BLOG

SharePoint permissions and external sharing

4 min read

Collaboration in business is essential. Whether it’s between your teams across departments or an external partnership with third-party collaborators you need to make the process as smooth as possible. Microsoft understands the importance of effective collaboration as a foundation for everything from innovative ideas to a better customer experience. Microsoft SharePoint is at the center of this emphasis on working together. And in SharePoint, external sharing features and permissions are what help us to collaborate better.

SharePoint is used, globally throughout industries, as a document management system and collaboration platform. It’s where we store our documents and files, helping us get to the content we need – fast.

But what if we need to give another collaborator, such as a third-party, access?

SharePoint permissions and external sharing help us to do just that. Choose who you give access to, and when, with SharePoint permission levels. And collaborate with people outside of your organization (vendors, partners, or clients) with SharePoint external sharing.

How to manage SharePoint permissions?

SharePoint vs. Teams in-text image 1

When you come to manage SharePoint permissions, there are various shades of grey. At one end of the spectrum, users can view only, prohibiting editing or design capabilities within a site. At the other end of the spectrum, users are granted full control, which enables a SharePoint user to have full control over a SharePoint site.

The default SharePoint permission levels for sites are:

  • View only – this enables users to view application pages, items, versions, create alerts, and browse user information in a site.
  • Limited access – gives a little more leeway, with users able to access specific lists, folders, or documents without having access to the whole site.
  • Read – users can view list items (documents, folders) and pages, and download documents onto their personal devices.
  • Contribute – users can be more active on the site, with permission to add and edit items, and delete versions in lists and document libraries.
  • Edit – allows users to manage lists in a site.
  • Design – users can add, update, approve, customize, and delete the items or pages in a SharePoint site.
  • Full control – users with full control are granted all SharePoint permissions. They can also manage SharePoint permissions.

Which SharePoint permission levels should I grant to whom?

SharePoint vs. Teams in-text image 1

So, you know the SharePoint permission levels. But which should you grant to whom?

The point of SharePoint permission levels is that they let you, the business, choose. Choose, that is, how much freedom you want contributors to have over site content.

Knowing which SharePoint permissions to apply, and to whom, depends on the needs of your organization. If you need, for example, an employee to approve and edit documents, then a more permissive level should be granted. If a new, junior employee needs to access sensitive company materials, then limited access is more appropriate.

Here’s a starting point for your organization on typically who should have what type of access:

  • View only – for anyone participating in a project peripherally (i.e you don’t want them to make changes to a document or file).
  • Limited access – when you want to give users specific access to specific files.
  • Read – someone you want to participate in a project (view a document or file) but not makes changes. Bear in mind, these users can download documents and files onto their device.
  • Contribute – if you need your employees to be able to add, edit and delete items (e.g. a document) this permission works well. This SharePoint permission level is for anyone contributing more actively to a project.
  • Edit – this SharePoint permissions level is typically for heads of departments/those in a more senior or management position.
  • Design – for site owners (usually IT administrators).
  • Full control – for site owners (usually IT administrators).

SharePoint: share with external users

Now you understand how to use SharePoint permissions within your organization. But what about externally?

The nature of business means dealing with the outside world. But how do you safely share documents and files with vendors, clients, or stakeholders?

Using SharePoint, share with external users and ensure your content doesn’t go beyond the people you want it to.

How to share Sharepoint with external users

If you want to share documents or files with users outside of your organization, the best way to do this is to send a “sharing link”.

How, you ask? Well, Microsoft’s made it pretty easy. Simply right click on your chosen document or file in SharePoint, and either email a link directly to a contributor or copy the link to send yourself.

In order for users outside of your business to have access, you’ll also need to adjust your SharePoint sharing settings.

To do this, head to the Microsoft 365 Admin Centre and click SharePoint. Then click Policies, followed by Sharing. Set external sharing for SharePoint to Anyone or New and Existing Guests. Click Save.

Share responsibly with Rencore

SharePoint is built for collaboration. But the wider you cast your net of contributors, site users, and external ecosystem of partners, the more you put important company data at risk.

SharePoint permissions and SharePoint external sharing helps site owners and IT administrators navigate the collaboration landscape. With a better understanding of SharePoint permission levels, and how they should be used, you can protect sensitive documents from prying eyes, control the editing process, and maintain a consistent one-pane view of how your SharePoint is being used.

Keeping track of SharePoint end-user activity is hard. With Rencore, you can centrally manage, monitor and automate many SharePoint governance processes including the discovery and solving of the following:

  • Externally shared files
  • SharePoint Site Collections with external owners
  • SharePoint files shared with inactive external users

Discover deviations from best practices and steer towards better governance and compliance with Rencore Governance.

I also highly recommend reading the following whitepaper: Complete visibility across Microsoft 365. This whitepaper provides a framework built on best practices to help you compile a modern governance strategy to understand SharePoint, Teams and the wider M365 technologies in your Microsoft cloud setup.

Free Download

Matthias Einig

Matthias is a Microsoft MVP, co-founder, and CEO at Rencore. His mission is to helps enterprises stay in control of their Microsoft collaboration technology. Matthias and his team achieve this by providing insights, advice, and actionable ways to manage platform growth. Matthias is speaking at many conferences and community events all over the world and is one of the organizers of the European Collaboration Summit.