The External sharing review policy lets you define how often external sharing links and guest access are reviewed by team and group owners.
ShareGate will automatically send a Teams chatbot notification or email to owners when it's time for them to review external sharing links and guests present in their teams and groups. From the notification, owners can decide to remove any external sharing links that are no longer needed and guests who no longer require access.
Index
Prerequisites
- The External sharing review policy is automated, as in step (4) below.
- Teams or groups with external sharing links and/or guests are present in your environment.
- The Microsoft external sharing policy for your teams and groups is set to Site content can be shared with: Anyone.
- The Microsoft guest access setting, Let group owners add people outside of your organization to Microsoft 365 Groups as guests, is not selected.
Note: Depending on your Microsoft settings, a review may include external sharing links and/or guest access. For more information, see Microsoft doesn't allow sharing links or guests.
How to
When you turn on your External sharing review policy, all teams and groups in your environment are included in the review. You can use sensitivity tags to apply custom external sharing review cycles to specific teams and groups.
Set up the External sharing review policy
The policy is used for all teams and groups that do not have a sensitivity tag.
To set up your policy:
- Open Protect.
- Select Policies from the sidebar.
- Expand the External sharing review section.
- Toggle on Automate external sharing reviews.
- Click in the X days field. Use the up and down arrows, or enter an external sharing review recurrence (in days).
- This number must be at least 16 days but no more than 999 days.
- The default review recurrence is 30 days.
- In the Starting on field, set the date (date format is DD/MM/YYYY) that you want the external sharing review to start.
- Click anywhere outside the field to save your choice.
- Use the radio buttons to set Microsoft Teams chatbot or Email as your preferred Communications method.
Tip: When you select email, you can change the email sender and Customize email sent to owners. For more details on communicating with owners, see External sharing review notifications.
Note: Owners can also review external shares from ShareGate's end-user app at any time.
Create an external sharing review for sensitivity tags
Using sensitivity tags, you can set a custom start date and review recurrence based on the security needs of a team or group. Owners of teams and groups with a sensitivity tag applied will receive a notification to complete an external sharing review based on the schedule you set.
For example, a team or group with a Confidential sensitivity tag applied may share highly sensitive information and its content should be reviewed more.
To create an external sharing review for sensitivity tags, see the how-to Create and edit sensitivity tags.