EXT-01: Restrict Guest Invitation Permissions
Frequently asked questions about implementing and managing the EXT-01 security control in Microsoft 365 and Entra ID.
QWhat is EXT-01 (Restrict Guest Invitation Permissions)?▼
EXT-01 is a security control that unrestricted guest invitations allow any user to bring external identities into your tenant. this creates uncontrolled access paths and potential data exposure. limiting invitations to authorized personnel ensures oversight. It requires that only admins and users in the guest inviter role can invite guests and member users cannot invite guests, guests cannot invite other guests.
QWhy is Restrict Guest Invitation Permissions important for Microsoft 365 security?▼
Unrestricted guest invitations allow any user to bring external identities into your tenant. This creates uncontrolled access paths and potential data exposure. Limiting invitations to authorized personnel ensures oversight.
QHow do I implement EXT-01 in my tenant?▼
TrueConfig provides one-click remediation for EXT-01. Configures external collaboration settings to restrict guest invitations
QWhat license do I need for EXT-01?▼
This control can be implemented with any Microsoft 365 subscription, including free Azure AD.
QWhich security baseline includes EXT-01?▼
EXT-01 is included in the TrueConfig Recommended Secure baseline (Level 1). This is the foundation level suitable for most organizations.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial