Microsoft 365: SharePoint Secure Matter Setup (Affinity Security Solution)

How to Secure Documents in SharePoint: A Solution for Affinity's Folder Security Limitations

This guide walks you through creating a SharePoint site with custom folder-level permissions, allowing you to control access to documents and data effectively.

Innessco has determined that the limitations of Affinity's matter security is best resolved by creating a SharePoint Site to store the folders/documents and to then remove them from Affinity and the Affinity documents drive.
This locks down the documents to the desired staff members, and allows the approved staff to modify each folder/files permissions.

Step 1: Log into the Microsoft 365 Admin Center

1. Open a web browser and go to https://admin.microsoft.com/Adminportal/Home#/homepage.
2. Log in using your admin credentials for the client.

Step 2: Access the SharePoint Admin Center

1. In the Microsoft 365 Admin Center, navigate to SharePoint Admin Center.
2. In the left-hand menu, select Sites > Active Sites.

Step 3: Create a New SharePoint Site

1. Click on Create > Team Site.
2. Use the default template, and name the site Secure Matters.
   • Site Name: Secure Matters
   • This will create a dedicated SharePoint site where you can set up folder-specific permissions.
3. Once created, go to Settings to customise additional settings if needed.
4. Add Specified members into 'members'
5. Add the firm authorized contacts as the 'owners' to the site. (this will allow them to manage file permissions)

Step 4: Lock down to internal members only

1. Go to SharePoint Admin Site, select the site.
2. Select Settings > More Share Settings
3. Under Sharing, select 'Only people in your organization'.

Step 4: Add Members or Groups to the Site

1. In the Secure Matters site, go to Settings > Site permissions.
2. Click Invite people, and add specific users or existing Microsoft 365 Groups that should have access to the site.
   • Tip: Use groups whenever possible to streamline permission management and avoid individual user-level permissions where possible.

Step 5: Create a Document Library

1. In the Secure Matters site, navigate to the Home section.
2. Select + New > Document Library.
3. Name the library (e.g., "Secure Matters", “Project Documents,” “HR Files”).
4. Click Create to set up the document library where you can add folders with unique permissions.

Step 6: Create Folders within the Library

1. Open the newly created document library.
2. Select + New > Folder to create a new folder.
3. Name the folder (e.g., "Matter 10000", “Secure Folder 1,” “HR Only”).
4. Repeat for each folder you need, based on your organisational structure or department requirements.

Step 7: Configure Folder-Level Permissions

1. Go to the folder you want to secure, click on the More options (…) menu next to the folder name, and select Manage Access
2. This will allow you to add/remove inheritance or users/groups access.
3. In the Manage Access pane:
   • Add Users/Groups: Use the Grant Access button to add specific users or groups to this folder.
   • Permission Levels: Set permissions to control the level of access:
     • Edit: Users can view, add, edit, and delete files.
     • View Only: Users can view but not modify files.
     • Restricted (Can’t Download): Users can view but cannot download files.
4. Repeat these steps for each folder where you need customised access levels.

Optional Step: Adjust Advanced Permissions

1. From the Manage Access tab, you can select the (...) in the top righthand corner and select Advanced settings.
2. This will allow you to modify the inheritance and add/remove all users/groups permissions.

You can 'grant access' to users and groups using this button.

Step 8: Test Access

1. To confirm permissions, go to the Settings gear in the document library, select Library settings, and then choose Permissions for this document library.
2. Use the Check Permissions feature to verify that users or groups have the intended access level.
3. Log in as users with different access levels to ensure permissions are functioning as expected.

Step 9: Update Snapform

1. Please update the New User Form for the client.
2. Include any new sites or groups which may have been added.

Step 10: Escalate to Level 2 to include group in New User Script

1. Please update Level 2 of the changes made (New Sites/Groups)
2. This will be passed to the development team for script updates.

Notes and Best Practices

• Minimise Unique Permissions: Limit unique permissions at the file level; instead, configure access at the folder level for each group to simplify management.
• Use Groups Whenever Possible: Assign permissions to groups rather than individual users to make access control easier to manage.
• Document Permission Changes: Record any changes in permissions for easy reference and compliance purposes.

Using this setup, you’ll be able to manage secure folder access in SharePoint while keeping permissions organised and easy to control.