SharePoint Permissions Cleanup – How to Avoid Mess & Optimize Costs
SharePoint is undoubtedly a powerful platform. It offers a lot of user-managing options, such as adding, removing, and administering users. But that flexibility can also cause a lot of mess, and accordingly higher costs in both money and time. In this blog post, we’re gonna show you how you can keep your environment clean of excessive permissions and optimize your costs.
Clean up your Orphaned Users
Orphaned users are users who have left your organization and no longer exist in your Active Directory (AD), but who still have access to your environment. This happens more often than it should, when admins forget to remove those users’ permissions in the admin center. It’s a highly risky situation for the security of your sensitive files.
But don’t worry. SysKit Security Manager can help you out with its Orphaned Users report. You can instantly check all orphaned users in the tenant. Optimize your SharePoint license costs by removing their licenses or transferring their ownership to the superior manager. Download the report example and try it yourself.
Dear reader, this is the functionality of our former product, SysKit Security Manager. Check out our new cloud-based Microsoft 365 governance solution, SysKit Point, to monitor user activity, manage permissions, make reports, and govern your users and resources.
Delete Users without Permissions
Users without permissions are those that don’t belong to any SharePoint group, nor have any direct permissions assigned to them. These users shouldn’t be a part of your AD, as they probably already left your organization. Moreover, you are spending money on licenses you don’t need. So, your task as an admin is to find those permission-less users and delete them from your AD.
The thing is, you can’t really know at a glance who those users are. This is when SysKit Security Manager comes in handy. It offers a report that lists all the users without permissions in your environment, so all you need to do is find the users from the list in your AD and delete them.
Manage Groups without Permissions
Without proper permissions governance, a number of mismanagements can occur. One of those is when an admin creates a SharePoint group but doesn’t assign any permission to it. That leaves a whole set of users who hoped to have access to certain objects through that group, but simply don’t. No matter the reason why this happened, you should either delete these groups, or assign permissions to them.
However, sometimes it is hard to track down all those groups. SysKit Security Manager has a report that lists all the groups in the tenant or farm that don’t have the permissions. You can then easily manage those groups and avoid further misunderstandings.
Manage Groups without Users
Similarly to the situation above, it can come about that an admin creates a group but doesn’t add any members to it. You might think that’s not a big deal, but it can create a pretty big mess if it happens often. Groups without users are obviously groups that are not used at all, and not only do they create a clutter, but they may also take a name that another, active group should be given. Obviously, you need to decide whether to delete those groups, or add users to them.
In large environments, it can be a hard task to find all those inactive groups. Luckily, another SysKit Security Manager’s report, Groups Without Users, lists all such groups in a farm or tenant. Once you have generated the report you can export it, analyze it, and manage them according to your needs. Download the report example and check it yourself.
SysKit Security Manager – your Office 365 Security Ally
Besides permissions cleanup, SysKit Security Manager will help you organize and manage permissions in your environment, control Office 365 and SharePoint Online guest access, and stay within OneDrive storage limits. Try all the functionalities of SysKit Security Manager with a 30-day free trial.
Want to read more posts from us? Subscribe to our blog and stay updated!
