Public SharePoint Sites Check [CHK-1520]
This check identifies SharePoint sites that are set to "Public", making them accessible to every employee in the organization.
Rationale
Public SharePoint sites can be a rich source of information for attackers who have compromised an account within your organization. They can find sensitive data such as usernames, passwords, data exports, and documentation, which can be used to execute ransomware attacks or data theft. Therefore, it's crucial to minimize the number of public sites.
Fix
An automated fix is available through Attic.
Manual steps:
- Review the public SharePoint sites identified by the check.
- Determine whether it is necessary for these sites to remain Public.
- If not, ask the owner of the site to make it Private.
- Alternatively, an administrator can make the adjustment through the SharePoint admin panel.
Impact
Reducing the number of public SharePoint sites minimizes the risk of sensitive data exposure and potential ransomware attacks or data theft.
More Information
For more details about (over)sharing in Microsoft 365, consider checking out the M365Permissions tool.