Ensure SharePoint external sharing is managed through domain allow/deny lists
Why This Matters
External sharing is a common vector for data exfiltration in Microsoft 365 environments. Attackers can trick users into sharing sensitive documents with malicious external domains, leading to unauthorized access and compliance violations. By restricting sharing to approved domains or blocking specific ones, you significantly reduce the attack surface and maintain tighter control over your organization's data.
What Aether365 Checks
Aether365 verifies that external sharing in SharePoint is restricted to a domain allow list or deny list, rather than being open to all external domains. This check appears in your Aether365 dashboard under microsoft-365 checks, where it evaluates the SharingDomainRestrictionMode and related domain list settings.
How to Fix
Using the Microsoft 365 Admin Center: