365 Permission Manager is a GRC (Governance, Risk, and Compliance) service designed to provide effective permission management for Microsoft 365 environments, specifically Teams, OneDrive, and SharePoint. It addresses the challenges CISOs and M365 admins face in controlling file permissions, preventing compliance violations, and mitigating the risk of security breaches. The tool simplifies managing permissions at scale by providing a full overview of M365 permissions, advanced filtering to identify risks like anonymous external access, and clear views of users' effective access rights. It offers quick actions to fix permissions across multiple sites, set appropriate external sharing levels, and remove orphaned user permissions. With predefined compliance policies and continuous auditing, 365 Permission Manager helps organizations maintain a compliant data infrastructure and prevent sensitive information sharing. Automated violation remediation and alerts for critical shares further enhance security, while comprehensive reporting aids in documentation and compliance efforts. The dashboard provides a clear overview of compliance status and critical sharing permissions, enabling proactive management of M365 data sharing and compliance.

Features:

• Simplify Managing Permissions at Scale: Get a full overview and understanding of your organization’s M365 permissions across SharePoint, OneDrive, and Microsoft Teams. Use advanced filtering to quickly check which items are accessible by anonymous external users or guests, or which have broken permissions. Break down nested groups to get a transparent view of users’ effective access rights.
• Take quick actions: Use Quick Actions to fix permissions on multiple sites at once, to set appropriate external sharing access levels, or to identify and remove access for groups providing indirect company wide access (e.g., “Everyone”). Quick Actions also lets you find and remove orphaned user permissions with a push of button
• Predefined Compliance Policies: Use our Governance, Risk, and Compliance (GRC) service if you need to maintain a compliant SharePoint, Teams, and OneDrive data infrastructure and prevent users from sharing sensitive information. With 365 Permission Manager, you can either assign out-of-the-box best practice policies or create custom compliance policies for SharePoint sites, Teams and OneDrive accounts. If a user shares a site or a file against the organization’s compliance policy, site owners receive immediate notification about the violation so they can intervene.
• Achieve Effective Compliance with a continuous Microsoft 365 permission audit: If a user violates compliance rules, the Audit function gives you the option to approve or reject the violation by reverting the site settings according to the site’s assigned compliance policy, or to remove access given to users and groups.
• Automated Violation Remediation: If a violation has not been removed by the site owner or admin, it will be removed automatically to ensure compliance based on the policy settings.
• Receive Alerts for Critical Shares: Receive a daily summary of critical permission changes across your M365 tenant. Alerts will notify you which sites, files, and folders have newly shared items with “Everyone” or anonymous users or guests outside your organization.
• Receive Comprehensive Reporting: 365 Permission Manager generates reports containing permission meta-data for documentation and compliance purposes. It shows which files are externally accessible to anonymous users or which are shared with guests. It also allows you to select a particular group or user to get a full list on any site, file, or folder they have access to.
• Overview with To-do-list: The To-Do list provides an overview of all violations needing audit. Users can approve or fix issues directly from the list. This feature is available to both admins and site owners. Site owners receive notifications for their site’s violations and can address them before admins are alerted, easing the audit burden on administrators and CISOs.