If your organization leverages SharePoint Online, you can take advantage of a convenient new feature that makes it very easy to share nicely with others — to collaborate and share content with your external partners and customers without having to pay for a full user license. But take a close look at the benefits and risks before you dive in.
But, before you decide to share externally, you should be aware of the implications and make sure you have a governance and security model that balances the benefits of a greatly improved external sharing model with the risks of inadvertently sharing too much. For the most part, this means understanding the business scenarios in which sharing externally are important and making sure Site Owners and Administrators thoroughly understand how to invite external users to your environment safely and securely.
There are several scenarios where providing access to internal content by external users might be really handy:
- You’re working with a partner on a project and you want to share and collaborate on the creation of one or more documents.
- You have a single internal document — for example, a flyer for an event you are hosting — that you want to make available from your website or Facebook page for a short period of time.
- You have an internal discussion forum and you want to invite a guest expert to participate – for a short period of time or as a member of the extended team.
Before you decide that you want to share content externally, you should carefully think about the risks and implications of putting “too much share” in SharePoint. Here are some things you need to know and what you should think about:
- Who is an external user?
- What does it mean to be an external user of a SharePoint site?
- Who can (and should) extend an invitation to an external user?
- Do you want to share an entire site with external users?
- What if you only want to share a single document?
Who is an external user?
External users are people who are not licensed users within your organization. A contractors who is part of your organization or an affiliate would not be an external user, but a partner or customer or client with whom you need to share information in the course of your work would be
What does it mean to be an external user of a SharePoint site?
External users do not get all the same features as your fully licensed users, but from a document collaboration perspective, an external Member of a site can do and see virtually all the same content as an internal Member. If you share an entire site with an external user, that user will be able to:
- Browse, search and edit content within that site consistent with the permission group into which you have placed them.
- See the names of other users in the People Picker.
- View and assign metadata to documents they contribute.
- Connect a list or library to Outlook.
- View content on all sub-sites that inherit permissions from the parent site.
External users don’t get to do everything that internal users can. External users will not be able to:
- Install the desktop version of Office on their computers even if this is part of your plan.
- Create their own personal sites, have a newsfeed or see your enterprise newsfeed.
- Add a picture or edit their own profile.
- See a “task roll up” of all of their tasks across multiple sites.
- Access your Search Center and execute searches against “everything.” They will only be able to search content to which they have been provided explicit access.
Who can extend an invitation to an external user?
Only users with “manage permissions” (typically Site Owners) can extend an invitation to share a site or a document with an external user. Even though Visitors and Members will see the SHARE button, when they try to initiate an external sharing request, they will get an error message that says “Sorry, you are not allowed to share this with external users.”
This is great because it limits the number of people who can open up your content externally, but it means that you really need to provide training on when and where it is appropriate to extend an external invitation when you give your Site Owners this super power.
Once you have given access to external users, it’s not particularly easy to quickly show a list of who the external users are for your site. You can look at the Access Requests history in Site Settings or scan the members of a security group for email-only names, but neither of these approaches show you a concise list. For this reason, it’s a good idea to create a security group for your external users and place them in that group when you invite them. For example, you could create External Members and External Visitors and then invite external users in to one of these groups instead of the “out of the box” security groups for your site.
- Cirrus Insight to Unite Salesforce, Gmail on Mobile Devices
- The Future of Digital Marketing: 8 Trends
- 2014 Predictions: What Side of the Future Are You On?
- Oracle WebCenter Sites Review: Strengths, Weaknesses
- Why Apple Needs Topsy in a $200 Million Way
- 'Have it Your Way' SharePoint: Two Paths, Many Options
- Ignoring the Cloud Costs Money, Ignoring Big Data Could Cost You Your Business