Skip to content

Tracking Data Access in MS Teams and SharePoint Online: A Comprehensive Guide

Microsoft Teams and SharePoint Online are widely used collaboration tools that facilitate the sharing and collaboration of files among team members. However, with great power comes great responsibility, and with the ease of sharing files and data comes the risk of unauthorized access or data breaches. It is crucial to keep track of who has access to what data, and when and how they are accessing it. In this article, we will discuss how to track data access in MS Teams and SharePoint Online.

  1. Enable auditing in MS Teams and SharePoint Online

Before we can track data access in MS Teams and SharePoint Online, we need to enable auditing. Auditing is not enabled by default, so we need to turn it on. Here’s how:

In SharePoint Online:

ManageEngine Applications Manager
  1. Go to the SharePoint Admin Center.
  2. Click on “Settings” from the left-hand menu.
  3. Scroll down to the “Audit log trimming” section and click on “Audit log settings.”
  4. Check the box next to “Audit external sharing invitations” and “Audit external access requests.”
  5. Click on “Save.”

In MS Teams:

  1. Go to the Microsoft Teams Admin Center.
  2. Click on “Org-wide settings” from the left-hand menu.
  3. Click on “Teams settings.”
  4. Scroll down to the “Content search” section and click on “Edit.”
  5. Turn on the “Audit log search” toggle switch.
  6. Click on “Save.”
  7. View the audit logs

Once auditing is enabled, we can view the audit logs to see who has accessed what data, when, and how. Here’s how:

In SharePoint Online:

  1. Go to the SharePoint Admin Center.
  2. Click on “Security” from the left-hand menu.
  3. Click on “Audit log reports.”
  4. Select the type of report you want to view from the drop-down menu (e.g., “File and folder activity”).
  5. Select the date range you want to view.
  6. Click on “Run.”
  7. The report will be generated, and you can view the audit logs.

In MS Teams:

  1. Go to the Microsoft 365 Compliance Center.
  2. Click on “Search” from the left-hand menu.
  3. Click on “Content search.”
  4. Click on “New search.”
  5. Enter the search criteria (e.g., specific users, specific channels).
  6. Click on “Search.”
  7. The search results will be displayed, and you can view the audit logs.
  8. Set up alerts

To ensure that you are immediately notified of any suspicious or unauthorized data access, you can set up alerts. Here’s how:

In SharePoint Online:

active directory auditing solutions
  1. Go to the SharePoint Admin Center.
  2. Click on “Security” from the left-hand menu.
  3. Click on “Alerts.”
  4. Click on “New alert.”
  5. Enter the alert criteria (e.g., specific users, specific files or folders).
  6. Set the alert frequency (e.g., daily, weekly).
  7. Enter the email address(es) where you want the alerts to be sent.
  8. Click on “Create.”

In MS Teams:

  1. Go to the Microsoft Teams Admin Center.
  2. Click on “Alerts” from the left-hand menu.
  3. Click on “New alert.”
  4. Enter the alert criteria (e.g., specific users, specific channels).
  5. Set the alert frequency (e.g., daily, weekly).
  6. Enter the email address(es) where you want the alerts to be sent.
  7. Click on “Save.”

In conclusion, tracking data access inIn conclusion, tracking data access in MS Teams and SharePoint Online is crucial for ensuring data security and compliance. By monitoring who accesses what data and when, organizations can quickly identify any suspicious activity and take appropriate action to prevent data breaches or unauthorized access. Additionally, tracking data access can help organizations meet compliance requirements, such as the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). By implementing the appropriate auditing and monitoring tools, organizations can gain visibility into their data and ensure it remains protected.