cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

External users and Office365 Groups, What about 2FA?

Jaap Slot
Brass Contributor

‎Mar 27 2017 02:59 AM

‎Mar 27 2017 02:59 AM

External users and Office365 Groups, What about 2FA?

At the last Tech Summit in Amsterdam there were several topics regarding Office 365 groups and the use of this infrastructural object with teams, outlook groups and planner etc.

 

It was mentioned that with outlook groups it was easy to add external users i.e. with a gmail account. Of course this would be wonderful. However there is a big question coming up.

 

With this new groups a lot of extra's come in, like the use Sharepoint. A Sharepoint site is added when setting up a manifestation of a group. As a company we have restricted acces policies on Sharepoint and we enforce 2FA on our emloyees when accessing form outside our premises.

 

We want to enforce 2FA also on external users of this new manifestations of Office365 groups, especially when the members are sharing our company's documents. What are the possibilities to enforce 2FA on our "guest members"?

 

With kind regards, Jaap Slot

 

PS. 2FA should be a available label

Labels:
1,381 Views
1 Like
4 Replies
Reply
4 Replies
Joost Koopmans

‎Mar 28 2017 01:00 AM

‎Mar 28 2017 01:00 AM

Re: External users and Office365 Groups, What about 2FA?

Hi @Jaap Slot,

 

Unfortunately this is not (yet) supported. To use your own 2FA solution for guest users, you will need to add externals to your corporate directory and block employees to directly invite guests.

 

We have implemented this for SharePoint Online but at the moment these 'on-premise managed external users' are only supported in SharePoint Online and not in Office Groups or anywhere else in Office 365. The specific guest setting 'Allow sharing only with the external users that already exist in your organization’s directory' is only applicable to SharePoint Online.

 

We have an outstanding feature request for this with Microsoft and I would recommend you do the same.

 

Feel free to contact me directly if you want more information.

0 Likes
Reply
Jaap Slot

‎Mar 28 2017 01:43 AM - edited ‎Mar 28 2017 01:43 AM

‎Mar 28 2017 01:43 AM - edited ‎Mar 28 2017 01:43 AM

Re: External users and Office365 Groups, What about 2FA?

Hi @Joost Koopmans

I posted this idea on uservoice:

"With the aquisition of LinkedIn a lot of identities are in reach. Maybe it will be possible to enforce only LinkedIn users with 2FA when trying to acces a customer tennant of O365?"

This could solve a lot of problems,..

0 Likes
Reply
Joost Koopmans

‎Mar 28 2017 01:52 AM

‎Mar 28 2017 01:52 AM

Re: External users and Office365 Groups, What about 2FA?

@Jaap Slot, interesting concept, but I can imagine this will take some time for Microsoft to get adopted and implemented.

0 Likes
Reply
Jaap Slot

‎Mar 31 2017 01:16 AM

‎Mar 31 2017 01:16 AM

Re: External users and Office365 Groups, What about 2FA?

Today a Microsoft Operations Day. A lot of attention to security. Talking about red and blue teams. I guess 2FA is on a different team than O365 Groups, or the blue team on O365 hasn't looked upon O365 Groups and the validation of external users,..
0 Likes
Reply