What is SPARK?

SPARK (SharePoint Online Attestation and Reporting Kit) is a Microsoft Azure based solution designed to help customers rapidly automate and manage SharePoint Online & Microsoft Teams attestation actions and notifications. It provides a streamlined process for site owners to attest to their sites, ensuring compliance and governance within SharePoint Online environments.

DIAGRAM DOWNLOAD: | Download PDF

PDF | Download Visio

Visio (source)

These components work together to provide a comprehensive solution for managing and automating SharePoint Online attestation actions and notifications. With Version 1, the installation process involves deploying these components manually via the Azure Portal and PowerShell in a specific order to ensure proper functionality and integration.

🔥 Before you light the SPARK…

1️⃣ View/download the datasheet (MSFT Internal)

2️⃣ Understand the estimated Azure spend for SPARK

3️⃣ CSAMs Only: Nominate your your customer for SPARK (MSFT Internal)

4️⃣ Customers & CSA Deployment Teams : Get the Pre-Deployment Guide:

5️⃣ CSA Deployment Teams: Get the Deployment Guide:

FAQ

How much does SPARK cost?

SPARK does not require any additional licensing in M365 or Azure to function.

However, as **SPARK is deployed in Microsoft Azure**, there will be a measurable Azure spend required. SPARK was designed to keep the total Azure spend as low as possible. Your exact Azure spend will depend on the number of SPO/Teams sites in your environment, size & number of the Azure resources deployed, total service lifecycle and other factors.

Is SPARK secure?

SPARK is designed with robust security measures, including tightly scoped Entra ID Managed Identities for secure authentication across Azure, Microsoft 365, and Graph API. All workflows requiring write access to production environments are queued and can be halted if needed. User access is controlled via Entra ID organizational accounts and Security Groups, while Azure Role-Based Access Control (RBAC) ensures only authorized personnel and identities can manage SPARK resources. No shared keys are used, further enhancing security.

How does SPARK work?

SPARK uses custom-developed Azure Automation services to collect SPO site metadata. It then leverages custom SPFx SharePoint web parts, in combination with Azure Function Apps and Runbooks, to help you manage the state of your attestation campaign. This enables you to rapidly drive the remediation of oversharing in SharePoint and Teams data, allowing cybersecurity teams to rapidly present a single, auditable source of truth for M365 SharePoint/Teams data used by Copilot.

I'm a CSA and want to help my customer deploy SPARK, what skillset do I need

Thank you for demonstrating a growth mindset! To help us drive the use of SPARK across our customers, you will need to have experience in the following:

Experience in deploying and configuring Azure services via the Azure Portal, including Function Apps, Automation Accounts, Runbooks, and SQL Databases
Skilled in reading and troubleshooting scripts written in PowerShell, PnP PowerShell, and Azure Cloud Shell
Intermediate-level experience in Microsoft 365 and Entra ID administration, including user and group creation, role-based access control (RBAC), and policy management
Knowledgeable in managing Exchange Online, including mailbox creation, distribution group setup, and administration via Exchange PowerShell
Understanding of configuring and securing Entra-integrated cloud applications using Microsoft Graph API
Experience in basic SharePoint Administration, including configuring the App Catalog, importing new Web Parts and creating new Sites. Understanding how Search in SharePoint works is extremely helpful. </ul>

Note

You might notice we mentioned SharePoint last. While the toolkit includes "SharePoint" in its name, SPARK is fundamentally an Azure-based service that accesses and manages SharePoint resources.

</details> ---