External Guests in Office 365 – Access and Sharing
One important issue to consider in Office 365 is sharing with external guest users whose accounts and credentials are not controlled within your Office 365 tenant.
These are people who are not vendors or contractors who are granted an Office 365 account within your organization’s Office 365 subscription.
By default, at the tenant level, Office 365 Groups allow owners and Office 365 global administrators the ability to:
- Add external guests as members
- Provide external guests and members to access Group files and OneNote.
Fix via PowerShell command: Restrict external access and sharing by applying any of these cmdlets to your Office 365 Groups template in Azure Active Directory:
- Use AllowGuestsToBeOwner cmdlet, set it to “False.”
- Use AllowGuestsToAccessGroups cmdletm set it to “False.”
- Use AllowToAddGuests cmdlet, set it to “False.”
Display your organization’s Office 365 guest usage policy as a URL in external sharing emails and educate guest users:
- Use GuestUsageGuidelinesUrl cmdlet.
Governance Automation Online enables you to set up multiple, granular policies. Whether you’re allowing users to invite other guests, share files or OneNote docs when it’s safe, or prohibit when it’s not.
For even more info on Office 365 — especially Office 365 Groups and Microsoft Teams, be sure to check out our Ebook!