Can I restrict a SharePoint admin from accessing a secure team? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“What is the best way to keep security and not allow someone who is a SharePoint admin to add themselves to a “secure” team. I had a few ideas but I wasn’t sure if they were good ideas. Create a separate SharePoint site collection and have that team assigned to the site collection. Find a policy that forces a non site owner to have no read or write permissions to change access. Create a notification rule if a user is added or removed that it notifies the site owner. If anyone has any other ideas please let me know.”

Check out the discussion here:


Participating in this discussion were:

Some relevant notes/links shared by the team:

Christian Buckley

Christian is the Brand Alliance Director for AvePoint Inc., and a Microsoft Regional Director and M365 Apps & Services MVP based in Silicon Slopes (Lehi), Utah. He hosts the AvePoint Office 365 Hours (#O365hours) and #P2Pnow series, the monthly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.