Environment: Office 365 SharePoint online
There are some users in our Office 365 environment who are Global admins. I know that Global admin can add themselves to any site collection as an administrator. But in some of the site collections we are having very sensitive data that we dont want to expose to any people even though those people are admins, but except one group of people.
Questions:
- When user is trying to add him self as site collection admin, is there any way that group of people will get notified saying that "X" user has been added to site?
- Is there any rules that I can create under security and compliance to prevent people adding themselves as site collection admin?
- Is there any way to monitor audit reports which will show that people were added to sites.
Out of above 3 questions, I know question1 is not possible to achieve. But I don't want to create any remote event receivers.
I am more interested in checking with security and compliance can do this job?
Mihir