- All of Microsoft
- Microsoft 365
Microsoft 365 OMG This HAS to be a Mistake!
This week I discovered a feature that from one perspective provides a convenient way for administrators to share out users content.
From our point of view Andy is not addressing a new problem here but it has become much easier for a Global or SharePoint Admin to view files in a OneDrive. This has always been possible via PowerShell
Andy: “This week I discovered a feature that from one perspective provides a convenient way for administrators to share out users content. The flip side however is that it could be a privacy and compliance nightmare. Join me in this short episode and discover what’s gone wrong with Onedrive for Business.”
I can only recommend to limit the big rights SharePoint Admin and Global Admin for example also the introduction of PIM or review of Access Logs:
What is Azure AD Privileged Identity Management?
Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization.
Search the audit log in the compliance portal
Need to find if a user viewed a specific document or purged an item from their mailbox? If so, you can use the audit log search tool in Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization.