SharePoint Permissions Management

Over the last 3 years of managing permissions across a suite of sites, I have uncovered more new issues with the way SharePoint permissioning is designed at every turn. A few examples, before the question:

• If I "Share" a file or folder somewhere on the site (breaking permissions inheritance), it is very inconvenient to find it again. 
• If I "copy link" in this one particular way, permissions inheritance is broken. 
• When looking at site-level permissions, I see site-level permissions groups, but there could be hundreds of other users who have been added to my site(s) without my knowing. 
• If I want to reset permissions in an area (set of folders or library), I have to do it file-by-file or folder-by folder. 
• If I want to get an excel snapshot of - anything really - IT has to pull it and it takes a couple days. 
• Not to mention the permissions interface is incredibly clunky. 

All-in-all, there seem to be a million ways to break permissions inheritance, creating an access tracking and security nightmare. AND there's no easy way to truly see and understand who has access to what or what is broken, without spending hours with IT to pull a bunch of narrow-visibility reports. 

So my question is: what is the best way to navigate full permissions visibility? Am I doing something wrong? Is anyone else experiencing these issues? 

We have resorted to having a very strict "no outsides besides a few exceptions" policy and only managing permissions at the site-level, which really hampers on the collaboration benefits that SharePoint is trying to enable. It is also very administratively intensive. One of the benefits to SharePoint is that users don't really need to understand how it works to use it, but that's becoming less and less true with the increasing lack of security we feel in the platform.