Handling Oversharing in SharePoint for Copilot Deployment

Jul 12, 2024

Handling Oversharing in SharePoint for Copilot Deployment

Introduction

  • Main Topic: Addressing the issue of oversharing data in SharePoint to enable Copilot in organizations.
  • Objective: Prepare organizations to handle oversharing across Microsoft 365, especially SharePoint.
  • Goals:
    • Identify oversharing in SharePoint.
    • Implement solutions to manage and restrict access.
    • Outline workarounds for quick resolution to not delay Copilot deployment.
  • Resource: Use data access governance reports and configuration changes in SharePoint.

Why is Oversharing a Concern?

  • Definition: Oversharing occurs when data is shared too broadly within an organization, often unintentionally.
  • Risks: Sensitive data exposed inadvertently (e.g., CEO salaries, confidential reports, contracts)
  • Scenario: Copilot exposing data due to improper security settings.

Tools and Reports for Managing Oversharing

SharePoint Data Governance Reports

  • Access: Available in the SharePoint admin portal through Microsoft 365 admin center.
  • Key Elements: Sensitive labels and sharing links.
  • Purpose: Identify links granting wide audience access (anyone, people in the organization).
  • Important Note: Existence of links does not automatically grant access until clicked.
  • Requirements: SharePoint premium licenses or Microsoft 365 E5 subscription.
  • Output: Top 100 reports for further analysis (export to Excel recommended).

Analyzing Microsoft Teams

  • Admin Portal: Use the Teams admin portal.
  • Focus Areas:
    • Public vs. private teams.
    • Organization-wide teams.
    • Large membership teams.
  • Purpose: Identify large groups where data may be overshared.
  • Recommendation: Export data for detailed analysis.

SharePoint Active Sites Report

  • Access: SharePoint admin center.
  • Key Information: All SharePoint sites, volume of storage, number of files.
  • Analysis:
    • Identify sites with many members but few documents.
    • Export data for further investigation.

Configurations and Workarounds

Exclude Specific Sites from Copilot and Search

  • Steps:
    • Go to site settings.
    • Open site information, view all site settings.
    • Navigate to search and offline availability.
    • Exclude the site from indexing.
  • Result: Site is not accessible through Copilot or Microsoft 365 search.

Block All Sites and Create a Whitelist

  • Purpose: Enable restricted search mode in SharePoint for faster resolution.
  • Steps:
    • Connect to SharePoint online using PowerShell.
    • Enable restricted search mode for the tenant.
    • Add specific sites to the allowed list (up to 100 sites).
  • Result: Only whitelisted sites are accessible through Copilot and search.
  • User Notification: Warning message about restricted access when using Copilot.

Conclusion

  • Summary: Emphasize the importance of recognizing and managing oversharing in SharePoint to ensure secure Copilot deployment.
  • Call to Action: Utilize the presented tools, reports, and workarounds to secure data before activating Copilot.
  • Reminder: Oversharing is a risk even without Copilot deployment; addressing it improves overall data security.
  • Further Learning: Subscribe, thumbs up, and ask questions for more videos and deeper understanding.

Resources: PowerShell scripts and tools linked in the video description.