Using SysKit Point to fulfill legal and compliance requirements
Office 365, and in particular SharePoint Online, has historically been storage for unstructured private data, which is difficult to control. While some companies will curse Office 365 and SharePoint for that data structure, they can utilize SharePoint Online to help them identify and remove GDPR-relevant data with a few simple steps and tools.
Personal data stored in SharePoint lists and libraries, as well as permissions and user actions, have been proven to be difficult to identify or remove. We need to identify all content that a user owns and it’s actions. Also, we need to identify who has accessed the personal data and if it has been leaked. When using only Office 365 / SharePoint Online native tools, this is difficult and often impossible to achieve.
User Access at a Glance
This is where SysKit Point can help: with a number of reports, targeted to discover and identify personal data, and with a powerful audit log analyzer, it is fairly easy to achieve the required level of compliance and get all the necessary reports.
We can see at a glance what permissions a user has – on a site, a folder, or even a single document. We can audit user actions and see which documents the specific user has been accessing. In the same way, we can switch the logic and audit which users have access to a specific document. All this does not take more than a few clicks.
If we think about ISO Certificates, companies will want to review the information security system on an on-going basis. With SysKit Point, they can automate those activities and procedure implementation. They can review tenant security changes, track high-risk activities, perform regular reviews of users and administrators, track the activities and content that has been shared with them, and way more.
How can SysKit Point help?
By using SysKit Point, companies can easily configure and run the following Office 365 reports, which provide the comprehensive information needed to fulfill the legal and compliance requirements.
- Permissions report for one selected user
This report will perform a full user screening, providing the answer on which content the user has permissions.
- Permission matrix for one selected SharePoint Site or Teams Site
When a lot of direct sharing and permissions breaking take place, it is important to have an overview of who exactly has which permissions on one Office 365 site, regardless if its SharePoint or Teams. This report provides a comprehensive yet easy-to-read and understand matrix with that information.
- Unique permissions over one selected site
This report provides information about unique permissions within a Teams or SharePoint site – those are the permissions that are different from the main permissions on that site.
- Group memberships overview for all sites
This report provides comprehensive information about the membership of the groups used on a site, regardless if those are SharePoint Groups, Office 365 Groups or Security groups. The mixture of those three types of groups having permissions on one Office 365 site can be very confusing – this report sheds light on that confusion.
User Access Audit
- Security Auditing report for one selected SharePoint site
This report, based on the analysis of Office 365 audit logs, gives comprehensive information on all security-relevant activity that happens with a SharePoint site: sharing, permission changes, bulk downloads, etc.
- Security and Activity Auditing report for a group or team
Similar to the SharePoint Site, the Office 365 security audit report can be performed on a Microsoft Teams or Office 365 Groups generated site. The output information is similar, companies will have comprehensive information on all security-relevant events. It can also provide a comprehensive activity report for a selected team or group, and thus help companies trace and reproduce content-relevant actions.
- Activity Auditing report for one selected SharePoint site
It is often needed to discover if a document, folder or library has been deleted or edited, who has deleted it and when. The auditing report for the SharePoint Activity answers those questions and provides comprehensive insights into the site activity.
- Externally shared content for one SharePoint Site or Team
Within SharePoint and Teams sites it is not possible to get a comprehensive view of which content has been shared externally, with whom, by whom, and if there are any anonymous sharing links. SysKit Point provides this report, which is often necessary for providing required insights.
Be in the know if your data is leaking: Using SysKit Point as an Office 365 auditing tool
We don’t think about problems until they happen to us. Data leakage? Unauthorized access? It’s usually not our problem – until it is.
There is a number of potentially dangerous data leakage and unauthorized access scenarios in Office 365 and SharePoint Online. Especially since sharing has been made very easy, companies are losing a grasp on who has shared what, with whom, and which users – external and internal – can access sensitive content. Early warning mechanisms – for example, when employees who downloaded a bulk of sensitive data just before leaving the company – are seldom considered in companies, and even more seldom implemented.
But, it doesn’t have to be that difficult and painful. SysKit Point has been created from scratch with forensics in mind. When implemented and configured properly, SysKit Point will help companies set up forensics and early warning procedures in the main fields:
Controlling and auditing Office 365 guest users and externally shared content
Since it has become very easy to add Office 365 guest users to your content and to share content with a number of known or unknown Office 365 guest users, SysKit Point can help companies easily get a grip on this. With only a few clicks you can find out which Office 365 files – regardless if it’s from SharePoint, Microsoft Teams or OneDrive – have been shared with Office 365 guest users and who has shared them. If someone has created sharing links, you can also easily find that out.
Security-relevant Office 365 activity auditing for Office 365 internal and guest users
Sometimes it is important to recreate a user’s steps and determine what a specific Office 365 user has been doing with the content. That can be content-related actions, such as open, read, edit or delete, or security-related actions such as content permissions changes. For example, companies want to find out who has given guest users the access to sensitive data, or if an employee who is leaving the company has downloaded large amounts of sensitive documents. This is where SysKit Point helps: all of this information can be retrieved within a few clicks.
Permission and admin role changes
A very important aspect of data and access forensics is knowing when admin privileges and content permissions change. This is crucial security information for every company: who are the admins, on which levels? Who has promoted them to admins, and when? Did those admins change any content permissions, and if yes, then when?
All of this is easily achievable with SysKit Point. When configured properly, it is the ultimate governance platform for companies to be in-the-know, to keep in control, and to provide evidence for any security-relevant situations on top of Office 365.
How can SysKit Point help?
By using SysKit Point, companies can easily configure and run the following reports, which provide comprehensive information needed to fulfill all forensics requirements.
Guest access and external content
- List of all Office 365 guest users in all sites and teams
Providing a comprehensive view of all Office 365 guest users in SharePoint or Teams sites is a crucial requirement for any security screening. SysKit Point provides this report with one click.
- Overview of all externally shared content in SharePoint and Teams sites
Companies want to have a comprehensive overview of the content which has been externally shared, and SysKit Point can deliver that within a few clicks.
- Overview of user access for Office 365 guest users
Companies typically want to review the access rights for Office 365 guest users, and SysKit Point delivers a comprehensive report on Office 365 guest users access. It gives information on what has been shared, who has shared it, and when has it been shared.
Security audit for all users
- Security-relevant activity auditing for one or more Office 365 guest and internal users
Companies typically want to review the audit trace of Office 365 guest (and internal) users – what content they have been working on, what did they download or delete. SysKit Point can provide a complete Office 365 audit trace for both external and internal users. It helps companies detect and prove potential leaks and problems.
- Security-relevant Office 365 activity auditing for one or more SharePoint and Team Sites, and personal OneDrives
Companies need a way to audit a SharePoint or Teams site, or even a personal OneDrive. Office 365 audit is neccessary to prove and evaluate security-relevant activities such as file sharing, content downloads, or content deletions. SysKit Point delivers a comprehensive report which helps achieve that.
- Document Sharing in SharePoint and Team Sites and OneDrives
Companies will want to know for which content (documents, folders, libraries) an anonymous sharing link has been created. SysKit Point provides a comprehensive report which offers that information at a glance.
- Permission and security changes in SharePoint and Teams sites
Companies will want to know when content permissions change – when one admin or privileged user gives access to content to other users or groups. SysKit Point provides a comprehensive report based on audit logs, where all the permission and Office 365 security changes are visible.
Enabling transparency: SysKit Point will tell you what is going on with an Office 365 analytics report
SysKit Point excels in forensics on Office 365 data and user actions. Why is it important? SysKit Point gives companies answers on some crucial questions:
- Which content is used, and which is not? The answer to this question can help companies improve their Intranets and focus on what is important.
- Which users are active, and which are not? The answer helps companies promote champions and increase Office 365 adoption.
- Which content is orphaned or dead? The issue of orphaned content happens when people who have created it have left the company, and nobody else has received effective access to that content.
- Which content is being shared with the outside world? The answer to this question can help companies better understand how their employees are working with partners and customers.
Office 365 adoption is one of the major topics with each Office 365 implementation. When companies understand their content and their users, it’s easier for them to emphasize content which is being used and improve content which isn’t. When they know the behavior of their users, they can easily tailor the content and internal procedures to accommodate that behavior.
Of course, Office 365 governance is an important piece of that puzzle. The content that is stored in Office 365 – SharePoint Online, Teams, OneDrive – will grow, and it is important to prevent something that is used to be called “SharePlosion” back in the SharePoint Server times. Now, we could maybe call it something like “SharePointTeamsOneDrivePlosion”. The collaboration world is becoming more and more complex, but the challenges remain the same. Companies need to know which content they own and who is using it to correct the anomalies and potentially dangerous situations. By using SysKit Point, companies have one, ultimate, company-wide platform to do exactly that.
How can SysKit Point help?
By using SysKit Point, companies can easily configure and run the following reports, which provide comprehensive insights into content, users and usage:
- The most accessed content in a SharePoint or Teams site
Using the Audit log reports that SysKit Point provides, companies can analyze content usage in their SharePoint and Teams sites. Based on that anayltics, they can optimize the content and consequently increase Office 365 adoption.
- The most active Office 365 users in a SharePoint or Teams site
SysKit Point also provides information about the most active users, based on the Audit Logs. In that way, companies can analyze user behavior, promote users to champions, and in that way support user adoption.
Externally shared content in a SharePoint Teams site and its usage
One of the key points for companies in understanding how they work with external partners is knowing which content has been shared with them and how it is used. SysKit Point can help companies get that insight by combining the external sharing and guest user activity reports.
- Group membership in SharePoint Sites or Teams
With different types of groups in Office 365, Teams, and SharePoint Online, it is difficult for companies to have a full insight into user activities. SysKit Point provides comprehensive and simple-to-use reports with that information presented at a glance.
- Orphaned files and libraries
Orphaned content is considered as content that nobody has access to. This usually happens when users leave the company, or when they are removed from the system for another reason. Such content cannot be identified directly from Teams or SharePoint Online, but it can be easily detected with SysKit Point reports.