#FAQs

Refer to the frequently asked questions and answers in each category.

#If I end my subscription, will my data be deleted immediately?

When a subscription ends, AvePoint will retain your Insights data in the default Cosmos database provided by AvePoint for 15 days, subject to the terms of your service agreement. After this retention period, AvePoint will start the data disposal workflow for your Insights data in the default Cosmos database.

If you store the data in your own Cosmos database, the data will remain in your own database until you delete it.

#What Microsoft 365 subscriptions are supported?

The following Microsoft 365 subscriptions of your tenant are supported by Insights for Microsoft 365.

• Microsoft 365 Education

• Microsoft 365 Business Basic

  NOTE

  This is not available for managing sensitivity labels.

• Microsoft 365 Business Standard

  NOTE

  This is not available for managing sensitivity labels.

• Microsoft 365 Business Premium

• Microsoft 365 F1

  NOTE

  This is not available for managing sensitivity labels. OneDrive is not supported.

• Microsoft 365 F3

• Microsoft 365 E1

• Microsoft 365 E3

• Microsoft 365 E5

  NOTE

  This is required to use the Japan Physical Addresses sensitive info type in Insights.

• Office 365 F3

• Office 365 E1

• Office 365 E3

• Office 365 E5

#What Google subscriptions are supported?

The following Google Workspace subscriptions of your tenant are supported by Insights for Google.

• Business Starter

• Business Standard

• Business Plus

• Education Fundamentals

• Education Standard

• Education Plus

• Enterprise Standard

• Enterprise Plus

• Essentials Starter

  NOTE

  This is not available for managing shared drives.

• Essentials

• Enterprise Essentials

• Enterprise Essentials Plus

#What’s the difference between shadow users, risky users, external users, orphaned users, and ghost guest users in Insights for Microsoft 365?

• Shadow users – Users who are not members of the Team or Group, but have permissions to the content in the underlying SharePoint sites.

• Risky users – Users whose accounts are currently or were considered at risk of compromise. To review risk detections of risky users, go to Users > Risky users page.

• External users – External users in your Microsoft Entra ID that are invited to collaborate with your organization, and the users that are marked as external users in Insights. To control the access of external users, go to Users > External users page.

• Orphaned users – Orphaned users in Insights are deleted users and groups, as well as blocked users in Microsoft Entra ID, that still have access to objects in the configured data scope.

• Ghost guest users – External users in your Microsoft Entra ID who are neither members of any Microsoft 365 Groups or Microsoft Teams nor with permissions to the configured data scope of Insights. To manage ghost guest users within your tenants, go to Users > Ghost guest users page.

#What is an access report in Insights and where can I find it?

An access report in Insights for Microsoft 365 provides centralized visibility of user access, sensitivity, and activity data across Microsoft 365 environment.

• Access report of shadow users and groups – You can view permission details of all shadow users and groups in a Team/Group. You can find the access report by navigating to Risk analysis > Overview > Teams with shadow users/groups or Groups with shadow users/groups view and clicking the number link in the Shadow users/groups column of a Team or Group.

• Access report of a risky user – You can view permission details and membership of a risky user. You can find the risky user access report by selecting Access report from the ellipsis drop-down list on the Risky users page.

• Access report of an external user – You can view permission details and membership of an external user. You can find the external user access report by selecting Access report from the ellipsis drop-down list on the External users page.

• Access report of an orphaned user – You can view permission details of an orphaned user. You can find the orphaned user access report by selecting Access report from the ellipsis drop-down list on the Orphaned users page.

• Access report of a group with external users – You can view permission details and membership of a group where members contain external users. You can find the access report by selecting Access report from the ellipsis drop-down list on the Groups with external users page.

• Access report of Everyone / Everyone except external users / All Users (membership) / All Users (windows) – You can view the objects to which the Everyone / Everyone except external users / All Users (membership) / All Users (windows) group has access together with the basic information of the objects. You can find the access report by clicking Everyone / Everyone except external users / All Users (membership) / All Users (windows) on the Exposure > Exposed to “everyone” page.

• Access report of a user/group – You can view permission details and membership of a user or group. You can find the access report of a user or group by searching the user or group via quick search. Alternatively, you can create a search profile with the specific users and groups configured, and then view report of the search profile. Select Access report from the ellipsis drop-down list for a user or group on the View report page to view permission details and membership of the user or group.

#How do I remove access from orphaned users in Insights for Microsoft 365?

On the Users > Orphaned users page, you can view all accounts that have been deleted or blocked in Microsoft Entra ID, but still have access to objects in the configured data scope of Insights.

To remove access from orphaned users after the review, you have two options:

• Manually remove – Select one or multiple orphaned users in the table and click Remove to remove permissions from the orphaned users.

• Bulk remove via Policies for Microsoft 365 – Click Run policy in the message bar to run a one-time policy job to enforce the removal of orphaned users in bulk. In the Run policy window, set the scan scope and specify the notification email recipients, and click Save and run now. The permissions of orphaned users and/or groups in the scan scope will be removed in bulk.

#How can I detect and manage shadow users within Teams and Groups?

Shadow users are not members of any Teams or Groups, but have permissions to the content in the underlying SharePoint sites.

Complete the following steps to access the page where you can view all shadow users and groups within a Team or Group:

1. Navigate to Risk analysis > Overview.

2. Select Microsoft Teams or Microsoft 365 Groups from the data source drop-down list.

3. Switch to the All views tab and select the Teams with shadow users/groups or Groups with shadow users/groups view.

To delete shadow users and groups, you have two options:

• Manually remove per Team/Group – Click the number link in the Shadow users/groups column of a Team/Group to access the Access report of shadow users and groups page. Click a shadow user or group on the left to review the permission details they have to the Team/Group. Click Remove users/groups, select the shadow users and/or groups for whom the permissions to the Team/Group you want to remove, and click Remove.

• Bulk remove via Policies for Microsoft 365 – Click Run policy in the message bar to run a one-time policy job to enforce the removal of shadow users and groups from Teams/Groups in bulk. In the Run policy window, set the excluded scope of removal and specify the notification email recipients, and click Save and run now. Shadow users and groups not in the excluded scope will be removed in bulk.