Is there any way of controlling who can see public teams ie only visible to a security group?
A bit of background
Currently our tenant has a security group (All Staff) with permanent staff that has access to SPO from top level down through inherited permissions. We also have temporary staff who use StaffHub but do not have access to SPO. We will be moving to Teams soon and will have a few public teams where permanent staff members can decide if they join the team or not. As StaffHub is being retired and integrated into teams temporary staff will have to use Teams.
Since some of teams will be public this means that temporary staff will be able to join them which we do not want.
Solution 1: Make all teams private, not going to go down well with senior management
Solution 2: Break permissions for each public team and add permissions to the All Staff security group.
Is there any other solution that I might have missed, one that doesn't require advanced configuration like breaking permissions?