SharePoint permissions cleanup – How to avoid mess & optimize costs

SharePoint is undoubtedly a powerful platform. It offers a lot of user-managing options, such as adding, removing, and administering users. But that flexibility can also cause a lot of mess, and accordingly higher costs in both money and time. In this blog post, we’re gonna show you how you can keep your environment clean of excessive permissions and optimize your costs.  

Clean up your orphaned users

Orphaned users are users who have left your organization and no longer exist in your Active Directory (AD), but who still have access to your environment. This happens more often than it should, when admins forget to remove those users’ permissions in the admin center. It’s a highly risky situation for the security of your sensitive files.

But don’t worry. Syskit Point can help you out with its Orphaned Users report. You can instantly check all orphaned users in the tenant. Optimize your SharePoint license costs by removing their licenses or transferring their ownership to the superior manager. Download the report example and try it yourself.

Dear reader, this is the functionality of our former product, Syskit Security Manager. Check out our new cloud-based Microsoft 365 governance solution, Syskit Point, to monitor user activity, manage permissions, make reports, and govern your users and resources.

Delete users without permissions

Users without permissions are those that don’t belong to any SharePoint group, nor have any direct permissions assigned to them. These users shouldn’t be a part of your AD, as they probably already left your organization. Moreover, you are spending money on licenses you don’t need. So, your task as an admin is to find those permission-less users and delete them from your AD.

The thing is, you can’t really know at a glance who those users are. This is when Syskit Point comes in handy. It offers a report that lists all the users without permissions in your environment, so all you need to do is find the users from the list in your AD and delete them.

Manage groups without permissions

Without proper permissions governance, a number of mismanagements can occur. One of those is when an admin creates a SharePoint group but doesn’t assign any permission to it. That leaves a whole set of users who hoped to have access to certain objects through that group, but simply don’t. No matter the reason why this happened, you should either delete these groups, or assign permissions to them.

However, sometimes it is hard to track down all those groups. Syskit Point has a report that lists all the groups in the tenant or farm that don’t have the permissions. You can then easily manage those groups and avoid further misunderstandings.

Manage groups without users

Similarly to the situation above, it can come about that an admin creates a group but doesn’t add any members to it. You might think that’s not a big deal, but it can create a pretty big mess if it happens often. Groups without users are obviously groups that are not used at all, and not only do they create a clutter, but they may also take a name that another, active group should be given. Obviously, you need to decide whether to delete those groups, or add users to them.

In large environments, it can be a hard task to find all those inactive groups. Luckily, another Syskit Point’s report, Groups Without Users, lists all such groups in a farm or tenant. Once you have generated the report you can export it, analyze it, and manage them according to your needs.  Download the report example and check it yourself.

Syskit Point – your Office 365 security ally

Besides permissions cleanup, Syskit Point will help you organize and manage permissions in your environment, control Office 365 and SharePoint Online guest access, and stay within OneDrive storage limits. Try all the functionalities of Syskit Point with a 21-day free trial.