BOOK MEETING
CONTACT US
Categories
Sharepoint blog How To

SharePoint Sharing Simplified: Ensuring Secure Collaboration 

Sharepoint sharing agat

Sharing links is a fantastic feature that enables seamless file and folder sharing with just a single click. This convenience eliminates the need to attach files to emails and facilitates collaboration across various messaging apps. However, this ease of Sharepoint sharing increases the necessity for stringent control measures. That’s why Microsoft developed features to control who can share. But is that enough? 

Sharing and collaborating on documents simultaneously with colleagues is straightforward. You can request feedback and post links to help others access your content. However, this convenience comes at a price: users may unknowingly share sensitive information with unintended recipients. 

Let’s explore what actions only a SharePoint service administrator or Global Administrator can take. 

Admin – SharePoint (applied to the entire organization) 

In the External Sharing section, administrators can control who users can send links to: 

  • Anyone: Users can send links to anyone without requiring authentication. 
  • New and existing guests: Any links will be disabled, and all sharing links will require authentication. 
  • Only People in your organization: Users cannot share with people outside the organization. 
image 3

Sharing Options for Individual Users 

Administrators can manage sharing settings for individual sites by navigating to Sites -> Active Sites -> choose a site -> Sharing

Despite the various options provided by Microsoft, you cannot entirely disable the option to share links within your organization. Regardless of the settings you configure, users will always have the option to share links with others in the same organization. 

image 1

How to Disable Company Links for a Site? Only by Using PowerShell 

Even with the necessary permissions, a Site Administrator cannot restrict the use of company links through the standard sharing settings. This option can only be changed using PowerShell. 

Using PowerShell to Disable Company Links for a Site 

image
  1. Prompt for credentials: 

Powershell copy code 

$credential = Get-Credential 

  1. Connect to SharePoint Online Admin Centre: 

Powershell copy code 

Connect-SPOService -Url https://your-admin-sharepoint.com -Credential $credential 

  1. Get all site collections: 

Powershell copy code 

$sites = Get-SPOSite -Limit All 

  1. Loop through each site collection and disable sharing: 

Powershell copy code 

foreach ($site in $sites) { 

    Set-SPOSite -Identity $site.Url -DisableCompanyWideSharingLinks Disabled 

    Write-Output “Disabled sharing for site: $($site.Url)” 

By executing these steps, you restrict the use of company links, making “People you choose” the default link option. The “People in the company” option will be greyed out, preventing users from sharing company-wide links. 

image 2

In conclusion, while sharing links simplifies collaboration, it is crucial to implement proper controls to prevent unintentional sharing of sensitive information.  

Learn more 

Categories
eDiscovery

Boosting Risk Management and Compliance with Archive and eDiscovery 

Boosting Risk Management

Electronic communication forms the backbone of business operations. The proliferation of Unified Communications (UC) software, such as Microsoft Teams, has revolutionized workplace communication, offering unprecedented levels of connectivity and collaboration. However, this surge in digital communication also brings significant compliance and legal challenges, particularly for information-sensitive industries. This is where AGAT Software’s Sphereshield Archive and eDiscovery solution steps in, providing a robust mechanism to capture, store, and scrutinize electronic communications effectively. 

Understanding Archive and eDiscovery 

Archive and eDiscovery refer to the processes involved in preserving and retrieving electronically stored information (ESI). Compliance with legal requirements often necessitates the ability to discover ESI promptly and comprehensively during litigation or audits. For organizations leveraging Microsoft Teams, the capability to archive and perform eDiscovery on all forms of communication—messages, files, audio, video, and screen-sharing content—is crucial. 

Key Features of Archive and eDiscovery Solution 

Comprehensive Content Capture 

AGAT’s solution captures all communication content within Microsoft Teams. This includes: 

Messages: Text communications between users. 

Files: Documents and other file types shared within Teams. 

Audio and Video: Recorded meetings and calls. 

Screen Sharing Content: Visual information shared during meetings. 

This thorough capture ensures that no communication is missed, providing a complete repository of organizational interactions. 

Flexible Storage Options 

Organizations can choose where to store their captured data: 

On-Premise Storage: Ideal for companies with stringent data control requirements, allowing them to maintain physical data custody. 

Virtual Private Server (VPS) Hosting: Provides a secure, cloud-based storage solution, combining accessibility with robust security. 

Advanced Search Capabilities 

The solution’s powerful search functionality allows users to filter and locate specific information quickly: 

Text: Search within the content of messages and documents. 

Time: Filter communications by date and time ranges. 

Users: Identify interactions involving specific individuals. 

Labels, Topics, Keywords: Use metadata and specific terms to narrow down search results. 

Incident Contextualization 

When incidents occur, having the full context of a conversation is vital. AGAT’s solution provides comprehensive conversation threads, enabling organizations to understand the complete narrative surrounding any incident. 

GDPR Compliance 

In adherence to GDPR requirements, the solution allows organizations to remove user information from the database, ensuring compliance with data protection regulations. 

Benefits of Organizational Audits and Risk Measurement 

Enhanced Compliance 

By capturing and storing all communication data, organizations can demonstrate compliance with legal and regulatory requirements. This capability is particularly crucial during audits, where the ability to produce comprehensive communication records is essential. 

Risk Management 

The advanced search and contextualization features enable organizations to identify potential risks early. For example, monitoring communications for specific keywords or user interactions can help detect policy violations or emerging issues, allowing for proactive risk management. 

Activity Monitoring 

Understanding what users are doing within Microsoft Teams is pivotal for both operational oversight and security. The solution’s detailed logs and search capabilities provide insights into user activity, helping organizations to: 

Audit Communication: Review interactions for adherence to company policies. 

Identify Anomalies: Detect unusual behavior patterns that may indicate security threats. 

Measure Productivity: Assess how effectively Teams is being used as a communication tool. 

Conclusion 

AGAT’s Sphereshield Archive and eDiscovery solution offers a comprehensive approach to managing electronic communications within Microsoft Teams. By capturing all forms of communication, providing flexible storage options, and offering advanced search and contextualization capabilities, it enables organizations to meet compliance requirements, manage risks effectively, and gain valuable insights into user activities. For businesses operating in information-sensitive industries, this solution supports legal and regulatory adherence and enhances overall operational security and efficiency. 

Get Sphereshield Archive and eDiscovery

Categories
blog Ethical Wall File Sharing/Blocking Microsoft Teams

Mastering Information Barriers: Advanced Sharing Limitations in SharePoint 

Mastering Information Barriers

Ensuring secure collaboration while safeguarding sensitive information is paramount. Microsoft offers Information Barriers to control document access, prevent unauthorized sharing, and maintain data integrity. While straightforward scenarios are well supported, some cases allow users to communicate via SharePoint documents even when set to be blocked. 
In this blog, we will explain one scenario that is not covered by Information Barriers  

Let’s delve into a scenario where Bob and Alice lack permission for a document, but Jim has access and shares it, highlighting the effectiveness of Information Barriers. 

Understanding Information Barriers 

Information Barriers in SharePoint allow organizations to control communication and collaboration between different groups of users. By defining policies, admins can restrict access to specific content based on user attributes such as department, role, or team membership. This ensures compliance and prevents conflicts of interest by enforcing segregation of duties. 

While Microsoft Information Barriers offer some controls for access management in SharePoint, it’s essential to acknowledge their limitations. One notable gap is the potential for accidental access granted between restricted users and sensitive documents. This is due to MS Teams Information barriers policy setting being too broad, only having limited sharing control such as sharing with anyone, sharing with the company, shared with a group but it does not provide granular control. 

The Scenario:

A user can share a file with members of separate groups that are blocked from communicating with each other 

The Players: 

Jim: A senior manager with access to sensitive financial reports. 

Bob and Alice: one is an investor, and the other is a researcher, and they are set not to be able to communicate with each other. 

The Incident: 

Jim needs input from both Bob and Alice on a project that involves data from the financial reports. He decides to collaborate with them by sharing the relevant document on SharePoint. Giving them access to a document that they otherwise should not have. 

He shares the file with Bob and then shares the same file with Alice. As a result, Bob and Alice have a file shared that enables them to communicate and share info on it. 

The Solution 

AGAT’s Ethical Wall /Information Barrier Enforcement validates all the users that have access to file on any permission changes event. This is done in real-time blocking the communication between Bob and Alice as explained above  Despite the attempt to share, the restricted user will be unable to access the document due to their restricted permissions. 

AGAT Information Barriers ensure that sensitive or restricted information remains protected, mitigating the risk of unauthorized access or data breaches. 

Conclusion 

AGAT’s Ethical Wall/ Information Barriers in SharePoint provide advanced sharing options that enable organizations to maintain data integrity and confidentiality. By effectively segregating users and controlling access to sensitive content, businesses can foster secure collaboration while mitigating the risk of unauthorized disclosure. Implement Information Barriers in your SharePoint environment to bolster your data protection strategies and safeguard critical information. 

Learn More