
Microsoft (News - Alert) 365 has become the collaboration platform of choice for countless organizations. However, this expansive ecosystem, with its myriad shared files, folders, Teams, and SharePoint sites, introduces security and governance complexities. Managing permissions at scale, particularly with thousands of external sharing links and instances of "broken inheritance," has become a challenge for IT teams, often leading to unseen vulnerabilities and critical compliance gaps.
The challenge stems from the very nature of modern collaboration. While sharing is essential for productivity, it can quickly lead to "permissions sprawl." Employees frequently create sharing links – whether anonymous, organization-wide, or for specific external guests – which can become outdated, fall into the wrong hands, or inadvertently expose sensitive data. The sheer volume of these links makes manual auditing a time-consuming and often impossible task with native Microsoft 365 tools, which offer limited global visibility and reporting and are often constrained by short data retention periods.
Compounding this complexity is the pervasive issue of "broken inheritance." In a typical Microsoft 365 site or group, permissions are designed to cascade down from a parent level to child elements, like folders and files. However, when custom permissions are applied at a lower level, this inheritance is broken, creating isolated, often unmanaged access points. These deviations from standard security policies can easily lead to unauthorized access, compliance violations, and a lack of centralized oversight, making it nearly impossible for IT to determine who has access to what, where, and why.
Orchestry is directly addressing these pain points with the release of two new fratures: Sharing links reporting and remediation, and broken inheritance reporting and remediation. These new tools move organizations from reactive firefighting to proactive risk mitigation.
The sharing links reporting and remediation feature provides new capabilities to efficiently identify, assess, and act upon outdated or risky sharing links. IT teams gain comprehensive visibility across Teams and SharePoint, with advanced filtering for targeted audits. It also offers bulk deletion capabilities to remove thousands of outdated links quickly and easily, saving countless hours of manual effort. Detailed insights into link behaviors, such as the creator and last accessed date, provide additional information for proactively securing data and minimizing exposure.
"The sharing links reporting and remediation feature helps customers scan an average of 40,000 links per 1,400 workspaces,” noted Michal Pisarek, Orchestry CEO. “That’s thousands of potentially risky or outdated links surfaced automatically – saving hours of manual audits and reducing compliance risks,"
Complementing this, Orchestry’s broken inheritance reporting and remediation solution offers an intuitive dashboard to detect and classify instances where custom permissions have overridden established settings. It precisely pinpoints the origin of these unmanaged access points and, with a single click, allows administrators to restore proper permissions. This functionality provides IT teams with the control they have long sought, but could not achieve with out-of-the-box Microsoft 365 tools.
Beyond these core permissions management innovations, Orchestry's latest release introduces additional features to bolster Microsoft 365 governance and efficiency. These include expanded sensitivity label visibility in Workspace Review, periodic Workspace Privacy validation, and enhanced Search & Copilot Visibility for sensitive workspaces.
Orchestry says is has introduced the industry’s first Copilot Readiness Dashboard. As organizations increasingly prepare to integrate Microsoft Copilot technology, ensuring proper data governance and security becomes paramount. Copilot's ability to access vast amounts of organizational data amplifies any existing gaps in permissions and data hygiene. Orchestry's dashboard consolidates 13 critical governance signals, providing a unified assessment of an organization's preparedness, ensuring data security, privacy, and compliance are in place before AI interacts with sensitive information.
This proactive approach helps mitigate risks, like unauthorized sensitive data exposure or the generation of biased or inaccurate results due to unchecked data.
The release also includes Beacon 2.0, a streamlined, read-only management tool designed for partners and administrators to achieve comprehensive tenant-wide reporting efficiently.
By automating permissions management, illuminating hidden risks, and providing crucial insights for AI readiness, Orchestry's new tools ease the burden of Microsoft 365 security and governance, helping organizations transition from reactive responses to proactive risk mitigation and a truly secure, compliant, and efficient digital environment.
Edited by
Erik Linask