Data Audit: Tracking Data Sharing

Written By Norayr Arabatlian (Collaborator)

Updated at August 30th, 2021

In the Data Audit section you can check all OneDrive sharing in your organization.

1. Press the Data Audit button on your dashboard from the left panel.

Click to Zoom

2. The section that will open on your screen is Shared Data. This section depicts all shared data.

Click to Zoom

The list includes the name and the owner of the file or folder, the email addresses of people the file has been shared with, the date and time of, and the security policies that were enacted.

3. You can sort the list by any of the columns by pressing the corresponding "∨" button. To search for a specific file or folder, use the advanced search bar on the top of the page. 

Click to Zoom
Click to Zoom

The "Owner" filter: 

  • All Users: Data shared by all licensed users in Spin
  • Specific User: Locate data shared by specific user

The “Shared to:” filter can be filtered by:

  • All Users - display of all sharing events

  • Anyone with the link - previously known as “Public on the Web” - anyone with the link can access these documents

  • Internal Users - shared only within the organization

  • External Users - shared outside of the organization

  • Microsoft Groups - shared with specific Microsoft Groups set in Microsoft 

  • Specific user/group - customizable to filter to any specific User or Group

The "Date" filter: Choose specific time frame of sharing

The “Security Policies” filter can be filtered by:

  • All files - all sharing events 

  • Security Policies not applicable - sharing events that don’t match any set policies

  • Security Policies applicable - only sharing events that match set policies

  • Specific policy - if multiple policies exist, you can choose to view sharing events picked up by only one of the policies

4. You can download the Data Audit report to your local device in Microsoft Excel (.xls) or in Comma-Separated Values (.csv) format by pressing the Download as button.

Click to Zoom

5. To stop selected sharing the file or folder, select the event from the list below. 


6. A new tab will appear, with a variety of actions that can be taken by the administrator. Stop all sharing will revoke all access to the data. Other options include Stop Sharing to anyone with a link, domain link, external users, internal users, and groups, which are more specific options to revoking data.    

7. Refresh results settings will now open a new pop-up:

8. You can refresh Shared Data in case there are any changes for either:

Apply for: 

  • All Users - all licensed Users within SpinOne
  • Selected users - specific Users only


  • Apply Security Policies- apply all security policies including new policies that may have not been enacted during the previous data import. 
  • Full Refresh- Run a full new refresh of the Data Audit list. 

Upon refreshing, you can also select to have security policies be applied, in case sharing events are detected where action needs to be taken.

Was this article helpful?