We've recently started using O365/SPO/OneDrive for business as a sharing platform over a previous niche provider platform. I've noticed that each time a user shares content externally, the external user gets an account in our AD. It's unprivileged and unlicensed, but it's still a user credential that's now in our Active Directory.
What risks do you see associated with these user accounts?
What routine mitigations should we be putting in place?
Thanks!
