Full disclosure - I am stealing this content from my colleague, Chris McNulty, CTO for Dell SharePoint Solutions. He owes me one - actually more like two or three - I'll just see how long I can getaway with these kinds of stunts!
I was watching Chris speak earlier this month in a webinar about the native management functionality in SharePoint 2013 and I saw this amazing slide that I just had to share. Its supremely cool... Can you guess what its suppsed to mean? (Don't wory, I give the explanation below ).
This slide perfectly captures what happens in SharePoint 2013 when people begin to discover the "share" button. For all those Worldwide Water Cooler folks, this will definitely help with social collaboration around the office! The share button enables you to do just that - share a document with your colleauges. OK, that's what SharePoint does anyways, right?! Well let's put this in context, in SharePoint 2010, if you wanted to share a document you found in SharePoint, you'd need to 1.) send the link of that document in SharePoint to you work peeps and hope they have access to the site or 2.) if they don't have access to the site, upload a duplicate of that file to an easily accessed SharePoint location or worse yet, share it via email as an attachment!
Now with SharePoint 2013, you simple select the "share" button and select with whom you'd like to share that document. Then those people who don't have access to that site can at least have access to that one document. Chris says it better:
"The approach with SharePoint 2013 is not to move a document to change its security, but to let the document stay where it was born and vary its security throughout its lifecycle. For example, assume that your organization has documents in a library that, by default, only marketing and product management can access; those are the default rules for that library. However, one document in that library should be available to another team as well, so we share it from that library, instead of moving it elsewhere, because it belongs in that library."
The point I'm making is that with SharePoint 2013's social collaboration features, we're creating a much more complex security model. We can no longer presume that all documents in the same library or the same site have the same security (soyonara inherited permissions).
In such a model, we cannot relly on native permission management alone, but we need a third party tool to manage such unique, complex SharePoint permissions. Site Administrator for SharePoint is such a tool. I could go all marketing on you here, but I'll just reference this technical brief by Chris McNulty about the native management functions in SharePoint 2013 and the third party tools that fill the gaps.
Check out how we've been able to work with our customers to support their SharePoint security model: