How Should I Share Files in SharePoint

How Should I Share Files in SharePoint

Details

There are multiple ways to share files and folders in a SharePoint team site and sometimes it is hard to decide which one you should use. In the end it really comes own to how your department or group will utilize the service. Hopefully this document will help explain the pros and cons to each option.

Levels of Access
In general users can be granted either "Read", "Edit" or "Full Control" access. "Full Control" should be granted to very few users. There are some more advanced levels of access that can be assigned if desired. You should contact USIT Technology Support if you have any questions.

Sharing Basics

  • Sharing can be lumped into three models.
  • Adding someone as a member, owner or visitor to your group,
  • Sharing only a folder or file with someone or
  • Sharing the whole site with someone.

Adding Someone to Your Group

  • For every SharePoint site, there is a group defined within the Microsoft environment.  Membership of this group is managed by the site owners. The types of membership in the group are broken down as follows:
    • Members

      • SharePoint Team sites are designed with the concept that in most cases, users are "members" of a group and all members of the group have full access to all files and folders in SharePoint. This means that when someone is added as a member they can create new folders and files, edit or delete them. Members can be UMS users or external users without a UMS account.
    • Owners

    • In addition to members there are also Owners.
    • Owners are people who manage the SharePoint site.
    • They can change settings related to the site as well as create, edit or delete any folder, file or other item in the site.
There should be at least two owners of any site, but most people have no need to be owners and the more people with owner rights, the more chances for an accidental change which could impact all users of the site.

Guest users outside the UMS can be members of a SharePoint site, but they can not be Owners.

It is important to note that the Box migration did not add people as members of a site, but we did add owners if a user was a Box owner. Folder or file level sharing was used instead. This type of sharing is discussed later in this article.   

  • Visitors
  • Visitors have read only access to all content in the site.
  • They can not create, edit or delete any files or folders.

Folder or File Level Sharing

  • Any user with create, edit or delete rights to a folder or file in a site can share that file or folder to other people who are not members, visitors or owners of a site.
  • These users can be inside or outside the UMS.
  • See Sharing in SharePoint for more details on how to share.
  • There are different audiences or scopes of users that you can share items with.

For any of the sharing scopes listed below, they can be either read only or allow for editing.

  • People in University of Maine System with the link
    • This will generate a link to the file or folder that is able to be used by anyone with a UMS account. 
    • Anyone with the link can forward it to another UMS user and it will work for them. 

 This will not work for people outside the University of maine system. Guest accounts in the Microsoft 365 system that might have been added by other users will also not be given access by default. 

  • People with Existing Access
    • This option just creates a link and/or email and sends it to someone who already has access to the file or folder.
    • This is useful for getting a link which you can email or chat to someone you are already working with.
  • Specific People
    • This sharing option lets you share with anyone, both people with UMS accounts and people outside the UMS system. You can enter one or more email addresses. This would be the preferred method for sharing specific folders or files with outside users. Whether this is users inside the UMS who aren't part of your core group or users outside the UMS completely.
  • Anyone with the Link
    • This option literally generates a web link that you can share with anyone to get access to your files or folders. This link can then be forwarded on to anyone else allowing you no control over who can access the items. Due to the potential data breach this setting can create, this is not allowed by default. Generally sharing with specific people will cover sharing needs. If you think you do require this option, please contact USIT Technology Support.

Sharing a Site

  • The last option to discuss is sharing a whole site with a user.
  • The user can be a UMS user or someone outside the UMS.
  • Sharing this site allows the user access to all files, folders, and other items within the Sharepoint site.
  • This differs from adding the user as a member,owner or visitor in that the user is not made an actual group member.
  • This means if you utilize other Microsoft 365 products with your group (Teams, Planner, etc), these will not be available to this user.  

Sharing a site is a pretty unique case which we don't expect many users to need to use. 

Be aware that the default option when sharing a site is "Edit" access. This will grant the user the ability to create, edit and delete all files, folders and other items in the site. There is also the option to grant "Read" or "Full Control". Full Control is equivalent to being an owner and can be a very risky access to give someone not in your core working group.

Which Sharing Should I Choose?

  • Sometimes this is not a simple answer.
  • If you are a small group of users who all should have the same access to all the files, adding users as members is probably your best option.
  • You can still share folders and files to other users as needed.

What if we are a Large Department with Different Functions?

  • If your whole department is using SharePoint and there are different functions within the department such as an accounts payable function, an HR area and a faculty area, it might make sense to split things up into separate SharePoint sites for each function.
    • For example you could have three sites, "USM - USIT Finance", "USM - USIT HR" and "USM - USIT Academic" for example. 

What do we do about Projects Involving External Users?

  • There are a few options for this.
  • If it is a small project that won't generate much data, you could create a folder in your area's SharePoint site and grant "Specific People" the needed access to the folder.
  • If it is a large time bounded project which will generate lots of data, it might make sense to have a specific SharePoint site just for the project and add the external and internal users as full members of the site group. ex: "USM - USIT Crypto Currency Rollout". This would also allow you to archive the folder in the future when the project is completed.

What if I am Still Confused?

  • You should contact USIT Technology Support if you have any questions.

Environment

  • SharePoint