Resharing by Guests in Microsoft Environment [CHK-1522]
This check verifies if guests in the Microsoft environment are allowed to share files with other externals.
Rationale
Guest users can easily share files with external entities such as suppliers or customers. Allowing guests to share files with other guests can lead to uncontrolled exposure of company data to unauthorized individuals.
Fix
An automated fix is available through Attic.
To fix it yourself:
- Navigate to SharePoint admin center at https://admin.microsoft.com/sharepoint
- Go to Policies > Sharing
- Under "More external sharing settings", uncheck "Allow guests to share items they don't own"
- Click "Save"
Impact
The result of this check can be either of the following:
- Okay: Resharing by guests is OFF
- Warning: Resharing by guests is ON
If the check results in a warning, it is advised to disable resharing by guests to prevent unauthorized access to company data.
More Information
For more details, refer to the Microsoft SharePoint admin center here.