Restrict default permissions for Files in Public groups

Currently, the "Everyone except external users" claim/group is added with Edit level access to every Office 365 public group. This in turn means that every user in the company is not only able to view files in every public group, they are also able to delete files.

The suggestion is to remove "Everyone except external users" from the Members group, thus removing the Edit permissions level. Instead, the Viewers group should be used for "Everyone except external users".

179 votes

Vasil Michev shared this idea · May 3, 2016 · Flag idea as inappropriate… · Admin →

11 comments

An error occurred while saving the comment

Marina M commented · April 29, 2020 5:56 AM · Flag as inappropriate

Several of our customers need this change. Indeed in a security point of view it's mandatory to move the group "everyone except external users" to the visitors group with read access than member.

Submitting...
Anonymous commented · April 3, 2019 8:38 AM · Flag as inappropriate

This is a must!

Submitting...
Tiffany commented · March 4, 2019 11:48 AM · Flag as inappropriate

Edit rights is FAR too permissive as a default for the "Everyone except external users" group in any site without an admin expressly adding them there.

Submitting...
francis commented · December 11, 2018 1:43 PM · Flag as inappropriate

what the heck??!! why Microsoft has been so determined to add those features in a VERY insecure way. I agree, those things must be changed ASAP.

Submitting...
Martin Coupal commented · October 18, 2018 11:52 AM · Flag as inappropriate

They can even delete libraries, lists, modify public views etc. I'm sure 99% of people who creates groups are not aware of this... This is a non sense... I would say even members should have contribute instead of edit.

Submitting...
Anonymous commented · April 30, 2018 12:42 AM · Flag as inappropriate

This is a must to implement ASAP other wise private groups will end up ruling the O365 world.

Submitting...
Jourdan commented · April 26, 2018 1:41 AM · Flag as inappropriate

Nice! ;-)

Submitting...
Anonymous commented · April 26, 2018 1:20 AM · Flag as inappropriate

This is a must!

Submitting...
melanie tully commented · April 25, 2018 8:37 AM · Flag as inappropriate

voted! Hopefully the default is changed to read only

Submitting...
Rahul commented · January 8, 2018 12:56 PM · Flag as inappropriate

I agree to it as well. I hope MS change this behavior from edit to read.

Submitting...
Radi Atanassov commented · May 3, 2016 10:52 PM · Flag as inappropriate

This is critical :)

Submitting...