External sharing and guest access in Microsoft 365 is a great collaboration capability that helps us to reduce duplicating content, have more visibility on content which is shared externally, helps us get to the content we need more quickly and helps us work together more efficiently. There are of course inherent risks, but Microsoft has built significant controls and capabilities to help reduce those risks. Understanding and utilizing those capabilities to reduce those risks can help us to safely and confidently enable external sharing and guest access in Microsoft 365. In this blog I’m sharing some of my common recommendations for safely, securely and confidently enabling external sharing and guest access in Microsoft 365.
We often think of applying Sensitivity Labels to content we work with every day like emails and documents to both protect those items as well as to inform recipients of their sensitivity and care with which they should be handled.
We’ve also been able to apply Sensitivity Labels to collaboration spaces such as Microsoft Teams and SharePoint Sites, and more recently as a default to SharePoint Document Libraries. Many are still discovering this is an option – they’re learning about how Sensitivity Labels on Teams, Sites and Libraries are different and how they can help automatically enforce data protection policies. Lets look into how we can better protect our collaboration spaces in Microsoft 365 with Purview Sensitivity Labels.
When you configure a Sensitivity Label in Microsoft Purview Information Protection, you can select to apply them to Microsoft Teams or SharePoint Sites in order to automatically enforce Data protection policies on those collaboration spaces. Today we’re going to look at the steps you need to take for this option to be available when you want to apply Sensitivity Labels to your Microsoft Teams and SharePoint Sites.
To apply a Sensitivity Label as a default to SharePoint document libraries, you must perform a few initial preparatory steps and be aware of some of the details. Lets take a look at what those are.
Have you ever worked in a very large enterprise scale SharePoint Online or OneDrive for Business environment? I mean a Microsoft 365 tenant that contains 10,000 or 20,000 sites, or 50,000 sites or even 100,000 sites? An environment with 10 Million + files? 50,000+ users?
If you have, you understand some challenges in trying to get detailed & timely analytics on the current state, including permissions for all files across all sites, the storage info for all those sites, or which groups are consuming all your space.
Microsoft recently announced that Syntex will provide some exciting new capabilities with Project Archimedes (code name) which will help to get us this data quickly and in a form that we can easily report on, across very large enterprise scale environments. Lets see what Project Archimedes is about!
Microsoft has recently added to the Microsoft Syntex product family with a feature set called SharePoint Advanced Management. We’ll use the acronym SAM throughout this blog. This feature set is specifically targeted at SharePoint Online environments and its designed to give SharePoint Administrators capabilities to better govern SharePoint and OneDrive, and to enhance secure collaboration within Microsoft 365. Lets take a look at the powerful feature set.
Due to the fact that the Office 365 Global Administrator role is all powerful and has access to all Office 365 capabilities, there is good reason to ensure that all users with Global Administrator access are securely managed and governed. At a high level, common industry standard practices are to restrict access to this role …
Continue reading Securely Manage and Govern Global Administrators in Office 365