In all but exceptional cases, the files in our Team drive should have the access list enabled to restrict access to the members of the team. However, that requires (1) knowing that's the policy, (2) knowing where the access list toggle is, and (3) actually remembering to turn the access list on. This leaves our operational security in a very haphazard, error-prone state, and there's real worry that accidentally-leaked links will be used to access files by people outside the Team.
In order to prevent costly mistakes and increase confidence in our OpSec, I would like a setting on the Team administration page to set access list "on" or "off" by default, for any new file in the Team drive, and for any file newly shared to the Team.
