Don’t go Mad with it, 007
In Thing a Day 21, we talked about applying Permission Levels to People and Things. (http://1jj.uk/spthing021)
Every time you apply permissions to a specific item in SharePoint – whether it’s a Sub-site, List, Library, Folder, File or Item, you break inheritance of permissions.
And SharePoint’s performance suffers a little more each time.
People often come to SharePoint with the idea that “Folders are Evil.” See Thing a Day 3 and 4. (http://1jj.uk/spthing003, http://1jj.uk/spthing004)
But Folders can be your friend.
A common mistake in large libraries is to allow users to secure individual documents.
SharePoint will only let you do this up to 50,000 times in any one library.
Avoid securing a lot of individual files. Group them in Folders, and secure those instead.
Better still, try and design your hierarchy to have as few instances of broken inheritance as possible.
To sum up, why secure a File, when you can secure a Folder?
Why secure a Folder, when you can secure a Library?
Why secure a Library, when you can secure a Site?
For best performance, apply Permissions only at the Site Collection level.