Microsoft Teams Security - Securing Your Virtual Meetings

Microsoft Teams Security

Securing Your Virtual Meetings

Tomaso Vasella
by Tomaso Vasella
on April 14, 2020
time to read: 11 minutes

Keypoints

This is how you secure your Microsoft Teams

  • Due to the COVID-19 pandemic, many meetings, lectures and training sessions take place online
  • Microsoft Teams is one of the most popular solutions used for virtual meetings
  • Such solutions are becoming increasingly interesting for attackers due to their rapidly increasing number of users
  • Choosing suitable security settings for end users and administrators can contribute to using teams securely

Social distancing and home office have shifted various activities of companies, administrations and private individuals to the Internet. As a result, users are quickly adopting new applications and platforms for online communication and collaboration. Because of the current situation, some of the more popular applications have reached millions of users in a very short time. Interactions that previously took place in the physical world are now carried out on digital platforms whose security is not always known, some of them even have known vulnerabilities. If the security aspects are not adequately considered, adverse effects can easily occur, especially since attacks on these platforms have become increasingly interesting for attackers due to their large number of users.

Microsoft Teams is a solution that combines video conferencing, online meetings, notes and file sharing. Teams is integrated in Microsoft 365 (M365, formerly known as Office 365) and is part of most M365 subscriptions. Teams is one of the most popular applications for virtual meetings, mainly due to the widespread use of M365.

The following sections provide an overview of the most important terms and the possibilities for users and administrators to securely use Teams.

Participant Roles and Types

The meaning of the terms used in connection with teams is unfortunately not always easy to understand intuitively and is sometimes not used consistently in the Microsoft documentation. A summary of the most important terms is therefore helpful.

Participant Roles

For users who organize or participate in Teams meetings, mainly the participant roles are interesting:

Participant Types

A distinction is made between the following participant types:

Options for End Users

Many security relevant settings for teams are set centrally by the Teams administrator or the M365 administrator. As a user, you can still take a few precautions to make it difficult for unwanted people to attend the meeting.

Using the Lobby

The creator of a meeting (organizer) can control who can attend Teams meetings directly and who has to wait for admission in the lobby first. After a meeting has been created, the organizer can make settings for the lobby using the meeting options:

Options for Meetings

If a participant is in the lobby, another participant with the necessary rights must allow the participant to join the meeting. The table below summarizes what the available lobby settings do:

Setting User types joining the meeting directly User types going to the lobby
People in my organization
  • In-tenant
  • Guest of tenant
  • Federated
  • Anonymous
  • PSTN dial-in
People in my organization and trusted organizations
  • In-tenant
  • Guest of tenant
  • Federated
  • Anonymous
  • PSTN dial-in
Everyone
  • In-tenant
  • Guest of tenant
  • Federated Anonymous
  • PSTN dial-in

Settings for the Presenter

In addition, it can be defined who in the meeting is allowed to act as presenter. The possibilities of presenters and attendees are the following:

Actions Presenters Attendees
Speak and share their videoYY
Participate in meeting chatYY
Change settings in meeting optionsYN
Mute other participantsYN
Remove other participantsYN
Share contentYN
Admit other participants from the lobbyYN
Make other participants presenters or attendeesYN
Start or stop recordingYN
Take control when another participant shares a PowerPointYN

Settings Available to Teams Administrators

Because Teams is closely linked to SharePoint, OneNote, Exchange and other services, the general security of M365 is of particular importance. For example, it is recommended to activate two-factor authentication for all users and to limit the rights of the users to the minimum required. In addition, Teams offers various specific settings for administrators through the Teams Admin Center and in part also in the Teams app. An overview of the security features built into Teams can be found at Microsoft. The most important central settings for Teams administrators are described in the following sections.

Teams Settings

For each defined team, settings for the permissions and for the channels can be made, which should be restricted as much as possible.

Permissions for Teams

Teams Policies

Using Teams policies, various aspects can be centrally defined for meeting users. As with all settings, it is advisable to deactivate features that are not required.

Edit user policies

Meeting Settings

The meeting settings allow to define whether anonymous participants are allowed to Teams meetings. If possible, this should be deactivated.

Setting for anonymous participants

App Permission Policies

Apps can be used within Teams. The app permission policies control which apps are available to Teams users in the organization. Here, too, it is advisable to allow as little as necessary.

App permission policies

Cloud Storage

An administrator can define in the Teams settings which third-party cloud storage services are available to Teams users. These options are made available to the user directly inside the Teams app. It is recommended to disable these options.

Options for third party storage services

Conclusion

Securing teams may seem easy at first, but it can become complex at least for the team administrators, since various settings of M365 and teams overlap and the terms used by Microsoft are not always intuitively understandable. It is therefore essential for administrators to take a close look at the security aspects of M365 and as a consequence also at those of the Azure Active Directory. For users, once again this saying applies: Trust is good, control is better – especially with regard to unexpected meeting participants and the content they share.

About the Author

Tomaso Vasella

Tomaso Vasella has a Master in Organic Chemistry at ETH Z├╝rich. He is working in the cybersecurity field since 1999 and worked as a consultant, engineer, auditor and business developer. (ORCID 0000-0002-0216-1268)

Links

You need support in such a project?

Our experts will get in contact with you!

×
CIS Controls

CIS Controls

Tomaso Vasella

Passwordless Authentication

Passwordless Authentication

Tomaso Vasella

Data Leakage Prevention

Data Leakage Prevention

Tomaso Vasella

Webscraping with Powershell

Webscraping with Powershell

Tomaso Vasella

You want more?

Further articles available here

You need support in such a project?

Our experts will get in contact with you!

You want more?

Further articles available here