Ensure guest access to content is restricted
Why This Matters
Guest users with unrestricted browsing access can discover sensitive content across your Microsoft Fabric environment, potentially exposing data to unauthorized external collaborators. By controlling guest access, you enforce the principle of least privilege, reduce the risk of data leakage, and maintain accountability through role-based access control (RBAC). Without this restriction, guest users may inadvertently or maliciously view content they shouldn't access, increasing your organization's attack surface.
What Aether365 Checks
Aether365 verifies that the "Guest users can browse and access Fabric content" setting in Microsoft Fabric is either disabled or restricted to a specific security group. This check appears in your Aether365 dashboard under the microsoft-365 category and flags noncompliant configurations as medium severity.