Feedback by UserVoice

How can we improve Office 365 Groups?

Set Office 365 groups private by default

We're in a school environment and teachers are creating Office 365 groups and some of them shared information about students in them.

Although we've instructed them to change the accesstype to private, there are still groups being made which remain public.

1,045 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Ronald shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    working on it  ·  AdminO365 Groups Feedback (Admin, Microsoft) responded  · 

    Thank you all for your comments.

    Based on your feedback, we are updating the default privacy setting for groups created across all five Outlook endpoints (web, PC, iOS, Android, and Mac) to be private by default where only approved members can see what’s inside the group. For customers that want to continue with the existing behavior of public by default (where anyone in your organization can see what’s inside) we are providing an Exchange Online PowerShell cmdlet to define the default value. This update will gradually rollout to all Outlook endpoints in the coming months starting with Outlook on the web.

    Keep your feedback coming.

    58 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        Does this also cover Planner, Teams, Streams, BI etc. which also creating O365 groups in Global GAL? We need this, because this is somehow a ko. criteria for this applications in our company.

      • Max Goss commented  ·   ·  Flag as inappropriate

        This is really welcome news, but what about Groups created from OneDrive, SharePoint etc? It doesn't really make sense to have different behaviours depending on which endpoints users create a Group from. My concern is that this will actually serve to muddy the waters and could lead to users creating public groups thinking that the default is Private. There needs to be a PowerShell command which affects the default for ALL groups regardless of endpoint?

      • Jason Benway commented  ·   ·  Flag as inappropriate

        Groups are created by many different o365 apps (email, teams, power bi, etc) Can you confirm this upcoming change will set all o365 groups to private by default?
        thank you
        jb

      • Alex Vincent commented  ·   ·  Flag as inappropriate

        Really pleased to see this change coming. Can you confirm if this will also apply when creating a Team site connected to an Office 365 Group from the SharePoint Home?

      • Jelle Vande Walle commented  ·   ·  Flag as inappropriate

        Same here. We are part of an educational facility.
        1) Everybody can create groups ==> how can we forbid our students from creating public groups? The teachers should be able to create public groups. Without giving the admin rights, that is!
        2) The option should be set to private as a default.

      • Lee Oliver commented  ·   ·  Flag as inappropriate

        I strongly agree. Groups should be private by default. We have had serious data breaches because staff docs have been made available to students.

      • Tim Coates commented  ·   ·  Flag as inappropriate

        This creates the need to constantly monitor new group creation. Especially in a school setting. Almost forces you to disable groups entirely.

      • Patrick Smalley commented  ·   ·  Flag as inappropriate

        This needs to happen, we have many customers where default public permissions are not ideal, please address this.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Following a best practice of least required access, why would you create a group that is open to everyone, instead of forcing the user to expand access once the need is identified. This current model of making a group public upon creation goes against Microsoft's basic guidance on user access settings.

      • David Hoeft commented  ·   ·  Flag as inappropriate

        Teachers are creating groups and are missing configuring as private. As a result "for teacher eyes only" emails are accessible by students.

      • Hugo Carvalho commented  ·   ·  Flag as inappropriate

        Same issue to... a lot of groups created as Public what is a real security issue for my company. Please, make possible to set Private as default type or better to be able to remove Public type from list.

      • Anonymous commented  ·   ·  Flag as inappropriate

        same here, lot of effort, we have to contact weekly all group owners with the request to change to private. We have weekly between 500 and 1000 new groups.

      • Anonymous commented  ·   ·  Flag as inappropriate

        We have 95,000+ students and need Private as a default. Even when classes are synched via School Data Sync the groups are created as Private, because the information should be private.

      • Peter Stokes commented  ·   ·  Flag as inappropriate

        Please set this to Private by default and maybe provide an setting for Public/private either in PowerShell or GUI. Have a customer that is involved in multiple sectors and ended up having high level groups that could have been accessed by staff at a lower level.

      ← Previous 1 3

      Feedback and Knowledge Base