Event banner
Event details
What is your advice on sharing confidential information with external users and the use of Information Protection labeling? I mean, do you recommend adding external users as guest users, or using a label configured with 'Any Authenticated Users' instead?
- MaximeBombardier
Microsoft
There can always be a bit of 'it depends' situation -- for example, you can have a label that has a list of external domains where it's accepted. This could be good for a label like "Trusted partners". At a high level, it's about minimizing the level of administration and I attempt to avoid having tactical labels for only a few users as much as possible.
that being said, during Ignite, we announced a new capability with SharePoint extended permissions where you could have a single label across your organization, like "Confidential\External partners" and it will essentially do User Defined Permissions based on the SharePoint permissions of that site. i.e.: delegating access validation to who has access to that site. This is an awesome way to simplify administration while empowering site admins, and securing even external users.
