Playing “Hide and Seek” in SharePoint

* Reviewed and updated in February 2015 *

After my earlier rant about people who want to secure their content for no good reason, I thought I would give some suggestions for alternative ways to hide content when it makes sense.

First let me stress that I recognize that some content is sensitive and really needs to be secured. But there is also a lot of content which is not confidential, but which you still may want to hide, to avoid information overload in general. Specific reasons may be:

  • The content is only relevant to a certain audience
  • You do not want people to influence each other
  • You want to allow people to focus on their own content, e.g. in projects or tasks lists

Next to giving permissions there are two other ways to hide content that I know of,  but I will be happy to learn new ways!

1. Targeting.

In SharePoint it is relatively easy to target web parts to an audience. In any web part menu, click open “Advanced” and add the audience, SharePoint group or person(s) to the Target Audience box on the bottom. Only they will see the web part.
We have used this especially to target links on the Homepage – in the main navigation, every employee had a link to the Employee Information of his/her country.
I have also used targeted web parts in Monthly Reporting in a Team Site.

2. Configuration.

a. Item-level permissions.
For surveys and lists, you can let people read only the items that have been created by themselves. (Advanced settings). This is nice if you do not want people to influence each other, but not very useful when you want to show the collected information to your audience. I usually apply it only in survey-type occasions.

Item-level permissions
Item-level permissions in the advanced settings

b. Created by = [Me].
When not using the item-level permissions, I like to use this filter for the default public view. That way people see their own items first and are not influenced by others, and they can not easily edit other people’s content. You can have additional public views showing all contributor’s items, or the process owner can create personal views and use web parts to display content from all contributors.

c. Impossible filters that show an empty default view.
We have used “Created < 01-01-2000” as the only public view to create an empty looking document library, accessible to all employees. The documents were distributed to other (secured) sites via Content Query web parts. Of course, the owners of the documents created personal views to see all documents. The advantage for the content owners was that the owners of the secured sites could manage access for their site.

d. Hidden columns.
In older versions (e.g. SP2007) you can create views without the Edit button, and without the “Name” column instead of “Name (linked to item/linked to document with edit menu)”. This way,  your readers will be unable to click on any items to see the complete item. Of course this is useless for Document Libraries, unless you only want to show that the documents are there.
Perhaps this can also be done in Office 365, but since I am the only one in my environment, I have too many permissions to test this.

e. Closing/hiding the web parts in the list or library.
You can close or hide the system web part of the list or library to avoid anyone seeing the content, including the site owner. I would recommend this only for very specific occasions, since it is very annoying to have to make the webpart visible every time you want to do something. Besides, every visitor will immediately see there is something wrong with this page.

f. Sending people to a non-default page after submitting data.
I often send people to a Thank You page after completing a survey or other data collection, by customizing the link. It is a nice gesture, it confirms that submission has been succesful and it allows you to give more information about next steps. It also hides other people’s responses from view.
I have also sent people from a topsite to a request form in a subsite, and after completion sent them back to the original page in the topsite. They did not have to see other people’s requests, and this way they could continue to do what they were doing in the topsite. Well, you will get the idea; you can use this with all pages within your environment.

How to do it?  Your links will normally have this format:
http://IntranetName/TeamSiteName/Lists/ListName/NewForm.aspx?Source=http://IntranetName/TeamSiteName/Lists/ListName/ViewName.aspx
The part before “newform.aspx?” is the “data entry” part of the list, the part from “Source=” the location where people will go after clicking “OK” or “Finish”. You can replace the part after “Source=” with a link of your own choice. Please note this only works when you send a link in an email, use a Links list, or create a button. If you click “New Item” from the list, the link will always use the system format.

Thank you page
Simple Thank You-page

g. Removing the link from the title of a web part.
The title of a list/library web part on a page is clickable and leads you to the complete list or library. If you do not want that, go to the web part menu, open the “Advanced”  section and replace the link under ” Title URL”  by “#”.  Jasper Oosterveld also shares the screenshots.
People will still be able to go to the list/library via Site Contents, though.

Warning:

  • Targeted or hidden content will normally still turn up in Search. People can also see it when they have the link to the information, or know how SharePoint works. This is not confidential information, so it is not a problem, but it helps to be aware of it. Do not be afraid that people will go and look for this info – they do not know it is there and they probably do not care if they knew.
  • Many people do not understand the difference between targeting (visible yes/no) and setting permissions (access yes/no), especially that you target a web part, but set permissions on a library or list. Be prepared for questions.
  • If you are the site owner, but you are not in the targeted audience, you will not see the content, so it will be difficult to maintain the web part. This is especially the case with Content Editor and Summary Links web parts, because they are not represented in the “back-end” of your site, i.e. the page showing all site content. This may occur when you are managing global content distributed over various “country” web parts.
  • If you target something and you are in the audience, you may forget that the content is not visible for everyone. Mention it in the web part title as a reminder.
  • Remember to discuss any targeting and personal views when handing over responsibilities for a site!

What other ways have you used to hide content without changing permissions?

Image courtesy of Willem Siers at FreeDigitalPhotos.net; Post title inspired by Howard Jones’s “Hide and Seek“.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s