SAFEGUARDING SHAREPOINT DATA: ENHANCING SECURITY MEASURES IN FILE SHARING

In today’s digital landscape, SharePoint serves as a pivotal platform for collaboration, enabling seamless sharing of files and folders among users. While the convenience of sharable links streamlines communication and workflow efficiency, it’s imperative to recognize the nuanced security implications that accompany this feature.

SHAREPOINT DATA

Sharable links in SharePoint empower users to disseminate content swiftly, yet the accessibility they have can inadvertently expose sensitive data. Notably, files shared via these links can be readily discoverable by anyone using Microsoft Teams search functionality, heightening the risk of unauthorized access to confidential information.


SHAREPOINT DATA1

To mitigate potential security breaches, it’s paramount to adopt proactive measures in file sharing practices. Instead of relying solely on sharable links, consider implementing direct permissions or encrypted sharing methods to restrict access to authorized personnel exclusively. This ensures robust protection of sensitive data and mitigates the likelihood of inadvertent exposure.

Moreover, while automating URL generation through tools like Power Automate can streamline the sharing process, meticulous validation of generated URLs remains imperative to prevent unintended access.

Therefore, instead of using create sharing link for a file or folder‘ action, generate the URL of the folder location manually, this can be achieved by manipulating a few strings or if you are using Power Automate, you can directly use the ‘link’ field from previous actions to get the link of the folder and use it in your below actions.

Delete shared links:
In instances where access to shared files must be revoked, manual deletion of shared links may prove cumbersome, particularly with a large volume of shared content.
Leveraging PowerShell scripts to automate the removal of shared links offers a pragmatic solution, facilitating swift and efficient management of access permissions while bolstering data security protocols.

Follow the steps below and you can delete the shared links.

  • Download PowerShell version 7.
  • Open PowerShell as admin and run the following commands to install Azure AD Module:
    • Install-Module -Name PowerShell
    • Import-Module PowerShell
  • Save the following code in .ps1 file format from Notepad.
  • Enter site URL and library name in places highlighted in blue, change the library name each time to delete the sharable links from that Library.
  • PowerShell script

    #Define Parameters
    $SiteURL= “SiteURL
    $ListName = “LibraryName

    #Connect to PnP Online
    Connect-PnPOnline -Url $SiteURL -UseWebLogin

    #Get All items from List
    $Items = Get-PnPListItem -List $ListName -PageSize 2000

    #Iterate though each item in the list
    ForEach($Item in $Items) {
        #Get Shared links of the item
              $HasUniquePermissions = Get-PnPProperty -ClientObject $Item -Property “HasUniqueRoleAssignments”
     If($HasUniquePermissions) {
    $RoleAssignments = Get-PnPProperty -ClientObject $Item -Property RoleAssignments
    ForEach($RoleAssignment in $RoleAssignments) {
                    Get-PnPProperty -ClientObject $RoleAssignment -Property                                    RoleDefinitionBindings, Member
                         If($RoleAssignment.Member.Title -like “SharingLinks*”) {
                           Remove-PnPGroup -Identity $RoleAssignment.Member.Title –                               Force Write-host “Removed $($RoleAssignment.Member.Title)
                            from $($Item.FieldValues.FileRef)”
                           }
                      }
                 }
               }
    SHAREPOINT DATA3

  • Once the PowerShell is ready and the file is saved in a .ps1 format, execute the following command in PowerShell– PATH.\FILENAME.ps1

Leave a Reply