Anyone Links SHOULD Be Turned Off

Description

Unauthenticated sharing (Anyone links) is used to share data without authentication and users are free to pass it on to others outside the agency. To prevent users from unauthenticated sharing of content, turn off Anyone sharing for users outside the tenant when accessing content in SharePoint, Groups, or Teams.

Policy

  • Anyone links SHOULD be disabled.

Licensing Considerations

Any tenant with OneDrive for Business licensing can access this setting.

Set-Up Instructions

Limit accidental exposure | Microsoft Learn

Note: OneDrive settings can be more restrictive than the SharePoint setting, but not more permissive.

To turn off Anyone links for the agency:

  1. Open the SharePoint admin center.

  2. In the left-hand navigation pane, expand Policies, then select Sharing.

  3. Set the SharePoint external sharing settings to New and existing guests, then set OneDrive to New and existing guests.

  4. Click Save.

End-User Impact

Level: Medium

With this setting enabled, users will have to specify users that can access the link. If the link is forwarded to other users internally or externally, those users will not be able to access the link.

Tips

• A formal process should be put into place for requesting guest users and sharing company data.

PowerShell Scripts

Set-SPOSite (Microsoft.Online.SharePoint.PowerShell) | Microsoft Learn

Videos

None Currently

PreviousOneDriveNextExpiration Date SHOULD Be Set for Anyone Links

Last updated