Workspaces with Too Many Owners
This article provides information on the Workspaces with Too Many Owners report.
Syskit Point detects workspaces with more than the maximum number of owners predefined in the policy settings, which can pose security concerns.
When the task delegation option is enabled for the Maximum Number of Owners policy, Syskit Point creates tasks and sends emails to users as defined in the policy settings. To learn more, take a look at the Maximum Number of Owners policy article.
By default, task delegation is turned off for this policy, but workspaces with too many owners are still detected and shown on the Security & Compliance Dashboard. This means that Syskit Point detects a vulnerability on a workspace based on the applied policy, but it does not create tasks or send any emails to workspace owners.
The purpose of this is to assist Syskit Point admins by bringing awareness of potential issues in their Microsoft 365 environment.
On the Security & Compliance dashboard, click the Workspaces with too many owners button to see the report.
The Workspaces with Not Enough Owners screen opens, showing a list of all workspaces with too many owners assigned to them.
Above the report, you can see the number of:
All workspaces with a policy vulnerability
Microsoft Teams with a policy vulnerability
Microsoft Groups with a policy vulnerability
The report itself provides information on:
Workspace (1) name
Detected (2) - when the policy vulnerability was detected
Owners (3) - the number of owners the workspace has
Policy (4) - the policy assigned to the workspace
Rule (5) - for the policy applied
Status (5) - status of the policy vulnerability
If a vulnerability was detected, the status shows as Detected
If task delegation is enabled for the policy, it shows the task status, for example, Awaiting response from owners
Assigned to (7) - who the policy vulnerability is assigned to for a resolution
Additionally, you can complete the following actions for the policy vulnerability:
Accept risk (8) - this means you will close the policy vulnerability task without making any changes to the current state of the workspace
Send reminder (9) - this sends a reminder to the person responsible for resolving this task
Ask Owners (10) - this action shows if the policy is not automated, meaning that no tasks were sent to owners; when clicked, emails will be sent to owners and tasks created for owners to resolve the vulnerability
By selecting all (1) or more than one workspace, you can perform the bulk action for Ask Owners (2), Send reminder (3), and Accept risk (4).
To get more details on a specific workspace, click the name of the workspace on the report.
This opens the screen that shows more details about the workspace
Here you can find the following information:
Severity level (1)
Vulnerability (2)
Detected (3)
Policy Type (4)
Rule (5)
Category (6)
You can also perform the actions to Accept Risk (7) and Change Owners (8).
Last updated