Challenge #9
Secure Sharing with Automatic Guest Expirations
Implement automatic expiration for guest access in SharePoint and OneDrive. Ensure your external collaborations are both productive and secure.
Why?
Collaborating with external partners is vital, yet it brings its own set of security challenges. Granting guest access to SharePoint and OneDrive via file shares, Microsoft Teams invites or related is a common practice, but without proper controls, it can leave our data vulnerable. By setting automatic expiration for guest access, we add a layer of security that adapts to the dynamic nature of collaboration.
This approach ensures that external partners have access only for as long as they need it, typically recommended for no more than 30 days. After the set period, access expires automatically, reducing the risk of outdated permissions lingering and potentially becoming security loopholes. It’s about creating a secure environment where access is granted judiciously and monitored continuously, aligning with the best practices for data protection.
How?
Configuring automatic expiration for guest access in SharePoint and OneDrive is a straightforward but critical step in enhancing your collaborative security. Here’s how to get that gap closed up.
Step 1: Go to the Microsoft Sharepoint Admin Center
On your computer, launch a new browser window (Edge, Chrome), and type in https://admin.microsoft.com/sharepoint and press enter.
Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.
Step 2: Adjust Sharing Policies
Within the Microsoft Sharepoint Admin Center:
- Look for and select Policies
- Under Policies, select Sharing
Step 3: Configure External Sharing Settings
- Within the Sharing window, find and click More external sharing settings (it’s an expandable menu).
- Under More external sharing settings, find and enable the setting for Guest access to a site or OneDrive will expire automatically after this many days
- Once enabled, you can then define the days in which you are comfortable with, ranging from 30 to 730 days.
- We recommend 30 days
PS. For bonus points, there are several other settings on this page that can improve security and your Secure Score, such as default permissions for sharing links (view vs. edit), defaults for who can use the links when you share files, and several others. Explore.
Step 4: Confirm and Save Settings
- Once you are satisfied with your changes, click Save
While you’re here…
Enhancing Cybersecurity Effectiveness through Employee Education: Introducing Our New Training Platform
Threats loom larger with each passing day. Securing your organization’s assets has never been more critical. Our cybersecurity training platform stands ready to arm your workforce with the necessary knowledge and tactics—not just to respond to threats but to anticipate and neutralize them. Delivered through our comprehensive Workplace Suite, this platform offers an engaging, multifaceted educational experience that’s more than a set of tools; it’s a transformative process designed to strengthen the most crucial element of your security infrastructure: your people.
Navigating New Citrix Licensing with Service Provider Solutions
Citrix has introduced significant changes to its licensing model, impacting businesses of all sizes. Dive into these updates and discover a strategic approach for small and medium-sized businesses (SMBs) to adapt and thrive. Discover how the discontinuation of auto-renewals, new minimum seat requirements, and the shift toward cloud computing are reshaping how companies access and use Citrix solutions. More importantly, learn about the flexible alternative of Service Provider Licensing.
How SMBs Can Outsmart Advanced Email Threats
Explore the criticality of email security for businesses, delving into sophisticated threats like Spear Phishing, BEC, and Ransomware, and identify practical steps for enhanced protection. The article highlights the gaps in Microsoft 365’s email defense and advocates for a layered security approach. With real-life examples and tangible results, we underscore the importance of proactive measures and Third Octet’s comprehensive solutions to safeguard your business email and infrastructure against evolving cyber threats.