Can I restrict a SharePoint admin from accessing a secure team? #M365AMA
In this episode, the #M365AMA panel discusses the following community question:
“What is the best way to keep security and not allow someone who is a SharePoint admin to add themselves to a “secure” team. I had a few ideas but I wasn’t sure if they were good ideas. Create a separate SharePoint site collection and have that team assigned to the site collection. Find a policy that forces a non site owner to have no read or write permissions to change access. Create a notification rule if a user is added or removed that it notifies the site owner. If anyone has any other ideas please let me know.”
Check out the discussion here:
Participating in this discussion were:
- Christian Buckley @buckleyplanetÂ
- Mike Nelson @mikenelsonIO
- Sean McDonough @spmcdonough
Some relevant notes/links shared by the team:
- Can I block a SharePoint system administrator from seeing the libraries that I choose? [https://answers.microsoft.com/en-us/msoffice/forum/all/can-i-block-sharepoint-system-administrator-from/c6d89edd-1a8c-4839-8e8e-62b1a33fed63]
- Managing SharePoint Online Security: A Team Effort [https://learn.microsoft.com/en-us/microsoft-365/community/sharepoint-security-a-team-effort]
- About the SharePoint Administrator role in Microsoft 365 [https://learn.microsoft.com/en-us/sharepoint/sharepoint-admin-role]
- A side topic re: Microsoft Teams admin access: Can administrators access Teams files? [https://learn.microsoft.com/en-us/answers/questions/695583/can-administrators-access-teams-files.html]
1 Response
[…] I restrict a SharePoint admin from accessing a secure team? #M365AMA [buckleyPLANET | […]