoft 365 apps like Planner, Power BI, and Outlook.
Dive Into Popular Solutions
-
Build a basic intranet portal, including a homepage with links to key resources and tools.
-
Create a project management site with task lists, document libraries, and calendar web parts.
-
Automate simple processes using built-in workflows or Power Automate to streamline approvals or notifications.
Advance Your Skills
-
Stay Updated
-
Follow SharePoint blogs (like mine) and forums for expert advice and solutions to common challenges.
-
Attend webinars or Microsoft events to learn about new features and updates.
-
Subscribe to newsletters or YouTube channels focused on SharePoint best practices and tips.
