Sep 11 2018 09:53 AM - edited Sep 11 2018 09:55 AM
Environment: Office 365 SharePoint online
There are some users in our Office 365 environment who are Global admins. I know that Global admin can add themselves to any site collection as an administrator. But in some of the site collections we are having very sensitive data that we dont want to expose to any people even though those people are admins, but except one group of people.
Question:
Out of above 3 questions, I know question1 is not possible to achieve. But I don't want to create any remote event receivers.
I am more interested in checking with security and compliance can do this job?
Sep 11 2018 11:01 AM
SolutionBoth #1 and #3 are possible via functionality that already exists in the SCC. Review the following articles:
#2 is not possible as GAs have all the access they need to circumvent any rules you put in place.
Sep 11 2018 11:10 AM
Thanks for your response. I will check and let you know on this.
Sep 11 2018 11:01 AM
SolutionBoth #1 and #3 are possible via functionality that already exists in the SCC. Review the following articles:
#2 is not possible as GAs have all the access they need to circumvent any rules you put in place.