Guide to External Sharing: Reporting

In a previous post, we explained that External Sharing covers multiple features for working with external parties in Microsoft 365. We also made the point that these features posed a challenge to IT teams because they were turned on by default. The next two posts will look at how External Sharing can be managed and first, how it can be reported on.

Reporting on external sharing

Why is it important to be able to report on External Sharing? It is because SharePoint and Teams encourage users to work with other people, inside and outside of the organisation. There is a trust element that requires users through training and guidance to correctly share information. However, if they get it wrong, information could be shared externally when it should not or shared with the wrong people. Therefore, reporting provides IT and compliance teams with an important tool to validate information is correctly shared.

The challenge

The challenge with reporting on external sharing is threefold:

• There are different ways content can be shared, whether it is granting a guest access to everything in a team or sharing an individual file.
• It is not straightforward to see what information is externally shared within a Site.
• The flat hierarchy of modern SharePoint does not make it easy to report on permissions across multiple Sites and Teams.

Let’s take a simple example to explain the challenge further.

An IT team are asked to report on what information is accessible to a specific external user. First, they would  need to check permissions assigned to each Site and Team to look for guests. They would then need to check each Library for broken permissions which would indicate shared files. Finally, each shared file would need to be checked to determine who had access. This process will likely be familiar to many because of its length of time to complete and the likelihood of human error.

There is an alternative

The alternative is to invest in a reporting app like ProvisionPoint Permissions. It allows authorised users to rapidly run reports on the permissions assigned to multiple Sites and Teams. Reports help quickly identify external users and files that are shared externally. Furthermore, a range of actions allows for quickly turning off external sharing where there is a potential risk.

Now we can report accurately on external sharing, our final blog in the series will cover techniques for managing any potential issues we might find.

If you would like to see how ProvisionPoint can help you report and manage external sharing, you can book a 1-to-1 demonstration with one of our ProvisionPoint experts here