No man is an island, and no organisation is, either. We all collaborate with people outside our company from time to time, whether that be with freelancers, consultants, vendors or something like an IT support company.
As we’ve talked about on our blog over the past few weeks, Microsoft Teams can be an invaluable tool for your organisation’s collaboration and internal communication.
However, in order to carry out your work as effectively as possible and grow your business, collaborating with people outside your organisation needs to be just as seamless. And by allowing people outside of your organisation to have access to your Teams, you can achieve just that.
There are two levels of access for people outside your organisation in Microsoft Teams: guest access and external access. We’ll go into both of these in this article, as well as some cybersecurity best practices when it comes to managing permissions related to both.
What is guest access in Teams?
Guest access is the more permissive of the two options for outside access to your organisation’s Teams account and allows you to add individual people to your organisation’s teams and channels.
This way, anyone with either a business or consumer email address can be given full access to your organisation’s files, meetings and conversations. Your guest users will have access to almost all of the same features within the teams and channels they are added to as people within your organisation.
As a Teams admin, you have the ability to give very granular access to your guest users as well as who in your organisation can add guests, and we’ll go into some best practices around this later in this article. It’s worth noting that guest access is enabled by default in Microsoft Teams.
Teams external access
When external access is enabled in Teams, people within your organisation can search, call and chat with people outside your organisation. However, these people outside your organisation won’t have access to your teams, channels or any of the resources found within your organisation’s Teams account, such as files and plans.
There are three options for external access to Teams available to you: “open federation”, “allow specific domains” and “block specific domains”. “Open federation” is the default option and allows people in your organisation to find and communicate with people outside your organisation regardless of their domain.
“Allow specific domains” and “block specific domains” are pretty self-explanatory options. The former will block people in your organisation finding and communicating with people unless their organisation belongs to a list of domains whitelisted by you. This can be a useful option if you often message and have meetings with several members of a single team outside your organisation, such as a marketing agency.
Meanwhile, “block specific domains” will allow all but domains blacklisted by you to be found and contacted by your team members. This can be useful, for example, if you end a business relationship with an outside organisation and want to make sure contact is cut off from them or if you don’t want pushy salespeople within a specific company to be able to find and contact you.
In a nutshell, external access is the right option when you want to be able to communicate with people outside your organisation, and guest access is the better option when you need to work collaboratively with people outside your organisation.
Teams cybersecurity best practices
External access to your organisation’s Teams does introduce some cybersecurity risks, which is why it’s important you understand these as well as the measures you can take to minimise the risk of data breaches. Potential risks include sensitive information being shared with people who shouldn’t have access to it as well as uncontrolled file sharing which could create opportunities for malware and intellectual theft.
As a global admin for your organisation’s Teams, you’ll be able to configure settings to boost your organisation’s data security on Teams. You want to make sure that guests will only have access to what they absolutely need to be able to access. For example, you could limit their ability to make private peer-to-peer calls, share their screen during video meetings and use gifs, memes and stickers in chats.
Similarly, chances are that not everyone in your organisation needs to be able to add guests to your organisation’s Teams. You can allow guest user addition for individual people within your business or take the easier route by creating a team consisting of all the people who need this capability and turning the ability to add guests to the members of this team only.
Fortunately, guest users on Teams are given the same level of cybersecurity as regular users, meaning that they’ll have a decent, if not perfect, level of protection against things like malware.
Further cybersecurity support for Microsoft Teams
We’d always recommend you employ some form of third-party cybersecurity on top of that offered by Microsoft. It’s also important to have a third-party backup solution deployed to prevent data loss due to human error. If you need support with your Office 365 subscription or cybersecurity, don’t hesitate to contact us.