External sharing for SharePoint SHALL be limited to Existing guests or Only People in your organization.

Why This Matters

Unrestricted external sharing in SharePoint exposes your organization to data leakage, unauthorized access, and potential compliance violations. Attackers or malicious insiders can share sensitive content with external users who have no verified identity or governance. Limiting external sharing to existing guests or your organization only reduces the attack surface and maintains control over who can access your data.

What Aether365 Checks

This check verifies that the SharePoint external sharing policy is set to either "Existing guests" or "Only people in your organization" (not "Anyone" or "New and existing guests"). It appears in the Aether365 dashboard under microsoft-365 checks.