003: Document / Identify approved sharing of sensitive information with external partners
Overview
List all known and approved scenarios required by business functions that involve sharing sensitive data with external partners of the organization (such as service providers and collaborators). These scenarios can be general in nature (e.g. employee sending a partner pre-release information necessary for the coordination of business activities) or specific (e.g. sharing of billing data with an external auditor). Initial identification of common sharing patterns can be done by using tools like Activity Explorer and through analysis of the Unified Audit Log's SharePoint and OneDrive sharing logs, as well as Exchange audit logs.
Reference
- Activity Explorer: https://learn.microsoft.com/en-us/purview/data-classification-activity-explorer
- SharePoint sharing logs schema: https://learn.microsoft.com/en-us/purview/audit-log-activities#sharing-and-access-request-activities