Forum Discussion
Solved
Office 365 groups lockdown best practices / recomandations
Hey guys,
Wondering if there is any recommendations/checklist, etc. to hardening security on Office 365 groups when working externals. My scenario is having hundreds of people (mostly external)...
I'd consider segmenting the confidential material across multiple groups to give some extra granularity in access control. In other words, consider each group as a "bucket" of information and only allow certain users access to that bucket. I know people don't like the idea of creating multiple groups because this makes email communication harder (solution: create a DL composed of nested Office 365 Groups), but it does help control access.
TR
...and yeah we also added email hardening into forcing people to submit content only when TLS is available, and particularly to use specific mail clients (e.g. Outlook on mobiles/ desktop).
- cfiessinger
Microsoft
quite a list already, I would add implementing guest re-attestation using this: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-azure-ad-controls-perform-access-review (still in public preview)
