#Choosing the right eDiscovery Vendor | Explore Tumblr posts and blogs

marketresearchshope-blog · 6 years ago

Text

eDiscovery Market Set For Rapid Growth and Trend by 2025

Global eDiscovery Market to 2025 based on segments, growth rate, revenue, leading players, regions and forecast. The eDiscovery market is escalating at a rapid pace with the invention of the new dynamism that is progressing rapidly.

Objective:

The global eDiscovery market report is comprehensive research which delivers critical predictions. Our research analysts curated the Table of Contents as per the latest trends and requirements, and the report provides the precise calculation of the eDiscovery market regarding the advanced development which depends on the historical data and current condition of industry status. It renders the required secondary data that represents the eDiscovery tables, figures, pie charts, diagrams, etc.

Grab Free Sample Report at: http://www.marketresearchglobe.com/request-sample/908266

Global eDiscovery Market Segment by Manufacturers comprises:Symantec Corporation, IBM, Xerox Legal Business Services, Exterro, EMC, Epiq Systems, HPE, Kcura Corporation, Accessdata, FTI Technology, Deloitte, Advanced Discovery, DTI, Consilio, Kroll Ontrack, Zylab, Guidance Software, Integreon, KPMG, FRONTEO, Recommind, Veritas, Navigant, PwC, Ricoh, UnitedLex, LDiscovery, Lighthouse eDiscovery, Thomson Reuters, iCONECT Development

eDiscovery Market With Product Types:

ECA

Processing

Review

Forensic Data Collection

Legal Hold Management

Other

From Applications, the eDiscovery Market could be Put up:

Attorneys and Legal Supervisors

Government and Regulatory Agencies

Legal and IT Departments of Enterprises

eDiscovery Market Segment by Regions comprises:

North America, Europe, Asia-Pacific, South America and The Middle East and Africa.

Points Presented in the eDiscovery Report:

eDiscovery Research offers businesses a list that's currently choosing the most expansion.

Shows threatening contracts and eDiscovery impending relation between material providers and vendors and vendors.

Facets of eDiscovery industry and success are functioned in this study.

Skilled eDiscovery SWOT (Strengths, Weaknesses, Opportunities, and Risks) and also PESTEL (Political, Economic, Social, Technological, Environmental and Legal) research is supreme.

Import/send-out detail, eDiscovery type analysis, prediction planning and approaches profit, and also technological progress of manufacturers are mentioned in this research.

Get it in Discounted Price at: http://www.marketresearchglobe.com/check-discount/908266

Additionally, the eDiscovery factors highlighted in the report are revenue, sales, manufacturing cost and production, which states the competitive aspect in the lucrative idea of the market share. The eDiscovery economic background and financial troubles across the globe are discussed in the report along with the CAGR value during the forecast period up to 2025.

Precisely What eDiscovery Market Report Offers:

eDiscovery market offers evaluations for your county level evaluation together using manufacture, ingestion, earnings;

Industry supplies eDiscovery businesses with gross profit margin, merchandise classification, revenue earnings, cost, and advice;

Market predictions of five decades of the eDiscovery segments;

In the eDiscovery pipeline for the applicants;

Business series eDiscovery investigation, procedures, manufacture and cost inquiry, style of transportation and price evaluation;

eDiscovery supply chain series tendencies planning the brand new progressions;

International eDiscovery market stocks drivers, limitations, prospects, dangers, challenges and investment prospects;

Company summarizing with eDiscovery methodical plans, financials, and also current advancements;

Ask our Expert Enquire Here: http://www.marketresearchglobe.com/send-an-enquiry/908266

About Us: Market Research Globe is a competent consulting company in the field of Global Market Research. We provide our clients a wide range of customized Marketing and Business Research Solutions to choose from, with the help of our ingenious database developed by experts. We help our clients understand the strengths of diverse markets and how to exploit opportunities. Covering a diverse range of business scopes from Digital products to Food industry, we are your one- stop solution right from data collection to investment advices.

#eDiscovery Market #eDiscovery Market Growth #technology

0 notes

enterinit · 6 years ago

Text

Microsoft Teams features round up Enterprise Connect Edition

Microsoft Teams features round up Enterprise Connect Edition. CHAT Secure Private Channels – coming later this year – allow you to limit which team members can see the associated conversation and content within that channel. You can right-size channel participation and exposure without having to create discrete teams to limit visibility. This is one of our top requested features and we’re excited to be actively testing this internally and with select customers. Information barriers – coming soon – avoid conflicts of interest within your organization by limiting which individuals can communicate and collaborate with each other in Microsoft Teams. This helps limits the disclosure of information by controlling communication between the holders of information and colleagues representing different interests, for example, in Firstline worker scenarios. This is particularly helpful for organizations that need to adhere to ethical walls requirements and other related industry standards and regulations. Teams also comes with other built in compliance capabilities, such as retention, eDiscovery and supervision, built in. MEETINGS The new Calendar App is rolling out in April 2019. The existing 'Meetings' app in Teams will be replaced by the Calendar app that retains all existing app functionality while introducing a range of new features. Three new types of calendar views will be available: Day, Work week and Week view (default). Users will have the ability to go back or forward in time to see any past or future meeting. Users will be able to perform key actions including Join, RSVP, Edit, and Cancel from the right click menu. Meetings on the calendar will light up to indicate when someone joins it online. User's current exchange setting for working hours and working days of the week will be respected. Lastly, users can schedule events without adding any attendees in the scheduling form. Non-Teams meetings can also be edited and updated from Teams directly. Live Captions – coming soon as a public preview for English – make your Teams meetings more inclusive for attendees who are deaf or hard of hearing, have different levels of language proficiency, or are connecting from a loud location. Improve meeting effectiveness by allowing attendees to read speaker captions in real-time so they can more easily stay in sync and contribute to the discussion. Customized backgrounds – coming soon – takes our intelligent background blur technology one step further, allowing participants to select a more professional background when working remotely, to appear behind them during a meeting or video call. This improves the effectiveness of remote meetings by encouraging the use of video while minimizing distractions. Content Cameras and Intelligent Capture – coming soon - will soon support an additional camera for content capture, such as capturing information on analog whiteboards. Using any USB camera, Microsoft Teams Rooms leverages our new Intelligent Capture processing to capture, focus, resize, and enhance whiteboard images and text, so remote attendees can clearly see whiteboard brainstorming in real time, even when someone is standing in front of the whiteboard. Microsoft Whiteboard in Teams meetings (commercial preview) empowers meeting attendees from the same tenant to participate in the conversation regardless of the device you use or where you are. Whether joining from the meeting room or remotely, you can start a new board in the Teams meeting (currently supported on desktop and web – coming soon to mobile). The board is automatically shared with meeting attendees. Users can ink together in real-time on the board and even launch the native Whiteboard app to enable an even richer collaboration experience with features such as sticky notes, images, and gridlines. Ink Grab, enables you add analog content from a physical whiteboard onto the Whiteboard canvas without having to recreate it from scratch. If you start an ad-hoc brainstorm session on the physical whiteboard, you can easily continue via the digital whiteboard and include remote collaborators in the conversation. Simply take a picture of the content and use Ink Grab to transform them into digital ink. Enhancements to the Chrome browser meeting experience (coming soon) are getting richer for Windows and Mac users. A year ago, we introduced frictionless meeting join in Chrome with no client needed. Coming soon, we will enhance that zero-footprint experience by adding 3 new capabilities: the ability to see participants video, application sharing, and full desktop sharing. This enables any meeting attendees to have face to face conversations and share content easily, with zero downloads needed. Live Events in Microsoft 365 (now available) enables anyone to create live and on-demand events that deliver compelling communications to employees, customers and partners. Events use video and interactive discussion across Teams, Stream, or Yammer and can be as simple, or as sophisticated as needed, using webcams and screen sharing for informal presentations, or stream a studio-quality production for more formal events. Up to 10,000 attendees can participate in real-time from anywhere, on any device, or catch up later with powerful AI features that unlock the content of the event recording. Meetings First (in preview) is a great addition for our Enterprise Voice customers who use Skype for Business Servers. It allows customers to protect their voice investments by continuing to use their servers for Calling and Chat while harnessing Microsoft Teams for cloud-based meetings. Your users will enjoy best in class, modern meetings while your company experiences improved performance using the Microsoft global cloud infrastructure. New Meeting Devices are being created by our partners increasing choice for our shared customers. Microsoft welcomes the Yealink MVC500 and MVC800 to the expanding group of devices for meeting rooms. The announced Logitech Tap offers a low-profile sleek design and can be desk-based or wall-mounted. The new Polycom Studio allows for plug and play video and audio experiences which will complement the meeting room. And bring your teams together with the Yealink VC200 video conferencing device which is designed to support huddle spaces. Phones will see new devices as well including the Polycom CXX 500 and Yealink T55A which enable calling experiences for personal spaces and common areas. Additionally, the new video phones Crestron Flex P250 and Yealink VP59 allow users to experience rich video and audio on a single desk phone. Peripherals are experiencing new innovations starting with speakerphones from Jabra Speak 710-Teams, Sennheiser SP30-Teams and Yealink CP900 all of which have dedicated Teams buttons. This integration allows you to take quick actions from your device when connected to your PC or mobile phone. Learn more about all these great products from our partners, AudioCodes, Crestron, HP, Jabra, Lenovo, Logitech, Plantronics/Polycom, Sennheiser and Yealink at Microsoft Teams Marketplace which now includes improved experiences for shopping by device and space CALLING Direct Routing (available now) provides customers the ability to connect their voice trunks via certified Session Border Controllers (SBC) to Office 365. And we continue to enhance DR with key features. Media Bypass (available now) is being supported by many of our Session Border Controllers partners – this improves AV quality by enabling direct connections between callers in many scenarios. We also have added new certified SBC vendors – Oracle and TE-Systems. We see the number of connections from certified Virtualized SBCs (available now from partners) growing in our data as well as feedback from partners that many customers are choosing to virtualize their SBCs on Azure. A “no hardware” approach can be your path to a cloud voice solution saving time and money for your deployment and operations. Be sure to check with your preferred partner if virtualization fits in with your plans to deploy Calling in Teams. Dynamic e911, Location Based Routing, Music on Hold, and Busy on Busy are coming soon. These are additional features which voice administrators routinely request. We appreciate the feedback as it helps keep our teams prioritized for your needs. We invite you to keep an eye on our public roadmap – as we add them based on their timing. Cloud Voicemail (CVM) has been supporting our cloud users for more than two years. We are now adding support for our Skype for Business Server customers as well as those using Lync Server 2013. Cloud processing of your voicemail will give users access to latest in technology with cloud reliability. OFFICE 365 App Setup Policies are rolling out this month and provide new and more flexible ways for IT admins to manage how users can discover, use, and develop the 250+ integrations we have available in Microsoft Teams, as well as the integrations you build for your organization. App Setup Policies can customize Microsoft Teams to highlight the apps that are most important for your users. Choose the apps to pin and set the order that they appear in your left-hand rail. App setup policies let you showcase apps that users in your organization need, whether they were built by Microsoft, our partners, or your developers. These policies also manage how built-in features appear for your users. You can now manage access to apps for individual users through App permission policy. This policy lets you control who in your organization can interact with specific Microsoft and externally built apps. You can also limit access to apps built by your organization, letting you phase the app rollout. You can define org-wide settings to block certain apps outright for your tenant. eDiscovery for Teams calling and meetings is now generally available for Office 365 and Microsoft 365 plans that include core eDiscovery capabilities. Achieve requirements for data discovery as part of an investigation or litigation for Teams content with the same in-place search, conditions and export experience as you use for the rest of Office 365 content. Legal hold for Teams content of on-premise Exchange users is now generally available for all organizations with Office 365 or Microsoft 365 E3 plans. Because Teams stores content for Exchange on-premise users in the cloud, the same process to manage and discover against Teams channels and chats can be used. Give your legal department a sigh of relief as they embrace the modern workplace. Not only do you have all the benefits of the chat-based workspace, but you have them in a compliant way. Custodian management for Teams memberships is now in preview as part of the new Advanced eDiscovery update. Organizations with Office 365 E5, Advanced Compliance or Microsoft 365 E5 Compliance can use the new capabilities to manage custodians as part of an investigation or litigation. Quickly identify and place a legal hold on shared locations such as Teams - based on memberships of the individual related to the case. Retention for Teams channels and chats is now available as part of the core Data Governance capabilities in Office 365 or Microsoft 365 E3. Use this capability to place a retention and/or deletion policy on Teams channels and chat messages to ensure requirements for retention are met, and to limit risk and exposure of keeping data for too long. Select the Teams and individuals for message retention within the compliance center for broad organization, groups, and/or specific users. Supervision for Teams channels and chats is now generally available to help organizations meeting internal communications monitoring requirements to meet regulatory compliance or internal policies. Establish policies with intelligent conditions and identify Teams or users and the related channels and / or chat messages to be included in the supervision policy. Supervisors can then review content with the new built-in review experience to tag, escalate, and/or bulk resolve. Virtual Desktop Infrastructure (VDI) is coming In April to allow organizations to use Microsoft Teams in virtual desktop environments. This will give customers and partners the ability to collaborate effectively with private chats, open channel conversations, and file sharing. Teams can be installed in each individual virtual machine in persistent and dedicated VDI environments. This solution will work in the major VDI environments for chat and collaboration. We are also currently collaborating with Citrix to enable calling and meetings features in Teams. Data loss prevention (DLP) has been available for Exchange Online, SharePoint Online and OneDrive for Business for a while, and now we’re extending DLP to Microsoft Teams – to enable the blocking of sensitive information contained in chat messages and channel conversations. This is based on the same policy engine used and proven in our other DLP services. For organizations that are using Microsoft Teams to accelerate their workforce collaboration and productivity, this provides a new way to ensure proper control and governance of important data – both for the purpose of achieving internal security objectives as well as meeting external compliance and privacy requirements. The experience is simple for end-users and balances the need to enforce data protection policies while not inhibiting end-user productivity. When someone sends a message, either within a chat or a channel, the content of the message is inspected for sensitive information – as defined by your organization. If sensitive information is identified, then the message is revoked and no longer accessible by the recipient(s). Similar to how DLP operates in other Office 365 services, policy tips gives the sender additional information on the reason for the message being blocked, such as the presence of credit card information or social security numbers. IT admins have the flexibility to configure policy to allow end-users to override the blocked message or report the issue as a false positive, which can help the company fine-tune their DLP settings. Policy settings are configured in the Security & Compliance Center as DLP settings for Exchange Online, SharePoint Online and OneDrive for Business. APPS AND INTEGRATIONS Core to the value of Microsoft Teams is the ability to integrate and extend the capabilities of all your solutions – whether or not Microsoft built them - into one single hub. Read on to learn about the latest integrations becoming available during the Enterprise Connect timeframe. Control for Microsoft Teams by Smarsh extends the Microsoft DLP solution by enabling customers to enforce internal policies which improves compliance in their risk and security efforts. DLP policies can be implemented to monitor for violations across a variety of content types including conversations (chat, channels, emojis, GIFs, links, and bots), files, wiki and OneNote. Assets found to be in violation can be challenged, redacted, or deleted. MVISION for Microsoft Teams by McAfee provides a full set of security, governance and compliance capabilities that extends the Microsoft DLP solution for Teams. The platform covers access control, policy enforcement, collaboration control, activity monitoring, threat prevention, audit trails for investigations, and helps secure multiple access modes including browsers and native apps. InformaCast Fusion from Singlewire Software enables Microsoft Teams users to send mass urgent or emergency notifications. Users can initiate an alert using their Teams bot. The bot responds with an adaptive card where users provide details about the situation taking place. Once confirmed, the bot sends alerts through Teams, mobile devices, digital signage and other connected devices. Following distribution, safety team members will receive a prompt to join a Microsoft Teams channel where they can collaborate and follow up on the situation. Read the full article

#MicrosoftTeams #Office365

0 notes

duaneodavila · 6 years ago

Text

Legal Tech Disruption And Stagnancy At Legalweek 2019

Another Legalweek has come and gone. It was a whirlwind of meetings and conversations about the future of legal tech, and before I knew it, it was over and I was back on a plane and headed home.

What struck me about this year’s show was how much has changed, and yet how much has stayed the same. Technology has bulldozed through the legal industry, just as it has in other industries and our culture in general, and left a trail of wreckage behind it.

For example, over the past few years, traditional legal publishing has been impacted tremendously, and many of the traditional publishing companies, both newspaper and treatise-focused, are struggling to find a foothold in the new world order. Some have declared bankruptcy, others have restructured, and still others have significantly reduced spending and and overhead by closing offices and cutting their budgets.

Bar associations are likewise struggling to stay afloat and few have found a way to provide value in what is now primarily a digital world. Membership is down at national and local levels and bar executives are testing out many different tactics to increase membership and interest, but are having a hard time finding success.

Similarly, mainstay legal conferences, like Legalweek, are also facing challenges. In recent years, attendee numbers for many conferences have declined, as have the number of sponsors and vendors. Lawyers now have more cost effective ways to obtain information and CLE credits online and many are taking advantage of those opportunities and choosing not to attend conferences. This, in turn, causes companies to question the value of exhibiting at the conferences, since doing so tends to be a costly endeavor.

But even as technology has undeniably restructured and torn apart the industries that support the legal profession, many members of the profession have chosen to remain blissfully unaware of its impact on their practices. That’s why, by all accounts and despite the urgings of legal tech futurists, some aspects of legal tech adoption have occurred at a slower pace than anticipated. At the same time, legal tech companies are sprouting up left and right, at rates never before seen, ever intent on meeting the perceived needs of a profession that is ambivalent, at best, to some of their offerings.

And then, in the midst of all this tumultuous change — and collective stubborn resistance to the same — came Legalweek 2019. Despite the hustle and bustle of the show, the dark cloud of change was ominously evident. It was hard to gauge attendee numbers, but the Expo Hall seemed smaller than it had in previous years, with some mainstay exhibitors appearing off the beaten path in much smaller booths than in years past.

That being said, you couldn’t walk two feet without tripping over an eDiscovery vendor, and it’s safe to say that tech adoption in that space is thriving. And if talking about legal tech with people who have a passion for it is your thing, then Legalweek is the place to do it. It’s definitely one of my favorite things to do, and as in prior years, I was lucky enough to meet up with lots interesting people and had many engaging discussions about the future of legal practice and how technology will impact the legal industry.

First I met with Josh Becker, Head of Legal Analytics and Chairman at Lex Machina. I learned that since its acquisition by LexisNexis, Lex Machina has not rested on its laurels and continues to add new practice areas to its litigation analytics platform. We spent a lot of time talking about the importance of the quality of data provided by Lex Machina, since that impacted the quality of the analytics derived from the data. Or, as Josh repeatedly opined, “it’s better to have no analytics than bad analytics.”

I also spoke with Eric Pfiefer, VP of Product Management at LexisNexis. He provided an overview of the progress being made following the recent acquisitions Lex Machina, Ravel Law, and Intelligize and shared his vision for the continuing development of those artificial intelligence tools. As always, I was impressed with the direction LexisNexis is taking these products, the way that they’re approaching the incorporation of these platforms into their own, and the speed at which they’re moving, especially given LexisNexis’s size.

Next I spoke with Mike Jones, Chief Sales Officer of ThoughtRiver, a company that provides AI-powered contract review that allows lawyers to pre-screen and triage the due diligence and risk analysis review process. He shared that one of the more interesting sessions he’d attended at the conference involved a discussion of “the current and future value around assigning a contract risk score for contracts and what you could do with that data and how it could drive your decision making.” You can watch the full interview here.

My next meeting was with Erin Hichman, Senior Analyst at ALM Media. We spent a lot of time talking about one of the trending topics at Legalweek this year: companies insourcing and building out their own legal teams rather than using outside counsel. According to Erin, “the legal service provider landscape is really going to change. We see the Big Four moving in, ASPs are making a lot of moves, and lots of tech investment. The landscape is going to change drastically in the next few years.” You can watch the full interview here.

I also caught up with Allen Alishahi and Chao Cheng-Shorland from ShelterZoom, a multi-party real estate blockchain platform that streamlines real estate rental and purchasing processes. Chao explained that although ShelterZoom began as a real estate platform, they are now expanding its application and envision it as “an industry-agnostic legal contract platform…which turns the…contracting concept into completely digital, and it’s secure and audit-able, and also transparent on Blockchain.” You can watch the full interview here.

Next I sat down with Jim Brock, founder of Trustbot.io, a tool that streamlines and automates a company’s NDA contractual process. He explained that Trustbot.io is designed to bring “the contract process into workflows like Slack, Microsoft Office, and Teams not just to get the contract done, but to predict when it needs to be done.” You can watch the full interview here.

And last, but not least, I talked to Mike Sanders, Senior Solutions Expert, and Marriott Murdock, Regional Director, and learned about the latest news from NetDocuments. We talked about the insourcing trend a bit and Mike offered up an example of a law firm that developed a software tool to solve an internal problem, which NetDocuments later acquired: “A law firm who happens to be a NetDocuments customer that does deal closings and creates deal binders, and it was taking them a lot of money and a lot of time. They digitized the entire process and integrated that into the NetDocuments platform.” You can watch the full interview here.

And that’s it folks. It’s a wrap! Legalweek 2019 has come and gone, but the good news is that there are many more legal tech conferences ahead of us in 2019. And if you missed Legalweek this year, never fear —there’s always next year! Hope to see you there!

Nicole Black is a Rochester, New York attorney and the Legal Technology Evangelist at MyCase, web-based law practice management software. She’s been blogging since 2005, has written a weekly column for the Daily Record since 2007, is the author of Cloud Computing for Lawyers, co-authors Social Media for Lawyers: the Next Frontier, and co-authors Criminal Law in New York. She’s easily distracted by the potential of bright and shiny tech gadgets, along with good food and wine. You can follow her on Twitter @nikiblack and she can be reached at [email protected].

Legal Tech Disruption And Stagnancy At Legalweek 2019 republished via Above the Law

0 notes

terabitweb · 6 years ago

Text

Original Post from Insider Threat Security Author: Chris Nieves

The policy of ‘Data protection by design and by default’ in article 25 of the GDPR is driving vendors like Microsoft to align data security with innovation to not only develop better products but also more secure products. Along these lines organizations should adopt the policy of Privacy by Design, that is, organizational processes that are designed with protecting privacy in mind.

Just as external sharing is a critical and unavoidable piece of business success, so too is achieving compliance within a regulatory framework. Last year U.S Fortune 500 and U.K FTSE 350 companies spent nearly 9 billion dollars in efforts to avoid the multi-million dollar fines associated with failing to be GDPR compliant. The purpose of this article is to show you the settings Microsoft provides to control external sharing and how they can benefit your organization.

External Sharing: Organization-Wide Settings (O365 Admin Center)

Starting at the top, these tenant or organizational level settings will determine what options are available to your users throughout your environment in both SharePoint Online and OneDrive for business. In order to control how your data is shared externally, the organization needs to allow it to happen in a place where the organization has control. This is why you should deeply consider allowing external sharing at the tenant level.

To expose the tenant level external sharing settings for your organization in the O365 admin center navigate to:

Settings –> Services & add-ins –> Sites

Whichever option you choose, the more restrictive settings are still available on Site Collections and OneDrives.

The second option is recommended because it doesn’t restrict users from the ability to share with new users while the last option is unlikely to be used in most organizations and comes with some risks and less control after a file or folder is shared.

What Policy Makes Sense for Your Organization?

Choose this option: If you want to: Only existing external users (sign-in required) Allow sharing to external users who already exist in your directory because they were either already shared to or manually imported. New and existing external users (sign-in required) Require external users to sign in with a Microsoft account before accessing content. Allow only site owners or others with full control permission to share sites or documents with external users. Anyone, including anonymous users (Optionally, you can set links to expire in a specific number of days, and how recipients can use the links) Allow use of anonymous links which do not require sign-in or an authenticated user to access.

External Sharing: Top Level Site Collection & OneDrive for Business Settings

After you’ve set the tenant-wide sharing settings for SPO and OneDrive, you can further configure the top-level external sharing settings for SPO and ODfB in their respective admin centers.

These settings affect what options are available to your users when sharing links in OneDrive or in SharePoint respectively.

Choose this option: If you want to: Anyone New and existing external users (Recommended) Require external users to sign in with a Microsoft account before accessing content. Allow only site owners or others with full control permission can share sites or documents with external users. Best for site collections which have external collaborators, especially if you’re in the process of migrating to a newer version of SharePoint. Existing external users Allow sharing to external users who already exist in your directory because they were either already shared to or manually imported. Only people in your organization Not allow any external sharing.

An important difference between allowing anyone and allowing new/existing users is that the latter requires a sign-in. This requirement gives users more control over how their file is accessed and who it is accessed by. But potentially the most important control you gain, is what happens to the file after it’s been shared. Since users have to sign-in to access the link, we can further control how the file is interacted with and choose what kind of rights they have to it and even block them from downloading it.

In the OneDrive admin center, you can further restrict external sharing settings for ODfB, however, you cannot configure settings to be less restrictive than those set in SharePoint. In this section I will touch upon what you get by allowing ‘Anyone’ but focuses on available options if you were to allow external sharing to New and Existing users as this policy is best practice in most cases.

Since I decided to allow new and existing (authenticated) users, the options to the left are available when sharing a link to OneDrive.

An important difference between allowing anyone and allowing new/existing users is that the latter requires a sign-in. This requirement gives users more control on how their file is accessed and who it is accessed by.

But potentially the most important control you gain, is what happens to the file after it’s been shared. Since users have to sign-in to access the link, we can further control how the file is interacted with and choose what kind of rights they have to it and even block them from downloading it.

Consider setting more restrictive settings for OneDrive than SharePoint, I think of OneDrive as a place for personal documents whether that relate to storing company information or personally identifiable information.

SharePoint Admin Center

In the classic SPO admin center there are two categories for sharing settings. The first options are in the ‘site collections’ section and the second are in the ‘sharing’ section. I’ll cover the site collection sharing section first.

Classic SharePoint Admin Center

Sharing options can be configured for each SharePoint site in this section when a site is selected, the options on the top become available and the options to the right are displayed.

The default setting is ‘no external sharing allowed’ so a conscious decision must be made on which sites allow sharing, and what type of sharing is allowed.

This is where you can tighten control on sites which contain sensitive data or alternatively allow more permissive controls for sites that are more collaboration oriented.

Note that you can also choose who is allowed to invite new users to a site, in general I recommend leaving that privilege to site owners.

Modern SharePoint Admin Center

The modern SharePoint admin center is simplified and the settings have been changed to reflect the same options as previously described.

I suspect some of the other options you saw above (like setting the default link type for a site) will be merged to the modern admin center once it’s fully released. For now there’s no mention of those options in Microsoft’s documentation so we’re stuck with the classic experience for those settings for the time being.

Access control settings:

Unmanaged devices

Restrict access from devices that aren’t compliant or joined to a domain. Options range from allowing full access, web only (not desktop or mobile), and blocking access entirely.

Idle session sign-out

Automatically sign out users from inactive browser sessions.

Network Location

Limit access to only from specific IP addresses.

Apps that don’t use modern authentication

More security controls

In addition to all the above settings, there are a range of additional controls available:

All user activities related to SPO and ODfB, including who accessed, viewed, edited, deleted, or shared files are viewable in the audit logs. In the new admin center, a high-level view of activity for a site can be highlighted in the ‘Insights’ section as well if enabled on a site.

SPO and ODfB content are subject to Data Loss Prevention (DLP) policies which depending on the policy may prevent users from sending it externally. This is dependent on the DLP policies ability to identify the content correctly which may cause frustration for end users.

SPO and ODfB content may be subject to records retention policies set by preservation policies. These may impact on the ability to send documents externally.

SPO and ODfB content may be subject to an eDiscovery case.

Administrators can be notified when users perform specific activities in both SPO and ODfB.

Sharing (and access to the documents once shared) may be subject to security controls enforced through Microsoft Information Protection.

Summary

In conclusion, understanding and implementing the settings above will give an organization a strong control of what and how things can be shared both internally and externally. These additional controls are only available if you allow sharing through SharePoint Online and OneDrive for Business. If you choose to allow sharing, the settings described in this article will provide further control on how internal users can share information and what external users can do with it.

For a glimpse at some of your tenant’s settings, today check out some of the PowerShell scripts below, for the full picture of your environment check our STEALTHbits SharePoint Data Collector.

Handy PowerShell Scripts

Use this PowerShell script to return all your tenants external users (requires SharePoint Admin)

The output will look like this:

Use these PowerShell scripts for additional details on your current SharePoint Online and OneDrive tenant settings:

The post External Sharing Best Practices for SharePoint Online & O365 appeared first on Insider Threat Security Blog.

Go to Source Author: Chris Nieves External Sharing Best Practices for SharePoint Online & O365 Original Post from Insider Threat Security Author: Chris Nieves The policy of ‘Data protection by design and by default’ in article 25…

#Insider Threat Security

0 notes