M365 Security & Permissions

No more mystery access

Gain visibility into privacy, sensitivity, sharing, and membership across your workspaces, and adjust at scale in just a few clicks. Spot risks quickly so you stay in control.

Security & Permissions

Stay aligned, stay secure

Permissions stay clear, consistent, and easy to manage through automated reviews and delegated ownership. Access stays aligned as teams evolve, balancing security and productivity while reducing the manual burden of constant checks.

Security & Permissions Features

Sharing Links Reporting

Provides comprehensive reporting on all sharing links across workspaces, enabling admins to analyze permissions and delete links at scale for security.

Membership Review

Validates workspace membership by reviewing user roles and removing inactive users, helping maintain compliance with minimum owner and member requirements.

Sensitivity Monitoring

Analyzes sensitivity labels against your security policies to help reduce the risk of unauthorized access or exposure.

Security and Permissions - Sensitivity Review 02

Privacy Review

Confirms that SharePoint workspace privacy settings are correctly configured as public or private, helping ensure appropriate audience access and reducing the risk of unintended exposure or oversharing.

Role Based Access Control

Controls administrator access through role-based authorization, enforcing least privilege principles, granular permissions, and segregation of functionality and data.

Frequently Asked Questions

How does Orchestry help organizations view and manage Microsoft 365 and SharePoint permissions?

Orchestry provides reporting and visibility into permissions across Microsoft 365, including SharePoint and Teams. This includes insight into shared links, group membership, and access configuration, helping administrators understand and govern permissions at scale.

How does Orchestry ensure secure access to its platform and applications?

We secure access by hosting Orchestry on Microsoft Azure and applying secure access controls, threat detection, and strong encryption (TLS 1.2+ in transit and AES-256 at rest). Our SOC 2 Type II–certified program includes continuous monitoring and regular third-party testing, and we’re designed with tenant isolation, no Global Admin requirement, and we don’t store your Microsoft 365 content.

Can users manage permissions for Microsoft 365 workspaces within Orchestry?

Yes. Orchestry’s Workspace Review feature enables administrators and workspace owners to add or remove members and guests, promote or demote roles, and review workspace membership on a scheduled basis to help keep access aligned with governance policies.

What type of permissions does Orchestry use to access customer tenants securely?

Orchestry integrates with your Microsoft 365 tenant using least-privilege, tenant-scoped access via Microsoft identity - it doesn’t store your content, doesn’t require Global Admin rights, and operates under logical tenant isolation with only the permissions needed to read metadata and make governance-related changes. All access is authenticated through Microsoft identity and controlled by Azure/Microsoft 365 access controls.

How does Orchestry permissions reporting differ from native Microsoft 365 tools?

Microsoft 365 permissions information is typically accessed across multiple admin centers. Orchestry brings permissions-related insights such as shared links, membership, and access configuration into a centralized view to help administrators understand and govern access more efficiently.

Orchestry Feature Sheet

OneDrive Management Feature Sheet

Guest & User Management Feature Sheet

Microsoft Teams Pre-Deployment Governance Planning Guide

The Ultimate Guide to Microsoft Teams for Education

Monash Health Case Study

Orchestry Recommendations

Orchestry Workspace Review