An Azure AD Conditional Access Policy for Guests that limits session length to 1 hour.

Suggested name:
CA4{XX}-Guests-DataProtection-AllApps-SessionLimit

Assignments

Users

Users and groups  
Include users All guest and external users

Cloud apps or actions

Cloud apps  
Include All cloud apps

Access controls

Session  
Sign-in frequency 1 hour
Persistent browser session Never persistent

References

https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-architecture https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-framework https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common