Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Security of documents and folders

  Asked By: Gopal    Date: Jan 22    Category: Sharepoint    Views: 904

We've been experimenting Sharepoint now for 3 months. There are lots
of features that are interesting. However there is something that is
bothering me: I find the security is very weak.

There are only 3 types of users: Reader, Author and coordinator.

I don't have the intention of giving them the role of coordinator for
the users. Which leaves me with Reader and Author.

Most of my users will have the role of Author. This causes me a great
deal of problems. The users will share workspaces and folders. Thus
one user can delete another user's document or file. Another concern
is that users with the role of Author can change the name of a
folder. Seems to me there should be some protection against this.

Something at least seems to work fine, a document cannot be deleted
directly if it is checked-out. But I did an experiment, I tried to
delete a folder containing a document that was checked-out.
Sharepoint let me!!!

Are these issues with anyone? I thought with document management
security was a critical issue. How does anyone have the assurance
that documents are where they are suppose to be, that the version is
the correct one (if you open an older version of a document, save on
your disk, delete the document in sharepoint, check-in the document
in Sharepoint : result the document exists but is not the correct
version), documents don't disappear, folders don't disappear, etc.

Wondering if there are solutions or workarounds. Wondering if the
future version of Sharepoint will correct this.



1 Answer Found

Answer #1    Answered By: Jesus Davis     Answered On: Jan 22

Part of a SPS implementation is a solid detailed design phase in which the
required folder  structure and its security  settings are well thought off and

It's all about what the customer wants and how he wishes to use the

So you also need to clearly define the goal of the implementation (shared
group functionality - intranet - etc). Each goal has different requirements
in terms of folder hierarchy and security.

You have a point when you use a simple folder structure where everyone has
access to. But deployment experiences tell me that folder structure is
something you need to design carefully and that most folder hierarchies are
complex. Let alone the security required.

So the idea is to properly design your implementation. There are several
ways to restrict access to certain groups.

Didn't find what you were looking for? Find more on Security of documents and folders Or get search suggestion and latest updates.