Book a demo
sharepoint-onedrive-main-logos

Streamline SharePoint and OneDrive policy management across your MSP’s tenants 

Build sharing and access policy baselines, audit data governance posture, and push standardized configurations via inforcer’s multi-tenant management platform. 

Join our founder-led demo Book a 1:1 demo

Why manually managing SharePoint
and OneDrive isn’t efficient at scale 

No way to standardize and enforce policies

SharePoint and OneDrive default to permissive sharing settings that most tenants never lock down properly. Without appropriate external sharing policies deployed across every tenant, sensitive files can be shared anonymously and inappropriately without anyone even noticing. 

No cross-tenant visibility

There's no native method for auditing whether SharePoint and OneDrive are correctly configured across your entire tenant base without logging into each environment individually. This costs MSPs precious time that could be spent delivering additional value and growing their business.

No efficient way to address drift

SharePoint and OneDrive policy management covers external sharing levels, sync restrictions, access controls, guest link expiration, and device-based access rules. Manually resolving configurations that drift is not sustainable for MSPs serving dozens or hundreds of tenants. 

The multi-tenant SharePoint & OneDrive management solution for MSPs 

One platform to standardize, enforce, and monitor SharePoint
and OneDrive policies across all your tenants. 

Single pane visibility

See SharePoint and OneDrive configuration and compliance posture across all tenants from one dashboard, with no individual logins required. 

Bulk policy deployment

Maintain your MSPs service quality across every tenant you serve. Build your SharePoint and OneDrive baseline once, then push it to your entire tenant base simultaneously. 

Detect and resolve drift

Receive alerts whenever a tenant’s policies or settings deviate from your chosen baseline, with automatic tickets created in your PSA tools. 

Manage external access

Apply device-based access controls, sync restrictions, and security group-based access policies to ensure effective data governance without per-tenant configuration overhead. 

Welcome to your tenant dashboard

Comprehensive visibility for all your tenants at once.

No more multiple logins

Save countless hours by seeing each tenant’s key metrics in one central location. 

Alignment and security scores

At-a-glance assessments that compare each tenant’s policy configurations against recognized baselines. 

Easy onboarding

Fetch customers in or out of your Partner Center in just a few clicks. 

Licensing status and backup history

Reference important details fast instead of manually digging through documentation. 

Live demo with Co-founder,
Will Connor

Want to see inforcer in action? Join a live platform demo with inforcer Co-founder and Chief Community Officer, Will Connor to explore how inforcer could help you streamline and standardize Microsoft 365 management.

Meet Inforcer
Calendar Icon
28th April 3pm BST 6th May 3pm BST 12th May 3pm BST 20th May 2pm BST

What our partners say

Hear from the MSPs using inforcer to transform SharePoint & OneDrive management at scale. 

  • "inforcer has helped us better define what we do and improve how we deliver. To any other Microsoft Partner considering whether to work with inforcer, I d simply ask: can you afford not to?”

    Tom Lovell,
    Chief Technology Officer, Infinity Group

    Infinity Group

  • “With inforcer, we realized we had something that would allow us to define a security standard, and roll that out easily across all our customers. Without it, enrolling a single customer would have required multiple different skillsets and a much longer timeframe."

    Gary Melvin,
    Security Division Lead, Nostra

    Nostra

  • "Unlike other platforms that try to be everything to everyone,inforcer stood out as a pure specialist. Their focus on doing one thing exceptionally well, policy alignment and tenant security, was exactly what we needed."

    Daniel Gough,
    Systems Engineer - Managed Services, Techcare

    Techcare

  • "inforcer is the best platform for our needs: it s fast, easy to understand, and has the best selection of settings available compared to other M365 configuration solutions. It has made it much more manageable to deliver the full value of Microsoft 365 Business Premium to our customers".

    Knut Kyrkjebø,
    Senior ITC Consultant, Procano AS

    Procano

Three simple steps to managing SharePoint and OneDrive policies
with the inforcer platform 

Connect your tenants

Link your customers’ Microsoft 365 environments to inforcer. The setup process is quick and guided, with no complex configuration required. 

Build your SharePoint and OneDrive baseline

Define your gold-standard sharing, access control, and sync policy configuration, and let inforcer enforce it across all your tenants. 

Deploy, monitor, and maintain control

Push policy updates to all tenants at once, get alerted when configurations drift, and resolve issues before they create data exposure, all from your inforcer dashboard. 

Why MSPs choose inforcer

See the difference between manual and multi-tenant
management for SharePoint & OneDrive 

Controlling external sharing across tenants with different risk profiles
Managing device-based access controls for OneDrive and SharePoint
Enforcing OneDrive sync restrictions across the tenant base
Auditing guest access expiration settings before they become liabilities

SharePoint and OneDrive offer four levels of external sharing, from "anyone with a link" (requiring no authentication) to "only people in your organisation." The right setting varies by tenant: a law firm and a marketing agency have genuinely different collaboration needs, but both need their sharing level deliberately set and consistently maintained.

In practice, MSPs managing multiple tenants natively have no efficient way to audit sharing configurations across their base, and no way to push changes to a subset of tenants without touching each one individually.

inforcer gives MSPs a cross-tenant view of external sharing configurations, making it possible to see at a glance which tenants are running policies that don't meet the appropriate baseline for their profile. Changes can be pushed to all affected tenants or specifically-defined groups of them at the same time, with the appropriate sharing level, guest link expiration window, and domain restrictions for each.

SharePoint and OneDrive both support access policies that restrict what users can do based on the compliance state of the device they're on. Unmanaged devices can be limited to browser-only access with no ability to download, print, or sync files, which provides meaningful control for tenants handling sensitive data. These policies sit in the SharePoint admin center under Access Control and apply across both SharePoint and OneDrive for the tenant.

A key challenge for MSPs is that these settings need to be configured correctly in each tenant and maintained as the tenant's device management posture changes. A tenant that moves from unmanaged to Intune-managed devices may need their access control policy updated to reflect that. Without a multi-tenant tool, identifying which tenants need updating and making the change requires individual logins. inforcer presents the status of every tenant in a single location and shows scores that make it easy to assess how effectively they meet the policy baselines you’ve applied to them.

OneDrive sync settings control which devices are permitted to sync content locally, including whether sync is restricted to domain-joined machines or blocked from specific operating systems. For tenants where data residency or endpoint security is a concern, uncontrolled sync is a genuine risk. Files synced to a personal or unmanaged device often sit outside the tenant's security perimeter entirely.

Configuring sync restrictions correctly at the tenant level and maintaining them consistently across a large MSP base is time-consuming when done natively. inforcer enables MSPs to define a sync policy baseline and identify tenants that drift from it due to settings being changed manually by help desk personnel, updates, or other factors.

 

Guest link expiration is one of the most commonly misconfigured SharePoint and OneDrive settings in MSP-managed environments. By default, expiration is disabled, which means that external sharing links remain valid indefinitely once they are created unless they are manually revoked. For tenants that regularly collaborate with external parties, this creates a growing inventory of active links that no one is actively monitoring.

Identifying which tenants have expiration disabled vs. which ones have expiration set to an appropriate window requires checking each tenant's sharing settings individually when MSPs rely on native tooling. inforcer surfaces this information across all tenants and displays it in a single location via the dashboard, then enables MSPs to push consistent expiration policies and default link types to any tenant that doesn't meet the standard.

Trusted by MSPs globally

  • Aabyss
  • Bluebyte_logo
  • CloudTech 24
  • Ergos
  • Fifosys
  • FIT Solutions
  • Infinity Group logo
  • ITRMLogosm
  • Nostra-Logo
  • Novatech
  • Outsource Group
  • Pacific Office Automation
  • Procano_Logo_Black
  • prodrive-logo-2x
  • Sharp EIT
  • Summit-Technology
  • Techcare Logo Vector-1

FAQs

Find answers to the most common questions our customers ask about multi-tenant SharePoint & OneDrive management via inforcer.

Which SharePoint and OneDrive settings does inforcer support?

inforcer supports policy management across the core SharePoint and OneDrive tenant-level settings MSPs need to standardize, including external sharing levels, guest link expiration, domain allow/block lists, device-based access controls, sync restrictions, and storage quota configurations. 

How does inforcer help me identify tenants with overly permissive sharing settings?

inforcer gives you cross-tenant visibility into SharePoint and OneDrive configurations so you can quickly identify which tenants are running sharing policies that don't meet your baseline. This gives you an efficient way to address common SharePoint and OneDrive issues such as anonymous link sharing, missing guest expiration settings, or sync access from unmanaged devices.

How does inforcer handle tenants with different sharing requirements?

inforcer allows you to maintain different policy baselines for different tenant groups and create custom baselines as needed. That means tenants with stricter compliance requirements can have more restrictive sharing configurations enforced without modifying the standard baseline or forcing you to manage policies for all tenants individually.

What happens when a tenant's SharePoint or OneDrive settings drift from the baseline?

inforcer alerts you as soon as a configuration for any of your tenants deviates from the policy standard you’ve defined for them. You can then review all affected tenants and push remediations across them in a single operation, without logging into each environment individually.

Does inforcer cover SharePoint site-level settings as well as tenant-level policies?

inforcer focuses on tenant-level policy standardization, which is where the most time-consuming configuration work typically happens at MSP scale. Tenant-level sharing, access, and sync settings form the baseline that governs all SharePoint sites and OneDrive accounts within each environment.

Is inforcer only for SharePoint and OneDrive, or does it cover other Microsoft 365 policies?

inforcer covers a broad range of Microsoft 365 policy management, including Intune, Defender, Conditional Access, Exchange Online Protection, Purview, and Entra ID as well as SharePoint and OneDrive. Our SharePoint and OneDrive capabilities are one part of our wider multi-tenant management platform.

Resources

Current insights on SharePoint & OneDrive management,
MSP best practices, and Microsoft 365 security.

Experience the inforcer difference 

Stop manually managing SharePoint and OneDrive for every tenant.
See what inforcer can do for your MSP.  

Join our founder-led demo Book a 1:1 demo