Skip to content

SharePoint Online Connector Overview

The SharePoint Online connector allows you to access and analyze data. Of that stored data, you are able to structure and classify it. You are also able to monitor user activities on resources as well verifying user permissions on those resources.

Microsoft Teams Support

The SharePoint Online connector supports gathering permissions, monitoring activities, and classifying information being stored in Teams sites and channels.

  • Files transferred through Teams chats are viewable under the Team site > Shared Documents > General.

  • Files transferred through private chats are placed under the initiating user's OneDrive for Business Personal Drive and are managed by the Data Access Security OneDrive for Business Application.

SharePoint Online Connector Installation Flow Overview

To install the SharePoint Online connector:

  1. Configure all the prerequisites.
  2. Add a new SharePoint Online application.
  3. Install the relevant services:
    • Activity Monitor

Note

SharePoint Online does not support the Cloud-Ready architecture for permissions collection and data classification. Permission collection and data classification tasks will run on the central engine services associated with the application, regardless of whether these services have one or more collectors associated with the central engine.

Monitored Activities

Monitored events and activities are as defined in the Office365 Management Activity API specification.

Activity Monitor Operation Principles

  • Data Access Security Activity Monitor for SharePoint Online uses the Microsoft Office365 Management Activity API.
  • The Activity Monitor queries the API for SharePoint events, which discards OneDrive for Business related events.
  • The Microsoft Office365 Management Activity API uses the OAuth 2.0 authorization protocol to authenticate and authorize API requests.
  • Use of the API, Data Access Security for SharePoint Online Connector requires a short authorization process during the definition of the SharePoint Online application.
  • After the initial authorization process, Data Access Security will handle OAuth token management automatically and refresh the token if needed.

Note

Due to a Microsoft limitation, it might take up to two hours for events to be received by Data Access Security for SharePoint Online Activity Monitor.

Permissions Collection Operation Principles

CSOM

Data Access Security SharePoint Online permissions collection and crawling uses SharePoint Client-Side Object Model (CSOM).

Azure Identity Collector

The permissions collection task queries SharePoint Online for the existing Role Assignments to determine object permissions. An Azure Identity Collector must be configured to map the permissions to users and groups from the Azure Active Directory.

Crawl level: Folder vs File

By default, permissions are analyzed to the folder level, but they can also be analyzed on the file level. If permissions are analyzed on the file level, the system will only display uniquely managed files in the Business Resource Tree. Refer to Adding a SharePoint Online Application for information on analyzing file-level permissions.

Collecting Data from an External Application

The list below describes the high level installation process required to collect and analyze data from an external application. Most of these should already be set up in your Data Access Security installation.

  1. Install one or more Data Classification central engine using the server installer
  2. Install one or more Permission Collection central engines using the server installer
  3. Create an Application in Data Access Security from the Business Website. The application is linked to your installed central engines.
  4. Add an Activity Monitor to collect activities for this application

Comments