Remove unintentionally exposed cloud storage
With sharing being so easy on cloud platforms, over time it's likely you're sharing far more than you need to be. This initiative will help you get a clear picture of external sharing usage in your organisation and reassurance that only necessary shares are still active.
Have you ever shared a document with someone outside your organisation? Modern cloud productivity suites, like Google Workspace or Microsoft 365 make this easy - create a shareable link and anyone with that link, inside or outside your organisation, can view, comment or even edit that document. It’s awesome!
But what happens when you are done? Do you ever go back and clean up those shareable links or review who still has access to the document? You're not alone.
And so over time your organisation builds up a catalogue of documents that are accessible to “anyone with the link” that made sense at the time but may not anymore.
The solution? Well, in almost all cases, you don’t want to stop or restrict the sharing capability - that’s a huge benefit of moving to the cloud! We want to make security enable your business safely, not restrict it.
Instead, we need a way to look at what has been shared, see if those links are still in use, and ask the owners if they still want them shared.
Cleaning this up might not be top of your list for security - we’re not aware of any major data breaches that have happened this way - but it’s an easy win and will give you, and your colleagues, assurance that you’re only sharing what you need.
So what should you do?
Google Workspace has a file exposure report that can help you get a sense of where you're at. Unless we've missed something, there isn't an equivalent report in Microsoft 365, although you can create your own through search.
Although it’s possible to find something that’s clearly wrong (for example, anonymous access to salaries.xlsx is probably not right), it’s generally going to be hard to tell whether what you’re looking at is legitimate. How should you know if a file from an unfamiliar project still needs to be shared? You’ll have to ask the file owner!
How can we help?
This initiative will give you a clear view of files that are shared externally in your organisation - when they were shared, who they were shared by, and when they were last accessed - to give you assurance there aren't any problems, or give you the information needed to take action.
Using our ChatOps integration, we can automate any investigation you might want to do by contacting file owners to ask them to review the sharing status of files you're unsure of.
If you want to tighten sharing permissions, we can walk you through what best practice looks like.
Finally, you will be able to setup alerting or automation for events of interest. For example, if an externally shared file isn't accessed for a month, you can receive an alert or our ChatOps can automatically contact the file owner giving you assurance the problem is handled going forward.