Microsoft SharePoint Online best practices: information architecture, governance, permissions, search and adoption. CNEXT – SharePoint consultant from Bern, Switzerland.
CNEXT's SharePoint best practices are distilled from 100+ SharePoint projects for Swiss organisations. The most common mistakes: poor information architecture (copying folder structures from the file server), no governance (hundreds of abandoned sites), overly permissive permissions (FADP risk) and unused search.
Follow these practices from the start – retrofitting governance is 3× more expensive than getting it right initially. SharePoint services | SharePoint health check →
Start with governance. Define: who can create sites (self-service vs. IT-approved), naming conventions, lifecycle (when does a site expire?), permission model (groups, not individual users), external sharing policy and content type standards. Sites created without governance accumulate into unmanageable sprawl within 12–18 months.
CNEXT recommends: Hub site architecture (one intranet hub + department spoke sites + project site template). Avoid deeply nested subsites (max 2 levels). Use modern Team Sites for collaboration, Communication Sites for broadcast content. Navigation should reflect how users think, not the org chart. Validate IA with card sorting before building.
Top SharePoint permission mistakes CNEXT sees: (1) Assigning permissions to individuals instead of groups (unmanageable at scale), (2) Giving everyone 'Edit' when 'Read' suffices, (3) Breaking permission inheritance at item level (permission management nightmare), (4) Never auditing guest access (ex-partners with years-old access), (5) Using 'Everyone except external users' as a site member.
Folders in SharePoint are a carryover from file server thinking. Modern SharePoint uses metadata (document type, department, project, status) for filtering and search instead of nesting files in folders. CNEXT designs metadata taxonomies as the primary navigation mechanism, with folders only for legacy migration compatibility or where folder-per-entity makes semantic sense.
SharePoint search best practices: (1) Configure managed properties for key metadata fields. (2) Add search refiners (Department, Document Type, Date). (3) Create bookmarks for frequently searched terms. (4) Promote official policies and templates in query rules. (5) Review search analytics quarterly (what are users searching for? what returns no results?).
CNEXT implements content lifecycle management: every page and document has an owner, expiry date and review reminder (Power Automate). Pages that haven't been reviewed in 12 months are flagged in a governance dashboard. News articles older than 6 months are archived. Regular content audits (quarterly for large intranets) keep content relevant for both users and Copilot.
CNEXT naming convention: Department sites – '[Department]-[Team]' (e.g. 'Finance-Accounting'). Project sites – 'PRJ-[Year]-[ProjectName]' (e.g. 'PRJ-2025-SharePointRollout'). Avoid using numbers as primary identifiers. Keep names under 40 characters. The URL is auto-generated from the name – keep it short and meaningful for bookmarking.
Document Libraries: for files (Word, Excel, PDF, images). Lists: for structured data (tasks, issues, requests, registers, asset inventories). Do not create a column in a Document Library that would be better as a List with a document attachment. Do not put documents into a List 'Attachments' field if you need versioning or metadata. CNEXT advises on the right data structure per use case.
Copilot readiness checklist: (1) Review permissions – Copilot respects SharePoint permissions, so overshared content appears in Copilot results for all users. (2) Archive stale content (old inaccurate pages confuse Copilot). (3) Add metadata (Copilot uses metadata for filtering). (4) Configure search. (5) Enable Sensitivity Labels. CNEXT runs a free Copilot readiness assessment.
CNEXT's top SharePoint 'never do' list: Never create an individual permission for every document (use group-based access). Never recreate a file server folder hierarchy in SharePoint (use metadata instead). Never leave 'Everyone' as site member. Never let SharePoint Designer workflows survive past 2024 (rebuild in Power Automate). Never deploy Classic pages in new sites (use Modern). Never ignore version history limits (set a cap to prevent storage growth).