Microsoft 365 Group (and Team) creation should be restricted to approved users
Why This Matters
Unrestricted Microsoft 365 Group creation can lead to a proliferation of ungoverned groups, increasing the risk of data sprawl, misconfigured permissions, and compliance violations. By limiting group creation to trained and approved users, you reduce the chance of orphaned groups, accidental data exposure, and administrative overhead. This helps maintain governance and security control over your Microsoft 365 tenant.
What Aether365 Checks
Aether365 verifies that Microsoft 365 Group and Team creation is restricted to approved users within your tenant. This check appears in the Aether365 dashboard under the microsoft-365 service checks.
How to Fix
Unfortunately, Microsoft 365 does not provide a user interface to restrict group creation. You must use PowerShell to enforce this control.