Loacker gains full control over guest access and external sharing in Microsoft 365 using SysKit Point
Loacker is a wafer, chocolate, and snack company that has been creating high-quality products since 1925.
Decreased visibility of guest user access and sharing resulting in data security vulnerabilities.
Automatic prevention of guest user access following inactivity and a clear overview of externally shared assets with SysKit Point‘s expiration policy and reporting.
Ensured company data protection from unauthorized guest access, complete visibility of external sharing, and a timely alert system to safeguard against security breaches.
Since 1925, the name Loacker has stood for pure and wholesome natural goodness, the highest quality, and a love for nature – combined in delicious wafers, snacks, and chocolates. Over the past 90 years, the company established in the Italian Alps has become an internationally known brand whose export quotes keep growing. In 2021 alone, 37,534 tons of Loacker chocolate specialties were sold in more than 100 countries worldwide.
At Loacker, goodness is a choice. The main pillars of the company’s philosophy are high product and service quality, environmental protection, and following social and ethical principles. Loacker’s accelerated sustainability plans include the goal of 100% sustainable cocoa in its products by 2025.
“Strategy comes first, technology second. By providing a stable platform we want to empower our 1,000+ employees in the best possible way for future endeavors.”
– Anton Dorfmann, CMS & Collaboration Manager
A growing number of workspaces, folders, documents, and users resulted in decreased visibility into Loacker’s tenant, rendering the employees unable to easily control guest access to sensitive data.
Unauthorized guest account access
Loacker employees frequently collaborate with partners from different companies. They use guest account access and external sharing to grant outside users access to internal resources – both of which can cause data vulnerabilities.
When external users get invited into Loacker’s M365 tenant as guests, both parties can share and work on the same documents. If left uncontrolled, guest accounts remain active in the tenant after project completion, which means they can log in and freely access the company’s sensitive files.
Loacker’s IT team started looking for a way to implement a security policy that would automatically disable guest user access after a certain period of inactivity, to prevent unauthorized external access to the company’s valuable data.
Searching for a solution, they first turned to Microsoft 365, which doesn’t offer an out-of-the-box guest expiration policy. On top of that, Loacker’s IT team was forced to waste precious time using PowerShell scripts to detect inactive guest users in the company’s M365 environment.
With the inventory increase, the already exhausting and time-consuming process started to become even more complicated. The team soon realized that they needed to find a separate solution for the implementation of their guest account security policy.
Unsupervised link content sharing
In addition to guest account access, Loacker’s employees also used sharing links to grant outside users access to resources. Expiration policies weren’t the issue with them, since Microsoft 365 provides the ability to set them on the tenant level. However, they could not get a clear overview of the externally shared assets across the entire M365 tenant in a single report. To gain insight into who shared the documents with whom and what permissions the users had, Loacker’s IT team needed to dig – they had to go down to the file, folder, and site level, and extract data manually into a report.
Instead, the team at Loacker was searching for a simpler solution that would centralize all externally shared links in a single location and provide clarity and greater management abilities.
“SysKit Point was everything we needed, right from the beginning: clear, intuitive, and super easy to use. It was a way better match than any other tool, not only from the financial aspect but technical as well.”
Loacker’s search for the right solution started with different requirements, a lot of googling, digging through presentations, and reading whitepapers. To make a final decision, all it took was a look at a comparison table with a numbers rating.
The result was clear.
With its powerful governance automation and reporting features, SysKit Point solved two major data security needs. Its array of capabilities, such as Teams lifecycle management, will continue to cater to Loacker’s expanding needs in the future.
Guest user expiration policies
To prevent unauthorized guest access to valuable data, Loacker’s IT team uses SysKit Point’s tenant-wide policy that requires guest user access validation. It allows the team to achieve the following:
• Ensuring that guest users are reviewed periodically or whenever Point detects them as inactive.
• Receiving an e-mail to guest users’ managers or other users defined in the Guest Users Expiration policy.
• Automatically removing the ones no one takes responsibility for, leaving Loacker’s environment secure.
External sharing reporting
Another step to resolving data vulnerabilities was Point’s external sharing reports. Their team can now find all content shared via sharing links in one central report. It contains files shared via anonymous links, links for specific people, and sharing links within the company.
They gained the following abilities:
• Finding valuable details such as the creation and expiration dates of the sharing link and what type of access rights they give.
• Removing multiple sharing links or preventing specific guest users from accessing them.
• Stopping external OneDrive file sharing when needed.
100% secure and seamless integration process of SysKit Point, accompanied by a helpful customer support team, has provided Loacker with an ultimate carefree experience every step of the way. Resulting in:
“The best thing about SysKit is the people working there. There are not so many software providers where you can directly position your ideas and they will soon be evaluated, and that’s one of the most important things in our good relationship.”
Your M365 management has reached a turning point.
Start your 21-day free trial of SysKit Point which includes:
- A 100% real experience of powerful Microsoft 365 reporting and management using your real data.
- A quick and straightforward setup that only takes a few minutes. No credit card required.
- Detailed self-service documentation covering every segment of the product to help you onboard faster.
Get More Resources
Fully met ISO 9001 compliance requirements in Microsoft 365
Discover how Zagreb Airport saved hours on complex M365 guest user management and manually extracting data for compliance reports.
Reduced the number of IT support tickets with Teams provisioning
Learn how the Rimac Group ensured secure communication and workflow creation between two organizations, while staying alert to suspicious sharing activities.