Guest accounts solve a real problem: external collaboration without provisioning full internal identities. The risk is not the guest. It is the guest nobody remembers inviting, still active two years later, governed by a password policy you do not control.
A workable lifecycle has three parts. Invitations expire if not accepted within a defined window. Active guests are reviewed on a cadence by the internal sponsor who invited them, not a central team that has no context. Accounts with no sign-in activity past a threshold are disabled before they are deleted, so legitimate dormancy is recoverable.
None of this blocks collaboration. It just makes sure access ends when the work does.