Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

How should I enable external collaboration on encrypted Office files

Iron Contributor

If there is an individual document in SharePoint that I'd like an external party to collaborate on, how can I use sensitivity labels to protect access to the file? In this case, the external party isn't known in advance.


I know that I can set up a sensitivity label to encrypt the file and prompts the end user to choose who can access it.


The end user would then need to apply that label, grant the right external people access and then share the document with the same people. 


This process feels prone to error.  Is there any option similar to email, so that the end user would just need to share the document and this would also add the recipient to the document's information protection settings?



2 Replies



Even in email, you will have to identify the recipient and then encrypted email will use the recipient list (all the names in the "to:" field) as part of the encryption key.


In your use case, you could potentially create a label that will be encrypted and then can opened by specific partner organisations. To do this, you will need to Assign the permission to a Known domain.


You'll have to repeat the process if your users require to do this to multiple partner domains.


I suppose the process is more straight-forward with email as you are generally encrypting a copy of any document that is being sent. Where-as when you are granting external access to the document stored in SharePoint, the encryption will impact anyone with existing access to the file.

Still, it seems challenging for end users to collaborate externally on encrypted content.