Sharing sites with external users is a powerful function in Office 365, and is quite simple to configure. Administrators simply enable sharing in the admin console and sites, lists, and documents can be shared via an email invitation. Unfortunately, this uninhibited sharing functionality is an open invite to a whole slew of security risks. For a large retail corporation that is managing 800+ distinct vendors, it is not feasible to task an administrator with managing users and security for each and every site. Access requests can come in on a daily basis and it is a common occurrence that users are added to the wrong site, given incorrect permissions, or accidentally removed.
Allow a site to be shared to users that are restricted to specific domains, and specify which groups users can added in to.
The Sharing Application (SA) is a custom method for managing the sharing of a SharePoint site. Its core functionality is to allow site owners to share a site with users that own emails accounts that fall under specified domains; these whitelisted domains are managed by a master list that is maintained on the parent site. The tool will limit these users to certain groups from within the shared site. Furthermore, this solution will apply to all shareable aspects of SharePoint: sites, lists and libraries, items and documents, and SharePoint objects.
There are numerous ways to Share from Office 365, from the site header to the ribbon to item ellipses. Each control must be taken into account.
Sharing controls on site header and gear icon menu
Sharing control on ribbon
Sharing control on item ellipses
If users are able to access the site permissions page, they will also be able to grant permissions to the site or parts of the site.
If access to the site permissions page is restricted, site admins will need the ability to revoke user access to the site.
The main concern is the multitude of access points to the sharing dialog box, but the simplest way to deal with this is to remove the access points. All sharing functionality via the ribbon and item ellipses is removed, with the only remaining access points being the site header and gear icon menu. At this point, the Share button on the site header will need to be overridden.
Share control on site header
Instead of opening the default dialog box, which allows site admins to "Enter names, email address, or 'Everyone'", the Share control is now backed by a custom HTML page that limits the options the site admin has in regards to email addresses and permissions levels.
Custom HTML page displayed from overridden Share control
Note the link near the bottom of the dialog box that allows removal of users from the site. Since site admins cannot access the site permissions page, this link will display a second custom HTML page that shows accessible groups and all users within those groups.