Many Office365 applications such as Teams and OneDrive are built on SharePoint Online Infrastructure. At present the SharePoint Online external sharing level is set so that everyone can share files or folders either anonymously or by sending a link an external user's email address. This means that links can be sent to the wrong recipient in error or forwarded on by the recipient without any ongoing security settings. With the introduction of the SharePoint Online Service from November 2020, we need to take the important and necessary action to reduce the level of external sharing in SharePoint Online to ensure that the service and Data held in the service is sufficiently protected.
What does this mean?
Reducing the external sharing permissions in SharePoint Online will close off anonymous external sharing of content from SharePoint, Teams and OneDrive, after which links can only be shared externally with new or existing guests (named users).
When a new external user (one who is not already recognised by the system) is invited to access a file, they must create a 'guest' profile in Office365 the first time, which will identify them going forwards, e.g. as "John Smith (Guest)". This will allow files to be shared externally but crucially external access can also be removed on a per user basis. In addition, and independently of the above settings, when someone requests a new SharePoint Online site they have the option to choose whether external sharing is turned on or off entirely. If they select a site with external sharing turned on, this will be set for 'New and Existing guests' as detailed above, allowing transparency and the ability to control who has access to which files and folders.
When will this happen?
We will be reducing the external sharing permissions in SharePoint Online from the SharePoint Online Project Go Live date in November 2020.
How can I tell if I have Shared files anonymously?
Users can generate a Sharing report to see how they have shared their files from OneDrive and SharePoint. They can see which files have been shared using the link method 'Anyone'. This will not show who can access the file, only that the file is accessible for anyone with that link. It may be that you can identify through this who should have access to the link and then share directly with them using their email address.
What if I want to share content anonymously?
Should anyone wish to make their content entirely public or give anonymous access they should use an alternative service such as Mosaic, or another University-approved web hosting mechanism.
