If your organization relies on any cloud solutions, then you must be aware that cloud doesn’t reduce your attack surface, but rather expands it. Therefore, you need to closely monitor all your settings and changes to those settings, as well as access events and other user activity, as you would with any on-premises system.
In particular, SharePoint Online provides valuable information sharing and collaboration capabilities, but if it is configured incorrectly, information shared within the platform can easily become available to the unauthorized parties. Therefore, you need to closely monitor for both outsider threats and bad actors from within. A single improper change to your site page permissions or unauthorized read access attempt can turn into a security breach if you don’t catch it in time. To stay on top of what’s happening in your SharePoint Online you need reports enriched with valuable insights that enable you to spot, track and neutralize data security threats before they cause any damage.
Using native SharePoint Online reporting features
The Microsoft Office 365 Admin Center offers IT administrators some built-in reporting and alerting features for SharePoint Online analytics and threat prevention. However, these SharePoint site settings and usage reports are limited summaries that provide only high-level information, and the web interface displays only a limited amount of data. In most cases, when you need to work with a log report, you’ll have to generate it, export it into Excel format and use PowerQuery to get the details you need.
Similarly, while you can get simple audit log alerts for any type of event, the notifications do not contain sufficient information, so you will have to search the audit logs for specifics. There are advanced, threshold-based alert policies, but they are available for only a limited list of event types and only for customers with specific subscription plans. In addition, once an alert policy is created or updated, it can take up to 24 hours before all audit log alerts can be triggered by the policy.
Gain pervasive visibility into your SharePoint Online with detailed reporting from Netwrix
Looking for a way to harden the security of your critical SharePoint Online data and ensure that no unauthorized action slips by, while at the same time simplifying reporting? Kill two birds with one stone with Netwrix Auditor for SharePoint. A part of the comprehensive Netwrix Data Security platform, this solution empowers you with SharePoint Online reporting that you can rely on and delivers the transparency into activity you need for true peace of mind.
Out of the box, you’ll get security intelligence that enables you to:
Find and remove excessive or incorrect permissions
It's difficult to guarantee that your documents, document libraries and sites are safe, especially when you just have transferred your data from on-premises storage to SharePoint Online and OneDrive for Business. Netwrix Auditor State-in-Time reports show your mixed permissions hierarchy, enabling you to identify the data you need to protect and ensure that it isn't inadvertently exposed. You will be able to easily see the effective permissions for all objects in your site collections, as well as owners, permissions and broken permission inheritance for your sites, lists and documents — all in a couple of clicks.
Understand and mitigate the risks to your most critical data
It's important to know what sensitive information you keep, especially if your company is subject to any compliance requirements. The Netwrix Data Security platform discovers the sensitive and regulated data you keep in SharePoint Online and OneDrive for Business and determines whether this data is overexposed. Plus, you can easily see exactly who has access to important files, libraries or sites. Check this information often to ensure that your sensitive information is not compromised.
Closely monitor activity around your most valuable data
The Netwrix Data Security platform not only captures activity with files containing sensitive content in your SharePoint Online and OneDrive for Business, but provides the full context, so you can promptly spot and investigate user actions that threaten that data.
Get a bird’s-eye view that enables you to spot threats
To keep your SharePoint data secure, it is critical to spot even minor indications of a breach, such as a surge in data usage or access attempts. With Netwrix Auditor’s data access dashboard and usage reports, you can rapidly detect even subtle signs of danger and examine them before they do significant harm.
Speed investigations with effective search
Getting to the bottom of an anomalous event and finding the perpetrator is very difficult when you have to painstakingly sift through Microsoft 365 audit logs. Netwrix Auditor provides an intuitive search that enables you to easily apply filters and include and exclude specific search criteria, so you can quickly determine exactly what happened. Plus, you can save any search query as a custom report and even have it sent automatically to the appropriate individuals or teams on the schedule you choose.
Respond to security incidents faster with advanced alerting
Along with its comprehensive SharePoint auditing and reporting, Netwrix Auditor provides out-of-the-box and custom alerting options, so you know about critical changes in time to respond effectively.
Achieve and prove regulatory compliance
Auditors expect you to show that you have required security controls in place. That's simple with Netwrix Auditor’s out-of-the-box reports for PCI DSS, HIPAA, GDPR, SOX, GLBA and other regulatory requirements, which help you pass audits with far less effort and cost. On top of this, Netwrix Auditor stores audit data in a reliable two-tiered storage for more than 10 years, so you can easily meet data retention requirements.