In short
How it works
Managed detection and response
Proactive Cybersecurity
CIS Protection for Microsoft 365
Collaboration tools such as Microsoft 365 (MS 365) allow us to access and take advantage of multiple functionalities, including the ease of sharing one or more files, both inside and outside the organization. These features greatly increase productivity and reduce the need to share these documents by email.
However, access to these files remains and can become a risk for the organization. Sharing for the entire organization or sharing that is no longer necessary opens the door to potential information leaks. Current tools also make it difficult to manage these same shares, which are often numerous in an organization.
MD.ECO helps users and organizations understand and mitigate the risks associated with sharing.
MD.ECO performs a real-time inventory of the active shares in an organization, provides a risk index associated with these shares as well as tools to reduce this risk. A risk index is also presented for the collaboration space (library) where these shares exist.
MD.ECO provides the entire organization with a set of tools to better manage the risks associated with file sharing :
- A view on the shares performed by a user.
- A view of all shares for resources such as collaboration spaces and libraries that the user owns and is responsible for.
- Revocation tools to revoke active shares individually or in batches.
Summary information related to shares is also included in the weekly email sent by MD.ECO to all users. The weekly email digest includes other information about IT usage and associated risks.
When a share is identified as “risky”, the following actions should be taken:
- Validate the last access to the share: if the file has not been accessed recently, the share is probably no longer required.
- Validate the scope of the share: it may be possible to make a new share with a reduced scope, thus reducing the risk.
- Validate if the permissions granted to the share can be reduced: it is sometimes better to create a new share with revised permissions and revoke the old one.
- Validate the creation date of the share: if the share has been in place for several months, it is useful to question whether it is still needed and whether this method of working is the best one.
- As the person in charge of a resource, such as a Teams collaboration space or a Sharepoint library, do not hesitate to contact the users who initiated the shares identified as being at risk in order to verify their necessity and to make them aware of the options available to reduce the risk.
What if I need to keep some shares?
If some shares must be maintained, here are some ways to limit the risk to the organization in terms of shared data :
- Use a collaboration space such as a Teams or Sharepoint site to collaborate continuously and permanently :
- By creating a collaboration space, you add flexibility and can take advantage of additional functionality. Use MD.ECO to create a new Teams space or Sharepoint, even allowing you to invite collaborators from outside your organization, all securely. MD.ECO allows any user to submit a request to create a new collaboration space.
- Limit sharing to specific recipients :
- When creating a sharing link, be sure to select the sharing option allowing you to specify who should have access. Avoid organization-wide shares which are often the default option offered by Microsoft 365.
- If the file must be available to the entire organization, use collaborative spaces that are accessible to the entire organization, such as an intranet, rather than maintaining shares indefinitely.
- Limit permissions on the share :
- If the file is only to be viewed by collaborators, adjust permissions to read-only and limit downloading when possible.
- Use MD.ECO to regularly review shares and revoke shares that are no longer required :
- Via the weekly email sent by MD.ECO, review the status of your shares as well as those that are active in the resources you own and manage;
- Via your MD.ECO dashboard, consult the summary information of active shares and their associated risk;
- Via the share management tool, revoke shares that are no longer needed and that may represent a risk to your organization. MD.ECO allows you to revoke share links individually, in batches or according to certain predefined criteria such as risk, share duration, type, etc.
- For administrators or owners of resources, such as Teams Collaboration Spaces or libraries, ensure that the security settings for your Teams and Sharepoint sites are properly configured and meet the requirements of the types of data that will be deposited and potentially shared there :
- MD.ECO allows for the development and use of resource templates specific to your organization. These templates are available when creating new Teams and Sharepoint resources and provide consistency by defining a set of attributes that resources will inherit, including security. For example, it is possible to define default share types.
- Free up your IT teams by allowing any user to submit a request to create a new Teams or Sharepoint resource, all using templates defined by your organization. This action is finally supported by a simple approval process integrated to the platform.
In summary
The use of collaboration tools like MS 365 and features like sharing present a golden opportunity to increase and simplify productivity. MD.ECO supports users and the organization by providing a centralized view of active shares and a set of tools to manage them and reduce potential risks.
Additional information
For a regular MS 365 user, Microsoft offers several training modules on all the features and options related to sharing :
For an IT administrator, several training modules and extensive documentation explain the specific options for shares :