Reducing risk associated with incidents that are of high risk or concern is a key benefit you are able to achieve with Reco as you are able to restrict access from people who are not justified to have access to a file. Remediating the file and ensuring only the authorized users can look at it has many benefits including:
It allows the removal of global access to the file and ensures no unauthorized access is performed
It allows the removal of internal access from individuals who are not justified to access it by the nature of their role
It minimizes damages that were caused by unjustified users viewing and downloading the file
It allows the security team to resolve the incident and mitigate risk on assets
In this article we will look into ways to mitigate risk on Microsoft 365 files directly from the admin console in 4 different scenarios:
Removing the public access link to a file
Select the file or folder you want to stop sharing.
Under sharing click on the shared icon
On the Details pane, under the Manage Access header, you'll see the the Links giving access section, and/or the Email icon.
To delete the global sharing link, click the ... next to the link, then click the X next to the link to remove it. (You'll get a prompt asking you if you're sure you want to delete the link - if so, click Delete link.)
Now the file does not have public access by individuals outside of your organization
Note: It might still be open to specific unjustified people internally, or to everyone in your organization despite you removing the link. For instructions on how to remove access in these situations, please refer to the instructions and videos below
Removing the internal access link to the file
Select the file or folder you want to stop sharing.
Under sharing click on the shared icon
On the Details pane, under the Manage Access header, you'll see the Links giving access section, and/or the Email icon.
To delete the internal link, which is called ‘People in company name’, click the ... next to the link, then click the X next to the link to remove it. (You'll get a prompt asking you if you're sure you want to delete the link - if so, click Delete link.)
Now the file does not have internal access by unauthorized individuals in your organization
Note: It might still be open to specific unjustified people internally, or to publicly despite you removing the link. For instructions on how to remove access in these situations, please refer to the instructions and videos in the other sections of this article
Removing a specific individual user to the file
Select the file or folder you want to stop sharing.
Under sharing click on the shared icon
Now you have two options to remove direct access of individuals
If your administrator opened a link to specific people, you can remove the unjustified user from the link.
You can see the authorized users on the ‘people you specify can edit/view’ and click the X next to their name to remove them from accessing the link
If the user was granted permission as a Direct access, please do the following:
On the Details pane, under the Manage Access header, you'll see the Direct access section
You can see the users with direct access underneath the header. click the X next to their name to remove them from accessing the file directly
Note: It might still be open publicly or to everyone internally despite you removing the link. For instructions on how to remove access in these situations, please refer to the instructions and videos in the other sections of this article
Removing any access to the file, except from the owner
Select the file or folder you want to stop sharing.
Under sharing click on the shared icon
Click on stop sharing to remove any possible sharing to the file