The Sign Reads “No Jerks (or Competitors) Allowed” –
Over at Petri, Tony Redmond has been keeping an eye on Azure Active Directory’s business-to-business (B2B) collaboration feature.
If you haven’t run across it before, Azure AD B2B collaboration allows guests from other (potentially not-running-Azure) organizations to work safely with your users and their files. Think of them as the neighborhood kids you invite up to your tree house. You get to decide who gets in, who gets to play with what toys, and who gets kicked out for eating all the cookies.
Recently, Microsoft added some UI to what was previously just a PowerShell script controlling allow or block lists for external sharing to Office 365 groups. The policy works for all workloads with guest access through Office 365 groups (think Outlook, Teams, Planner). Managing whether members of particular domains are even possible to invite in the first place is a pretty vital security measure, so I’m glad to see further development here.
As Tony points out in his discussion of the new changes, though, there’s still no restrictive allow list option in the new UI. For now, at least, you can set up a block list of those domains you’re sure you don’t want any guests from.
Check out Tony’s excellent article for more. He’s got a great discussion of the new GUI, the PowerShell cmdlets for the traditionalists out there, and of how to retroactively block guests.
Tech Tales from the Tiki Bar is the Cayosoft CEO’s personal column. He often uses it to highlight the good work of other smart people in the industry. Follow him on Facebook, LinkedIn, and Twitter (@rbobel).