Share Point 2007 Document / list / form Privacy RRS feed

  • Question

  • I am using an implementation of Share Point 2007 that does not allow My Sites.  I am an owner on a site and have several sub sites ane workspaces.  My issue is that the implementor (the IT division) makes themselves a owner of the primary site and has visibility into my documents / lists / forms.  How do I use this implementation and yet protect my data from casual view by the IT folk?
    Monday, January 17, 2011 2:39 PM

All replies

  • This is an age old problem and can only be resolved through proper process.

    You should talk to the IT department head and express your concern for data visibility.  If the data is HR related, they would usually work closely with you to secure it down so that there is ONLY one person from IT that has access.

    In addition, you should turn on Auditing and check the audit logs for anyone outside your department casually browsing your docs.  This too should be part of the discussion/contract with IT.  IT should provide the service of hosting the site for you, but your data should remain confidential to you and your team.  If someone is found to be browsing your site by investigating the Audit logs, there should be some pre-determined steps in place to deal with that.

    To get started with auditing, start here:  http://msdn.microsoft.com/en-us/library/bb397403(v=office.12).aspx


    I trust that answers your question...


    Monday, January 17, 2011 3:40 PM
  • You can break the inheritance of the site permissions and remove all the users whom you dont want to give access. Once you break the inheritance, all the permissions are copied separately for this site.

    To break the inheritance, use the following steps:

    • Go to Site Actions --> Site Settings --> Modify All Site Settings
    • Click Advanced Permissions
    • On the Permissions list, click Actions --> Break Inheritance

    Hope this helps.


    Monday, January 17, 2011 3:44 PM
  • Well, no.  First place having one say they will not do something is the legal equivilant of doing nothing to protect the data.  The data involved is contract or other legal documents and the IT personnel may be contractors working for corporations who are  bidding on the contracts.  This leads to very messy contract challanges.  So what I need is someway to establish a site, document library and workspace that is not under the eyes of anyone other than this dept.  I am aware of the IRM possibility which encrypts everything and only allows the approved users to decrypt the documents and view, copy or edit them.  But I also want to protect the visibility to the document names, dates etc.  Is there some way to place these in a folder and treat the folder as a container that has permissions and restrictions?
    Monday, January 17, 2011 8:25 PM