Ensure that SharePoint guest users cannot share items they don't own.
sharepoint_guest_sharing_restricted
Ensure that guest users in SharePoint cannot share items they do not own, preventing unauthorized disclosure of shared content.
Risk
If guest users are allowed to share items they don't own, there is a higher risk of unauthorized data exposure, as external users could share content beyond intended recipients.
Run this check with Prowler CLI
prowler m365 --checks sharepoint_guest_sharing_restricted
Remediation
Set-SPOTenant -PreventExternalUsersFromResharing $True
1. Navigate to SharePoint admin center https://admin.microsoft.com/sharepoint. 2. Click to expand Policies then select Sharing. 3. Expand More external sharing settings and uncheck 'Allow guests to share items they don't own'. 4. Click Save.
Restrict guest users from sharing items they don't own to enhance security and prevent unauthorized access.
Source Code
Resource Type
Sharepoint Settings