Set Office 365 groups private by default
We're in a school environment and teachers are creating Office 365 groups and some of them shared information about students in them.
Although we've instructed them to change the accesstype to private, there are still groups being made which remain public.
Thank you all for your comments.
Based on your feedback, we are updating the default privacy setting for groups created across all five Outlook endpoints (web, PC, iOS, Android, and Mac) to be private by default where only approved members can see what’s inside the group. For customers that want to continue with the existing behavior of public by default (where anyone in your organization can see what’s inside) we are providing an Exchange Online PowerShell cmdlet to define the default value. This update will gradually rollout to all Outlook endpoints in the coming months starting with Outlook on the web.
Keep your feedback coming.
This change is now rolling out, please see this post for more information: https://techcommunity.microsoft.com/t5/Office-365-Groups/Groups-in-Outlook-and-Group-connected-team-sites-are-now-private/m-p/186395#M5266
Does this also cover Planner, Teams, Streams, BI etc. which also creating O365 groups in Global GAL? We need this, because this is somehow a ko. criteria for this applications in our company.
Max Goss commented
This is really welcome news, but what about Groups created from OneDrive, SharePoint etc? It doesn't really make sense to have different behaviours depending on which endpoints users create a Group from. My concern is that this will actually serve to muddy the waters and could lead to users creating public groups thinking that the default is Private. There needs to be a PowerShell command which affects the default for ALL groups regardless of endpoint?
John Papadimitriou commented
Is there an ETA on this capability? It would be great to be able to set Groups to Private from default.
Jason Benway commented
Groups are created by many different o365 apps (email, teams, power bi, etc) Can you confirm this upcoming change will set all o365 groups to private by default?
Alex Vincent commented
Really pleased to see this change coming. Can you confirm if this will also apply when creating a Team site connected to an Office 365 Group from the SharePoint Home?
Jelle Vande Walle commented
Same here. We are part of an educational facility.
1) Everybody can create groups ==> how can we forbid our students from creating public groups? The teachers should be able to create public groups. Without giving the admin rights, that is!
2) The option should be set to private as a default.
Sam Vokes commented
Any ETA on this? I have customers crying out for this functionality!
Richard Egginton commented
What is the ETA on this functionality?
Lee Oliver commented
I strongly agree. Groups should be private by default. We have had serious data breaches because staff docs have been made available to students.
Tim Coates commented
This creates the need to constantly monitor new group creation. Especially in a school setting. Almost forces you to disable groups entirely.
Patrick Smalley commented
This needs to happen, we have many customers where default public permissions are not ideal, please address this.
Following a best practice of least required access, why would you create a group that is open to everyone, instead of forcing the user to expand access once the need is identified. This current model of making a group public upon creation goes against Microsoft's basic guidance on user access settings.
David Hoeft commented
Teachers are creating groups and are missing configuring as private. As a result "for teacher eyes only" emails are accessible by students.
Hugo Carvalho commented
Same issue to... a lot of groups created as Public what is a real security issue for my company. Please, make possible to set Private as default type or better to be able to remove Public type from list.
same here, lot of effort, we have to contact weekly all group owners with the request to change to private. We have weekly between 500 and 1000 new groups.
We have 95,000+ students and need Private as a default. Even when classes are synched via School Data Sync the groups are created as Private, because the information should be private.
Can you provide an update on this as a Priority please
Peter Stokes commented
Please set this to Private by default and maybe provide an setting for Public/private either in PowerShell or GUI. Have a customer that is involved in multiple sectors and ended up having high level groups that could have been accessed by staff at a lower level.
is there already a solution for this??