If you have a problem with file oversharing in your organization, one of the ways you can address it is with a Cloud App Security policy. To use CAS, you will need a license, and you will need to be a global tenant admin. Or have specific rights to create policies.
The URL to get to CAS looks like the following:
To create a policy that monitors for oversharing, click the “Create Policy” button, then select “File Policy”.
Select the conditions you want to monitor. The following settings will find files that are available publicly (anyone on the Internet), anyone with a link(explicit sharing with a link), and external (explicit sharing with people outside of your organization).
Next, specify the action you want to take place. For example, you can send an email to your security group.
You can also start a Flow, which gives you some pretty cool options. It will be the topic of a future post.