Abstract image of a woman sitting on books and studying on a laptop

SPS London 2019 Enabling External Sharing in Office 365, SharePoint and OneDrive

Download as PPTX, PDF
Chirag Patel, profile picture
Chirag Patel

The document discusses methods and best practices for enabling external sharing and collaboration using Office 365, SharePoint, and OneDrive. It outlines various sharing options, user types, governance policies, and the administration of external user access. Additionally, it highlights the importance of controls, training, and monitoring to ensure secure and efficient external collaboration.

Technology
Related topics:
Microsoft Teams Insights
1 of 57
Downloaded 20 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
Enabling External Sharing in Office 365, SharePoint and OneDrive London SharePoint Saturday 01 June 2019 #spslondon @SPS_London Chirag Patel @techChirag
Our Sponsors Uranium Diamond Platinum
Chirag Patel @techchirag /techchirag techchirag.comBlog patelconsulting.co.ukwww Office 365 & SharePoint Consultant, Architect, Speaker
Session Overview
Getting started with External Sharing and Collaboration
Sharing & collaboration coverage • From OneDrive for Business, share with “Anyone." • From OneDrive for Business, if collaboration isn't to be ongoing, share with “Specific people.” • For ongoing collaboration, use a new or existing Team or team site and add members (including external members). • Use a new or existing Communications site. • Grant “everyone except external guests” permissions to a site, folder, or file in your team shared library or OneDrive for Business. • Share a file in OneDrive for Business (both for internal and external sharing). • Share a team/project file from a team site. • Use a new or existing Team or team site and add members (including external members). • Save all team files into Teams document library or team site • Share links to specific files from a team site. • For ongoing collaboration, use a new or existing Team or team site and add members (including external members), OR • For specific content, grant access to a site or folder from your team site shared library. Share with no restrictions Share externally Share broadly with company Share with my team + others Share with my team Share one-off file
End-user sharing experience ANYONE Easiest way to share files with anyone on the planet Recipient has access if they have the link Recipients decides who else gets access PEOPLE in my COMPANY Easiest way to share files within the company Recipient has access if they have the link AND are in the company Recipient decides who else in my company has access PEOPLE with EXISTING ACCESS Direct pointer, does not add permissions Recipients who already have access via membership, or explicit permission have access Recipient cannot decide who else to share to SPECIFIC PEOPLE Sharer decides which specific people inside and outside have access Only those people have access and prove their identity
Think about putting policies in place Policy Examples System will support external collaboration Users cannot share content from OneDrive for Business Externally Users can share content from SharePoint External sharing should be disabled on sites by default IT will restrict 3rd party / domains Only users who have completed training are allowed to share content externally External users are required to sign in IT can enable / disable external sharing Require external users to re-prove account ownership every 7 days Prevent external users from sharing content they do not own Only site owners can invite external users External Sites should have naming convention External access sites to be identifiable in sites list IT can remove 3rd party access
Thinking about people and processes External access process with roles and responsibilities Training - including compliance requirements Information security policy Information classification policy Instructions for 3rd Parties – Setup, access, policies Managing external access and removing access Sharing v Links v Office 365 Groups User
Managing external sharing Control WHO can share to external users Everyone Only specific people No one Control WHICH external users can be shared with Anyone Only authenticated users Only authenticated users except specific domains Only authenticated users in specific domains No one
External Sharing Governance Support staff Enable self service creation Use lifecycle management Detecting valuable content Use classification for sites Scan with data loss prevention (DLP) Protect content Limit reach Enforce policy Use conditional access Use IRM (Information Rights Management) Charge Responsibility Manage group / site ownership Review external membership Use IT services and management tooling
Accounts and Invitations
Look…I just want to share externally! External User (OneDrive/SharePoint) • Someone from outside your Office 365 tenant to whom you have given access to one or more sites, files, or folders. • 3 types of users: • Anonymous • Authenticated without MSA • Authenticated with MSA Guest (Office 365 & Azure B2B) • Also known as external user that grants them access to all apps within O365 group (emails, calendar, notes, files, and plans) • Foundation for Microsoft Teams, Planner, PowerBI, Dynamics CRM and other Enterprise Apps
OneDrive/SharePoint Online • Separate invitation manager to Azure AD • Adds users to SPO directory after users have redeemed their invitations • New invitations generated every time you share • Can pick external users from Azure AD Azure AD B2B • Users are added immediately on invitation so that they show up everywhere • OneDrive/SharePoint Online invited users also show up in Azure AD after they redeem their invitations • Guests in Office 365 Groups already uses Azure AD B2B invitation APIs for sharing External Sharing Invitation Management
Microsoft Accounts and Anonymous users External User Type Sharing Behaviours Authenticated user with Microsoft account (You’ll see them listed with #EXT# in their username) • Collaboration tasks aligned with site permission levels i.e. “Site Member” – i.e. site libraries, subsites, etc. • For files or folder: added as guests to Office 365 directory • Can view and edit files in Office Online only Authenticated user without Microsoft account • Can only share files and folders to email address with one-time access code (email) for authentication each time they access • Forwarded emails attempt will send one-time code to original recipient • Can’t share sites Anonymous User • Free link - shareable link to file or folder and can view/edit without log in with a username or password • Can be forwarded and valid until you disable link or expire • Can’t access site, nor assign licenses, nor verify identity – only IP address. https://docs.microsoft.com/en-us/sharepoint/external-sharing-overview (updated 06 May 2019)
SharePoint - Invitation Models • User-initiated guest invitation model - This is the default for a new site collection and the recommended model as it provides control to administrators and at the same time flexibility of end users being able to collaborate with their new business partner users without much intervention. • Site-owner-initiated guest invitation model - If you want more control than the default sharing model over who can invite new users to a site, you can configure the site to only allow site owners to invite new users. This prevents ad-hoc invitations from being sent out by site users. • Admin-managed partner users model - In an admin-managed partner users model, the Office 365 you pre-populate your organisation's directory with the guest users who you'll be inviting to your site. This can be done by importing users from other Office 365 or Azure AD.
DEMO: Tenant Level Sharing
DEMO: Azure External collaboration settings
Sharing Settings in OneDrive and SharePoint
DEMO: SharePoint Admin - External Sharing
DEMO: SharePoint Admin – External Sharing
Who is the target audience?
Who can share externally?
What can external users do?
Limiting external sharing using domains
OneDrive Admin: External Sharing
• You give an external user access to a Microsoft SharePoint Online or Microsoft OneDrive for Business resource. • The user accepts the invitation but is signed in by using another Microsoft account at the time. • The user browses to the shared resource. • User receives one of the following error messages: • Access Denied • Let us know why you need access to this site. • User is not found in the directory • You need permission to access this site. Issues accessing files/folders, etc. https://support.microsoft.com/en-gb/help/3026478/error-message-when-an-external-user-accepts-a-sharepoint-online-invita
Authorise guest access (Microsoft Teams) • Azure Active Directory: Controls the guest experience at the directory, tenant, and application level. • Microsoft Teams: Controls Microsoft Teams only. • Office 365 Groups: Controls the guest experience in Office 365 Groups and Microsoft Teams. • SharePoint Online and OneDrive for Business: Controls the guest experience in SharePoint Online, OneDrive for Business, Office 365 Groups, and Microsoft Teams. https://docs.microsoft.com/en-us/microsoftteams/teams-dependencies
Getting Visibility to External Sharing
Using Auditing Awareness of activity and anomalies Audit log search Rule based alerts
DLP Policy Matches Tuning DLP policies and content patterns
New SharePoint Admin Center Dashboards show Files shared externally
Sharing notifications Be notified when your content is shared
Managing access to shared content
Site Usage Awareness when content is externally shared
Who is accessing my content Give awareness when their content is accessed in OneDrive
Knowing why I am blocked Policy Tips Provide feedback to admin Override the policy
Additional External Sharing Considerations
Apps & Services and add-ins: Office 365 Groups
Apps & Services and add-ins: Calendar
Apps & Services and add-ins: Integrated Apps read their user profile details, edit or delete their files (onedrive folder) read items contained in site collections, send email as that user
Apps & Services and add-ins: Forms
Apps & Services and add-ins: Sway
Microsoft Teams & Skype4B Admin
Microsoft Teams & Skype4B Admin
Power BI Admin
Sharing Dashboard
Secure Access
Secure Access: Keep it simple for everyone? Device Location User App Tenant Site File Conditional Access Different Scopes Access and Sharing Policies
Limited browser-only access on unmanaged devices Prevents leakage of data on unmanaged devices Allows users to be productive on any device Scopes: Tenant and site Specific users Controls: Edit vs. View Download non-previewable files
What’s new for users?
NEW! Smart people picker
NEW! Link open receipts  Coming this year
NEW! Password-protected links • Coming this year
NEW! Block downloads • Keep your documents in the cloud • Avoid out-of-date copies • Maintain access control • Available for view-only links
SharePint  Duke of Sussex  23 Baylis Road  London  SE1 7AY
SharePint

More Related Content

PPTX
Power Saturday Paris 2019 - Enabling External Sharing in Office 365, SharePo...
Chirag Patel
 
PPTX
When SharePoint met Microsoft Teams - Oktoberfest 2019 #TeamsFest
Chirag Patel
 
PPTX
TeamsFest 2020 - Deep Dive Microsoft Teams integration with SharePoint
Chirag Patel
 
PPTX
How to implement SharePoint in your organization
SPC Adriatics
 
PDF
SharePoint as an Intranet Portal for Business
RashminPopat2
 
PPTX
Administrators guide to managing Microsoft 365, SharePoint, Microsoft Teams a...
Chirag Patel
 
PPTX
Training – Introduction to SharePoint Online for Collaboration and Document M...
Suhail Jamaldeen
 
PPTX
SharePoint Benefits
Sameh Senosi
 
Power Saturday Paris 2019 - Enabling External Sharing in Office 365, SharePo...
Chirag Patel
 
When SharePoint met Microsoft Teams - Oktoberfest 2019 #TeamsFest
Chirag Patel
 
TeamsFest 2020 - Deep Dive Microsoft Teams integration with SharePoint
Chirag Patel
 
How to implement SharePoint in your organization
SPC Adriatics
 
SharePoint as an Intranet Portal for Business
RashminPopat2
 
Administrators guide to managing Microsoft 365, SharePoint, Microsoft Teams a...
Chirag Patel
 
Training – Introduction to SharePoint Online for Collaboration and Document M...
Suhail Jamaldeen
 
SharePoint Benefits
Sameh Senosi
 

What's hot (20)

PPTX
10 SharePoint 2013 OOTB Solutions Every Power User Should Know
Adam Levithan
 
PPTX
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...
Chirag Patel
 
PPTX
Supporting third-party access and sharing in Microsoft Teams - Teams Day Onli...
Chirag Patel
 
PPTX
Guiding a Successful SharePoint Implementation
Randy Williams
 
PPTX
10 Best SharePoint Features You’ve Never Used (But Should)
Christian Buckley
 
PPTX
Introduction to Intranet Planning
Haaron Gonzalez
 
PPTX
SPSHEL18 - Microsoft Teams Deep Dive
Maarten Eekels
 
PPTX
You got Microsoft Teams! Now let's build modern intranet on SharePoint - Team...
Chirag Patel
 
PPTX
Establishing a Collaboration Roadmap
Drew Madelung
 
PPTX
Share Point online
Khwezi Flatela
 
PPTX
A glance at share point 2013 social features
Thuan Ng
 
PDF
Introduction to Microsoft Teams
Robert Crane
 
PPTX
A Business Users Guide to Getting the Most Out of SharePoint 2013
Christian Buckley
 
PPTX
Planeación de Intranet con SharePoint
Haaron Gonzalez
 
PDF
Webinar: Deploy Microsoft Teams and stay in control
ShareGate
 
PPTX
SharePoint Online - Friend or Foe
Jasper Oosterveld
 
PPTX
SharePoint Saturday Stockholm 2015 - SharePoint Online Friend or Foe
Jasper Oosterveld
 
PDF
Introduction to SharePoint Information Architecture
Gregory Zelfond
 
PPTX
Microsoft Ignite Recap: Microsoft Teams & Yammer with Vlad & Drew
Drew Madelung
 
PPTX
Another attempt to demystify SharePoint Governance - SP Saturday Boston
Ilia Sotnikov
 
10 SharePoint 2013 OOTB Solutions Every Power User Should Know
Adam Levithan
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...
Chirag Patel
 
Supporting third-party access and sharing in Microsoft Teams - Teams Day Onli...
Chirag Patel
 
Guiding a Successful SharePoint Implementation
Randy Williams
 
10 Best SharePoint Features You’ve Never Used (But Should)
Christian Buckley
 
Introduction to Intranet Planning
Haaron Gonzalez
 
SPSHEL18 - Microsoft Teams Deep Dive
Maarten Eekels
 
You got Microsoft Teams! Now let's build modern intranet on SharePoint - Team...
Chirag Patel
 
Establishing a Collaboration Roadmap
Drew Madelung
 
Share Point online
Khwezi Flatela
 
A glance at share point 2013 social features
Thuan Ng
 
Introduction to Microsoft Teams
Robert Crane
 
A Business Users Guide to Getting the Most Out of SharePoint 2013
Christian Buckley
 
Planeación de Intranet con SharePoint
Haaron Gonzalez
 
Webinar: Deploy Microsoft Teams and stay in control
ShareGate
 
SharePoint Online - Friend or Foe
Jasper Oosterveld
 
SharePoint Saturday Stockholm 2015 - SharePoint Online Friend or Foe
Jasper Oosterveld
 
Introduction to SharePoint Information Architecture
Gregory Zelfond
 
Microsoft Ignite Recap: Microsoft Teams & Yammer with Vlad & Drew
Drew Madelung
 
Another attempt to demystify SharePoint Governance - SP Saturday Boston
Ilia Sotnikov
 
Ad

Similar to SPS London 2019 Enabling External Sharing in Office 365, SharePoint and OneDrive (20)

PPTX
Everything you ever wanted to know about external sharing in Microsoft 365 - ...
Chirag Patel
 
PDF
Power Saturday 2019 F3 - Enabling external sharing in Office365 SharePoint an...
PowerSaturdayParis
 
PPTX
Everything you need to know about external sharing in OneDrive, SharePoint, a...
Drew Madelung
 
PPTX
Deep Dive on Office 365 - External Sharing
Alpesh Nakar
 
PPTX
Working with External Partners in Office 365
Bill Gaylor
 
PPTX
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Drew Madelung
 
PPTX
Everything you need to know about sharing files in SharePoint and OneDrive
Drew Madelung
 
PPTX
Making a real world sharing strategy for SharePoint, OneDrive & Teams
Drew Madelung
 
PPTX
SPS-NYC 2017: Managing external users in Office 365
Marijn Somers
 
PDF
O365Engage17 - Administer external users
NCCOMMS
 
PPTX
Paul Stork Collab365 SharePoint Summit slidedeck Going External with SharePoi...
Mark Jones
 
PPTX
Enabling Sharing & Collaboration in OneDrive & SharePoint
Drew Madelung
 
PDF
SPUnite17 External Sharing in SharePoint Online
NCCOMMS
 
PPTX
SPUnite17 - External Sharing in SharePoint Online
Maarten Eekels
 
PPTX
Options for Building a Modern Extranet
Christian Buckley
 
PDF
Office 365 External Collaboration - SharePoint Saturday Twin Cities Nov 2019
Matthew Ruderman
 
PDF
SharePoint External Sharing
Gregory Zelfond
 
PPTX
How Many Ways Can I Enable External Sharing for my Users?
Owen Allen
 
PPTX
Sp expo one_drive_teams_sharepoint
Craig Jahnke
 
PPTX
Sharing Nicely with Others - External Sharing in SharePoint Online
Dean Virag
 
Everything you ever wanted to know about external sharing in Microsoft 365 - ...
Chirag Patel
 
Power Saturday 2019 F3 - Enabling external sharing in Office365 SharePoint an...
PowerSaturdayParis
 
Everything you need to know about external sharing in OneDrive, SharePoint, a...
Drew Madelung
 
Deep Dive on Office 365 - External Sharing
Alpesh Nakar
 
Working with External Partners in Office 365
Bill Gaylor
 
Everything you need to know about sharing files in SharePoint & OneDrive - SP...
Drew Madelung
 
Everything you need to know about sharing files in SharePoint and OneDrive
Drew Madelung
 
Making a real world sharing strategy for SharePoint, OneDrive & Teams
Drew Madelung
 
SPS-NYC 2017: Managing external users in Office 365
Marijn Somers
 
O365Engage17 - Administer external users
NCCOMMS
 
Paul Stork Collab365 SharePoint Summit slidedeck Going External with SharePoi...
Mark Jones
 
Enabling Sharing & Collaboration in OneDrive & SharePoint
Drew Madelung
 
SPUnite17 External Sharing in SharePoint Online
NCCOMMS
 
SPUnite17 - External Sharing in SharePoint Online
Maarten Eekels
 
Options for Building a Modern Extranet
Christian Buckley
 
Office 365 External Collaboration - SharePoint Saturday Twin Cities Nov 2019
Matthew Ruderman
 
SharePoint External Sharing
Gregory Zelfond
 
How Many Ways Can I Enable External Sharing for my Users?
Owen Allen
 
Sp expo one_drive_teams_sharepoint
Craig Jahnke
 
Sharing Nicely with Others - External Sharing in SharePoint Online
Dean Virag
 
Ad

More from Chirag Patel (20)

PPTX
Data Lifecycle Management with Microsoft Purview in Microsoft Teams - Collabd...
Chirag Patel
 
PPTX
Deep Dive Microsoft Viva Insights - Collabdays Bletchley Park 2023
Chirag Patel
 
PPTX
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Chirag Patel
 
PPTX
Microsoft Viva Essential in 45 minutes - Collabdays Bletchley 2022
Chirag Patel
 
PPTX
Building immersive and mixed reality experiences in SharePoint - Metaverse One
Chirag Patel
 
PPTX
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Chirag Patel
 
PPTX
Working with templates in Microsoft 365 aMS Berlin 2022
Chirag Patel
 
PPTX
Deep Dive Microsoft Teams and Yammer integration - Teams Nation 2022
Chirag Patel
 
PPTX
Let's get rich and connected with Microsoft Viva Connections - Teams Nation M...
Chirag Patel
 
PPTX
Working with Security and Compliance in Microsoft Teams - Microsoft 365 Virtu...
Chirag Patel
 
PPTX
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Chirag Patel
 
PPTX
Administrators guide to managing Microsoft 365 and collaboration workloads - ...
Chirag Patel
 
PPTX
Deep dive on Microsoft Teams integration with SharePoint - M365 Saturday Ahme...
Chirag Patel
 
PPTX
Journey to the Centre of Microsoft 365 Groups - M365 Chicago 2020
Chirag Patel
 
PPTX
Building a Microsoft Teams team chat space to manage your project - M365 Chic...
Chirag Patel
 
PPTX
Navigating your way to different admin centres in Microsoft 365 - M365 Saturd...
Chirag Patel
 
PPTX
Building a Microsoft Teams Team Chat Space To Manage Your Project - Teams Com...
Chirag Patel
 
PPTX
Designing and Implementing Microsoft 365 Adoption Centre - M365 Philly Virtua...
Chirag Patel
 
PPTX
Microsoft 365 integration experiences with SharePoint, Microsoft Teams, Strea...
Chirag Patel
 
PPTX
Designing and Implementing Microsoft 365 Adoption Centre - Microsoft 365 Virt...
Chirag Patel
 
Data Lifecycle Management with Microsoft Purview in Microsoft Teams - Collabd...
Chirag Patel
 
Deep Dive Microsoft Viva Insights - Collabdays Bletchley Park 2023
Chirag Patel
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Chirag Patel
 
Microsoft Viva Essential in 45 minutes - Collabdays Bletchley 2022
Chirag Patel
 
Building immersive and mixed reality experiences in SharePoint - Metaverse One
Chirag Patel
 
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Chirag Patel
 
Working with templates in Microsoft 365 aMS Berlin 2022
Chirag Patel
 
Deep Dive Microsoft Teams and Yammer integration - Teams Nation 2022
Chirag Patel
 
Let's get rich and connected with Microsoft Viva Connections - Teams Nation M...
Chirag Patel
 
Working with Security and Compliance in Microsoft Teams - Microsoft 365 Virtu...
Chirag Patel
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Chirag Patel
 
Administrators guide to managing Microsoft 365 and collaboration workloads - ...
Chirag Patel
 
Deep dive on Microsoft Teams integration with SharePoint - M365 Saturday Ahme...
Chirag Patel
 
Journey to the Centre of Microsoft 365 Groups - M365 Chicago 2020
Chirag Patel
 
Building a Microsoft Teams team chat space to manage your project - M365 Chic...
Chirag Patel
 
Navigating your way to different admin centres in Microsoft 365 - M365 Saturd...
Chirag Patel
 
Building a Microsoft Teams Team Chat Space To Manage Your Project - Teams Com...
Chirag Patel
 
Designing and Implementing Microsoft 365 Adoption Centre - M365 Philly Virtua...
Chirag Patel
 
Microsoft 365 integration experiences with SharePoint, Microsoft Teams, Strea...
Chirag Patel
 
Designing and Implementing Microsoft 365 Adoption Centre - Microsoft 365 Virt...
Chirag Patel
 

Recently uploaded (20)

PDF
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
IT-ITes Industry bjjbnkmkhkhknbmhkhmjhjkhj
yatharthjutt100311
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
PDF
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
PDF
Altius execution marketplace concept.pdf
Wandor
 
PDF
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
PPTX
Build automations faster and more reliably with UiPath ScreenPlay
AndreeaTom
 
PDF
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
Ravi Tamada
 
PDF
Electrocardiogram sequences data analytics and classification using unsupervi...
IAESIJAI
 
PDF
Ensemble model-based arrhythmia classification with local interpretable model...
IAESIJAI
 
PDF
SaaS reusability assessment using machine learning techniques
IAESIJAI
 
PPTX
Module 1 Introduction to Web Programming .pptx
kamleshkc191
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PDF
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
PDF
zbrain.ai-Scope Key Metrics Configuration and Best Practices.pdf
ChristopherTHyatt
 
PDF
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
PDF
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
PDF
Examining Bias in AI Generated News Content.pdf
Government
 
PDF
“The Future of Visual AI: Efficient Multimodal Intelligence,” a Keynote Prese...
Edge AI and Vision Alliance
 
PDF
Auditboard EB SOX Playbook 2023 edition.
DROK2
 
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
Kalilur Rahman
 
IT-ITes Industry bjjbnkmkhkhknbmhkhmjhjkhj
yatharthjutt100311
 
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
Altius execution marketplace concept.pdf
Wandor
 
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
Build automations faster and more reliably with UiPath ScreenPlay
AndreeaTom
 
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
Ravi Tamada
 
Electrocardiogram sequences data analytics and classification using unsupervi...
IAESIJAI
 
Ensemble model-based arrhythmia classification with local interpretable model...
IAESIJAI
 
SaaS reusability assessment using machine learning techniques
IAESIJAI
 
Module 1 Introduction to Web Programming .pptx
kamleshkc191
 
Internet of Everything -Basic concepts details
sendilkumar66
 
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
zbrain.ai-Scope Key Metrics Configuration and Best Practices.pdf
ChristopherTHyatt
 
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
Examining Bias in AI Generated News Content.pdf
Government
 
“The Future of Visual AI: Efficient Multimodal Intelligence,” a Keynote Prese...
Edge AI and Vision Alliance
 
Auditboard EB SOX Playbook 2023 edition.
DROK2
 

SPS London 2019 Enabling External Sharing in Office 365, SharePoint and OneDrive

  • 1. Enabling External Sharing in Office 365, SharePoint and OneDrive London SharePoint Saturday 01 June 2019 #spslondon @SPS_London Chirag Patel @techChirag
  • 5. Getting started with External Sharing and Collaboration
  • 6. Sharing & collaboration coverage • From OneDrive for Business, share with “Anyone." • From OneDrive for Business, if collaboration isn't to be ongoing, share with “Specific people.” • For ongoing collaboration, use a new or existing Team or team site and add members (including external members). • Use a new or existing Communications site. • Grant “everyone except external guests” permissions to a site, folder, or file in your team shared library or OneDrive for Business. • Share a file in OneDrive for Business (both for internal and external sharing). • Share a team/project file from a team site. • Use a new or existing Team or team site and add members (including external members). • Save all team files into Teams document library or team site • Share links to specific files from a team site. • For ongoing collaboration, use a new or existing Team or team site and add members (including external members), OR • For specific content, grant access to a site or folder from your team site shared library. Share with no restrictions Share externally Share broadly with company Share with my team + others Share with my team Share one-off file
  • 7. End-user sharing experience ANYONE Easiest way to share files with anyone on the planet Recipient has access if they have the link Recipients decides who else gets access PEOPLE in my COMPANY Easiest way to share files within the company Recipient has access if they have the link AND are in the company Recipient decides who else in my company has access PEOPLE with EXISTING ACCESS Direct pointer, does not add permissions Recipients who already have access via membership, or explicit permission have access Recipient cannot decide who else to share to SPECIFIC PEOPLE Sharer decides which specific people inside and outside have access Only those people have access and prove their identity
  • 8. Think about putting policies in place Policy Examples System will support external collaboration Users cannot share content from OneDrive for Business Externally Users can share content from SharePoint External sharing should be disabled on sites by default IT will restrict 3rd party / domains Only users who have completed training are allowed to share content externally External users are required to sign in IT can enable / disable external sharing Require external users to re-prove account ownership every 7 days Prevent external users from sharing content they do not own Only site owners can invite external users External Sites should have naming convention External access sites to be identifiable in sites list IT can remove 3rd party access
  • 9. Thinking about people and processes External access process with roles and responsibilities Training - including compliance requirements Information security policy Information classification policy Instructions for 3rd Parties – Setup, access, policies Managing external access and removing access Sharing v Links v Office 365 Groups User
  • 10. Managing external sharing Control WHO can share to external users Everyone Only specific people No one Control WHICH external users can be shared with Anyone Only authenticated users Only authenticated users except specific domains Only authenticated users in specific domains No one
  • 11. External Sharing Governance Support staff Enable self service creation Use lifecycle management Detecting valuable content Use classification for sites Scan with data loss prevention (DLP) Protect content Limit reach Enforce policy Use conditional access Use IRM (Information Rights Management) Charge Responsibility Manage group / site ownership Review external membership Use IT services and management tooling
  • 13. Look…I just want to share externally! External User (OneDrive/SharePoint) • Someone from outside your Office 365 tenant to whom you have given access to one or more sites, files, or folders. • 3 types of users: • Anonymous • Authenticated without MSA • Authenticated with MSA Guest (Office 365 & Azure B2B) • Also known as external user that grants them access to all apps within O365 group (emails, calendar, notes, files, and plans) • Foundation for Microsoft Teams, Planner, PowerBI, Dynamics CRM and other Enterprise Apps
  • 14. OneDrive/SharePoint Online • Separate invitation manager to Azure AD • Adds users to SPO directory after users have redeemed their invitations • New invitations generated every time you share • Can pick external users from Azure AD Azure AD B2B • Users are added immediately on invitation so that they show up everywhere • OneDrive/SharePoint Online invited users also show up in Azure AD after they redeem their invitations • Guests in Office 365 Groups already uses Azure AD B2B invitation APIs for sharing External Sharing Invitation Management
  • 15. Microsoft Accounts and Anonymous users External User Type Sharing Behaviours Authenticated user with Microsoft account (You’ll see them listed with #EXT# in their username) • Collaboration tasks aligned with site permission levels i.e. “Site Member” – i.e. site libraries, subsites, etc. • For files or folder: added as guests to Office 365 directory • Can view and edit files in Office Online only Authenticated user without Microsoft account • Can only share files and folders to email address with one-time access code (email) for authentication each time they access • Forwarded emails attempt will send one-time code to original recipient • Can’t share sites Anonymous User • Free link - shareable link to file or folder and can view/edit without log in with a username or password • Can be forwarded and valid until you disable link or expire • Can’t access site, nor assign licenses, nor verify identity – only IP address. https://docs.microsoft.com/en-us/sharepoint/external-sharing-overview (updated 06 May 2019)
  • 16. SharePoint - Invitation Models • User-initiated guest invitation model - This is the default for a new site collection and the recommended model as it provides control to administrators and at the same time flexibility of end users being able to collaborate with their new business partner users without much intervention. • Site-owner-initiated guest invitation model - If you want more control than the default sharing model over who can invite new users to a site, you can configure the site to only allow site owners to invite new users. This prevents ad-hoc invitations from being sent out by site users. • Admin-managed partner users model - In an admin-managed partner users model, the Office 365 you pre-populate your organisation's directory with the guest users who you'll be inviting to your site. This can be done by importing users from other Office 365 or Azure AD.
  • 18. DEMO: Azure External collaboration settings
  • 19. Sharing Settings in OneDrive and SharePoint
  • 20. DEMO: SharePoint Admin - External Sharing
  • 21. DEMO: SharePoint Admin – External Sharing
  • 22. Who is the target audience?
  • 23. Who can share externally?
  • 24. What can external users do?
  • 25. Limiting external sharing using domains
  • 27. • You give an external user access to a Microsoft SharePoint Online or Microsoft OneDrive for Business resource. • The user accepts the invitation but is signed in by using another Microsoft account at the time. • The user browses to the shared resource. • User receives one of the following error messages: • Access Denied • Let us know why you need access to this site. • User is not found in the directory • You need permission to access this site. Issues accessing files/folders, etc. https://support.microsoft.com/en-gb/help/3026478/error-message-when-an-external-user-accepts-a-sharepoint-online-invita
  • 28. Authorise guest access (Microsoft Teams) • Azure Active Directory: Controls the guest experience at the directory, tenant, and application level. • Microsoft Teams: Controls Microsoft Teams only. • Office 365 Groups: Controls the guest experience in Office 365 Groups and Microsoft Teams. • SharePoint Online and OneDrive for Business: Controls the guest experience in SharePoint Online, OneDrive for Business, Office 365 Groups, and Microsoft Teams. https://docs.microsoft.com/en-us/microsoftteams/teams-dependencies
  • 29. Getting Visibility to External Sharing
  • 30. Using Auditing Awareness of activity and anomalies Audit log search Rule based alerts
  • 31. DLP Policy Matches Tuning DLP policies and content patterns
  • 32. New SharePoint Admin Center Dashboards show Files shared externally
  • 33. Sharing notifications Be notified when your content is shared
  • 34. Managing access to shared content
  • 35. Site Usage Awareness when content is externally shared
  • 36. Who is accessing my content Give awareness when their content is accessed in OneDrive
  • 37. Knowing why I am blocked Policy Tips Provide feedback to admin Override the policy
  • 39. Apps & Services and add-ins: Office 365 Groups
  • 40. Apps & Services and add-ins: Calendar
  • 41. Apps & Services and add-ins: Integrated Apps read their user profile details, edit or delete their files (onedrive folder) read items contained in site collections, send email as that user
  • 42. Apps & Services and add-ins: Forms
  • 43. Apps & Services and add-ins: Sway
  • 44. Microsoft Teams & Skype4B Admin
  • 45. Microsoft Teams & Skype4B Admin
  • 49. Secure Access: Keep it simple for everyone? Device Location User App Tenant Site File Conditional Access Different Scopes Access and Sharing Policies
  • 50. Limited browser-only access on unmanaged devices Prevents leakage of data on unmanaged devices Allows users to be productive on any device Scopes: Tenant and site Specific users Controls: Edit vs. View Download non-previewable files
  • 53. NEW! Link open receipts  Coming this year
  • 55. NEW! Block downloads • Keep your documents in the cloud • Avoid out-of-date copies • Maintain access control • Available for view-only links
  • 56. SharePint  Duke of Sussex  23 Baylis Road  London  SE1 7AY

Editor's Notes

  • #2: By default, Office 365 is turned for external sharing. However, without any planning and considerations some organisations turn this off and plan for later, but businesses can't wait after all collaboration is internal and external! There are plethora of settings and services to allow external sharing to your customers, partners and suppliers. With recent improvements in external sharing, this demo based session will cover the ins and outs for successful implementation of external sharing in Office 365.
  • #7: 6
  • #14: MSA = Microsoft Account (personal or work/school (Office 365))
  • #15: All external sharing (except OneDrive/SharePoint Online), including guests in Office 365 Groups, already uses the Azure AD B2B collaboration invitation APIs for sharing.
  • #16: - Can assign licenses to external users for more functionality. - Recipients who provide a verification code: If the recipient has a work or school account, they only need to enter the code the first time. Then they will be added as a guest and can sign in with their organization's user name and password.
  • #29: Manage Allow or Block list policy SharePoint Online policies independent to SharePoint – can migrate these to O365 Groups policy.