Solving guest user governance is one of the most important things to get right in M365.
Organisations need to be proactive to have insight into their users sharing and have control once data leaves the system.
However, guest user settings are complex and require having each of 5 puzzle pieces connected correctly across:
· AAD,
· Microsoft 365 Security and Privacy settings,
· Group settings,
· SharePoint settings and,
· Teams settings.
· SharePoint and OneDrive For Business even have their own, independent set ups!
Once you have solved the puzzle, you still need to create a process for managing the guest lifecycle within Microsoft 365. By default, users can now request guests to be added to the Microsoft 365 tenant.
Once they are in, they need to have the appropriate policies set, and even more importantly, a system for removing their access when it is no longer appropriate.