SharePoint Monitoring for MSPs

1. The MSP Challenge

Managed service providers face a unique challenge when it comes to SharePoint security. You are responsible for dozens or even hundreds of client tenants, each with their own users, sites, and sharing policies. Keeping track of permissions across all of these environments manually is impractical, and a single misconfigured sharing link in any tenant could lead to a data breach that reflects on your entire business.

The problem is compounded by the fact that your clients' end users are creating and modifying SharePoint permissions every day. They share files with external partners, create team sites for new projects, and occasionally grant anonymous access to documents for convenience. Without active monitoring, these changes accumulate silently until they become a security incident.

SPScan was built with MSPs in mind. It gives you a single dashboard to monitor all of your client tenants, with automated scanning, alerting, and reporting that scales as your client base grows. Instead of logging into each tenant's SharePoint admin centre individually, you get a unified view of permission health across your entire portfolio.

2. Multi-Tenant Architecture

SPScan's multi-tenant architecture allows you to connect as many Microsoft 365 tenants as you need under a single SPScan account. Each connected tenant appears on your dashboard with its own compliance score, site count, storage usage, and recent alerts. You can drill into any tenant to see detailed permission data without switching between accounts or interfaces.

Connecting a new client tenant takes less than two minutes. Navigate to the tenants page, click "Connect Tenant", and complete the OAuth flow with an administrator account from the client's tenant. SPScan requests read-only permissions and will begin scanning the tenant automatically. The OAuth tokens are encrypted at rest and SPScan never stores client passwords.

The dashboard provides a high-level overview that lets you quickly identify which tenants need attention. Tenants with low compliance scores, new permission issues, or storage warnings are highlighted so you can prioritise your response. This approach is far more efficient than reactive monitoring and helps you demonstrate proactive security management to your clients.

3. Per-Tenant Alerting

Different clients have different risk profiles and different expectations for how they want to be notified about SharePoint changes. SPScan's alert rules can be scoped to specific tenants, allowing you to create tailored notification workflows for each client. A financial services client might want immediate alerts for any external sharing, while a creative agency might only care about anonymous access links.

You can also create alert channels that are specific to certain clients. For example, you might send alerts for Client A to a dedicated Slack channel where their account manager monitors notifications, while Client B's alerts go to a shared email inbox. This separation ensures that the right people see the right alerts without noise from other clients.

For your internal operations team, consider creating a catch-all alert channel that receives high-severity events from all tenants. This gives your security analysts a single stream of critical alerts across your entire client base, while client-specific channels handle the detailed, lower-severity notifications that individual account managers need to see.

4. Client Reporting

Regular reporting is essential for demonstrating the value of your monitoring service to clients. SPScan provides export functionality for permissions, storage, and compliance data in both CSV and PDF formats. These reports can be generated on demand or scheduled for regular delivery, giving you professional documentation to share during client review meetings.

The compliance report is particularly valuable for MSPs. It provides a clear, visual summary of the tenant's permission health over time, showing improvements or regressions in the compliance score. This makes it easy to communicate the impact of your security management to non-technical stakeholders at your client organisations.

Storage reports help you identify clients who are approaching their SharePoint storage quotas before it becomes a problem. By proactively alerting clients to storage issues and recommending remediation such as removing old versions or archiving unused sites, you add tangible value to your managed service offering and prevent disruption.

5. Volume Pricing

SPScan's pricing is based on the number of connected tenants, making it straightforward to forecast costs as your client base grows. Each tenant is billed at the same per-tenant rate, and you can connect or disconnect tenants at any time with your subscription quantity adjusting automatically.

For MSPs monitoring ten or more tenants, we offer volume pricing that significantly reduces the per-tenant cost. Contact our sales team to discuss pricing for your specific needs. We understand that MSPs need predictable, competitive pricing to build SharePoint monitoring into their service packages profitably.

Every SPScan account starts with a 14-day free trial that gives you full access to all features. We recommend connecting two or three client tenants during the trial to evaluate SPScan with real data from your production environments. This gives you a realistic picture of the value SPScan provides before committing to a paid plan.