Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Copilot for M365

Task 1.4: Site lifecycle management and policiesĀ 

This task requires Microsoft SharePoint Premium - SharePoint Advanced Management. If you do not have this license, please review the task and continue to the next task.
You may also have the option to sign up for the Advanced management plan trial which you can use to complete this task.

  1. On the left menu, select Policies > Sharing and then review the available settings that control sharing at the organization level in SharePoint and OneDrive.

    Manage sharing settings for SharePoint and OneDrive in Microsoft 365

  2. On the left menu, select Policies > Access control and then review the settings that restrict how users are allowed to access content in SharePoint and OneDrive.

  3. On the left menu, select Policies > Site lifecycle management.

    Create and manage policies that automate tasks across the life cycle of your sites, like finding inactive sites. Manage site lifecycle policies

  4. Select Create a policy.

  5. Review the information on the Overview page, and then select Next.

  6. On the Scope page, keep the defaults and for What type of sites should be checked for inactivity?, select Select all.

  7. Select Next.

  8. Enter a Policy name and Description and then select a Policy mode.

  9. Select Finish.

  10. Select Done.

  11. Verify that the policy is listed.

    Policy Description
    Set Up Policies: Utilize the policy templates available in the App Governance UI to create policies based on user and data access, permissions, and certification. You can create custom app policies using the 16 predicates provided.
    Monitor Apps: Ensure that the apps you want to govern are registered in Azure Active Directory, have OAuth capability, and use the Graph API, as these criteria are necessary for the apps to appear in the overview and apps pages during policy creation.
    Apply Conditional Access Policies: Use Microsoft Entra authentication context to enforce more stringent access conditions when users access SharePoint sites. Authentication contexts can be directly applied to sites or used with sensitivity labels to connect Microsoft Entra Conditional Access policies to labeled sites.
    Secure Document Libraries: If SharePoint is enabled for sensitivity labels, configure a default label for document libraries to ensure the security of documents stored within.
    Restrict OneDrive Access: Limit OneDrive access to members of a specific security group if needed. This can prevent users outside these security groups from accessing their own OneDrive or any shared OneDrive content, even if they are licensed for it.
    License Management: Ensure that you have SharePoint Advanced Management licenses for all employees who are in scope of or may benefit from Data Access Governance