OneDrive for Business serves as users' personal cloud storage, securely storing every file and folder they create, share, or manage. Failing to implement proper access to files in OneDrive leaves your organization vulnerable to potential data breaches. Therefore, this guide will show you how to audit file access activities in your OneDrive for Business to enhance data security.
Windows PowerShell ./AuditFileAccess.ps1 -OneDriveOnly 
AdminDroidâs OneDrive for Business auditing tool provides a one-stop solution for tracking OneDrive file activity by offering detailed reports on file access, file access extended, file previews, file deletions, and more. This helps you gain insights into file usage patterns, user interactions, and potential security risks to maintain better control over your OneDrive environment.
Discover trends in OneDrive file activity with the daily active files count report, which includes view, edit, internal and external share counts for seamless access tracking.
Find inactive users to reclaim licenses or reallocate resources efficiently with the help of usersâ last OneDrive file access report.
Monitor sensitivity label removed OneDrive files to identify suspicious activities and proactively prevent unauthorized data sharing.
Make file access monitoring effortless with usersâ OneDrive file/folder sharing activities report to identify when users grant sensitive file access to external users.
Check OneDrive activity for a user to identify underutilized OneDrive accounts and adjust storage quotas to match actual needs.
Utilize the AdminDroidâs default alert template for unusual volume of file deletion to get instant alerts about excessive OneDrive file deletion during a specific period.
Overall, AdminDroidâs Microsoft 365 OneDrive management tool provides advanced features to track the file access activities efficiently. Easily track file usage, external sharing, user activities, etc., to enhance data security and prevent potential data loss in your OneDrive for Business environment.
This error occurs when you try to sign in to OneDrive for Business from outside the trusted network boundary.
This error occurs in the audit log search of the Purview portal when the selected date and time range exceeds the 180-day limit.
This error occurs when a user tries to access OneDrive for Business content using an unmanaged device.
This error occurs when the default PowerShell execution policy is set to Restricted, which prevents the execution of scripts.
Set-ExecutionPolicy âExecutionPolicy UnrestrictedWithout proper access controls in OneDrive for Business, sensitive information can easily fall into the wrong hands. This compromises data security and may create uncertainty over who can access critical files. Implementing effective access management measures protects your information and ensures secure collaboration.
While OneDrive for Business files inherit parent folder or site permissions by default, you can set unique item-level permissions through these steps.
Assign custom permission at the item level to users or groups based on their roles to prevent unauthorized access.
To set unique permission for a OneDrive file, follow the steps below.
Effortlessly monitor files with unique permissions to optimize file access management in OneDrive!
In a collaborative workspace, multiple users often work on shared files in OneDrive for Business. While this increases productivity, it also leads to accidental or intentional changes in the data. This can cause misunderstandings and confusion among other team members. By identifying who made the changes, admins can address these issues and enhance collaboration.
The following steps will help you detect the user behind the changes in a shared OneDrive file.
FileCopied, FileDeleted, FileDeletedFirstStageRecycleBin, FileDeletedSecondStageRecycleBin, FileModified, FileMoved, FileVersionsAllMinorsRecycled, FileVersionsAllRecycled, FileVersionRecycled, FileVersionDeleted, FileRecycled, FileRenamedThe result will display all the file change activities along with the user who performed those operations.
Transform your OneDrive for Business permission management with AdminDroidâs file activities report!
Are your users sharing sensitive company files on OneDrive without proper download restrictions? Admin must control file distribution to protect organizational data security. One essential way to maintain this control is through blocking download of critical files.
Using SharePoint Online Management Shell:You can simply restrict users from downloading files in OneDrive for Business with a block download policy using the following steps.
Connect-SPOService âUrl https://<Tenant>-admin.sharepoint.comSet-SPOSite âIdentity <OneDriveSiteURL> -ExcludeBlockDownloadPolicySiteOwners $true Before executing the cmdlets, replace the <Tenant> with your domain name and <OneDriveSiteURL> with the userâs OneDrive account URL.
Note: You should have SharePoint Premium license to use the block download policy in both SharePoint Online and OneDrive sites.
Using Microsoft 365 Admin Center:Follow the steps below to block file downloads when sharing with others.
If you canât find the Canât download option, then first share the file with view permission. Then, follow the steps below to change the permission to Canât download.
Then, users can only view the files and documents, but they cannot download them.
As an admin, you must always prioritize the security of sensitive OneDrive files containing intellectual property or confidential business data. Monitoring who has access to these files is essential for admins to safeguard data integrity and prevent misuse.
Hereâs how you can monitor who has access to a specific file in OneDrive for Business and keep track of its activities.
Once the search is complete, you can view detailed access activities for the specific OneDrive file and identify users frequently accessing that specific file.
When external users access OneDrive files, it creates opportunities for enhanced collaboration but poses security risks if external users' accounts are compromised. Tracking file access by external users is a crucial step for admins to mitigate these security threats effectively.
Using the Audit search in the Purview portal, you can view OneDrive file access history of all users. However, exporting file access activities specifically for external users is not directly possible.
You need to manually filter out the external users' activities from the overall report. This can be tricky and time-consuming because you need to apply multiple filters.
However, you can achieve this by executing our PowerShell script, âAuditFileAccess.ps1â, with the -FileAccessedByExternalUsersOnly and -OneDriveOnly parameters.
Unlike Audit search, it retrieves all external users' file access activities directly and exports a CSV file with granular details.
Gain granular insights into external usersâ OneDrive file access with AdminDroidâs customizable external users file/folder access reports!
As an admin, you manage most OneDrive settings to balance user productivity and resource efficiency. However, when it comes to storing files locally, users also need to do some configurations. Here's what you need to know about managing and guiding users through local storage options.
By default, OneDrive's 'Files On-Demand' feature enables users to view online-only files in File Explorer without consuming local storage. These files are accessible like any other file when connected to the Internet. However, if users need offline access to files, you can guide them to adjust this setting.
Users can keep their files stored locally by following the steps below to turn off Files On-Demand. However, this downloads all synced files, which can quickly fill up storage space if the content is large.
For users requiring offline access to specific files or folders, advise them to use the âAlways keep on this deviceâ option. This allows them to save only the files they need on their computer, conserving storage space.
If users no longer need local copies, they can select Free up space to remove them from the device while retaining cloud access.
Get AdminDroid Office 365 Reporter Now!