Bewerken

Delen via


Microsoft SharePoint Premium - SharePoint Advanced Management overview

Microsoft SharePoint Premium - SharePoint Advanced Management is an essential add-on for Microsoft 365 that equips IT administrators with a powerful suite of tools to bolster content governance throughout the Microsoft Copilot deployment journey.

Whether preparing for Copilot deployment or managing content post-implementation, this solution offers capabilities to:

  • prevent content sprawl,
  • streamline access management for SharePoint and OneDrive sites, and
  • analyze usage patterns through comprehensive reporting.

Screenshot of SharePoint Advanced Management pillars.

We recommend utilizing SharePoint Advanced Management features along with our best practices for Microsoft 365 Copilot to reduce the risk of oversharing, control content sprawl, and manage content lifecycle.

SharePoint Advanced Management features are managed by IT administrators with access to the SharePoint admin center. Some features can be used by site owners.

Screenshot of SharePoint Advanced Management features dashboard.

SharePoint Advanced Management helps you identify, manage, and resolve common content governance issues such as:

Manage content sprawl

What is content sprawl? Content sprawl occurs when digital content accumulates without proper management across various storage locations in an organization. This leads to difficulties in accessing information, higher storage expenses, security vulnerabilities, and compliance complexities. You can tackle content sprawl by implementing governance strategies and utilizing tools that centralize control, optimize storage efficiency, and uphold secure data management practices.

Site ownership policy

The site lifecycle management feature from Microsoft SharePoint Premium - SharePoint Advanced Management lets you improve site governance by having automated policies configured in the SharePoint admin center.

Site ownership policies are a part of site lifecycle management and help effectively manage ownership of SharePoint sites in your organization.

AI Insights

The AI insights feature for SharePoint Advanced Management uses a language model to identify patterns and potential issues from reporting and receive actionable recommendations to solve issues.

You can find the Get AI insights button next to various reports in the SharePoint admin center. Once selected, the AI insights feature extracts patterns from the report and offers a list of potential actions.

Screenshot of site lifecycle management insights dashboard in SharePoint admin center.

Inactive sites policy

You can run automated, rule-based policies to manage and reduce inactive sites with the Inactive SharePoint sites policy feature from SharePoint Advanced Management.

Screenshot of inactive sites policy.

The inactive sites policy combats content sprawl by automatically identifying and managing inactive SharePoint sites. It operates by defining inactivity criteria, such as lack of updates or user activity over a set period. Once identified, site owners receive email notifications to confirm the active/inactive state of the site.

Manage content lifecycle

You can manage the content lifecycle for SharePoint and OneDrive sites with SharePoint advanced management features that streamline content creation, organization, and retention through automated workflows, detailed reporting, and robust compliance settings.

Effective lifecycle management not only ensures streamlined governance and enhanced collaboration but also optimizes storage, maintains data integrity, and supports regulatory compliance, ultimately improving efficiency and security.

Site change history reports

The Site change history report feature lets you create change history reports in the SharePoint admin center to review SharePoint site property changes made within the last 180 days. Create up to five reports for a given date range and filter by sites and users. You can download the report as a .csv file to view the site property changes.

Screenshot of change history report dashboard.

Recent site actions

The Recent SharePoint admin actions policy lets you review and monitor the last 30 changes you've made to a SharePoint site's properties within the last 30 days in the SharePoint admin center. This feature only shows changes made by you and not other administrators.

Screenshot of restricted access control for SharePoint sites.

Manage permissions and access

Copilot leverages the data stored in SharePoint and OneDrive sites to provide insights and automate tasks across your organization. Confidential data from content in SharePoint and OneDrive sites can populate in Copilot's generated insights, posing security and privacy risks.

SharePoint Advanced Management ensures this data is securely handled and accessed only by authorized users and/or security groups, maintaining the integrity and security of the insights generated by Copilot​.

By preventing oversharing and managing access effectively, you can ensure that Copilot's collaboration features are optimized. This leads to more efficient and secure use of Copilot across your organization.

Before enabling Copilot for your organization and tenant, you can proactively set policies to restrict access to sites and manage content discoverability during Copilot and tenant-wide search.

Block download policy for SharePoint and OneDrive sites

Block download policy for SharePoint and OneDrive sites You can block download of files from SharePoint sites or OneDrive without needing to use Microsoft Entra Conditional Access policies. Users have browser-only access with no ability to download, print, or sync files. They also won't be able to access content through apps, including the Microsoft Office desktop apps.

Screenshot of block download policy for SharePoint and OneDrive sites.

Data access governance reports lets you view reports that identify sites that contain potentially overshared or sensitive content. You can use these reports to assess and apply appropriate security and compliance policies.

Screenshot of data access governance reports dashboard.

Enterprise app insight reports

App insights is a SharePoint Advanced Management feature that lets you gain insights on the various non-Microsoft applications registered to your Microsoft Entra admin center and how they access your SharePoint content. This report can help you maintain and protect the integrity of your content.

Site access reviews

Site access review feature in the SharePoint admin center lets you delegate the review process of data access governance reports to the site owners of overshared sites.

Site access review involves site owners in the review process so they can address the concern of overshared sites identified in data access governance reports.

Data access governance management via PowerShell

While Data access governance is available in SharePoint admin center portal, large organizations usually look for PowerShell support in order to manage scale via scripting and automation.

This document discusses all appropriate PowerShell commands available via SharePoint Online PowerShell module to manage reports from Data access governance.

Conditional access policy for SharePoint and OneDrive sites

Conditional access policy for SharePoint and OneDrive sites lets you enforce stringent access conditions when users access SharePoint sites. Authentication contexts can be directly applied to sites or used with sensitivity labels to connect Microsoft Entra Conditional Access policies to labeled sites.

Screenshot of conditional access policy dashboard.

Restricted access control for SharePoint

You can prevent sites and content from being discovered at the site-level by enabling Restricted access control for SharePoint sites. Site access restriction allows only users in the specified security group or Microsoft 365 group to access content. This policy can be used with Microsoft 365 group-connected, Teams-connected, and non-group connected sites.

Screenshot of saved changes for restricted access control for SharePoint sites.

Restricted access control for OneDrive

You can limit access to shared content of a user's OneDrive to only people in a security group with the Restricted access control for OneDrive policy.

Once the policy is enabled, anyone who is not in the designated security group won't be able to access content in that OneDrive even if it was previously shared with them. To block users from accessing OneDrive as a service, you can enable the Restrict OneDrive service access feature.

Screenshot of restricted access control for OneDrive.

Licensing

SharePoint Advanced Management is a per-user license. To use SharePoint Advanced Management, you must have a license for each user in your organization. (It's not required for guests.) Users must also be licensed for SharePoint K, P1, or P2 via standalone or a Microsoft 365 suite.

You can purchase the SharePoint Advanced Management Plan 1 add-on in the Microsoft 365 admin center, through a Cloud Solution Provider (CSP), or through volume licensing enrollment. Contact your Microsoft account manager for further information.

SharePoint Advanced Management is available for Commercial, WW Commercial Public Sector, Education, Charity, and US GCC, GCC-High, and DoD customers.

SharePoint Advanced Management is $3 per user per month for commercial customers. For more details on licensing, please contact your account manager.

Licensing details for each feature listed above are included in those articles.

Microsoft Syntex documentation

Microsoft 365 Government - how to buy

Get started with Microsoft 365 Copilot