Pau Lo
asked on
OneDrive for business secure sharing
I am just researching OneDrive for business sharing security and came across this article:
5 keys to protecting OneDrive users - Help Net Security
One of the risks and common errors it flags is:
'If you share a file or folder with “Everyone” or enable access with the link, it opens up new risks as anyone on the internet can find and access your document. '
How could a 365 administrator scan their employees OneDrives looking for any files/folders shared to Everyone (or any other security principle that represents anyone on the Internet, some other articles mention "Anyone" as opposed to "Everyone"), or any instances where 'enable access with the link' has been set (need to review further exactly how this would be done). Hopefully there are none!
How, as in tools/techniques, would an attacker be able to scan your users OneDrives looking for such overexposure of sensitive files through inappropriate sharing practices. It would be useful to simulate this 'from the outside' to see what may have been exposed due to user error.
As a preventative, hopefully it possible to stop your OneDrive for Business users sharing files/folders to Everyone/Anyone type security principles. I assume the settings in SharePoint admin center under policies > sharing are the place to set a corporate setting?
5 keys to protecting OneDrive users - Help Net Security
One of the risks and common errors it flags is:
'If you share a file or folder with “Everyone” or enable access with the link, it opens up new risks as anyone on the internet can find and access your document. '
How could a 365 administrator scan their employees OneDrives looking for any files/folders shared to Everyone (or any other security principle that represents anyone on the Internet, some other articles mention "Anyone" as opposed to "Everyone"), or any instances where 'enable access with the link' has been set (need to review further exactly how this would be done). Hopefully there are none!
How, as in tools/techniques, would an attacker be able to scan your users OneDrives looking for such overexposure of sensitive files through inappropriate sharing practices. It would be useful to simulate this 'from the outside' to see what may have been exposed due to user error.
As a preventative, hopefully it possible to stop your OneDrive for Business users sharing files/folders to Everyone/Anyone type security principles. I assume the settings in SharePoint admin center under policies > sharing are the place to set a corporate setting?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.