SharePoint leaders owe it to the user base to stick to their guns when we talk about SharePoint. Don’t fall into the trap of using non-SharePoint words to describe SharePoint things.
For example- I’ve heard people refer to their SharePoint profile as their “landing page.” I hear other people refer to their My Site home page as their “landing page.” Still others say “landing page” when they mean the home page of their team site. This inconsistency and non-standard usage will only lead to confusion and frustration. If a user is interested in finding out how to update his profile, and he keeps Googling “SharePoint landing page,” he won’t find anything relevant. (Trust me, I tried.) That’s because no one calls the profile the “landing page” in any official capacity. So we shouldn’t either. Is this just semantics? I say no- it’s leadership and training played out in consciously managing what we say and how we say it, and taking every opportunity to get others to do the same.
Another instance of “word rage” got my dander up recently. In meeting about SharePoint security, there were frequent references to the standard permission levels: Full Control, Design, Contribute, Read. But the speaker kept saying “Full Control ACCESS” or “Designer ACCESS” (as in, “Site Owners that have Full Control access are the only ones who can…” or, “Designer access allows you to blah blah…” etc.)
YIKES! I got very agitated. I wrote spiky, angular notes with lots of exclamation points. What’s the big deal, you ask? It’s just a word!
It’s because SharePoint permission levels confer so much more than access to content. In a culture where lack of SharePoint security knowledge has led to ever-increasing problems for users, I see it as a very big deal. We must do all we can to promote correct understanding of how role-based security works. This means consistent, accurate terminology must be applied whenever we are speaking about this topic. Conversely, we must actively discourage the use of words and phrases that promote incorrect assumptions or mislead users.
Take content access. Our users come from a file share culture- the primary concerns about content are:
- Can I get to it?
- Can I open it?
- Can I change it?
- Can I delete it?
One or more of these “access rights” are granted by someone with authority over the file share. Users depend on that access management to allow them to get to the things they need. The company depends on that management to protect content from unauthorized users.
Imagine a bare white room with a bunch of beige steel file cabinets. A burly dude sits next to each cabinet and confirms whether your access rights give you the ability to do one or more of the 4 things listed above to the stuff in that particular cabinet. “This drawer or folder, but not that one;” etc.
You can’t change the cabinets or the room; you can’t control who comes in and out… and this does not concern you. In fact it never even occurs to you, since all you care about are the items in the cabinets and whether or not you can get to them when you need them.
SharePoint in NOT like this. What SharePoint adds to the mix is the ability to change the room. The burly dudes are gone. The white walls can be painted; the beige cabinets can be decorated or rearranged. Or replaced. Or thrown out completely! All of a sudden, it’s about much more than mere content access.
However- because access to content is the key functionality that SharePoint must deliver, it stands to reason that we start from there when we evaluate what a user’s logical, default security level should be on a particular site. But just because it’s logical doesn’t mean it won’t still get us into trouble. And part of that trouble is our failure to say things the right way to start increasing understanding vs. perpetuating confusion.
SharePoint’s permission levels include content access rights, but those rights are wrapped up tightly with a whole other set of abilities and actions that empower the user to do so very much more. It’s THAT knowledge that the average user does not have in nearly enough detail.
When those in authority continue to refer to Full Control as “Full Control access” it validates use of the terminology. People hear us say it so they start to internalize it. This is a risk because such terminology does not go far enough toward ensuring comprehension about all the things that user is able to do BEYOND simply accessing content. As SharePoint leaders, we have an obligation to not perpetuate a limited scope of understanding that contributes to damaging behaviors.
For example, sites with poorly implemented security generate an alarmingly high number of access requests. Users quickly become tired of not being able to get to the information they need, and they squawk. More often than not, the site owner’s knee-jerk reaction is, “OK- Fine! I will just make you Full Control so you can see everything, and you get off my back!” The site ends up with 10+ users with Full Control. Sometimes more! These users have no idea how their actions impact others. Too little knowledge combined with too-high permissions leads to even more damage. The left hand doesn’t know what the right hand is doing. Pretty soon, everyone wishes they’d never heard of SharePoint.
So think about what you say, and how you say it. Remember that something as simple as a word can get in the way of establishing a smart, knowledgeable user base.