 What is the best way to keep security and not allow someone who is a SharePoint admin to add themselves to a Secure team. I had a few ideas But I wasn't sure if they were good ideas create a separate SharePoint site collection and have that team assigned to the site Collection find a policy that forces a non-site owner to have no read or write permission to change access Create a notification rule if a user is added or removed that it notifies the site owner If anyone has any other ideas, please let me know This is something that comes up over and over again and You know administrators need to be able to administer content administer systems and that gives them certain privileges and rights and It comes down to governance It's going to be a policy that's established and that's going to be backed up by Some form of auditing and logging. That's the only thing that really can solve this I mean you can try and build a better mousetrap and lock the admins out of some sort of area But it really gets into a kind of a shell game You just got to be honest with yourselves up front and say listen We need this to be only these people we are going to monitor the logs look at things and You know if we see that somebody has joined it, you know, we're gonna have a conversation so Well, this is one of those categories where I again look that is working for an ISV that it has solutions around this that Have a more graceful answer to that because you're right the data is there It's capturing it But then you need to have access and go through that and see if those people that shouldn't have accessed We're accessing that those assets and what they did once they were in there And so, you know with third-party tools like we've got a couple our cloud gov in our in our policies Products where it can actually you can set up those rules and those alerts around those so that you could say anybody who's an admin Who has administrative access around those things but actually goes in and what they're doing it can notify a Manager notify somebody else if they're those concerns So there's things that you could do and to take action just to notify Just to track and provide a report around those things So there are a lot of things that you could do which are all made possible Because the system is tracking and capturing that data within the audit logs Yeah, so if I heard you right Christian When you first started out in that that long explanation You you said that you said you made the comment that You know you were inferred I should say that Shawn isn't graceful Guys I'm I'm so that was very perceptive of you to pick up on that. I I didn't want to say anything before but Maybe that's what I'm here. So that's what I'm here for. I'm here for that Yeah, it's a this is one of those things where I think more more as Organizations become more and more reliant on these kinds of collaboration and information management systems You need to be more thoughtful around these things. It's as much as you can automate as possible Versus I mean you just have to be very proactive and intentional about doing it through the native Experiences it takes a lot of digging you're going in between multiple admin Sites, you know pages It's it's it's not all in one place to track that behavior and be able to go and then do something about it And so that's where you start to see the value if I can ring my own bell of an ISV solution To automate a lot of those activities so that you can do all that with your one admin Ding ding ding shameless plug ding ding ding bring that bell