Are Microsoft 365 tools sufficient in facilitating external collaboration? Let’s take a closer look.
Our daily work routines have always required us to coordinate closely with our colleagues. Yet more and more, business users find that to successfully tackle their projects, they need to communicate, collaborate, and share documents with people outside their organization. Think vendors, partners, suppliers, or contractors.
Unfortunately, bringing in guest users to your internal network with an inadequately administered environment can be risky.
Sensitive data may be stored where it shouldn’t, leading to accidental or unauthorized exposure.
A chaotic setup will also likely result in shadow IT practices and other ad-hoc workarounds that put you at a massive risk of encountering security breaches and data loss.
If you want to avoid those outcomes, you need to act! Your company needs to provide the proper architecture to get that work done, and good governance to ensure you minimize unauthorized access.
Microsoft 365 can be a great solution for that task. They offer a robust set of collaboration tools that make it easier for your business users to adopt them and maintain data security.
Table of contents
Microsoft Teams
Teams is one of my favorite collaboration tools within Microsoft 365. In my opinion, it’s wholly left Slack in the dust with its features and functionalities.
When it comes to connecting with people outside your business, this application gives you lots of options.
You can automatically enable external access, allowing your business users to discover, call, or chat with anyone with a Microsoft identity, including from other companies. Pretty sweet, right?
Most importantly, though, your organization can rest easy privacy-wise. You have the option to control whether external users with unmanaged Teams accounts are able to connect with your internal users and vice versa. That can be done case-by-case to allow for truly granular access!
Organizations can also grant their external collaborators guest access to join any team. This gives you a secure way to easily share files and folders with them or meet, chat, or call whenever needed.
SharePoint team sites
Smooth project workflows with outside stakeholders can sometimes feel like an impossible dream, right? With SharePoint, that ideal productivity becomes a reality.
Your business can set your preferences for external sharing at both the organization and site levels. Once you’ve enabled organization-wide sharing, you have the option to control which team sites allow guest access or which you share internally only, depending on your specific needs. You can open it up to anyone with a link or to particular people, whatever works best!
SharePoint and OneDrive offer the following extra external sharing options:
What I recommend is the number of days you see in the screenshot.
Typically, a team site will be automatically created when you create a Microsoft 365 group, such as a team in Teams. To simplify permissions management, you can also create a team site unconnected to a group.
You might want to do that if you only need to share documents with external users but don’t need other features like chatting in Teams. That way, you don’t have to worry about them accessing your other Microsoft 365 resources, and you make your governance a little easier.
OneDrive for Business
OneDrive for Business is your personal workspace, but you do have the option to share your content with external users. Let’s go over your options:
- Anyone. This option is only available if your Microsoft 365 or OneDrive administrator decides to turn on anonymous sharing. More on this later.
- People in (your company name). This will allow everyone within the company to access the link. If this is applicable to your situation, you should consider moving the file to a shared collaboration space. Remember: OneDrive is your personal storage location.
- People with existing access. This option can only be selected once you’ve already shared the file with the desired recipients.
- Specific people. The link will only work for the people you specify. This is the recommended sharing option within OneDrive.
It’s a good idea to set a default sharing link type. You can do this via the SharePoint Online administration center. There are three types of default OneDrive sharing links to choose from:
- Anyone: Anyone with the link can share
- Internal: Only people within your organization can share
- Direct: Only specific people can share
One option is missing: People with existing access. This would be my preferred default option because people are inclined to resend previously shared links to colleagues. In the absence of that option, I recommend using Internal.
I advise against using the Anyone option, as I can’t think of a single scenario in which you would want to let your employees share anonymous links with unknown external business users.
Here’s what I suggest for setting up the default sharing link:
Security and visibility on external sharing
Has your company disabled external access? If you answered yes, it’s almost guaranteed that your business users will find another way to collaborate with outside people. At the end of the day, your employees have to get their job done, so they’ll do it with or without your support. To prevent shadow IT, enabling external access will need to happen.
That said, you really should proactively consider security and compliance before you do that, so your data remains protected, organized, and available.
Microsoft provides many features to help accomplish that, such as the ability to set up multifactor authentication, sensitivity labels, or session timeout policies. The Purview Compliance Manager also provides a centralized location for holistically managing your digital workplace’s safety.
However, manually managing a Microsoft 365 environment using Microsoft’s out-of-the-box solutions is complex and time-consuming. You can use a fully automated third-party tool like ShareGate to do the heavy lifting of managing external sharing and guest access. For example, if you want to regularly review your external sharing practices, ShareGate can automate that process.
What’s my main takeaway?
Your organization needs to establish a strong governance strategy that incorporates best practices to make sure you appropriately harness these external sharing features.
Begin by learning and configuring the security & compliance tools available to you in Microsoft 365. Then, decide what other tools might benefit your organization. It’s also essential to educate your business users on how to properly share.
You don’t have a choice now, as external sharing is a crucial part of the modern workplace. You’ve been warned…
