. https://blog.netwrix.com/2019/02/19/6-tips-to-improve-sharepoint-security/
blog article
Historically, security was the job of IT administrators alone. With SharePoint, however, comes a significant paradigm shift: Ensuring SharePoint security is a joint responsibility shared by IT and end users. SharePoint is one of the most popular platforms for collaborative working and sharing of content, and many organizations utilize it extensively. Therefore, maintaining proper security is critical, whether you’re talking about an intranet, an extranet, team sites or a public-facing site. Here are six ways to better secure your SharePoint, on premises or in the cloud. For many years, there has been a debate around how best to control access and authorization. On the one hand, assigning individual permissions means granular control and often stricter permissions, but from a management perspective, security groups are easier to control. For SharePoint, the best practice has always been to assign permissions at the highest level, which would be an end user, folder or a file. Set permissions on either a SharePoint site group or an Active Directory group. In environments where Active Directory is not the core authentication mechanism, then it could be a Forms Authentication Role or even an attribute from a Security Assertion Markup Language (SAML) claim. READ MORE