Security and sensitivity
M365 groups inherently give us a security boundary and a way to apply permissions for a set of users to a set of content items. In SharePoint, the members of an M365 group will always have Edit permission to the SharePoint site. That can’t be changed. For anyone who isn’t in our organization, planning for how those guests get access is crucial to maintaining the integrity of our data.
Guest access
Throughout this chapter, we’ve mentioned the possibility of inviting users from outside the organization into a group, site, or team. A guest is a type of user that doesn’t have a licensed, regular account in your Azure AD. They will get an Azure business-to-business (B2B) or business-to-consumer (B2C) account, but won’t consume a license with associated costs.
This is great for sharing content with external partners, vendors, and the like without having to pay to add them to your tenant. A guest can be added by an administrator...
