Five Considerations for Successful External Sharing in Microsoft 365
Azure External Identities
Azure External Identities
Have a question?
Business boomed for Microsoft this year. For many, the rapid transition to remote work converted kitchen tables into home offices. To support virtual collaboration and sustain best practices, organizations turned to Microsoft Teams, SharePoint and the Microsoft 365 suite of applications. Why Microsoft? Because Microsoft has made collaborative technology a priority by transforming their “technology and culture to embrace a team-centric mindset” and shifting “experiences from ‘me’ to ‘we'."ᶦ And it’s paying off.
In the Spring, Teams activity jumped to 75 million daily users – a remarkable 70 per cent growth in just one month. According to Microsoft CEO Satya Nadella, Microsoft saw 200 million meeting participants in a single day in April.ᶦᶦ That’s a lot of users. Nadella also remarked that “two-thirds of Teams users are also interacting with or collaborating with files inside the app, and that Microsoft has seen triple the [number] of organizations integrating apps with Teams.ᶦᶦᶦ
Microsoft excels at supplying options for how to organize, complete and share work, because Microsoft knows “moving into a digital economy means that companies must rely on teams to generate new ideas, manage information and create new business models.”ᶦᵛ That means building optimal remote work, sharing and collaboration capabilities into their technology. But Microsoft’s out-of-the-box (OOTB) sharing and access capabilities don’t work in every situation.
There are many ways to collaborate on and share documents:
- email attachments
- sharing links through Teams and SharePoint
- co-authoring on Office documents
- portals for large sets of external users or specific business processes
However, multiple options means that it can be challenging to determine the best, most secure choice.
A Tale of Two “Sharings”
There are two primary categories of external sharing. The first is what we call collaborative sharing, and the second is publishing.
Collaborative External Sharing
Collaborative sharing is where we see Microsoft’s OOTB sharing features shine. If you've got a document you want to collaborate on, like a PowerPoint presentation, the ability to have the document in a common space, co-author a file in SharePoint and have a single version of a working document is tremendous. It’s ideal for small-team contributions. However, when scaling to hundreds or thousands of external users, more structure is needed, and Microsoft’s OOTB features don’t quite cut it.
Publishing External Sharing
The publishing model is where organizations are faced with a bigger extranet or a one-to-many structure. You've potentially got a customer portal, a citizen portal or a donor portal, and there might be thousands, or even hundreds of thousands of external users requiring access, which would require a more structured approach. You're not going to invite hundreds or thousands of people one at a time; you need an extranet onboarding process.
5 Considerations for Safe and Successful External Sharing in Microsoft 365
Who will you be sharing with?
The big consideration within either category is: who are you going to be sharing with? Is there a member database to interface with? Is the portal for members, customers, directors, suppliers, researchers, partners or citizens? An organization may not have just one of these groups, they may have multiple groups, and each group may have a different structure.
How do people come into your external sharing site?
Do you rely on self-registration, or is entrance by invitation only? Who approves the new registrations? Invitation only works well for a smaller, known set of users – such as when building a portal for your board of directors. You should know who those twelve people are, and you can invite them in using a private registration link. Self-registration is for a larger group of unknown people. This is when you either share a link out generally to a database and guide them to the portal, or have a portal that can be discovered by your target group. There is a third option, where your users are known in another system within the organization. For some, external user information could be managed within their CRM and for others within their ERP solutions. Regardless of where they are coming from, it is key to choose a "system of record" and have it integrate with the invitation process to ensure you're not maintaining siloed sources of the same user information.
How will your external users authenticate?
Traditionally we think of extranet portals having a username and a password, or maybe an email and password, and then your administrator must deal with self-service password reset as part of that. There are other options. Like using what Microsoft has done with Microsoft 365 and Azure AD, relying on the user’s existing personal or organizational account to determine access, without requiring new credentials. If that's not possible, perhaps because the user doesn't have a Microsoft 365 or Azure AD account, they can use what's called a one-time passcode. Microsoft will email a thirty-minute passcode each time the user tries to authenticate. It's a simple, friction-free way to bring your people in. Or you might like users to be able to use their social accounts, like Twitter or Facebook, or their Microsoft or Google accounts.
What do they do once they are in there?
What interactions are your external users going to have once they are granted access? Are they just coming in to access specific published content, or are they going to be collaborating on documents? Do you want them to be full-fledged members of the project site, or full-fledged members of an entire group or a team? Can they participate in channel conversations in Teams, or can they just collaborate on an individual document? Answering these questions will help determine the scope and spectrum of the working environment.
What applications will be accessible to them?
Will they remain strictly within the Microsoft 365 world? Do they need to get into other Microsoft apps? Or do they need to be able to access third-party apps, custom applications that you’ve built or on-premises data? You can federate the authentication and provide a rich single-sign-on experience.
When to Look “Beyond the Box”
If you have large numbers of external users (upwards of a hundred), if you require self-registration, if there will be integrations into business processes or workflows, or if you want to create a cohesive user experience and control over your brand, then you need to look “beyond the box.” Microsoft’s “Out of the Box” sharing capabilities are excellent under certain, easily controlled situations. But if you want to scale, then you’re going to need to extend your reach. And it can be done simply.
If you’re still struggling to understand when to use OOTB features and when to look for another solution, or on more technical information about the nuts and bolts of how these features work, we can help. We have a webinar that goes into more detail about this topic and much more. You can watch it on demand and view the presentation. See exactly what can be done OOTB with Microsoft 365 and where you may need Extranet User Manager to extend your sharing experience.
- ᶦ Microsoft, “Transforming enterprise collaboration at Microsoft.” https://www.microsoft.com/en-us/itshowcase/transforming-enterprise-collaboration-at-microsoft
- ᶦᶦ The Verge, “Microsoft Teams jumps 70 percent to 75 million daily active users.” https://www.theverge.com/2020/4/29/21241972/microsoft-teams-75-million-daily-active-users-stats
- ᶦᶦᶦ The Verge, “Microsoft Teams jumps 70 percent to 75 million daily active users.” https://www.theverge.com/2020/4/29/21241972/microsoft-teams-75-million-daily-active-users-stats
- ᶦᵛ Microsoft, “Transforming enterprise collaboration at Microsoft.” https://www.microsoft.com/en-us/itshowcase/transforming-enterprise-collaboration-at-microsoft