top of page
Search
  • Hanna Korotka

Enhancing Security in Collaboration: Collaborate With External Participants in A Shared Channel

In today’s interconnected world, seamless collaboration across organizations is key. Microsoft 365 offers an innovative solution through shared channels in Teams, allowing for cross-organizational teamwork. These settings are a cornerstone in the managed security for Microsoft 365. To utilize this feature, it's essential to configure B2B direct connect for each desired partner organization, or opt for universal access with all external organizations.


This setup enables team owners to invite external participants to shared channels, making both custom apps and the organization's app list accessible to these external members.


Remember, enabling this feature requires reciprocal setup by the partner organizations. Discover how to transform your collaborative efforts in our guide.


Prerequisites for Collaborating in Shared Channels:


To collaborate with external participants in shared channels, ensure guest access is activated for SharePoint and Microsoft 365 Groups. These settings are typically enabled by default. However, if your organization has altered them, confirm the following:

  1. Microsoft 365 Groups sharing settings must both be enabled (Microsoft 365 admin center > Settings > Org settings > Microsoft 365 Groups)

  2. SharePoint organization-level and site-level sharing settings should allow guest access, ensuring the domains you're sharing with are not blocked.


Note: Shared channels between Commercial and GCC clouds are currently not supported.


Enable shared channels in Teams


Shared channels is enabled by default in Teams. Follow this procedure to confirm the settings.


To configure shared channels

  1. In the Teams admin center, expand Teams, and then select Teams policies.

  2. Select the policy for which you want to enable shared channels, and then select Edit.

  3. Select the options you want to enable:

  • To allow team owners to create shared channels, turn Create shared channels on.

  • To allow team owners to share shared channels with people outside the organization, turn Invite external users to shared channels on.

  • To allow users to be invited to shared channels in other organizations, turn Join external shared channels on.

  1. Select Apply.


In order for external channel participants to participate in meetings, external access must be enabled. This is also required to be able to see external participants' presence in the channel (Teams admin center > expand Users > select External access > Under Teams and Skype for Business users in external organizations, ensure that the organizations that you want to collaborate with are not blocked)

.

Configure cross-tenant access settings in Microsoft Entra ID


Microsoft Entra B2B direct connect is disabled by default. To enable collaboration in shared channels with people from other organizations, you must:


1.Add each organization with which you want to participate in shared channels. To add an organization:

  1. Sign in to Microsoft Entra ID using a Global administrator or Security administrator account.

  2. Select External Identities, and then select Cross-tenant access settings.

  3. Select Organizational settings.

  4. Select Add organization.

  5. On the Add organization pane, type the full domain name (or tenant ID) for the organization and press Enter.

  6. Select Add.

  7. The organization appears in the organizations list. At this point, all access settings for this organization are inherited from your default settings.


2. Configure inbound settings for the organization to allow users from the organization to be invited to your shared channels. Follow this procedure for each organization where you want to invite external participants.:

  1. In Microsoft Entra ID, select External Identities, and then select Cross-tenant access settings.

  2. Select the inbound access link for the organization that you want to modify.

  3. On the B2B direct connect tab, choose Customize settings.

  4. On the External users and groups tab, choose Allow access and All external users and groups. (You can choose Select external users and groups if you want to limit access to specific users and groups, such as those who have signed a non-disclosure agreement.)

  5. On the Applications tab, choose Allow access and Select applications.

  6. Select Add Microsoft applications.

  7. Select the Office 365 application, and then choose Select.

  8. Select Save and close the Inbound access settings blade.


3. Configure outbound settings for the organization to allow your users to be invited to the other organization's shared channels. Follow this procedure for each organization where you want your users to be able to participate in external shared channels:

  1. In Microsoft Entra ID, select External Identities, and then select Cross-tenant access settings.

  2. Select the outbound access link for the organization that you want to modify.

  3. On the B2B direct connect tab, choose Customize settings.

  4. On the External users and groups tab, choose Allow access and set an Applies to of all users.

  5. On the External applications tab, choose Allow access and Select external applications.

  6. Select Add Microsoft applications.

  7. Select the Office 365 application, and then choose Select.

  8. Select Save, choose Yes to confirm, and close the Outbound access settings blade.


Note: Changes to cross-tenant access settings may take up to six hours to take effect.


Create a shared channel in Microsoft Teams


Create a shared channel if you want to work with people inside and outside your team or organization.  


Only team owners can create shared channels. As the team owner who creates the shared channel, you become the channel owner, and the channel inherits labels from the host team. 


Note: Create shared channels from Teams for desktop or web. The Teams mobile app doesn’t support creating shared channels.


Note: You can't change a shared channel into a standard or private channel and vice versa. Once you create a shared channel, you can't change the host team.


  1. Go to the team you want to create the shared channel for and select More options  > Add channel.

  2. Enter a name and description for your channel.

  3. Under Privacy, select the down arrow on the right, and then choose Shared - People you choose from your org or other orgs have access. Then select Create.

  4. Type the names of the people in your org you want to add to the channel and select from the list. To add people outside your org, type their email addresses and select from the list. Then select Share.

  5. To change a Member to an Owner, select the down arrow to the right of Member, and choose Owner. Then select Done.


By effectively configuring cross-tenant access settings, organizations can significantly enhance their managed security and compliance posture in the Microsoft cloud ecosystem.


To help you to have peace of mind knowing your business is secure, click here to schedule a Microsoft 365 Secure Score review with our experts today. We'll evaluate your current cybersecurity measures, identify potential vulnerabilities, and help you implement a strategic security plan to keep your company safe.

15 views0 comments

Comments


Get the Latest News to Your Inbox

bottom of page