Security hole in O365 Partner sharing

Until further notice I am advising clients NOT to enable partner sharing.  This is because you never know who will be accessing your data from the partner side.  If your partner is a large SharePoint consulting firm, they have no ability to lockdown who can see your data on their side (out of the 100's or 1000's of clients they have). 

To be said another way, this means they have no way to keep random internal employees from checking out your site and data. Until they activate the ability to assign specific people to your accounts, I highly suggest that you stop partner sharing!!!

In other words, think Edward Snowden and Bradley Manning…type of security holes.

Vote for it here on UserVoice:

http://officespdev.uservoice.com/forums/224641-general/suggestions/5983421-enable-granular-permissions-for-o365-partners