Information
SharePoint gives users the ability to share files, folders, and site collections. Internal users can share with external collaborators, and with the right permissions could share to other external parties.
Rationale:
Sharing and collaboration are key; however, file, folder, or site collection owners should have the authority over what external users get shared with to prevent unauthorized disclosures of information.
Impact:
The impact associated with this change is highly dependent upon current practices. If users do not regularly share with external parties, then minimal impact is likely. However, if users do regularly share with guests/externally, minimum impacts could occur as those external users will be unable to 're-share' content.
Solution
To remediate using the UI:
Navigate to SharePoint admin center https://admin.microsoft.com/sharepoint
Click to expand Policies then select Sharing.
Expand More external sharing settings, uncheck Allow guests to share items they don't own.
Click Save.
To remediate using PowerShell:
Connect to SharePoint Online service using Connect-SPOService.
Run the following SharePoint Online PowerShell command:
Set-SPOTenant -PreventExternalUsersFromResharing $True
Default Value:
Checked (False)