Friday, March 8, 2019

Secure your SharePoint Online documents with the security features in Office 365 & SharePoint Online

Security nowadays is always a concern because of the cloud service and that too keeping your business documents on cloud raises many concerns about security. In this article, I am highlighting some of the key features available within SharePoint Online and Office 365 Security & Compliance by means of which you can secure your documents.

If you know, you can also integrate Dynamics 365 for Customer Engagement entity records with SharePoint Online for managing D365 documents Integrating Dynamics 365 and SharePoint Online.
These documents also need to be secure.
Let us see how we can secure these documents with below features: -

o   Using Permission Level: - Microsoft already provides a set of default permission levels which is very useful, but you can also create new permission levels in SharePoint Online. You can then create Groups for that Site Collection for e.g. (root site), associated with the permission level. For e.g., you can create a permission level called Contribute (Not delete) which means the users associated with this permission level will not be able to delete anything.
Note – Never modify or delete a default permission level.

o Retention policy from Office 365 Security & Compliance center: - Create a Retention Policy for all or chosen SharePoint Online sites, so that if accidentally or by purpose if the documents are deleted from SharePoint Online it can be recovered.

o   Restricting access for certain records: - You might not want that all the users should have access to all D365 for Customer Engagement records. You can basically customize permission for that SharePoint Document library to achieve the same. By default, all sites, list, libraries within a site collection inherit permissions from the parent site break the inheritance from library settings and then add only those users whom you want to provide access.

o  Alerts: - Alerts can be set in two ways for SharePoint Online.

a.       a.   Setting up alerts from SharePoint Online – You can set alerts for a specific document library within SharePoint Online, so if there is any modification or deletion you can get email or SMS alert.

    b.  Alerts from the Security & Compliance center in Office 365: – Here we can set alerts whenever there is any activity in SharePoint Online defined by you. We can only get Email notifications in this case and not an SMS, unlike SharePoint Alerts.

o Audit in Office 365 Security & Compliance center: - With the help of Audit you can search for Users and Admin activities. Before you can start searching for the audit logs it needs to be turned ON. To turn it ON, just click Start recording user and admin activity on the Audit log search page in the Security & Compliance center.

Here, we can get the audit logs for the activities defined by you.

  • o    Access Control in SharePoint Online admin center: - With the help of access control, you can restrict or allow all the users to access SharePoint Online contents on basis of network location, which can do in just a few clicks.
    This helps to prevent access from untrusted locations.


       o    Conditional Access using Azure Active Directory: - You can either restrict access or enforce Multi-Factor Authentication for specific users or group of users whenever SharePoint Online is accessed from an untrusted location.
Note: - This method requires Azure AD Premium license for users.
 If you want to simply restrict all the users from accessing SharePoint Online on the basis on a network location, you can simply use Access Control in SharePoint Online Admin Center.

  • o   Manage Sharing from SharePoint Online admin center: - External sharing is one of the key features to collaborate. However, this increases the possibility of data loss. According to the organization requirements, you can select from the given options for e.g. you may choose that only authenticated users who can sign in to Office 365 can access the content which is shared with them. There is a lot of other option available to narrow down the sharing restrictions for external users, which helps you to secure your environment.


While I have explained this in a detailed manner, there are lots of other ways where SharePoint and Dynamics 365 compliment each other. Security is just one aspect. I shall be listing other such features ahead in my blogs.
Hope the above information helps!

No comments:

Post a Comment

Change the default email address and anonymous user to send email to Public Folder

An Exchange public folder can be used by several people in Outlook Web App or in their local Outlook installations. It allows a group of us...