SharePoint: The Dos and Don’ts of Sharing Files

  1. Home
  2. /
  3. SharePoint
  4. /
  5. SharePoint: The Dos and Don’ts of...

SharePoint is a robust file server that helps organizations store and manage files efficiently. However, with great functionality comes the responsibility of ensuring it’s used securely. Here are some best practices and important considerations when sharing files through SharePoint:

Be Cautious About Allowing Access
When granting access to your SharePoint site, it’s essential to carefully control who gets in—especially when dealing with external users.

Understand the Risks of Improper Settings
If sharing settings are not configured correctly, any user within your organization could create and share an anonymous link with anyone outside the organization. This could expose sensitive files—not just the one shared but also other files in the folder and its subdirectories.

Why is this scary?
An anonymous link bypasses authentication, meaning anyone with the link can access your files. This can lead to accidental or malicious data leaks.

Lock Down Sharing for Better Security
To prevent unauthorized access, you can disable external sharing for your SharePoint site. This ensures that only internal users within your organization can access the files. It’s a simple way to avoid accidental sharing or intentional breaches.

The Right Way to Share
For secure external sharing, follow these steps:

  1. Assign an Admin to Manage Access:
    The site admin should control access settings and permissions.
  2. Use Microsoft 365 or Azure Identity Management Tools:
    Through the Microsoft 365 admin portal or Entra (Azure AD), invite external users and add them to a security group.
  3. Grant Limited Access:
    The security group should have permissions only for specific files or folders they need within the SharePoint site. This ensures external users cannot access anything beyond what’s necessary.

By following these best practices, you can leverage SharePoint’s powerful capabilities while keeping your files secure. Remember, proactive management of sharing settings goes a long way in protecting your organization’s data.

Go to users

New user

Invite external user – complete their user basic information

Under the assignments tab- add a group you want them to have access to. Groups are created under the 365 admin under Teams and Groups in the left column.

Go to the Review and Invite tab- here you would invite the external user to whatever security group that you allowed them to access

In your sharepoint active center, you can go to Active Sites in the left column. From there, you can see all of the active sites. Select the active site you want to share to the external guest.

One you have selected, make sure that you have the external fire sharing set to existing guests in the drop down box. Then, save.

Go to the site address you want them to have access to, go to the folder or singular file you want the to have access listed in the documents section, select the 3 dots to the right of the name of the file/folder and select manage access. From here, you will select the 3 dots within this pop-up and select advanced settings

Select “stop inheriting permissions”, which will allow you to grant permission to these items and only these items below it.

From here, click on grant permissions and in the pop-up box type in the name of the group in the top box and select from the drop down menu. Click show more options checkbox within the pop-up, and select the permissions access you want them to have. Select share at the bottom of the pop up box.

Refresh your page, and it should show as a group in the sharepoint permissions page

Then, go back to where your documents/folders are located and click copy link and select settings on the pop-up.

From this new screen select “people with existing access” and select apply. Share that link with the person you just invited and they will be able to access what you allowed for them to have permission to see.

*Users will be required to set up 2FA to have access to all items.