Security and Sharing

Introduction

Torsion's Data Access Governance solution for Microsoft 365 features the Sharing & Security panel, providing vital data access insights to business users. Upon accessing a particular Information Resource, like a Microsoft Team, Site, document, or folder, this panel can be viewed by either the Owner or Member

Matrix of who sees what in Torsion's Sharing and Security User Console Settings.

This matrix describes who can and cannot view what in the Torsions Sharing and Security panel settings.

* Cannot classify or assign ownership, buttons are hidden.

Ŧ Can only see information resources they have access to.

ǂ Can only see Information Resources they have access to, unless “Allow Business Owners to see Information Resources they can't access” has been selected in Admin General Settings

Security and Sharing

The Sharing & Security panel gives users control over access to information and the ability to modify security settings. It displays the assigned Security Classification, enabling Business Owners to grant access while preserving security and enforcing governance. 

Header

The title of the Sharing & Security panel shows the particular Information Resource that is currently displayed in the dialogue.

The Sharing & Security panel displays the total number of people who have access to the Information Resource on the left, and if a Security Classification has been applied to the resource, this is displayed on the right. Within the panel are various tabs of information and controls. The navigation is arranged in two groups: Manage Security and Share.

Manage Security

Under Manage Security, there are four tabs: Overview, Issues, See Who Has Access, and Configuration. 

• The Overview tab gives an overview of the sharing access of the resource, and issues that need attention. 
• The Issues tab outlines any issues with the current sharing state of the resource, along with ways to resolve them. 
• The See Who Has Access tab shows who has access to the resource.
• Configuration tab allows you to adjust the sharing and security settings.

• The Business Owner is responsible for the Information Resource and can nominate others to join as co-owners. 
• The Security Status displays the vulnerability of the resource and the number of outstanding security issues. 
• The Shared Outside flag indicates if anyone with access to the resource is external to the organization. 
• The Security Classification shows the sensitivity, access rules, and security configuration of the resource. 
• The Security Inheritance section shows if the resource has its own security configuration or inherits from another resource. The People With Access section displays the total number of people who have access, including external individuals and those with read-only or modify access.

See Who Access

The See Who Has Access tab displays all individuals who have access to the Information Resource. This tab lists access provided through different mechanisms. 

Only the configuration that provides the highest level of access is shown by default, with the option to reveal additional configurations by clicking "Show x more...". 

The list of individuals can be filtered by internal/external status, sharing mechanism, access level, and searchable by name or role. The Reason for Access column displays the business reason for each person's access to the Information Resource, whether it be through individual sharing, a Security Rule, or a Security Group. Access details for an individual can be viewed by clicking the blue (i) icon. Changes in the security configuration can be viewed by clicking the "See What's Changed" button.

Configuration

Note that changes made in this tab will only affect the selected Information Resource, and will not change the configuration of any parent or child resources. It’s important to review the entire hierarchy of an Information Resource before making any changes, to understand the full impact of any changes.

Additionally, removing a configuration may have implications for the access of other Information Resources that rely on the same configuration. So, it’s important to understand the relationships between configurations, and the impact of any changes, before making them.

Share

Under Share, there are three tabs: With a Security Rule, With Individual People, and With a Group. 

• Security Rule tab allows you to share the resource with a security rule.
• Individual People and With a Group tabs allow you to share the resource with particular people or groups, respectively. 
• Note depending on your system configuration and access level, some tabs may not be visible to you.

Share with a Security Rule

The Security Rule is a mechanism for controlling access to an Information Resource based on specific business criteria, rather than a list of names. 

To create a Security Rule, select options from the available Security Dimensions on the left, which are customised for your business. The name of the Security Rule will change based on the selected options. The View Rule Members button shows the people who currently match the criteria of the Security Rule. Once satisfied, the Security Rule can be added by clicking the ‘Add Rule’ button and selecting the Access Level. The people who match the criteria of the Security Rule will automatically receive access, while those who no longer match will have their access revoked.

Share With Individual People

Sharing Information Resource with individual people can be done by entering their name or email address in the textbox and selecting them. 

The business reason for their access can be specified as being based on their current position, temporary, or permanent. The business reason can be specified by selecting attributes of their current role, specifying the duration of access, or by specifying a reason in a dropdown list or freeform textbox.