Today at Ignite, Microsoft announced that SharePoint Advanced Management (SAM), the governance addon powered by AI, will now be included with your M365 licensing at no additional cost. In this blog post, we’ll cover what SAM is, why Microsoft made this change, and how you can benefit from it. If you’re not familiar with it, SAM is part of SharePoint Premium, a widely undervalued feature set designed to leverage AI within SharePoint Online.
If you’re interested in the SharePoint Advanced Management cost, it’s still available with a per-user license. If you have just one M365 Copilot license, though, it’s free.
Why the Change?
Many customers were already paying for Copilot and felt they were being overcharged for additional security features. To address these concerns and encourage adoption, Microsoft has decided to include SharePoint Advanced Management as part of the M365 Copilot license. This move is expected to increase the adoption of Copilot by providing users with essential management tools to prepare and maintain data for AI. This change couldn’t have come at a better time, to both help organizations govern the data that AI will use as well as entice more customers to purchase those M365 Copilot licenses.
Features of SharePoint Advanced Management
SAM offers a comprehensive suite of tools to help you govern and secure your SharePoint and OneDrive environments effectively. SAM offers a wide range of features to handle access control, data access governance, and monitoring. Features continue to be added, but here’s the key features currently available:
1. Restricted Content Discovery
Restricted Content Discovery allows you to control which SharePoint sites Copilot can access to summarize data. Unlike the earlier Restricted SharePoint Search, which uses a whitelist approach and is limited to 100 sites, Restricted Content Discovery uses a blacklist approach and provides a long-term solution.
2. Block Download Policy
This feature helps you prevent users from downloading files from a document library. Applied through a PowerShell command, it ensures users can view content in the browser without the ability to download or print it.
3. Conditional Access Policies
Similar to Azure’s conditional access, this feature allows you to apply access policies to specific OneDrive accounts or SharePoint sites. You can enforce Multi-Factor Authentication (MFA) or restrict access based on geographic location.
4. Default Sensitivity Labels
You can set default sensitivity labels for all files in a document library, ensuring a base level of protection is always applied unless a higher-level label is specified through Purview or by a user manually applying a label.
5. Restricted Access Control (RAC)
RAC enables administrators to override site-level permissions and enforce stricter access controls. This feature is particularly useful for managing sensitive content and preventing oversharing.
6. Data Access Governance
This comprehensive set of reports helps you monitor and manage data sharing and compliance. Key reports include:
- Sharing Links Report: Tracks the creation of sharing links and helps you identify potential oversharing.
- Sensitivity Labels Report: Monitors the application of sensitivity labels to files.
- Everyone Except External Users Report: Identifies content shared broadly within the organization.
7. Site Lifecycle Management
These policies help you manage inactive sites and ensure proper site ownership. Features include:
- Inactive Sites Policy: Identifies and manages sites that haven’t been accessed or modified within a specified period.
- Site Ownership Policy: Ensures each site has the required number of owners and addresses abandoned sites.
8. Change History
This feature provides visibility into administrative changes made across the SharePoint environment, helping you track and audit modifications effectively.
9. AI Insights
AI Insights analyze data from various reports and highlight potential issues, making it easier for you to understand and act upon the information.
What To Do Next
To start benefiting from SharePoint Advanced Management, ensure all users in your organization have the necessary M365 Copilot licenses. Begin reviewing the SAM features to identify which ones offer the most immediate value to your organization. Utilize available resources such as Microsoft Learn, community content, and newsletters to stay updated on new features and their rollout timelines.
Stay tuned for more updates and detailed guides on leveraging SharePoint Advanced Management to enhance your organization’s data management and security.