Fostering Trust in Your Team with Security Trimming
Deciding what content an employee has access to is a complicated process. Giving access to all company information is an unnecessary risk. However, too many restrictions can impede workflow company-wide and lead to feelings of mistrust in employees.
Security trimming in SharePoint and Navo provides role-based access while fostering trust in your team. Security trimming is a feature that originated in SharePoint that ensures information remains hidden from view for those who do not have access to it. You can determine what an employee can see and access based on their status, role, and responsibilities. We added the feature to Navo so that whatever menu system your team is viewing, they’ll see only what they need for their position. Find out how!
What is Security Trimming?
Security trimming allows you to customize what a person can see based on their role and responsibilities. This means that if an employee does not have access to something, they won’t even know that it exists. Even when an employee searches for a keyword, only information that they have the permission to view will appear in the search results. This is beneficial in creating a trusting environment for your team; employees are not continuously running into content that they are not permitted to view.
In SharePoint, security trimming allows different people to look at the same page and see different information based on who they are. The home page of your organization’s SharePoint may contain links to various sources of information across the company. For example, you may have a site called “managers” that should only be accessible to anyone in the organization designated with a manager role.
Without security trimming, the manager’s site link would be visible to everyone. Those who do not have access to the site would be able to click on the link but would be greeted by an unfriendly “Access Denied” page.
With security trimming, you could include a link to the manager site on your intranet home page that is only visible to the management team. Anyone not a member of that team would simply not see the link, never knowing that it existed in the first place.
Security trimming is always in effect, even when searching for documents. In SharePoint Online, if you search for content across your organization, you will only see files that you have access to. For example, a regular employee who searches for “Employee Agreement” may find a copy of their personal agreement. A Human Resources manager may see an Employee Agreement for every employee in the organization based on their permissions.
You can use security trimming in Navo, too! Navo provides a fast, reliable way to access your company tools and information. Administrators manage and instantly publish bookmarks for the entire organization so that your team is always connected to the right resources. Navo works in SharePoint, Microsoft Teams, as a Chrome and Edge browser extension, and on your desktop and mobile browser.
For each item you add to your company menu in Navo, you can determine what team members should have access. This ensures a consistent experience for your whole team in SharePoint, Microsoft Teams, and in the app.
Security trimming in Navo can be used for many things outside of permission concerns. When new employees are on-boarded, for example, you can limit ‘information overload’ by ensuring they only have access to the information they need for their onboarding process. As they become more comfortable with your business and processes, more access can be provided.
Similarly, if you have an executive who only needs to focus on one branch of the organization, their access can be limited to ensure they can quickly find what they need without searching through what they don’t.
Setting Up Security Trimming in SharePoint
In SharePoint, access to files and sites through security trimming is determined when an employee is assigned to a group. The group determines what files, folders, lists, and sites the employee can see.
While you can set up permissions for individual communication sites, folders, and files in SharePoint, we recommend using the built-in Groups feature to simplify your security trimming. A SharePoint group is a collection of employees or users that should have access to the same information. To create a new group, follow these steps:
Setting Up Security Trimming in SharePoint
- Create a new Group.
- On your SharePoint site, click “Settings”, then “Site Settings” and “View all site settings”. Under “Users and Permissions”, click “Site Permissions”. On the “Permissions” tab, click “Create Group”.
- Enter Group details.
- Type a name and description for the Group. Be succinct, but provide enough detail that others understand the purpose of the group and can easily add and remove members from the group in the future. Specify an “Owner”, and in “Group Settings”, select anyone who should be able to add or remove members from the Group. Keep in mind the Owner will be able to do this automatically.
- Add Group members.
- Under “Membership Requests”, select the members of your team that should be included in the Group.
- Select the Group permission level.
- Select a permission level to apply to all members of the group.
- Click “Create” to finish!
Setting Up Security Trimming in Navo
We’ve made adding security trimming in Navo simple. Your role-based permissions can be replicated in Navo in a couple quick steps:
- Navigate to “Manage Organization” in the Navo admin centre.
- Click “Manage Groups”, then “Add Group”.
- In the “Name” field, enter a name for your group. This will appear as an option later, so ensure the name is succinct but descriptive.
- Under “Group ID” enter the Group GUID.
Once you have added your Groups to Navo, you can customize your navigation items to include which group has the permission to see it. When creating a new navigation item, you’ll notice a “Trim to Groups” option. Select the group name from the drop down list to trim access to that group.
Foster Trust in Your Team
Building trust in your team is key to a well-functioning workplace. While providing access without making employees jump through hoops to get the information they need works to build that trust, providing open access is an unnecessary risk. Your organization’s goal is to protect the private stuff, cut the clutter, and trust your employees with the access they need for their role.
Security trimming in Navo is utilized far beyond security measures. Providing access for specific use cases, such as onboarding, makes it easier for your team to find what they need to work, saving you time and money. Experiment with security trimming in SharePoint and Navo for better security, increased productivity, and happier employees!
Originally published at https://getnavo.com on March 13, 2020.