I had a client request that we help set up the primary company file storage using Office 365. They had been using SharePoint to store files for a couple of years but all users had equal access to all files. Our client wanted to be able to break the files into separate areas so that:
- Management could have a private and secure place to store files only for them
- Management and a group of local users could have a shared file location
- Management, local users and remote users could have a shared space
- Remote users only having the ability to read, with no download or edit capabilities
As I looked for a solution, I quickly saw that breaking files into three SharePoint Document Libraries would work nicely. This allows the files to be separated from groups of users that should not have access to the files and allows for permissions to be assigned accordingly.
With three different SharePoint sites, we would have to add or remove users from multiple locations to ensure file permissions are correct. Additionally, when new users are set up, they would have to have multiple SharePoint sites added to their Office 365 and OneDrive to access the files.
I needed to find a simple way to add a user once to allow correct permissions and quick access to files, and Microsoft Teams provided a nice solution to these issues.
So, I created three Teams. One for management, one for local users and one for remote users.
On each team I created new SharePoint tabs that pointed to appropriate SharePoint Document Libraries.
The management team could see and edit all document stores, local users could see the local user’s files and the remote user files. And finally, the remote user team could only see the remote document store with read-only permission and no downloading.
Permissions are now easy, since Teams creates an Office 365 Group, and we can assign that Group the proper permissions on each SharePoint document library.
To add the correct users only once with the proper permissions and to see the files immediately, simply invite the user to the appropriate Microsoft Team. Users that are members of multiple teams get the highest access rights based on the teams they belong to.
The user can then log into Teams and can see the correct SharePoint Document Libraries and has the appropriate file access to the files there.
The user can choose to sync the files locally (if permissions allow) to use with OneDrive.
This is a simple and manageable solution to put your company’s files online using SharePoint, Teams and OneDrive while ensuring ease of access and security are in place.