Contact Sales
Contact Sales
Back to Blog

The SharePoint Hack Proves Admin-Level Permissions Are a Cybersecurity Time Bomb

Melissa Abramson Head of Global Sales Operations
post date September 8, 2025
update date September 8, 2025
The SharePoint Hack Proves Admin-Level Permissions Are a Cybersecurity Time Bomb

Table of contents

  1. 1. Example: Connecting Microsoft Teams and Google Workspace
  2. 2. Evaluate the security posture of every tool in your tech stack

In July 2025, Microsoft announced that Chinese hackers had breached a slew of on-premises SharePoint servers, commandeering the sensitive data, trade secrets, and intellectual property hosted there.

The whole episode exposed a common yet often-overlooked cybersecurity weakness: granting third-party applications excessive privileges. 

Specifically, it highlighted the risks organizations face when apps require application-level permissions to Microsoft SharePoint, creating a high-risk entry point for attackers.

In today’s sophisticated threat landscape — where every access point is a potential vulnerability — granting application-level permissions to third-party applications is dangerous and can put an organization’s data security at risk.

Example: Connecting Microsoft Teams and Google Workspace

If your organization uses both Microsoft Teams and Google Workspace — and you want to connect the two services to increase productivity, reduce context switching, and otherwise improve your security posture — there are two solutions you can turn to:

  1. NextPlane OpenHub
  2. Mio

While there are several key differences between these two options, the SharePoint hack highlights another key differentiator. To enable interoperability between Teams and Google Workspace, Mio requires super admin application-level permissions — such as Files.ReadWrite.all and Group.ReadWrite.All — while NextPlane OpenHub only requires delegated-level permissions.

What’s the difference? Application permissions are used by apps that run without signed-in users; the app itself is trusted and given permissions directly. Delegated permissions, on the other hand, are used by apps that act on behalf of signed-in users; here, the app can do whatever the user is allowed to do.

While Mio’s application-level permissions requirement may make it more convenient for their interoperability solution, it can become a serious trap for customers — something made crystal clear by the SharePoint hack. 

When you deploy an interop solution, you’re ostensibly trying to make life easier for your employees. But if you’re using a solution like Mio that requires excessive privileges, you are opening the backdoor to bad actors, who can then access your organization’s SharePoint files, where they can exploit Files.ReadWrite.All, which allows apps to create, update, and delete all files that live in your organization’s SharePoint libraries and OneDrive accounts, and Group.ReadWrite.All, which enables apps to create, update, and delete groups that live in your organization’s directory.

In other words: unnecessary application-level privileges can enable hackers to modify, steal, or even delete every single file on your organization’s SharePoint — including source code, financial statements, intellectual property, and sensitive customer information. They can also create and delete users and groups, which can significantly hinder organizational productivity.

Compare that to organizations using NextPlane OpenHub to connect Teams and Google Workspace. During a SharePoint breach, hackers wouldn’t have access to the organization’s SharePoint server or any of the files that are shared between Google Workspace and Teams. 

Suffice it to say that’s a lot of effort for a payoff that doesn’t really amount to much.

Just because Microsoft patched the SharePoint vulnerability doesn’t mean Mio customers are in the clear, either.

If hackers target an organization that uses Mio to connect Teams and Google Workspace, they may decide to penetrate the Mio Interoperability solution directly, gaining access to the organization’s SharePoint and all of its contents due to the Files.ReadWrite.All application-level permissions Mio requires. 

Comparison of delegated vs application-level permissions in SharePoint showing higher cybersecurity risks from admin-level access

Evaluate the security posture of every tool in your tech stack

When it comes to assembling your tech stack, it’s critical to consider the level of permissions each integration between tools requires. While two solutions may look similar on the surface, there can be drastic differences under the hood that could wreak havoc on your operations if overlooked.

The last thing an IT manager wants is for a CTO to call them after learning that sensitive operational data was stolen due to excess permissions — something that’s entirely avoidable. Depending on how bad the breach is, errors and omissions insurance can only do so much — especially when customers and regulators start asking questions. 

Prevention is always cheaper than cleanup. By choosing tools and integrations that adhere to the principle of least privilege, you can rest comfortably knowing that your stack is full of applications that only require the minimum access necessary to function.

In an era of increasingly sophisticated cyberattacks — all of which are becoming more common with each passing day — every level of permission you grant is either a safeguard or a liability. So choose wisely and keep your most sensitive data safe.

Learn more about why NextPlane OpenHub is the most secure interop solution for Microsoft Teams and Google Workspace.

Melissa Abramson

Head of Global Sales Operations

LinkedIn

With 10 years of experience in enterprise messaging, Melissa is a recognized expert in maximizing team productivity through technology. Her mastery of Microsoft Teams is extensive, encompassing advanced features, integrations, customizations, and the full spectrum of functionalities. As a leading authority on unified communications, including NextPlane solutions, Melissa empowers organizations to build comprehensive, user-friendly collaboration ecosystems.

Contact Sales

Relevant News and Articles

The Hidden Costs of Context Switching — and How to Avoid Them
post date August 13, 2025
update date August 21, 2025

The Hidden Costs of Context Switching — and How to Avoid Them

Context switching between apps like Teams and Google Workspace leads to lost productivity, security risks, and disengaged employees. Learn how interoperability with NextPlane OpenHub reduces app sprawl, eliminates shadow IT, and helps teams collaborate efficiently without switching platforms.
Google and NextPlane Partner to Enhance Cross-Platform Collaboration for Google Workspace Customers
post date April 16, 2025
update date April 23, 2025

Google and NextPlane Partner to Enhance Cross-Platform Collaboration for Google Workspace Customers

Mountain View, CA – 4/9/2025 – Google and NextPlane announced a strategic partnership to enable seamless interoperability between Google Chat and leading enterprise messaging platforms while offering enhanced data sovereignty, security, and cost efficiency. This collaboration empowers Google Workspace customers to communicate effortlessly with colleagues and partners using Microsoft Teams, Slack, Webex, and other messaging…
Slack and Teams Integration: All Connection Options, Pros & Cons
post date February 27, 2025
update date August 21, 2025

Slack and Teams Integration: All Connection Options, Pros & Cons

In the era of digital communication, teams often find themselves juggling multiple communication platforms to stay connected and efficient. As the market becomes saturated with various tools, a common question arises: “How do I connect this and that?”. Integrating Slack and Microsoft Teams is crucial for businesses that pick those to break communication barriers and…
Why Slack Might Not Be Your Only Option: 13 Top Alternatives to Slack
post date December 18, 2024
update date August 21, 2025

Why Slack Might Not Be Your Only Option: 13 Top Alternatives to Slack

Slack is a leading communication tool, but it might not suit every team due to its cost and complexity. This article delves into why Slack is a favorite and offers 13 alternatives—both paid and open-source—that provide unique features like better pricing, built-in task management, and robust integrations. Discover tools tailored to your team’s specific needs and boost collaboration effectively.
10 Benefits of Unified Communications in Today’s Digital Workplace
post date September 20, 2024
update date August 21, 2025

10 Benefits of Unified Communications in Today’s Digital Workplace

Effective communication is paramount to success in today’s fast-paced, digital workplace. As organizations increasingly rely on multiple messaging and collaboration platforms, seamless integration and interoperability have never been more critical. This is where unified communications comes into play, offering a powerful solution to streamline workflows and improve productivity in a multi-platform environment. What is Unified…
Microsoft Teams vs. Zoom: Which Is Best for Your Business?
post date June 21, 2024
update date August 21, 2025

Microsoft Teams vs. Zoom: Which Is Best for Your Business?

In today’s digital era, where remote work has become the norm for many businesses, choosing the right collaboration tool is more crucial than ever. Microsoft Teams and Zoom, renowned for their user-friendly interfaces, are two of the leading platforms in this domain. They offer a wide array of features to facilitate communication, collaboration, and productivity…