Microsoft 365 security External sharing in SharePoint Online: Key facts & best practices April 19, 2018 By: Toni Frankola Last updated: November 21, 2023 4 min read Copied! Check out an overview of best practices and key facts about SharePoint external sharing and external users. Free webinar recording included! Table of contents SharePoint Online external sharing - Important changesSharePoint Online external sharing key factsSharePoint Online external users – Best practicesWebinar recording: Office 365 external sharingDetect external users and externally shared content with Syskit Point One of the key benefits of living in the SharePoint Online cloud is the ease of collaboration, not just with your co-workers, but also with all the partners and vendors. External sharing gives people outside of your organization access to certain areas of your site or to specific documents. Here’s an overview of best practices and key facts about SharePoint Online external sharing. SharePoint Online external sharing – Important changes In early 2018, Microsoft changed the way SharePoint Online works with external users. You can now share the content with the following options: Sharing files and folders with anonymous users – When this option is enabled, users can create a link to a document giving anonymous users access to that particular file. Sharing files or folders with named external users – When you share a file with an External User, it’s treated as an ad hoc external recipient that won’t require a Microsoft account to be created or used. Sharing sites – When you share a site, a Microsoft or Organizational account is still required. A Guest Account will be provisioned in your Azure AD for this particular user. Notice the slight change in the naming convention here, as Microsoft is slowly transitioning from the term External User to Guest User. Adding external users to an Office 365 group – If a SharePoint site is also an Office 365 group, you can add External Users to the group, granting them access to the SharePoint site and other group content. Please note: Currently you can do so only via the Outlook group admin interface. SharePoint Online administrators can control which of these options are available for SharePoint Online and OneDrive. Learn more about new SharePoint Online and OneDrive sharing capabilities. SharePoint Online external sharing key facts When administering a SharePoint Online environment, security is of paramount importance. Most importantly, you need to control SharePoint Online external sharing of content. Here are a couple of things you should keep an eye on: When you share a SharePoint Site with a Guest / External User, it will be visible in the Azure AD (Filter by Guest User type). When you share an Office 365 Group with a Guest User, it will be visible in the Group admin UI in Outlook and Azure AD (see above). When you share a file with an External User, information about that can be retrieved only on that particular file. There is no record in Azure AD as the user has neither a Microsoft nor an Organizational account. SharePoint Online external users – Best practices SharePoint Online administrators are probably finding it a bit challenging to detect which files have been shared with ad hoc External Users. One way to find all such users is to navigate to the User Information List. This hidden list shows all the users who have access to a SharePoint site collection. The list URL goes like this: http://your_site_collection_url/_catalogs/users/simple.aspx. All the users with a display name in an email format are External Users. However, even if you do manage to detect them, you won’t be able to tell which sites and documents they have access to. That’s where Syskit Point comes in. With Syskit Point in your toolbox, finding guest users doesn’t have to be a tricky and time-consuming task as it allows you to see exactly what is shared and with whom. However, you still have to be careful when sharing with external users. Here are a couple of best practices to follow: Make sure your end users know what they are doing. It is so easy to share something with an external email. Turn off sharing via anonymous links. Restrict content sharing to pre-approved email domains only. Disable sharing for site collections with really sensitive data. When sharing content with a user, make sure that only the user with that exact email address can view the content. Do you want to protect your sensitive data and ensure compliance? Syskit Point’s powerful reports solve your visibility issues by showing both internal and external users’ actions across SharePoint Online, Teams, Microsoft 365 Groups, and OneDrive, in a single dashboard. Learn more Webinar recording: Office 365 external sharing Recently we held a webinar in which we covered: What is Office 365 external sharing How you can configure your external sharing settings (SharePoint Online, OneDrive, Office 365 Groups) and some tips and tricks to follow How to report on external sharing and stay in control of security in your environment. Detect external users and externally shared content with Syskit Point Our new platform, Syskit Point, can help you detect all the External Users in your SharePoint Online sites, Microsoft Teams, Office 365 Groups, and OneDrive accounts. You can decline the access requests or even remove external users from the same interface. With our reports, you can easily pinpoint externally shared files and with whom they’ve been shared. Control external access and excessive content sharing Syskit Point lets you see all sharing and access down to the file level and generate real-time reports in just a few clicks. Try for free Subscribe to our Newsletter Thank you for joining our community! Related Posts Microsoft 365 security The ultimate security audit guide for Microsoft Office 365 and SharePoint There are many reasons why auditing SharePoint is important, but first and fore… May 10, 2021 49 min read Microsoft 365 security A user guide: How to choose between public vs private Microsoft Teams Discover the three types of Teams’ privacy settings, the differences betw… April 28, 2021 6 min read Microsoft 365 security SharePoint Contribute: When and how to use it? If you’re looking for more details about Contribute, a core function of S… July 11, 2023 7 min read