Documents with explicit permissions given to users
This report allows you to find Office 365 and SharePoint documents with explicit permissions given to users within your environments.
- Find SharePoint documents with explicit permissions granted directly to a specific user in your environments
- Look for documents shared to people other than the specified groups
- Find potential security breaches with your documents
- Ensure that your governance plan security rules are respected
- Clean up your security architecture by putting these users in the appropriate groups
- Change the Custom Permissions settings on the documents to inherit from parent
- Remove Anonymous Guest Links generated on files shared externally on Office 365
If you have a SharePoint Site that contains pretty sensitive information: salaries, employee records, list of potential candidates for a job, etc., it may be the kind of information that you want to keep private to certain users.
As a SharePoint Administrator, you have to ensure that there are no security breaches of any kind on your sites. One of the key things to achieve this is to make sure that the right users have access to the right documents. The problem with SharePoint and Office 365 permissions, is that it's really easy to break inheritance or mistakenly give explicit permissions to specific users for a document. It can become ugly, and fast!
Imagine the crisis that would emerge if your company's payroll would became public because someone gave access to this specific Excel document containing everyone's pay. Your job could definitely be on the line here!
Fortunately for you, this is exactly what this report will give you: a way to find SharePoint documents with explicit permissions set directly to a user.
By default you'll get the file name, the library containing the file, and its URL. You can customize your search results with a lot of useful information on the document:
- file extensions
- size of the file
- creation and last modified dates
- user who created the file (created by)
- user who last modified the file (last modified by)
You can easily export those results to Excel to list all the documents on which you have a possible security issue. You can revoke users access to these documents that they aren't allowed to view or edit. The next step would be to contact the file's owner to talk about security best practices!
And it's generally considered best practice to only grant permissions to groups. This helps with permissions management in the future will help you keep your environment tidy!