Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Remove admin access from certain data files permanently in the Cloud

Brass Contributor

Hey,

I'm currently searching for a cloud solution to protect data files from even global Admins access.

 

I have a customer which has highly confidential files which should accessed only from certain people within his company only and all others should be have or get any access to these files at all.

I'm not sure if this is even possible in Office 365 or Azure, so any other good methods to accomplish something close to that state, would be fine too.

 

Maybe some storeage oder sharepoint site with detailed monitoring and reporting enabled or labelled and encrypted files with classification and access monitoring could be suitable for my customer.

 

Do you have any experience or good methods to reach this scenario?
Thanks and Regards!

2 Replies

If you want to protect them from rogue GA, store them outside of Office 365. GAs have the keys to the kingdom and can potentially circumvent any protection you put in place in the confines of O365.

Hi @Vasil Michev,

thats not possible as customer goes cloud only, there shouldn't be anything on-premise left.

 

If there is no direct solution to this, I think a strictly monitored cloud storage or sharepoint site should be sufficient too but I'm still not sure what should be done in detail..