The Challenge with Managing Permissions
If your organization struggles with managing user permissions in SharePoint®, you’re not alone. One of the most frequent questions we hear is along the lines of:
“How can we make sure we’re giving the right users the right access at the right time, while making sure our intellectual property and assets aren’t at risk?”
Most organizations approach permissions management in a decentralized manner. What that means is typically when you create your SharePoint environment and set up your various SharePoint site collections and sites, individual within the different teams are given responsibility for managing permissions. Unfortunately, that means that the IT group doesn’t have visibility to make sure that permissions are set up correctly. If your organization has high user turnover and constant changes, managing permissions becomes even more difficult. If you’re dealing with multiple servers, or a hybrid environment the complexity gets multiplied even further.
For instance, we were recently talking with the SharePoint administrators at a large university. As you can imagine, they have thousands of students entering and exiting the university every year. Within the SharePoint environment, each student has their own SharePoint site where they have access to various class, departmental, and administrative sites depending on the school they are in. Students have different permission levels depending on the site. Within their own sites, they can control anything. In the class sites, they typically have permissions to upload assignments, interact with the professor, and see calendars. For administrative or departmental sites, they typically have read-only access.
As students graduate, their access permissions are removed from the administrative and departmental sites. Additionally, their student sites typically remain intact, but their permissions are changed to read-only. Due to the extremely high student turnover and the lack of controls in SharePoint, it was becoming nearly impossible for the university to manage their SharePoint environment with any consistency or confidence.
The Solution: SPorganizer™
With DocAuto’s SPorganizer solution, any size organization can use data from their ERP or CRM systems to drive automated changes to user and group permissions across the various SharePoint environments. SPorganizer can help you easily create, modify, delete, and audit permissions across SharePoint groups in a very simplified, zero code manner. You can gain insight into your SharePoint group memberships across entire site collections with SPorganizer’s data collection capabilities. You can even add or remove users across one or many groups using your own data source for dynamic group management.
Let me walk you through just one example of how SPorganizer works. By adding SharePoint Security objects to a SPorganizer Blueprint, you can easily create custom Groups with defined Permission Levels or Roles.
Using SPorganizer Blueprints, you can also create a logical structure to define where and how your Groups and Users are being provisioned. This blog post isn’t about provisioning ‘fully formed’ site structures in SharePoint, but that’s a capability of SPorganizer as well.
If you need to update group membership or replace/swap-out users within one or many groups, this can be easily accomplished with SPorganizer’s Update, Add, and Remove actions. We can do this in bulk using a data source like we mentioned earlier, or it could be a very surgical process like ‘find every group across many sites that Tamara is a member of and replace her with Peter.’ Either way, with the use of SPorganizer Blueprints, logical access to SharePoint objects, and the potential to use data sources, we have you covered.
Before you make any changes to SharePoint, you probably want to check your work first. With SPorganizer, once our Blueprints are set up, you can easily preview the changes before committing anything to SharePoint.
Without a solution like SPorganizer that provides a holistic view into one or many SharePoint environments, and one or many SharePoint objects at a time, it's very difficult to make sure you’re giving the right permissions to the right people at the right time. Regardless of the type of organization or the complexity of your SharePoint environment, SPorganizer can help you keep data accessible, safe, and in compliance, while dramatically reducing the time it takes to manage SharePoint.
Interested in learning more? Schedule a demo of SPorganizer today!
SPorganizer is a trademark of DocAuto, Inc. SharePoint is a registered trademark of Microsoft.