The External sharing review policy lets you define how often external sharing links and guest access are reviewed by team and group owners. You can set a default review cycle and custom reviews based on team and group sensitivity levels.
ShareGate will automatically send a Teams chatbot or email notification to owners when it's time for them to review external sharing links or guests present in their teams and groups. From these notifications, owners can decide to remove any external sharing links that are no longer needed and guests who no longer require access.
Index
Prerequisites
- The External sharing review policy is automated, as in step (4) below.
- Teams and groups with external sharing links and/or guests are present in your environment.
- The Microsoft external sharing policy for your teams and groups is set to Site content can be shared with: Anyone.
How-to
When you turn on your External sharing review policy, all teams and groups in your environment are included in the review. You can apply custom external sharing review cycles to specific teams and groups using sensitivity tags.
Create a default External sharing review policy
The default policy is used for all teams and groups that do not have a sensitivity tag.
To create your default policy:
- Select Settings from the sidebar.
- Select Policies.
- Scroll to the Security section.
- Toggle on Automate external sharing reviews.
- Click in the X days field. Use the up and down arrows or enter the number of days. This number must be at least 16 days, but not over 999 days.
- In the Starting on field, set the date (date format is DD/MM/YYYY) that you want the external sharing review to start.
- Click anywhere outside the field to save your choice.
- Use the radio buttons to set Microsoft Teams chatbot or Email as your preferred Communications method.
Tip: When you select email, you will have the option to Set Email sender and Customize email sent to owners. For more information, see External sharing review notifications.
Create an external sharing review for sensitivity tags
Using sensitivity tags, you can set a custom start date and review recurrence based on the security needs of a team or group.
For example, a team or group categorized with a Confidential sensitivity tag may share highly sensitive information and should be reviewed more often than your default policy allows.
To set a custom policy for sensitivity tags that allow external sharing and guest access:
- Select Settings from the sidebar.
- Select Categorization.
- Scroll to Sensitivity tags.
- Set the Start date of external sharing review and Recurrence of review.
The default External sharing review policy applies to all teams and groups that do not have a sensitivity tag. For information on how to apply tags, see Apply sensitivity tags.