Skip links

The 3 Key Security Gaps to Check in Your Collaboration Set Up

The 3 Key Security Gaps to Check in Your Collaboration Set Up

We have seen many “Aha” moments when we provide an external sharing permissions report* and the company in question realises just what (and how much) is being shared externally with SharePoint and Teams.

Normally, when we carry out an analysis (and take remedial action), it’s in advance of a migration or the rollout of a remote working strategy.

Now – thanks to COVID-19 – you will be starting collaboration immediately and with external users including third party vendors, external contractors and customers.  As such, you could be exposing your content and company to data loss, data manipulation etc.

Here are three key areas you should be investigating to protect your systems and data:

  1. External Access Rights – Check for any access rights to SharePoint that may have given to external contractors or clients.  This Microsoft article provides the PowerShell that will enable you to pull a SharePoint external user list. https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/get-spoexternaluser?view=sharepoint-p  You can also do similar in the Microsoft 365 Admin Center.
  2. Excess Access Rights – If entire sites (and not just individual documents) were unwittingly shared with external users, there is always the possibility of ‘leftover’ access that the company is unaware of.
  3. User-Granted Access – If end users (and not IT) have been able to give the rights to share directly- there is almost definitely some content being shared externally that IT, Legal and your Data Protection Officer does not know about.   Keep an eye out for the ability for admins to apply sensitivity labels to content in Teams, Office 365 groups and SharePoint containers that will override any previously used (currently in public review) https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-worldwide

*The external sharing permissions report is one of the many reports generated from our Collaboration Security & Governance Workshop.

Others reports we deliver as part of this service include:

  • A full permissions matrix
  • Orphaned users
  • Sites and Libraries (with Custom Permissions)
  • Library items with explicit permissions to users
  • Current configurations & settings for Teams & Yammer Tenants

 

Opinions

  1. Post comment

    hello my lovely stopforumspam member

    What are the Types of Loans in Ohio depending on the purpose
    Specific purpose payday loans in Ohio. Funds received in debt may be spent only for a specific purpose specified in the loan agreement.
    Non-purpose loan. The debtor may spend the money received at his discretion.
    Most popular specific purpose payday loans in Ohio are:

    House loan. The most common, of course, is a mortgage when the purchased property acts as collateral for a loan. Sometimes a youth loan is issued, with lighter conditions for debtors. Still quite common is a housing loan that does not imply purchased housing in the form of collateral.
    Car loan – payday loans in Ohio to a car or similar vehicle. The key is often the purchased goods, making the terms of the loan better. Also, loan conditions are improved: car insurance, life and health insurance of the borrower, and receiving a salary to the account of the creditor bank.
    Land loan. To purchase a plot for construction or agricultural activities.
    Consumer. For purchases in modern supermarkets, equipment stores, you can take a personal loan right at the point of sale. Often, specialists located there can contact the bank and get a regular or fast payday loans. Borrowed funds automatically pay for the goods, and the consultant explains when and how to re-pay the debt.
    Educational loan. It is issued to students, as well as to applicants who have passed the competition, to pay for tuition at universities, colleges, etc.
    Broker loan. For the circulation of securities, payday loans in Ohio are issued to an exchange broker, se-curities are purchased securities.
    Others. Objectives not related to those listed, but agreed and approved by the creditor.

    Permalink
  2. Post comment

    hello my lovely stopforumspam member

    Welcome to Grosvenor Casinos, where you can play a wide range of casino games, from slots to poker, blackjack, and roulette! There’s something for everyone here – become a member of the casino to have the best of online casino gaming. Our Sportbook offers a range of sports betting odds and is available for pre event or in play bets 24/7 and 365 days of the year. Whether you’re here for football tournaments or the latest betting odds for horse racing, Tennis, Golf, Cricket and even Rugby Union, you are covered.

    Permalink

Join the Discussion