Forum Discussion
Control what external guests can do inside our organization
Hello StevenC365, thanks in advance for your help, I olny have time today to check the post.
I already added the specific domains and change guest access permissons, thats work good.
On third point, I want to block guest users to send files in "private" conversations with members of organization but allow in groups that they are members.
On fourth point, I want to block file sharing from all internal users to all external users in "private" conversations but in some cases I need to allow a specific internal user to share with a specific external user.
3. Teams doesn't share files, for internal chats it allows your staff to share a link to a file stored in your organisations OneDrive. As guest accounts don't have a OneDrive in your tenant there is no option for them to send a file as you describe, the attach file button doesn't even show. Try it 🙂
4. This would be controlled by the Sharing Policy in SharePoint, move the sliders to the bottom
but I would suggest that what you are asking for is rather odd. What's to stop your company data being copy/pasted into a message if file sharing is banned? You should be controlling whether guest are allowed rather than specifically controlling file sharing. Use modern capabilities like DLP and Sensitivity labels to protect sensitive data, they apply just as well to Teams/OneDrive as they do to email, and I suspect you don't ban email attachments.