Within On-Prem Active Directory there is a "Trusted Domains" feature which allows you to set up various Trust levels.

With Office365 there should be a similar Trusts Model built in for other Office365 Tenants - this would massively help for universities and alike where there is a significant need to provide users that are classified as external to the organisation with access to files stored within SharePoint.

This also would ensure (forward thinking) that access would be securable to a user that has an account of a trusted outside organisation - which if disabled on their tenant would serve to deny access unlike the current Microsoft Account security model - and then could be controlled within the SharePoint Admin Centre as to whether Site Collections can allow external users and if so it could then provide further security down to even the Item level.

So Please investigate this as all the Office365 Tenants must have some levels of Service accounts that need to function across multiple/all Tenants so this should already be partially in place.