Hi @bg1900 ,
A few community members jumped in a conversation here for someone with a similar question.
The TLDR, as per @bobthebear, is:
internal users = co-workers
external users = random strangers
An important thing to note is permission controls are only available to orgs on the Business plan or higher.