| Service | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| SharePoint | Advanced Management | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/advanced-management.md | Previously updated : 03/01/2023 Last updated : 03/28/2023 Title: "Microsoft Syntex - SharePoint Advanced Management overview" SharePoint Advanced Management features are administered by SharePoint administr **[Restricted access control policy for OneDrive](limit-access.md)** - You can limit OneDrive access to members of a specific security group if you want to allow only certain users to have access. Even if other users outside of these security groups are licensed for OneDrive, they won't have access to their own OneDrive or any shared OneDrive content. -**[Data access governance insights for SharePoint sites](data-access-governance-reports.md)** - These reports help you discover sites that contain potentially overshared or sensitive content. You can use these reports to assess and apply appropriate security and compliance policies. +**[Data access governance reports for SharePoint sites](data-access-governance-reports.md)** - These reports help you discover sites that contain potentially overshared or sensitive content. You can use these reports to assess and apply appropriate security and compliance policies. **[Conditional access policy for SharePoint sites and OneDrive](authentication-context-example.md)** - With Azure Active Directory authentication context, you can enforce more stringent access conditions when users access SharePoint sites. Authentication contexts can be directly applied to sites or used with sensitivity labels to connect Azure AD conditional access policies to labeled sites. |
| SharePoint | Data Access Governance Reports | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/data-access-governance-reports.md | Previously updated : 03/01/2023 Title: "Data access governance insights for SharePoint sites" Last updated : 03/28/2023 + Title: "Data access governance reports for SharePoint sites" search.appverid: MET150 description: "In this article, you'll learn about reports that can help you govern access to data in SharePoint." -# Data access governance insights for SharePoint sites +# Data access governance reports for SharePoint sites [!INCLUDE[Advanced Management](includes/advanced-management.md)] This feature requires a Microsoft Syntex - SharePoint Advanced Management licens - Sharing links - Sensitivity labels applied to files :::image type="content" source="media/data-access-governance-screen.png" alt-text="Data access governance page":::- + ## Sharing links reports The Sharing links reports help you identify potential oversharing by seeing the sites where users created the most new sharing links. A report is available for the following links: When a report is ready, select it to view the data. Each sharing link report inc ### Download the reports -You can download a .csv file to get the same information for up to 10,000 sites. +You can download a .csv file to get the same information for up to 10,000 sites. ## Sensitivity labels for files reports |
| SharePoint | Hub To Hub Association | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/hub-to-hub-association.md | The following diagram illustrates how hub sites can be associated to other hubs - **Parent hub (level 1):** Think of associated hubs on level one as "Parent" hubs that determine the search scope for peer associated hubs. - **Associated child hub (level 2):** These hub sites are already associated to the parent hub and content within these sites will appear when users search at any of these hubs.-- **Associated child hub (level 3):** This level (and all proceeding levels) of peer associated hubs behaves the same way as the first level. Content on sites beyond level 3 will not appear in search results.+- **Associated child hub (level 3):** This level (and all preceding levels) of peer associated hubs behaves the same way as the first level. Content on sites beyond level 3 will not appear in search results. ## Associate a hub to another hub |
| SharePoint | Information Barriers | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/information-barriers.md | When a site has no segments and site's information barriers mode is set to *Open - The site and its contents can be shared based on the information barrier policy applied to the user. For example, if a user in HR is allowed to communicate with users in Research, the user will be able to share the site with those users. >[!TIP]->If you want to allow sharing of *Open* mode sites with mail-enabled security groups, see the [Allow sharing of Open mode sites with mail-enabled security groups (preview)](#allow-sharing-of-open-mode-sites-with-mail-enabled-security-groups-preview) section in this article. +>If you want to allow sharing of *Open* mode sites with mail-enabled security groups, see the [Allow sharing of Open mode sites with mail-enabled security groups](#allow-sharing-of-open-mode-sites-with-mail-enabled-security-groups) section in this article. ### Owner Moderated Audit events are available in the Microsoft Purview compliance portal to help yo - Changed information barriers mode of site - Disabled information barriers for SharePoint and OneDrive -For more information about SharePoint segment auditing in Office 365, see [Search the audit log in the compliance center](/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance#information-barriers-activities). +For more information about SharePoint segment auditing in Office 365, see [Search the audit log in the compliance portal](/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance#information-barriers-activities). ## Site creation and management by site owners Private channel site access and sharing is governed by its IB mode: - Access is allowed to user who is currently a member of the private channel - Sharing is allowed using **People with existing access link** -Private channel sites already configured in your organization will have their information barriers mode set as *Open*. To configure existing private channel sites to *Implicit* mode, run the following cmdlet in SharePoint Powershell module: +Private channel sites already configured in your organization will have their information barriers mode set as *Open*. To configure existing private channel sites to *Implicit* mode, run the following cmdlet in SharePoint PowerShell module: ```powershell Set-Sposite -Identity <site URL> -InformationBarriersMode Implicit Set-SPOTenant -InformationBarriersSuspension $true >[!NOTE] >If you have Microsoft 365 Multi-Geo, you must run this command for each of your geo-locations. -## Allow sharing of Open mode sites with mail-enabled security groups (preview) +## Allow sharing of Open mode sites with mail-enabled security groups IB supports an opt-in capability available in the [SharePoint PowerShell module](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online) for sites in *Open* mode to be shared with [mail-enabled security groups](/microsoft-365/admin/email/create-edit-or-delete-a-security-group) for site permissions, sharing, and audience targeting. This is only supported in *Open* mode sites. SharePoint admins can enable this support in your organization and we recommend you ensure the security group membership is IB compliant. |
| SharePoint | Manage Loop Components | https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/manage-loop-components.md | Loop experiences on Microsoft 365 OneDrive or SharePoint are backed by .fluid or 1. Cloud Policy 2. SharePoint PowerShell command +If you're new to Cloud Policy and looking to enable the Loop app for your organization during the public preview, you may appreciate a more step by step, all-in-one document for how to roll out Cloud Policy settings to your tenant. If so, check out this Tech Community blog: [Learn how to enable the Microsoft Loop app, now in Public Preview](https://techcommunity.microsoft.com/t5/microsoft-365-blog/learn-how-to-enable-the-microsoft-loop-app-now-in-public-preview/ba-p/3769013). ++## Loop service requirements ++The Loop app currently requires each user to have an Exchange Online license. If not, users will experience failures in the Loop app, be unable to create new Loop workspaces, will not receive notifications or signals when users collaborate and update, and other experiences may also fail. ++Loop's near real-time communications are enabled by the core services that run a WebSocket server. Coauthors in the same session need to establish secured WebSocket connections to this service to send and receive collaborative data such as changes made by others, live cursors, presence, etc. These experiences are crucial to Loop, and all the scenarios powered by Fluid framework. So, at the minimum, WebSocket will need to be unblocked from the user's endpoint. ++Just like other Microsoft 365 experiences, Loop also leverages core services across SharePoint and Microsoft 365. To effectively enable Loop experiences or OneDrive and SharePoint files-backed experiences powered by Fluid Framework, follow the instructions in [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges) to ensure connections to Loop services. + ## Available policy settings There are several IT Admin settings provided to enable the Loop app and Loop experiences across Microsoft 365: The feature will be available on Teams Windows Desktop, Mac, iOS, Android, and w To disable Loop components in Teams, run `Set-SPOTenant -IsLoopEnabled $false`. The change will take a short time to apply across your organization. If your organization has multiple regions (that is, organization URLs), you need to disable loop components for all the regions to have consistent results across the organization. -## Loop service requirements --Loop's near real-time communications are enabled by the core services that run a WebSocket server. Coauthors in the same session need to establish secured WebSocket connections to this service to send and receive collaborative data such as changes made by others, live cursors, presence, etc. These experiences are crucial to Loop, and all the scenarios powered by Fluid framework. So, at the minimum, WebSocket will need to be unblocked from the user's endpoint. --Just like other Microsoft 365 experiences, Loop also leverages core services across SharePoint and Microsoft 365. To effectively enable Loop experiences or OneDrive and SharePoint files-backed experiences powered by Fluid Framework, follow the instructions in [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges) to ensure connections to Loop services. - ## eDiscovery +### Loop components + Loop components created in Teams or Outlook are discoverable and have eDiscovery workflow support using the Microsoft Purview tool. Currently, these files are stored in the creatorΓÇÖs OneDrive for Business and are available for search and collection, and render in review for both eDiscovery (Standard) and eDiscovery (Premium). The HTML offline export format is supported on eDiscovery (Premium). You can also download and re-upload the files to any OneDrive for Business to view them in their native format. Microsoft is currently working on a third-party export API solution for Loop components. -The Loop app does not yet support eDiscovery workflows. +### Loop app ++The Loop app and content created in the Loop app does not yet support eDiscovery workflows. ## Related topics |